[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Lots of (easily recognisible) spam sent to the BTS today

On Tue October 31 2006 23:02, Don Armstrong wrote:
> On Tue, 31 Oct 2006, Bruce Sass wrote:
> > On Tue October 31 2006 21:15, Anthony DeRobertis wrote:
> > > Bruce Sass wrote:
> > > > I have yet to see a spam message sent to the BTS which used a
> > > > "Package:" pseudoheader, so that should work to eliminate BTS
> > > > spam without preventing non-DD's helping out.
> > >
> > > OTOH, a /lot/ of legitimate mail is sent to the BTS w/o a
> > > Package: pseudo-header (think: pretty much anything to
> > > nnnnnn@bugs.debian.org). So this isn't really a solution.
> >
> > I don't think that disqualifies it as a solution, it just means
> > there would be a transition period while users learn that it is a
> > required part of messages sent to the BTS.
> It has all of the same types of problems as sender verification
> anti-spam techniques; increasing the number of hoops that users have
> to hop through decreases the likelihood of them actually reporting
> spam.

(assuming you mean, `likelihood...reporting bugs')
I don't think it is as bad because there would be no need to keep 
a "white list" to avoid a verification message, and the verification 
could be dropped once it is common knowledge that a Package: 
pseudoheader is required (say, after one release cycle.)

> Decreasing the score at which we ignore messages is trivial, but it
> means increasing the number of false positives. [And because
> backscatter is bad, these will be messages which just "disappear",
> unless some (massochistic) person actually goes through the spam
> mailboxes.]

Ya. I generally don't like anti-spam techniques because they require 
either the sender or recipient to jump through hoops, or are prone to 
false positives... but limiting interaction with the BTS to 
pre-verified users (as requiring signed messages by DD's would do) is 
an even smaller (as in harder to jump through) hoop than requiring a 
specific, easily reproduced with any MUA, format for messages sent to 
the BTS.

- Bruce

Reply to: