FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 04-07-2008, 12:31 PM
Johannes Wiedersich
 
Default IMPORTANT BUSINESS TRANSACTION FOR YOU PLEASE READ AND REPLY!!!!!!

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Douglas A. Tutty wrote on 2008-04-07 02:40:
> Of course,
>
> Quoting the spam when you complain about spam just confuses the spam
> filter so that it will think such mail is legitimate.
>
>
> I understand the issue about not wanting to limit posters to the list of
> subscribers. However, perhaps there should be a whitelist or somthing
> to which non-subscribers can post with the same handshaking as the
> subscription protocol?

There is:
http://lists.debian.org/whitelist/

> Do legitmate people actually post if they don't
> have an email address?

I can easily imagine a scenario, where I am somewhere on a
half-configured box or in an internet cafe etc. where I don't have
access to my regular mail, but where I would like to ask a question and
read the answer on the web pages.

Johannes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFH+hQxC1NzPRl9qEURAtlWAJ0SDhONNvbjaynayMHKj1/PybRMTQCeKD/v
d9R6a3lKDCSC1itDakZ9QsA=
=AF1U
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-07-2008, 12:43 PM
Johannes Wiedersich
 
Default IMPORTANT BUSINESS TRANSACTION FOR YOU PLEASE READ AND REPLY!!!!!!

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Johannes Wiedersich wrote on 2008-04-07 14:31:
>> I understand the issue about not wanting to limit posters to the list of
>> subscribers. However, perhaps there should be a whitelist or somthing
>> to which non-subscribers can post with the same handshaking as the
>> subscription protocol?
>
> There is:
> http://lists.debian.org/whitelist/

Sorry, I misunderstood you, Doug.

IIUC, you propose that there is a special way for non-subscribers to
post, that locks out spammers at the same time? How should that work?

The only thing I could imagine, is one of those silly 'type the letters
that you find in this image' stuff.
That simply drives spammers to OCR or other tricks and locks out others
(blind, color blind etc.), and adds an additional layer of annoyance to
the rest of us.

[I get angry against spammers, but I would rather rely on my spam filter
and ignore the odd spam that gets through than to make it more difficult
for people to post. ]

Just MHO.

Cheers,
Johannes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFH+hcMC1NzPRl9qEURAoBmAJ4sWBarDo5LYkcitJJpyK f/PdcElgCfZ81t
HsCTfAIIOz79AiQn9WC5lP4=
=9KvU
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-07-2008, 03:44 PM
Dave Sherohman
 
Default IMPORTANT BUSINESS TRANSACTION FOR YOU PLEASE READ AND REPLY!!!!!!

On Mon, Apr 07, 2008 at 02:43:56PM +0200, Johannes Wiedersich wrote:
> IIUC, you propose that there is a special way for non-subscribers to
> post, that locks out spammers at the same time? How should that work?
>
> The only thing I could imagine, is one of those silly 'type the letters
> that you find in this image' stuff.

I believe the technique you're looking for is "greylisting".

Basically, the way it works is that, on receiving mail from an
unrecognized address, the server lies and says "I'm too busy to accept
that right now. Can you try again in a few minutes?" All full-featured
mail software will recognize this, requeue the message, and try again to
deliver the message after (usually) 5 to 15 minutes, at which point the
mail will be accepted. The vast majority of spam mailers are half-assed
pieces of crap thrown together as quick-and-dirty as possible, so they
pay no attention to the server's response (if they even hang around to
receive it at all) and never come back to try again.

No user interaction is required in this process and its only
user-perceivable cost is a small delay in receipt of the first message
from any given sender address to the greylisting server.

Greylisting isn't 100% effective, as it doesn't work on spam that comes
through an open relay (or a mailing list...) and some spam mailers
actually implement SMTP properly, but it still works very well. When I
enabled it on my mail server earlier this year, the volume of spam
received immediately dropped by 70-80%.

--
News aggregation meets world domination. Can you see the fnews?
http://seethefnews.com/


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-07-2008, 07:05 PM
Johannes Wiedersich
 
Default IMPORTANT BUSINESS TRANSACTION FOR YOU PLEASE READ AND REPLY!!!!!!

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dave Sherohman wrote on 2008-04-07 17:44:
> On Mon, Apr 07, 2008 at 02:43:56PM +0200, Johannes Wiedersich wrote:
>> IIUC, you propose that there is a special way for non-subscribers to
>> post, that locks out spammers at the same time? How should that work?
>>
>> The only thing I could imagine, is one of those silly 'type the letters
>> that you find in this image' stuff.
>
> I believe the technique you're looking for is "greylisting".

I know the concept of greylisting. Are you sure, that we do want
greylinsting on debian? Do we want that poor lads on dial-up have to
dial-up several times in order to send a simple, short text message?

[...]
> No user interaction is required in this process and its only
> user-perceivable cost is a small delay in receipt of the first message
> from any given sender address to the greylisting server.

It depends. In unlucky situations without permanent internet connection,
the cost could be higher.

The more users use greylisting, the more spammers will find ways around
it (like sending all messages twice, after a delay of several minute).

> Greylisting isn't 100% effective, as it doesn't work on spam that comes
> through an open relay (or a mailing list...) and some spam mailers
> actually implement SMTP properly, but it still works very well. When I
> enabled it on my mail server earlier this year, the volume of spam
> received immediately dropped by 70-80%.

It did reduce the amount of spam, when I had it installed, but most of
the spam I get, is filtered automatically by other means or is from
lists, so the cost of delay time was more precious to me and I removed
it again.

YMMV,

Johannes

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFH+nCQC1NzPRl9qEURAh92AJ9qNm8B1kkSMXaoMJ/+/abTnLalRQCfcJEM
5VQ4zc+PXFS8ZExc7W9aDME=
=tORT
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-07-2008, 08:07 PM
Brian McKee
 
Default IMPORTANT BUSINESS TRANSACTION FOR YOU PLEASE READ AND REPLY!!!!!!

On 7-Apr-08, at 3:05 PM, Johannes Wiedersich wrote:

I believe the technique you're looking for is "greylisting".


I know the concept of greylisting. Are you sure, that we do want
greylinsting on debian? Do we want that poor lads on dial-up have to
dial-up several times in order to send a simple, short text message?


Wouldn't anyone on dialup be using a smarthost ? e.g. their ISP to
send mail?


And isn't it only for the first time that server is used that it
bounces it?


Brian
 
Old 04-08-2008, 05:36 PM
Johannes Wiedersich
 
Default IMPORTANT BUSINESS TRANSACTION FOR YOU PLEASE READ AND REPLY!!!!!!

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Brian McKee wrote on 2008-04-07 22:07:
> On 7-Apr-08, at 3:05 PM, Johannes Wiedersich wrote:
>>> I believe the technique you're looking for is "greylisting".
>>
>> I know the concept of greylisting. Are you sure, that we do want
>> greylinsting on debian? Do we want that poor lads on dial-up have to
>> dial-up several times in order to send a simple, short text message?
>
> Wouldn't anyone on dialup be using a smarthost ? e.g. their ISP to send
> mail?

Not necessarily. Take something like 'reportbug installation-reports'.
[This is not a user mailing list, but a mailing list from debian,
nevertheless.]

A little google [1] on the list archives reveals that apparently
greylisting is implemented on lists.debian.org.

The fact that we still get spam just demonstrates, that greylisting (or
any other measure) is not perfect at fighting spam.

Johannes

[1] http://lists.debian.org/debian-devel-announce/2007/10/msg00004.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFH+60UC1NzPRl9qEURAgYBAJ9UTz4SLWtMF8R+Bk6OJS 56BvgKjACdEF3T
RooWtLGnBboR+pD8x2AZMzk=
=HGkW
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-08-2008, 09:07 PM
Mohaa Ali
 
Default IMPORTANT BUSINESS TRANSACTION FOR YOU PLEASE READ AND REPLY!!!!!!

You're invited to:
*
IMPORTANT BUSINESS TRANSACTION FOR YOU PLEASE READ AND REPLY!!!!!!

By your host:
*
Mohaa Ali

*






Date:
*
Tuesday April 8, 2008




Time:
*
7:00 pm - 8:00 pm
*(GMT +00:00)











*

Will you attend?
*
RSVP to this invitation







Copyright 2008
*Yahoo! Inc.*All Rights Reserved |
Terms of Service | Privacy Policy
 
Old 04-08-2008, 09:18 PM
Yusuf Ali
 
Default IMPORTANT BUSINESS TRANSACTION FOR YOU PLEASE READ AND REPLY!!!!!!

You're invited to:
*
IMPORTANT BUSINESS TRANSACTION FOR YOU PLEASE READ AND REPLY!!!!!!

By your host:
*
Yusuf Ali

*






Date:
*
Tuesday April 8, 2008




Time:
*
9:00 pm - 10:00 pm
*(GMT +00:00)





Street:
*
ALWAYS REPLY ME WITH MY ALTERNATIVE EMAIL ADDRESS;(yusuf_ali55@voila.fr)








*

Will you attend?
*
RSVP to this invitation







Copyright 2008
*Yahoo! Inc.*All Rights Reserved |
Terms of Service | Privacy Policy
 
Old 04-10-2008, 06:41 PM
"Steve Lamb"
 
Default IMPORTANT BUSINESS TRANSACTION FOR YOU PLEASE READ AND REPLY!!!!!!

On Wed, April 9, 2008 2:23 pm, Chris Bannister wrote:
> Yeah, but it makes it more difficult for new Debian users to get
> answers to their problems if you *also* have reply to list as Policy. In
> fact, the more I think about it, the more illogical it seems.

Which is moot since D-U does not nor will ever have reply-to list. 2822
killed that debate.

--
Steve Lamb


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 01:02 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org