Re: debian-ctte mailing list and spam

To: Ian Jackson <ian@davenant.greenend.org.uk>
Cc: Blars Blarson <blarson@blars.org>, Pascal Hakim <pasc@debian.org>, listmaster@lists.debian.org, debian-ctte@lists.debian.org
Subject: Re: debian-ctte mailing list and spam
From: Wichert Akkerman <wichert@wiggy.net>
Date: Mon, 21 Jun 2004 15:20:23 +0200
Message-id: <[🔎] 20040621132023.GF29579@wiggy.net>
Mail-followup-to: Wichert Akkerman <wichert@wiggy.net>, Ian Jackson <ian@davenant.greenend.org.uk>, Blars Blarson <blarson@blars.org>, Pascal Hakim <pasc@debian.org>, listmaster@lists.debian.org, debian-ctte@lists.debian.org
In-reply-to: <[🔎] 16598.7533.640776.963831@davenant.relativity.greenend.org.uk>
References: <[🔎] 16597.45257.218669.905088@davenant.relativity.greenend.org.uk> <[🔎] 16594.9504.661753.404037@davenant.relativity.greenend.org.uk> <[🔎] 20040618085146.GG373@wiggy.net> <[🔎] 20040618105716.GP19806@zanclid.redellipse.net> <[🔎] 20040618110025.GO373@wiggy.net> <[🔎] 20040620031437.GB32018@zanclid.redellipse.net> <[🔎] 200406201918.i5KJIw70003740@renig.nat.blars.org> <[🔎] 20040620154621.GA29579@wiggy.net> <[🔎] 16598.7533.640776.963831@davenant.relativity.greenend.org.uk>

Previously Ian Jackson wrote:
> Post arrives, and there are a number of reasons it might be
> accepted:
>     - Poster (`From:') on subscription list (per list[1])
>     - Message body is PGP signed[2]; key is in one of several PGP
>       keyrings[3] (same keyring for all lists)
>     - Poster's return-path + calling IP address[4] is in whitelist
>       (same whitelist for all lists)

That looks like a good list.

> If none of these apply, the post is bounced to the return-path with an
> explanation in the bounce text.  The bounce contains a challenge, a
> response to which (by email, I suppose) adds return-path + calling IP
> address to the whitelist and causes the message to be delivered to the
> list.

Do you want to store the original message on the server? That might grow
to become a large database. It could be pruned daily of course.

> [2] A PGP signed message is one which consists _entirely_ of:
>      - An old-style PGP clearsig message optionally followed by a
>       `-- ' delimited signature (of specified maximum length and
>       width).
>      - A new-style PGP-mime message (Content-Type multipart/signed)

Perhaps we should support s/mime as well?

> [3] Several keyrings:
>      - Standard Debian maintainer keyring
>      - Auxiliary keyring, updates auth'd by maintainer keyring
>      - Manual override file (we don't expect to use this)

Debian maintainer keyring is not a file but tries to grab keys from
LDAP.

> Regarding performance: am I to take it that running a Perl script on
> each message is too slow ?  That would be a convenient way to
> implement it, but Perl's startup costs are substantial, particularly
> when lots of modules are being used.

Compared to spamassassin it should be quite low-weight, and we can
always throw more hardware at the problem (Debian has plenty of offers).

Perhaps it can be done as a daemon to which you submit a message with a
little bit of context (name of the list should be enough). That way
you only need to work a little tool to submit the post which prevents
the startup costs.

Wichert.

-- 
Wichert Akkerman <wichert@wiggy.net>    It is simple to make things.
http://www.wiggy.net/                   It is hard to make things simple.

Reply to:

Follow-Ups:
- Re: debian-ctte mailing list and spam
  - From: Blars Blarson <blarson@blars.org>
- Re: debian-ctte mailing list and spam
  - From: Ian Jackson <ian@davenant.greenend.org.uk>

References:
- Re: debian-ctte mailing list and spam
  - From: Ian Jackson <ian@davenant.greenend.org.uk>
- Re: debian-ctte mailing list and spam
  - From: Ian Jackson <ian@davenant.greenend.org.uk>
- Re: debian-ctte mailing list and spam
  - From: Wichert Akkerman <wichert@wiggy.net>
- Re: debian-ctte mailing list and spam
  - From: Pascal Hakim <pasc@debian.org>
- Re: debian-ctte mailing list and spam
  - From: Wichert Akkerman <wichert@wiggy.net>
- Re: debian-ctte mailing list and spam
  - From: Pascal Hakim <pasc@debian.org>
- Re: debian-ctte mailing list and spam
  - From: Blars Blarson <blarson@blars.org>
- Re: debian-ctte mailing list and spam
  - From: Wichert Akkerman <wichert@wiggy.net>
- Re: debian-ctte mailing list and spam
  - From: Ian Jackson <ian@davenant.greenend.org.uk>

Prev by Date: Re: debian-ctte mailing list and spam
Next by Date: Re: Bug#254598: Name of the Debian x86-64/AMD64 port
Previous by thread: Re: debian-ctte mailing list and spam
Next by thread: Re: debian-ctte mailing list and spam
Index(es):
- Date
- Thread