Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   CentOS Development (http://www.linux-archive.org/centos-development/)
-   -   Spammer: Did we shut him down? (http://www.linux-archive.org/centos-development/236008-spammer-did-we-shut-him-down.html)

Scott Silva 01-28-2009 05:45 PM

Spammer: Did we shut him down?
 
on 1-28-2009 10:28 AM Ralph Angenendt spake the following:
> Hugo van der Kooij wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Hi,
>>
>> Was this spammer shut down and the problem with the leak in the
>> mailinglist fixed?
>
> At the moment his mailserver is blocked (which isn't ideal). But there is no
> way to shut down leaks like that without moderating the mailing lists
> completely.
>
> Ralph
>
But it also made the announce-list. I assumed the announce list was only
writable by a select few.


--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

_______________________________________________
CentOS-devel mailing list
CentOS-devel@centos.org
http://lists.centos.org/mailman/listinfo/centos-devel

Ralph Angenendt 01-28-2009 05:54 PM

Spammer: Did we shut him down?
 
Scott Silva wrote:
> on 1-28-2009 10:28 AM Ralph Angenendt spake the following:
>
> > At the moment his mailserver is blocked (which isn't ideal). But
> > there is no way to shut down leaks like that without moderating the
> > mailing lists completely.
>
> But it also made the announce-list. I assumed the announce list was
> only writable by a select few.

That was(!) part of the problem, yes.

Ralph_____________________________________________ __
CentOS-devel mailing list
CentOS-devel@centos.org
http://lists.centos.org/mailman/listinfo/centos-devel

seth vidal 01-28-2009 07:00 PM

Spammer: Did we shut him down?
 
On Wed, 2009-01-28 at 10:45 -0800, Scott Silva wrote:
> >
> But it also made the announce-list. I assumed the announce list was only
> writable by a select few.
>
>

and the email came from lance@centos.org

lance@centos.org was one of the select few.

-sv


_______________________________________________
CentOS-devel mailing list
CentOS-devel@centos.org
http://lists.centos.org/mailman/listinfo/centos-devel

Hugo van der Kooij 01-28-2009 07:55 PM

Spammer: Did we shut him down?
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

seth vidal wrote:
> On Wed, 2009-01-28 at 10:45 -0800, Scott Silva wrote:
>> But it also made the announce-list. I assumed the announce list was only
>> writable by a select few.
>
> and the email came from lance@centos.org
>
> lance@centos.org was one of the select few.

There is no SPF record for centos.org

If one can be added then this sort of fakes can be prevented. Anyone
using the centos.org domain in email should login to a centos.org server
to send out email that way.

I know it works because that is how I send out email from my own domain.
All family members need to use the central server as relay to send out
email with the family domain. And they can only authenticate using TLS
and SASL.

Hugo.


- --
hvdkooij@vanderkooij.org http://hugo.vanderkooij.org/
PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc

A: Yes.
>Q: Are you sure?
>>A: Because it reverses the logical flow of conversation.
>>>Q: Why is top posting frowned upon?

Bored? Click on http://spamornot.org/ and rate those images.

Nid wyf yn y swyddfa ar hyn o bryd. Anfonwch unrhyw waith i'w gyfieithu.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkmAxkQACgkQBvzDRVjxmYHORACghvMhTipp5+ Y/0Yyf7CRXk8gx
im8AnArkugolVQc/ynsvv6eQBSEGaZBC
=+13T
-----END PGP SIGNATURE-----
_______________________________________________
CentOS-devel mailing list
CentOS-devel@centos.org
http://lists.centos.org/mailman/listinfo/centos-devel

seth vidal 01-28-2009 08:03 PM

Spammer: Did we shut him down?
 
On Wed, 2009-01-28 at 21:55 +0100, Hugo van der Kooij wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> seth vidal wrote:
> > On Wed, 2009-01-28 at 10:45 -0800, Scott Silva wrote:
> >> But it also made the announce-list. I assumed the announce list was only
> >> writable by a select few.
> >
> > and the email came from lance@centos.org
> >
> > lance@centos.org was one of the select few.
>
> There is no SPF record for centos.org
>
> If one can be added then this sort of fakes can be prevented. Anyone
> using the centos.org domain in email should login to a centos.org server
> to send out email that way.
>
> I know it works because that is how I send out email from my own domain.
> All family members need to use the central server as relay to send out
> email with the family domain. And they can only authenticate using TLS
> and SASL.
>


-1 to SPF.

Don't rely on technologies not everyone is using.

-sv


_______________________________________________
CentOS-devel mailing list
CentOS-devel@centos.org
http://lists.centos.org/mailman/listinfo/centos-devel

Alan Hodgson 01-28-2009 08:29 PM

Spammer: Did we shut him down?
 
On Wednesday 28 January 2009, seth vidal <skvidal@fedoraproject.org> wrote:
>
> -1 to SPF.
>
> Don't rely on technologies not everyone is using.

Well, by definition, any "new" technology is one that not everyone is using.

SPF is actually very good at preventing forgeries of your own domains in
mail sent to your own servers. I find it useful enough for that alone.

--
Current Peeve: The mindset that the Internet is some sort of school for
novice sysadmins and that everyone -not- doing stupid dangerous things
should act like patient teachers with the ones who are. -- Bill Cole, NANAE
_______________________________________________
CentOS-devel mailing list
CentOS-devel@centos.org
http://lists.centos.org/mailman/listinfo/centos-devel

Charlie Brady 01-31-2009 04:37 PM

Spammer: Did we shut him down?
 
Did you also shut the lists down? I've received no mail from centos-qa or
centos-devel for quite some time.
_______________________________________________
CentOS-devel mailing list
CentOS-devel@centos.org
http://lists.centos.org/mailman/listinfo/centos-devel

Ralph Angenendt 02-02-2009 08:44 AM

Spammer: Did we shut him down?
 
Charlie Brady wrote:
> Did you also shut the lists down? I've received no mail from centos-qa or
> centos-devel for quite some time.

No. There just wasn't any mails on there :)

Ralph
_______________________________________________
CentOS-devel mailing list
CentOS-devel@centos.org
http://lists.centos.org/mailman/listinfo/centos-devel

John Summerfield 02-05-2009 11:47 AM

Spammer: Did we shut him down?
 
Hugo van der Kooij wrote:

> >>>Q: Why is top posting frowned upon?
>
> Bored? Click on http://spamornot.org/ and rate those images.

1,
I get quite a few of those, at another address. It's sent "from" me.

2.
There's nothing to prevent anyone from subcsribing to this list and
harvesting addresses of all contributors.

3.
Before implementing SPF, google for and join some antispam lists. I did
so, and the consensus on one of them was that SPF isn't a good answer.
CSV was regarded as preferable.
Here's the first hit when I asked google "why not spf."
http://72.14.235.132/search?q=cache:YNZEP38CoFEJ:david.woodhou.se/why-not-spf.html+why+not+SPF&hl=en&ct=clnk&cd=1&lr=lang_en

I'm using google's cache because the original site's not available atm.



--

Cheers
John

-- spambait
1aaaaaaa@coco.merseine.nu Z1aaaaaaa@coco.merseine.nu
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)
_______________________________________________
CentOS-devel mailing list
CentOS-devel@centos.org
http://lists.centos.org/mailman/listinfo/centos-devel

Scott Silva 02-05-2009 06:39 PM

Spammer: Did we shut him down?
 
on 2-5-2009 4:47 AM John Summerfield spake the following:
> Hugo van der Kooij wrote:
>
>> >>>Q: Why is top posting frowned upon?
>>
>> Bored? Click on http://spamornot.org/ and rate those images.
>
> 1,
> I get quite a few of those, at another address. It's sent "from" me.
>
> 2.
> There's nothing to prevent anyone from subcsribing to this list and
> harvesting addresses of all contributors.
>
> 3.
> Before implementing SPF, google for and join some antispam lists. I did
> so, and the consensus on one of them was that SPF isn't a good answer.
> CSV was regarded as preferable.

A consensus of one?
What if the other lists had a consensus that it was good?


> Here's the first hit when I asked google "why not spf."
> http://72.14.235.132/search?q=cache:YNZEP38CoFEJ:david.woodhou.se/why-not-spf.html+why+not+SPF&hl=en&ct=clnk&cd=1&lr=lang_en
>
> I'm using google's cache because the original site's not available atm.
>
>
>

I want to invent something like BFR (big freaking rock) that you hit the
spammer over the head with! The more spam he sends, the more rocks. Sooner or
later he will stop from either negative reinforcement or a concussion.

Either way, I win!






--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

_______________________________________________
CentOS-devel mailing list
CentOS-devel@centos.org
http://lists.centos.org/mailman/listinfo/centos-devel


All times are GMT. The time now is 09:02 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.