Re: Bug#75853: TONER CARTRIDGES
>>>>> "Mako" == Mako Hill <mako@debian.org> writes:
Mako> On Fri, Sep 20, 2002 at 02:58:04PM -0400, Joey Hess wrote:
>> Michael Stone wrote: > One possible approach would be to use a
>> confirmation process for > followups that don't contain either
>> quoted text or subject line from the > parent. Implmentation is
>> left as an excercise for the user. :)
>>
>> Yep, or run the bug mails through spamassassin and dump those
>> that look like spam to a moderator list.
Mako> This seems like the obvious answer to me. I imagine the
Mako> problem is finding the person who want to sort through the
Mako> (huge amount of) spam.
With a little groundwork (ie, creating the infrastructure) this wouldn't
be that difficult.
Of al that spam/possible spam, very few (any!?) would be real mails. Finding
those would only take a few minutes (?). Then a mail to the 'controller'
is all it takes ('release #xxx' - where 'xxx' would be a message number).
This 'controller' then let's the mail through, all others are deleted (after
a period).
If SpamAssasin could be setup, it wouldn't take much to modify it to implement
this:
- A reply from specified address(es), signed with specified PGP/GPG key(s)
with the specified command(s) will release the specified mail(s).
- All mails not released in that batch is deleted.
'in that batch' would indicate:
- Once every 24 hours a mail is sent to specified address(es) with
all mails caught as suspicious is included as attachments (OR, even
better - on a URL which is only accessible by the 'spam police @ Debian').
- Above each suspicious mail is a number (created by the controller).
This number is used as 'release #xxx' above.
Now, the controller:
- Either a modified SpamAssassin, or a homemade one.
- One that finds all suspicious mails and sends it to a controller
address.
- This address is a list of people that is interessted in helping out.
- One address is chosen in random, so that not ONE person does all
the work.
- The verification of the release commands should be PGP/GPG signed
by the person sending the commands. That person's PGP/GPG key is
fetched from a keyring.
- We might be able to use part of the voting enging for this!
- Preferably ANY Debian GNU/Linux developer should be able to
do this.
This is naturaly just a first step in this design, I wrote it from the top
of my head. No real thinking was done, so...
--
BATF toluene Peking supercomputer Iran Ft. Meade killed explosion
NORAD Cuba Saddam Hussein KGB Soviet radar NSA
[See http://www.aclu.org/echelonwatch/index.html for more about this]
Reply to: