On Mon, 2006-01-23 at 16:26 -0800, Kenneth Porter wrote: > The page says that the challenge message preserves only the subject > line. How about injecting the subscriber ID into the subject line of > the monthly reminder emails? (I auto-file those to a separate > Administrivia folder.) That's the one regular message coming from the > list itself (ie. not a subscriber) so the bounce goes back to the > list admin where it can be analyzed to remove the miscreants. > > The mailman patch should be published so that other lists can benefit > from this. I googled the uol.com.br domain and see the problem > reported on a lot of other lists. Other mailing lists that I've been on avoid this sort of thing by having a double confirmation when you sign up: You sign up, get sent back a confirmation e-mail, you reply back to confirm, and another message is sent to you confirming all of that. The process requires interaction from you for the confirmations to work, and a bounce message from a stupid anti-spam system wouldn't confirm you, so you wouldn't get any list mail (and, therefore, couldn't send idiotic bounces back to the list one way or another). Automatically stopping twits like that from getting on the list in the first place would be a good step forward. Let them learn how to properly configure their anti-spam systems before letting them on the list. You could even do a triple confirmation, where you test them by sending a mail with some other "from" address than the list, to check that they're not going to bounce messages addressed that way. Your anti-spam system would have to allow messages "to" and "from" the list, while "addressed" as being "from" other people, to participate. If you can't manage that, then you get kicked off the list. The logic to do that sort of subscription filtering isn't too convoluted. -- Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
