[OT] RE: bogofilter ate 3/5

From: Chase Venters
Date: Thu Sep 07 2006 - 10:06:08 EST

Next message: James Cross: "[PATCH] fix /proc/partitions oops"
Previous message: James Bottomley: "Re: Linux 2.6.18-rc6"
In reply to: Stuart MacDonald: "RE: bogofilter ate 3/5"
Next in thread: Chase Venters: "RE: bogofilter ate 3/5"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 7 Sep 2006, Stuart MacDonald wrote:

From: On Behalf Of Chase Venters
You can check the From: or envelope sender against the subscriber
database. Forgery isn't a concern because we're not trying to stop
forgery with this method. Subscribers subscribing one address

Forgery is always a concern...

The perl script behaves as an optional autoresponder.
Autoresponders would
respond to spam as well (well, unless you put a spam filter
in front of
them, but I assume that many don't).

..because autoresponders are always replying to forged addresses:
http://www.spamcop.net/fom-serve/cache/329.html

Also note that a number of people (myself included, at work
anyway) have
perl scripts that respond to all incoming mail and require a
reply cookie from original
envelope senders. We do it because it almost entirely
prevents spam from
arriving in our inboxes (I say almost because there is the occasional

Autoresponder by another name, see above URL.

Fortunately, the bulk of bulk mail I receive these days is forged but not forged from legitimate users. To give you an example from my daily log (which is e-mailed to me so I can keep an eye on the insanity):

2006-09-06T06:25:11 -- Challenged 'Beliefnet Daily Inspiration <BeliefnetDailyInspiration@xxxxxxxxxxxxxxxxxxxxx>'
2006-09-06T06:40:23 -- Challenged '"newsletters@xxxxxxxxxxxx" <newsletters@xxxxxxxxxxxx>'
2006-09-06T09:56:13 -- Challenged '"LexingtonLawBringsYou" <LexingtonLawBringsYou@xxxxxxxxxxxxxxxxxxxxx>'
2006-09-06T12:25:34 -- Challenged '"OFFER CONFIRMATION." <slt@xxxxxxxxxxxxxxxxxxxxxx>'
2006-09-06T12:30:39 -- Challenged '"Rate Alert!" <LocalRate@xxxxxxxxxxxxxxxxxxxxxxxx>'
2006-09-06T12:57:54 -- Challenged '"Rate Alert!" <LocalRate@xxxxxxxxxxxxxxxxxxxxx>'
2006-09-06T12:57:56 -- Challenged '"OFFER CONFIRMATION." <slt@xxxxxxxxxxxxxxxxxxx>'
2006-09-06T13:08:02 -- Challenged '"PlatinumRewardsClubEmailOffers" <PlatinumRewardsClubEmailOffers@xxxxxxxxxxxxxxxxx>'
2006-09-06T13:34:18 -- Challenged '"CellPhoneGiveawaysNetDeals" <CellPhoneGiveawaysNetDeals@xxxxxxxxxxxxxxxxxxxx>'
2006-09-06T13:39:23 -- Challenged '"Barber" <lpb@xxxxxxxxxxxxxxxxxx>'
2006-09-06T13:59:36 -- Challenged '"Barber" <lpb@xxxxxxxxxxxxxxxxxx>'
2006-09-06T14:08:44 -- Challenged '"LifeScript Healthy Advantage" <LifeScriptHealthyAdvantage@xxxxxxxxxxxxxx>'
2006-09-06T14:27:00 -- Challenged 'FS Report <freeinkplus@xxxxxxxxxxxxxx>'
2006-09-06T14:46:12 -- Challenged '"OFFER_C0NFIRMATI0N!" <ndc@xxxxxxxxxxxxxxxxxxxxxxxx>'
2006-09-06T15:07:26 -- Challenged '"Maureen&Team" <maureen@xxxxxxxxxxxx>'
2006-09-06T15:07:27 -- Delivered message from 'Sune Kloppenborg Jeppesen <jaervosz@xxxxxxxxxx>' (whitelist)
2006-09-06T15:09:30 -- Challenged '"BHG.com Kitchen"<Recipe@xxxxxxxxxxxxx>'
2006-09-06T15:11:40 -- Challenged '"1 2 3 I n k Jets" <ikj@xxxxxxxxxxxxxxxxxxxxxxxx>'

If these challenges bounce (_many_ of them do), the box and host end up on the blacklist.

..Stu

Thanks,
Chase
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: James Cross: "[PATCH] fix /proc/partitions oops"
Previous message: James Bottomley: "Re: Linux 2.6.18-rc6"
In reply to: Stuart MacDonald: "RE: bogofilter ate 3/5"
Next in thread: Chase Venters: "RE: bogofilter ate 3/5"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]