On Sat, Nov 02, 2002 at 11:51:50AM +0000, Colin Watson wrote: > > Spamcop email address. If the number of messages reported by humans > > as spam via Spamcop exceeds 2%, that IP gets blacklisted for 7 days, > > the spam percentage goes back below 2%, or until the ISP notifies SC > > that it's fixed. SC seems to be the most effective, with nearly > > surgical precision. > > So that would be why they blacklisted master.debian.org a while back? Yup. Spam was sent through on a mailing list, so when it checked the headers, it came back to m.d.o, among other places. It also found the originating source of the spam. I believe someone in charge of the server was notified automatically by Spamcop of the mailing list rape, and given a login they could use to choose how Spamcop handles the incident and, to a lesser extent, how to handle situations in the future for m.d.o. Had this person been paying attention, they could have flagged m.d.o as an Innocent Bystander and it would have been removed sooner than m.d.o going back down below 2% two days after. Ironically, the source of the spam, which Spamcop also detected, was already listed in the Spamcop BL. Had m.d.o been using it as a droplist, the BL would have provided warning not to talk to the spamming box. -- .''`. Baloo Ursidae <baloo@ursine.dyndns.org> : :' : proud Debian admin and user `. `'` `- Debian - when you have better things to do than to fix a system
Attachment:
pgpuDqrFjCBWj.pgp
Description: PGP signature