HylaFAX The world's most advanced open source fax server

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Spam to this list

On Thu, Dec 23, 1999 at 06:25:05PM +1100, Aristedes Maniatis wrote:
>Am I the only one receiving spam through the celestial list server or is it
>a general problem. Today I received  a mobile phone spam (headers follow).

We take extensive countermeasures against spam here, particularly with the
mailing lists that we manage including about 2000 different regular
expression patterns that are used on message headers and bodies to trap
spam that gets by our RBL and tcp_wrappers blocks.

I haven't been reading the flexfax list for a while so I don't see spam has
gotten to the list unless it either causes a message to bounce to me from a
recipient's e-mail filters, or somebody sends me a message about it.  In
these cases I have manually removed the message from the mail queue to
prevent it from further propagation to the list, and add suitable patterns
and blocks to prevent that particular spam from being posted again.

Given that every day we block thousands of attempts from RPL'ed sites, and
sites that come from domains with known open-relays, I think that the
number of spam messages that get through to the mailing lists is minimal.
We just added 20 new blocks last night resulting from messages that came
into our with e-mail addresses that haven't been valid for years, and
probably average 30 new blocks per day.

I think that the majority of the spam messages that get through are sent to
flexfax@sgi.com instead of flexfax@celestial.com because SGI doesn't use
the draconian blocking on IP addresses that we do.  Messages that come into
Celestial from SGI only get the taboo_header and taboo_body pattern tests
which bounce suspect messages to me for approval before going to the lists.

>Who is responsible for this list and can it be closed to postings from
>non-subscribers at the very least?

It could be, but I don't think it would make a significant difference in
the amount of spam, and can cause problems from people on the list who may
send mail from different systems (which is a problem I have on some lists
that I subscribe to since I often off-site when doing e-mail).

As for the suggestion that the message have Reply-To: to the list, that
isn't going to happen while I'm managing the list.  It's been my experience
that this policy often results in replies that are meant to go only to the
sender get posted to the lists so what is meant as a private reply goes to
the world.  I also think that it should require just a little bit of effort
to post messages to about 700 people so that the sender has to think just a
bit about whether it's of general interest.

INTERNET:   bill@Celestial.COM  Bill Campbell; Celestial Systems, Inc.
UUCP:               camco!bill  PO Box 820; 6641 E. Mercer Way
FAX:            (206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676
URL: http://www.celestial.com/

``The whole aim of practical politics is to keep the populace alarmed (and
hence clamorous to be led to safety) by an endless series of hobgoblins.''
   -- H.L. Mencken, 1923

Project hosted by iFAX Solutions