[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian list = spam and virus repeater/multiplexer



On Wed, Jan 28, 2004 at 10:13:18PM -0800, Steve Lamb wrote:
> Paul Johnson wrote:
> >Long story short: debian-user@lists.debian.org is not the only way
> >this forum is read: Other mailing lists mirror this one, as well as
> >several usenet newsgroup.  Closing the list would severely limit
> >debian-user's usefulness due to a suddenly and artificially restricted
> >membership.
> 
>     As opposed to limted usefulness from a steadily increasing noise to 
> signal ratio and dropping readership because of the same.  Brilliant!
> 
> >Really, this wouldn't be a problem if Windows users weren't so
> >clueless, even among this list's audience.
> 
>     It wouldn't be a problem if SMTP weren't so insecure.
> 
>     But guess what.  Windows is here, SMTP is insecure and there are 
>     clueless newbs out there.  Ignoring it won't make it go away nor will being 
> snide, rude and pathetically close minded

The list's junk filtering is actually jolly good, given that it is largely
automated, operates with little human intervention and has a strong need to
avoid false positives. There is always a little crop of false negatives when
a new worm strikes, before the filtering learns / is tweaked.

I don't rate it as much of a problem, especially given that the amount of
mydoom garbage I'm receiving directly far exceeds that which the list is
relaying. The distribution of my email address is mainly through this list.
AIUI mydoom doesn't search the web for email addresses, but harvests them
from files on an infected box. So the problem really is down to clueless
Windows users who aren't using effective virus protection.

(Note: don't let the issue become confused by the fact that there are
instances of mydoom out there which are forging debian-user@lists.debian.org
in the From: headers.)

There was a lot of gas generated about the swen worm when that hit. That
harvested email addresses off the web. Again, clueless Windows users without
effective virus protection - only a wider base of them, ie. not just ones
subscribed to this list.

In neither case would restricting posting to the list to subscribers only
have solved the problem. Munging the email addresses of posters would -
which again is an issue that has been flogged not only to death but to the
recycling of the atoms of the decayed corpse into the tissue of other
organisms. FWIW I think the policy of *not* munging is correct.

My solution is - for the direct garbage, mail filtering of whatever form one
finds most appropriate or effective; for the garbage relayed by the list,
the 'd' key in mutt suffices for the week or so until the list's filtering
adapts to the new situation.

-- 
Pigeon

Be kind to pigeons
Get my GPG key here: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x21C61F7F

Attachment: pgp4Pb62vzYpX.pgp
Description: PGP signature


Reply to: