Re: Unusual spam recently - hummm

To: debian-security@lists.debian.org
Subject: Re: Unusual spam recently - hummm
From: "s. keeling" <keeling@spots.ab.ca>
Date: Thu, 3 Jun 2004 16:36:21 -0600
Message-id: <[🔎] 20040603223621.GI17849@infidel.spots.ab.ca>
In-reply-to: <[🔎] 20040603204038.GB12051@linuxmafia.com>
References: <[🔎] 20040603173255.GA16713@infidel.spots.ab.ca> <[🔎] Pine.LNX.3.96.1040603105047.3147A-100000@Maggie.Linux-Consulting.com> <[🔎] 20040603180656.GC16713@infidel.spots.ab.ca> <[🔎] 20040603181618.GX12051@linuxmafia.com> <[🔎] 20040603201911.GC17849@infidel.spots.ab.ca> <[🔎] 20040603204038.GB12051@linuxmafia.com>

Incoming from Rick Moen:
> Quoting s. keeling (keeling@spots.ab.ca):
> 
> > Yes.  The problem with Alvin's solution is it only looks at the crap
> > that spammers send.  A lot of legitimate mail does all the silly
> > things that spammers do, and users do want to receive that mail.
> 
> 1.  Content-based filtering doesn't work very well (if that's what
>     you mean, which you probably don't).

I actually meant the typical "worst practices" for which spammers are
so well known.  Spammers use these things to avoid detection.  Average
users do them without even realizing it.  For instance, Alvin
automatically deep-sixes html mail.  Ordinary users don't even know
when they're sending html mails.

> 2.  Most silly things legitimate mail does can be accomodated by an
>     efficient antispam regime; a few cannot.  Remember the screams
>     of outrage when people started being told "You shouldn't run 
>     open relays any more?"  We're entering another round of that.

Immaterial, I know, but Last time I looked Gilmore was still fighting
that one.  :-)

> > You and I may see no legitimate point to html mail, but ordinary users
> 
> (If you think this discussion concerns HTML mail, you have badly
> misunderstood.  See also point #1, supra.)

No, it was just an example since Alvin mentioned it.  I don't see much
point in html mail but the headhunters who send me job offers appear
to like it, so I have to find a way to accept it in an inoffensive (to
me) manner.

> > For a big organization with thousands of users, what's Spam is not
> > really all that easy to quantify.
> 
> And another fine, ruddy herring!  Delicious, thanks.

Uhh, what?  My original starting point in all this was to find out if
Alvin's suggestions had merit.  Following on that, what would it take
to implement them?  My favourite admin is loathe to do _anything_ that
could cause his users to complain of lost mail.  How he cuts out the
%60-%80 of crap without causing a riot is all I wanted to know.

BTW, regarding "2." above.  Remember the days when there was such
reticence on the part of Sendmail's maintainers to actually change
Sendmail to comply with RFCs?  It was pretty well a given then that
doing so would turn half the planet dark overnight because so many
admins were still running Sendmail versions that had been obsoleted
years before.

Ah, those were the days.  :-P


-- 
Any technology distinguishable from magic is insufficiently advanced.
(*)               http://www.spots.ab.ca/~keeling 
- -

Reply to:

Follow-Ups:
- Re: Unusual spam recently - hummm
  - From: Rick Moen <rick@linuxmafia.com>
- Re: Unusual spam recently - hummm
  - From: Alvin Oga <aoga@ns.Linux-Consulting.com>

References:
- Re: Unusual spam recently - hummm
  - From: "s. keeling" <keeling@spots.ab.ca>
- Re: Unusual spam recently - hummm
  - From: Alvin Oga <aoga@ns.Linux-Consulting.com>
- Re: Unusual spam recently - hummm
  - From: "s. keeling" <keeling@spots.ab.ca>
- Re: Unusual spam recently - hummm
  - From: Rick Moen <rick@linuxmafia.com>
- Re: Unusual spam recently - hummm
  - From: "s. keeling" <keeling@spots.ab.ca>
- Re: Unusual spam recently - hummm
  - From: Rick Moen <rick@linuxmafia.com>

Prev by Date: Re: Unusual spam recently - hummm - postprocess
Next by Date: Re: Unusual spam recently - hummm
Previous by thread: Re: Unusual spam recently - hummm
Next by thread: Re: Unusual spam recently - hummm
Index(es):
- Date
- Thread