Re: [Fwd: Meta-issue: recent spam surge]

[Greg A. Woods]

[ On Wednesday, October 24, 2001 at 10:40:12 (-0400), Derek R. Price wrote: ]
> Subject: Re: [Fwd: Meta-issue: recent spam surge]
>
> [[....]], in my experience I usually get a copy of each spam in my
> personaly mailbox as well as the copy sent to each mailing list I
> read.

90% to maybe 99% of the spam I get from the CVS list is always otherwise
blocked from directly reaching my site by very simple and obvious SMTP
filters designed only for security policy fulfillment -- i.e. not
allowing my system to be a party of any theft of service or fraud.
These are implemented with various DNS black lists.

For example the latest SMTP-originated spam from this list that I
haven't yet deleted was received at fencpost.gnu.org from a server
that's listed in all but one of the major open relay black lists:

$ rblookup 202.108.122.77
77.122.108.202.relays.osirusoft.com A 127.0.0.2
77.122.108.202.relays.osirusoft.com has no TXT record (Authoritative answer)
77.122.108.202.relays.ordb.org A 127.0.0.2
77.122.108.202.relays.ordb.org  TXT     "Blackholed by ORDB -- see 
http://ordb.org/lookup/?host=202.108.122.77";
77.122.108.202.outputs.orbz.org A 127.0.0.2
77.122.108.202.outputs.orbz.org TXT     "Open relay. Please see 
http://orbz.org/?202.108.122.77";

ORBZ and ORDB both provide verifiable, mechanical only, listings of
proven open relays.  Both have quite reasonable update times and are
easy to get de-listed from once you've fixed your mailer.  Osirusoft's
list is somewhat more comprehensive, but can be tuned by using the value
of the A RR returned; and they are the only list actively maintaining
ranges of dialup and other dynamically addressed ports which are never
sources of legitimate authorised SMTP connections.

There's still the issue of the newsgroup gateway, but a minor delay in
its processing would probably allow time for most spams to be cancelled.
(at least I think the cancelbots are still running, no?)

Unfortunately the powers that be at gnu.org have decreed that even spam
shall not be blocked, filtered, or otherwise rejected by their mailers
because they are afraid they will reject even one legitimate message
from someone.  They seem to believe that any amount of spam is
preferable to rejecting one legitimate message.

This is the last gnu.org list I subscribe to -- for some reason the spam
levels on it are somewhat less than I experienced on other gnu.org lists
I formerly subscribed to (the worst were the emacs lists and the vm
list, though the auto* lists were pretty bad too).

If list operators don't start doing something about the spam issue their
forums will eventually become unviable for their desired purpose.  You
may not all appreciate my input to this list (and my former input to the
other gnu.org lists), but I'm far from the only person I know who
generally posted more answers and information than questions and who has
dropped off these forums because of the spam levels and the
unwillingness of the gnu.org operators to do anything at all about it.

-- 
                                                        Greg A. Woods

+1 416 218-0098      VE3TCP      <address@hidden>     <address@hidden>
Planix, Inc. <address@hidden>;   Secrets of the Weird <address@hidden>