[OT] RE: bogofilter ate 3/5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 7 Sep 2006, Stuart MacDonald wrote:

From: On Behalf Of Chase Venters
You can check the From: or envelope sender against the subscriber
database. Forgery isn't a concern because we're not trying to stop
forgery with this method. Subscribers subscribing one address

Forgery is always a concern...

The perl script behaves as an optional autoresponder.
Autoresponders would
respond to spam as well (well, unless you put a spam filter
in front of
them, but I assume that many don't).

..because autoresponders are always replying to forged addresses:
http://www.spamcop.net/fom-serve/cache/329.html

Also note that a number of people (myself included, at work
anyway) have
perl scripts that respond to all incoming mail and require a
reply cookie from original
envelope senders. We do it because it almost entirely
prevents spam from
arriving in our inboxes (I say almost because there is the occasional

Autoresponder by another name, see above URL.

Fortunately, the bulk of bulk mail I receive these days is forged but not forged from legitimate users. To give you an example from my daily log (which is e-mailed to me so I can keep an eye on the insanity):

2006-09-06T06:25:11 -- Challenged 'Beliefnet Daily Inspiration <[email protected]>' 2006-09-06T06:40:23 -- Challenged '"[email protected]" <[email protected]>' 2006-09-06T09:56:13 -- Challenged '"LexingtonLawBringsYou" <[email protected]>' 2006-09-06T12:25:34 -- Challenged '"OFFER CONFIRMATION." <[email protected]>' 2006-09-06T12:30:39 -- Challenged '"Rate Alert!" <[email protected]>' 2006-09-06T12:57:54 -- Challenged '"Rate Alert!" <[email protected]>' 2006-09-06T12:57:56 -- Challenged '"OFFER CONFIRMATION." <[email protected]>' 2006-09-06T13:08:02 -- Challenged '"PlatinumRewardsClubEmailOffers" <[email protected]>' 2006-09-06T13:34:18 -- Challenged '"CellPhoneGiveawaysNetDeals" <[email protected]>'
2006-09-06T13:39:23 -- Challenged '"Barber" <[email protected]>'
2006-09-06T13:59:36 -- Challenged '"Barber" <[email protected]>'
2006-09-06T14:08:44 -- Challenged '"LifeScript Healthy Advantage" <[email protected]>'
2006-09-06T14:27:00 -- Challenged 'FS Report <[email protected]>'
2006-09-06T14:46:12 -- Challenged '"OFFER_C0NFIRMATI0N!" <[email protected]>'
2006-09-06T15:07:26 -- Challenged '"Maureen&Team" <[email protected]>'
2006-09-06T15:07:27 -- Delivered message from 'Sune Kloppenborg Jeppesen <[email protected]>' (whitelist) 2006-09-06T15:09:30 -- Challenged '"BHG.com Kitchen"<[email protected]>' 2006-09-06T15:11:40 -- Challenged '"1 2 3 I n k Jets" <[email protected]>'

If these challenges bounce (_many_ of them do), the box and host end up on the blacklist.

..Stu



Thanks,
Chase
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux