Great Circle Associates List-Managers
(July 2002)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Spamtrap e-mail addresses in spam headers? [was: Omar's
From: J C Lawrence <claw @ kanga . nu>
Date: Mon, 01 Jul 2002 18:53:44 -0700
To: Chuq Von Rospach <chuqui @ plaidworks . com>
Cc: "Alan B. Clegg" <alan @ clegg . com>, List Managers <List-Managers @ greatcircle . com>
In-reply-to: Message from Chuq Von Rospach <chuqui @ plaidworks . com> of "Mon, 01 Jul 2002 18:45:18 PDT." <B94653BE . 45E65%chuqui @ plaidworks . com>
References: <B94653BE . 45E65%chuqui @ plaidworks . com>

On Mon, 01 Jul 2002 18:45:18 -0700 
Chuq Von Rospach <chuqui @
 plaidworks .
 com> wrote:
> On 7/1/02 6:41 PM, "J C Lawrence" <claw @
 kanga .
 nu> wrote:

> Yeah. And spam from one address on a site to other addresses on the
> site.  Some of my mail lists are trying to spam other mail lists on my
> site on a regular basis. At first I thought it was @#$ @
 #^$#$%
> Klez. I've since realized it was @#$ @
 #%@#%$#%$# ** 2 spammers trying a
> new hack.

Yeah, the current pattern seems to be two-fold:

  1) Deliver to backup MXes in hope of weaker filtering rules 

  2) Forge the From: header to either another scraped address from the
  same domain or to a generated address from the same domain.

I've had quite a few confused postings from list members asking me why I
sent them an offer to increase their breast size/penis_length/whatever.
Its to the point where I'm considering going back to authenticating (and
then only partially) on envelope.

> Hmm. Wonder if Alan actually got my response to his message. His
> whitelist told me to eff off. If not, his loss, since I don't bother
> jumping through hoops....

<nod> Ditto.

That said, among the variants TMDA is rather nice.  It will
read/whitelist Mailman/ezmlm/etc subscriber lists (config.db), and looks
innocuous enough that I'm seriously thinking about deploying it here for
the -owner and -admin addresses (which get 1 valid message for every 300
SPAM).  Given the extra auth against the subscriber lists it seems a not
unreasonable barrier (if unwelcome and I don't like it) to entry for
help to a non-list member.

<grumble>

No way it would ever touch one of my direct addresses, but for something
like mailman@ or list-owner@ it might not be so bad an idea (he says
piteously).

-- 
J C Lawrence                
---------(*)                Satan, oscillate my metallic sonatas. 
claw @
 kanga .
 nu               He lived as a devil, eh?		  
http://www.kanga.nu/~claw/  Evil is a name of a foeman, as I live.



Follow-Ups:
References:
Indexed By Date Previous: Re: Spamtrap e-mail addresses in spam headers? [was: Omar's
From: Chuq Von Rospach <chuqui @ plaidworks . com>
Next: Re: Spamtrap e-mail addresses in spam headers? [was: Omar's
From: Chuq Von Rospach <chuqui @ plaidworks . com>
Indexed By Thread Previous: Re: Spamtrap e-mail addresses in spam headers? [was: Omar's
From: Chuq Von Rospach <chuqui @ plaidworks . com>
Next: Re: Spamtrap e-mail addresses in spam headers? [was: Omar's
From: Chuq Von Rospach <chuqui @ plaidworks . com>

Google
 
Search Internet Search www.greatcircle.com