Re: Funny failure of a CR system on debian-devel

To: Manoj Srivastava <srivasta@debian.org>
Cc: debian-user@lists.debian.org
Subject: Re: Funny failure of a CR system on debian-devel
From: Tom Allison <tallison@tacocat.net>
Date: Thu, 28 Aug 2003 22:10:20 -0400
Message-id: <[🔎] 3F4EB60C.4050501@tacocat.net>
In-reply-to: <[🔎] 87y8xdl1oc.fsf@glaurung.green-gryphon.com>
References: <[🔎] 87oeyanc4w.fsf@glaurung.green-gryphon.com> <[🔎] 87bruad82d.fsf@toncho.dhh.gt.org> <[🔎] 87bruamfji.fsf@glaurung.green-gryphon.com> <[🔎] 87znhuaq0l.fsf@toncho.dhh.gt.org> <[🔎] 87y8xdl1oc.fsf@glaurung.green-gryphon.com>

Manoj Srivastava wrote:

On Thu, 28 Aug 2003 08:08:26 -0500, John Hasler <john@dhh.gt.org> said:

I wrote:

It didn't say that the secret had been received, only that
debian-devel had been whitelisted.  Nost likely, the user did so
manually.

manoj writes:

And elected to recieve a message obviously spam and infected with a
virus?

How would he have known that?  He had not seen the message yet if I
understand correctly.  In any case, it seems more likely that he
whitelisted the address manually than that the virus successfully
returned the secret.



	If I am going to whitelist addresses caught in my spam trap
 manually, the least I would do is to grep the relevant messages out
 of the spam trap and see if whitelisting is the thing to do.


	Most likely, some reader of the mailing list sent in the
 secret as pay back for the annoyance of these silly CR messages
 that seem hell bent on spamming -devel (indeed, there was a
 short discussion whether TMDA should be thrown out of Debian
 since it seemed to so cluelessly spam the list)

	manoj

FWIW I spent a few months working on how you might create a TMDA type ofsystem only better. The idea was to only TMDA the addresses that appeared tobe spam in the first place. That is to say, TMDA confirmation would only beexecuted on those addresses which failed to pass spamassassin.


However, it's a piece of junk.

Confirmation Request business is essentially impossible to achieve 100%success. There are people who will reply incorrectly but with bestintentions, thereby failing the confirmation and getting blacklisted.

There are automated responders from spammers and even postmaster REJECTmessages that pass as a legitimate response, thereby getting whitelisted forthe future.


What you end up with is a partial solution that is very aggravating.

You block a lot of spam. But the Postive Replies mean that you receive a LOTof spam from very specific addresses. But they too are a moving target ofaddresses, so you are blocking and modifying this list all the time. Youmight as well just keep a blacklist and keep blocking and modifying that allthe time. You really don't gain anyting significant in terms of spamblocking and you definitely don't gain anything in time saved.


--
He was part of my dream, of course -- but then I was part of his dream too.
		-- Lewis Carroll

Reply to:

References:
- Funny failure of a CR system on debian-devel
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: Funny failure of a CR system on debian-devel
  - From: John Hasler <john@dhh.gt.org>
- Re: Funny failure of a CR system on debian-devel
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: Funny failure of a CR system on debian-devel
  - From: John Hasler <john@dhh.gt.org>
- Re: Funny failure of a CR system on debian-devel
  - From: Manoj Srivastava <srivasta@debian.org>

Prev by Date: Re: OT: Why is C so popular?
Next by Date: Re: some reality about iptables, please
Previous by thread: Re: Funny failure of a CR system on debian-devel
Next by thread: Debian and KDE
Index(es):
- Date
- Thread