[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian list = spam and virus repeater/multiplexer

Hugo Vanwoerkom wrote:
Sebastiaan wrote:
I think there is a nice practical reason for this. The list operator
doesn't have time to delete every spam user from this list. The operator
is also someone who is maintaining the list in his free time.

Does this mean that the volunteer list maintainer who has limited time to maintain the list is a Debian Developer, or can there be other volunteers to do this who DO have more time? I am under the impression that recently there is NO maintenance of this list, judging by the amount of crap that is appearing...

That isn't the reason. Perusing the archives will yield the real answer. Because a newbie Debian user *may* read the archvies and *may* decided to click on the link there to ask a question here it is felt that it is best to not prevent such messages from getting through as the insurmountable task of actually registering *may* drive said people away.

Of course if the task of registering for a mailing list stumps a person I dare say running a Linux box, esp. one with Debian installed, might be a little out of their league. To me it is a non-issue since it is clear from this topic being brought up on a near weekly basis now the inconvenience to the hundreds of people who are currently subscribed certainly outweights the possibility someone out there might be turned off from Linux in general or Debian in particular because of the intricate workings of a mailing list subscription.

Oh, there's also the fact that *some* people don't want to get the mailing list. They prefer to post and read the archives or request CCs. This is so their mailbox doesn't get clogged. This, too, is a non-issue since there are always digests. Ironically the above reasoning feeds into this one. Since the list is open there is an ever-growing number of bogus virus reports and spam that gets through. That, in turn, increases the volume of mail sent out which could, in turn, drive people to unsubscribe and just send in when needed and read the archives/request a CC.

The really ironic part is that every time the topic comes up the administrators of the box this is hosted on lament on the load the machine is operating under. You'd think they would want to take low-cost sensible settings which would reduce the stress of the mail server, no? I'd imagine reducing the number of fake virus reports and spam that makes it through and this increases the outbound traffic bu report*(# of lists * subscribers on lists) would be a nice way to ease the stress.

    Low-cost and sane solutions being (none of which are implemented AFAIK):

a: requiring registration before being able to mail out.
b: batch sends instead of individual sends.
c: per-list configuration in SA to limit the language to the language of the list (yes, that includes making restricting English from the non-English lists).

A would cut out the bogus virus reports. It takes minimal processing power to check the list before letting the post through. Certainly far less than it would letting the posts through. As for people who *may* read the archives and *may* click the link and *may* be turned away, tough. The number is so small as to be insignificant compared to the fact that if things don't change there might not be a usable list for them to get answers from. For people who don't want their mail clogged there's digests. If they want no mail there's vacation. If the list software does not have those options then it is broken and should be replaced.

B would lessen the load since it doesn't need to send an individual copy of the message to each address at any givem machine. 30 people from Earthlink on the list? Which makes more sense, sending 30 copies of the message (some of which can be rather large) or 30 RCPT TO lines and 1 copy? Bounces would be slightly higher but they can send out a singleton message once a week to see who's bouncing and take action then. If their mailing list software can't handle that then it's broken and should be replaced.

C is just a configuration change on the SA checks already made on the lists. It would bump up the score on the marginal cases of spam which have made it through the list. Pretty much all of which has been in a language outside that of the list.

IMHO those thee minute configuation changes would result in a drop in the noise and a net drop in the machine's load. None of them are drastic and every single one of them is sensible. All three have been rejected publicly on this list previously.

         Steve C. Lamb         | I'm your priest, I'm your shrink, I'm your
       PGP Key: 8B6E99C5       | main connection to the switchboard of souls.

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: