[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Massive increase of spam on debian-*@l.d.o



Robin Lynn Frank <rlfrank@paradigm-omega.com> writes:

> On Thursday 06 May 2004 11:30, Paul Johnson, Paul Johnson <baloo@ursine.ca>  
> wrote:
>> > 1.  Reports from people to stupid or lazy to unsubscribe lists or
>> > newsletters they receive.
>>
>> If the postmaster of the wrongly-listed site follows through and can
>> prove that the reporting person really did subscribe and can prove
>> they confirmed the subscription, then the reporter gets fined, or
>> banned if they're a persistent false-reporter.
>
> So now the postmaster is responsible for fixing the errors of an organization 
> that doesn't feel it is necessary to validate the data they receive...until 
> well after the fact?  Garbage in.  Garbage out.  If you are lucky.

It works better than it sounds, particularly because it happens fairly
rarely.

>> > 2.  Spammers intentionally reporting legitimate mail sources with
>> > the intent to keep the number of false positives high enough that
>> > people will not risk using spamcop.
>>
>> The maintainers watch for this sort of abuse closely and have zero
>> tolerence for it.
>>
> I wish them luck.

They don't appear to be overwhelmed with work.

>> > In the past few days, I've seen netfilter.org's list and foxnews in
>> > spamcop. They were both removed, but the fact remains that they should
>> > never have been there to begin with.
>>
>> FoxNews has newsletters that don't confirm subscription, they should
>> have forseen getting listed fairly universally for handling their
>> newsletters the wrong way.
>
> Wow 50% accuracy!  I'm going to start bl.flip-a-coin.org.  I can get better 
> results with random numbers.

No, that doesn't mean 50% of your email is rejected, unless you never
get anything legitimate, only spam.  It blocks about half the spam,
mostly from the more pervasive spammers.  bl.spamcop.net last gave me
a false positive in the summer of 2001 while I was on Mt. Hood with my
Scout troop (and only because a major spammer was on RoadRunner and
RoadRunner's outbound servers got listed for about a day and a half
while they were hosting a spammer).

> A list that tests for open relays or proxies, validates its data.

bl.spamcop.net does that as well.

> A list that includes those who have hit their spamtraps, validates
> its data.

bl.spamcop.net does that as well.

> Spamcop does not validate its data until after the damage is done.

Only with human-submitted reports.  In the future, you may prefer to
stick to subjects that you actually have knowledge of.

-- 
Paul Johnson
<baloo@ursine.ca>
Linux.  You can find a worse OS, but it costs more.

Attachment: pgps5oMtcQxTA.pgp
Description: PGP signature


Reply to: