Re: Spam loads (was Re: How to post to linux.debian.user)

To: debian-user@lists.debian.org
Subject: Re: Spam loads (was Re: How to post to linux.debian.user)
From: Dave <dmq@gci-net.com>
Date: Thu, 04 Dec 2003 05:35:03 -0700
Message-id: <[🔎] 5.2.1.1.0.20031204050659.00b64ec8@mail.gain.com>

On Wed, 03 Dec 2003 14:20:18 +0100, "Karsten M. Self"<kmself@ix.netcom.com> wrote:

>on Tue, Dec 02, 2003 at 10:02:20PM -0600, Scott C. Linnenbringer(sl@panix.com) wrote:

>> On Tue, Dec 02, 2003, at 17:53 -0700, Dr. MacQuigg wrote:
>
>> > P.S.  The requirement to use a real email address in this public
>> > mailing list is a big problem.
>
>Not strictly required, but encouraged.
>
>> I, myself, use virus filters for procmail which work excellently. :)
>
>For those of us dealing with Swen to the tune of 300-600 MiB daily of
>mail over dialup, the situation's rather less friendly.  I've got very
>effective filters.  And there are now some specialized tools for dealing
>with Swen.  However, these will be of limited use the _next_ time a
>mass-mailing, heavy-payload worm propogates.  Particularly if it uses a
>wider range of subject/from headers, and/or has differently-sized
>payloads.  Swen was pretty easy to spot at 144 KiB + a fixed set of
>addresses and subject tokens.
>
>While more ISPs are offering mail filtering, most have pretty broken
>tools.  SMTP-time rejection + teergrubing is highly preferred.
>Newcomers to the 'Net have some very serious issues to deal with.

Both of my ISPs are filtering Swen ( at my request, since other users werenot has heavily affected ). My spam load has been about 20 per day,including 2 or 3 Swen that manage to get past the filters. I can deletethese in a few minutes, so I haven't felt the need yet to research spamfilters.

In the last two days, my load has increased to about 100 per day, mostlySwen, all using the email address which I posted to this group, which hasgotten only a few Swen in the past. The interesting thing about the newload is that instead of just the message text and a note that theattachment was deleted, these are arriving with the payload intact, whichtriggers my Norton AV and causes an annoying interruption. They come inbatches, so I have to spend a couple of minutes dealing with repeatedalarms from Norton. I can't just ignore these, or my email program stalls.

From now on, I will be much more careful in newsgroups, and use only athrow-away address.


--Dave

Reply to:

Prev by Date: Re: Kernel upgrade time
Next by Date: Re: Kernel upgrade time
Previous by thread: Re: Anfrage f?r einen Linktausch an debian-user@lists.debian.org
Next by thread: Re: SMTP setup question (Solved)
Index(es):
- Date
- Thread