[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RE : ... blah lbah blah ... spam


On Sun, Aug 06, 2017 at 03:56:35PM +0200, Nicolas George wrote:
> Your Occam's razor is definitely blunted. These mails are spams
> masquerading as legitimate answers to bypass automated filters and catch
> the reader's attention, nothing more. That is the simplest explanation,
> consistent with all the techniques used by spammers and there is
> absolutely no evidence of anything else.

I disagree. I am very confident that these emails are from real
people who have received a spam sent with the from address of
debian-user, and they are replying to it. They aren't members of the
list and they don't realise that the thing they're replying to is a)
not the actual sender and b) a mailing list with thousands of people
on it.

I find that explanation far simpler than the idea that a spammer has
decided to send email to debian-user that masquerades as a large
number of very confused people who want to stop receiving their
email (or, in some cases, are asking for more information about the
sexy woman who has contacted them).

As such, asking people not to reply to them while being sensible
advice for spam in general, in this specific case isn't that helpful
as the people who are replying are not subscribed to this list and
will never see the advice.

As evidence, I have in the past responded to some of these people
off-list and they behave as just confused normal people who want the
emails to stop. They don't try to sell me anything or entice me to
visit any web sites. In fact sometimes they remain so confused that
they think I am the spammer and just keep asking me to go away,
regardless of what I say.

It could be argued that if they are spammers their goal might be to
get people to reply, purely to harvest email addresses, but in that
case they need not reply to me, yet they do reply, in the style of a
normal, confused person. Also there are much simpler ways to harvest
valid email addresses, e.g. the archives of this list.

I don't find any other explanation simpler than that one, and it's
testable by replying to them. We know that spammers forge from
addresses, so just imagine the consequences of a spam run that had
debian-user as its from address, and you will conclude that it would
play out exactly as we see here.


https://bitfolk.com/ -- No-nonsense VPS hosting

Reply to: