[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Spam in the lists out of control

On Tue, May 11, 2004 at 04:25:11PM +0200, Wouter Verhelst scribbled:
> On Tue, May 11, 2004 at 03:33:30PM +0200, Marek Habersack wrote:
> > On Tue, May 11, 2004 at 03:17:54PM +0200, Bartosz Fenski aka fEnIo scribbled:
> > > On Tue, May 11, 2004 at 07:49:19AM -0500, John Hasler wrote:
> > > > > What you mention as a problem, the fake sender addresses, are really a
> > > > > problem but, selfishly, I'd rather ignore that issue.
> > > > 
> > > > Selfish isn't the word for it.  I get damn near as many bogus bounces as
> > > > spams.
> > > 
> > > Yeah. I would kill every administrator which sets notify for sender
> > > about viruses to the address from From: header with a pleasure ;)
> > Well, that's a bit different story, isn't it?
> I don't see how. They both involve automated mails. They both involve
> waste of bandwidth. They both result in annoyed people and a worse S/N
> ratio in mailboxes of people completely and fully unrelated to the mail
> the autoreply was replying to.
> How are they a different story?
It is fair to assume that a virus mail has a bogus sender address, it is not 
as simple to assume that a mail scored higher than ham has a bogus sender
address. Quite a chunk of mails scored below 4 by SpamAssassin are
legitimate mails that have one or two traits that give them the score and
yet they are perfecly legitimate. That's where are they different - virus
notification has a high probablility of hitting an innocent person, unlike a
tmda challenge.

On our servers we silently trash the virus mails, without responding to 
them or generating any automated notification mail, that's obvious, and tmda 
is not used by default, that's obvious too. But for personal boxes I think 
everybody has the right to use tdma to protect them. Also, ISPs who blindly 
treat all bounces as spam should stop doing so, I think. Say, have you ever 
mailed Wietse Venema, for instance? If you did, then you know he's got an
autoresponder that will write you back sometimes. Is that a spam? I don't
think so. A certain part of tmda replies will miss the target, of course,
but (again thinking selfishly) in total it will save me/you time we'd take
to read the spam and classify it as spam. It will eliminate quite a deal of
the mails which passed through the SpamAssassin (or other) filters. In the
past 8 days, SpamAssassin let through to my box 293 messages it didn't tag
as spam, 199 of them came to my debian address, all of the 199 through the
debian mailing lists. 20s to open, read, tag, forward to sa-learn for each
of those messages, I've wasted 66 minutes of my time. Is that a lot?
Probably not for a week, but it's 57 hours/year, hours which could be saved
for something better than reading stupid spam. And if you happen to send me
a mail that will be scored above 1.0, then you will have to respond to the
tmda challenge only once - your address will be whitelisted from that moment
on (which, of course, opens up a possibility for forging your address by a
spammer, that's given). One more thing to note - tmda challenges differ a
bit from the MTA bounces, it is very easy to classify the mails based on
that difference (again, another window for spammers, but you can't win it
all) and all that remains to have is a bit of good will and understanding
for people who use tmda and take that small effort to respond to the
challenge (not to mention the responses to challenges can be automated as

So, as long as you are free to be annoyed by tmda responses, I can be as
annoyed by the spam I have to deal with. We both have our reasons, we both
have equal rights and we both are free to do what we do and think what we



Attachment: signature.asc
Description: Digital signature

Reply to: