[prev in list] [next in list] [prev in thread] [next in thread] 

List:       e-lang
Subject:    [e-lang] Off-topic: seeking advice about the spam
From:       "Jonathan S. Shapiro" <shap () eros-os ! org>
Date:       2004-07-21 14:12:48
Message-ID: 1090419140.11436.14.camel () mikado ! cs ! jhu ! edu
[Download RAW message or body]

Just so everyone knows, I have been fighting a slow war of escalation
with one of the virus senders. Let me describe the problem for you:

Mailman decides what posts to accept by checking the sender's email
address. Unfortunately, this email address is forgeable, so if a virus
sender can determine the email address for some member of the list they
can send out anything they want.

At first, the problem was limited to eros-doc, where I had accidentally
left email addresses visible. All of these messages originated from a
common alleged host, and I was able to suppress them by adding a filter
rule without turning off the actual user.I can do the same for all the
other newsgroups, but I think the problem is larger than this. Recently,
the spammer has been probing other lists on the eros-os.org site, and
has become more sophisticated about the source host.

Unfortunately, turning off multipart/mixed may be a bad solution. I
believe that there are some email signing systems that use this, and
that users on some of our lists actually do use these signing schemes.

Because of the volume of spam we get to these lists (over 1000 per day,
collectively) it is simply not feasible to hand-check the messages for
validity. It *is* feasible to reject subscription requests on a user by
user basis.

I have been debating what to do about all this without finding much in
the way of a good solution. I would welcome suggestions.

So far the best approach I have come up with is to migrate from an
email-based list to a newsgroup based system. For the kinds of things we
are doing, there are some advantages to newsgroups:

  1. We can give each poster an account and authenticate them.
  2. Discussion threads tend to remain intact, and news readers
     tend to know how to present them using a threaded view.

We can easily set up a news server on eros-os.org, and we can configure
it to *never* expire messages. Better still, we can configure it so that
each discussion group has a corresponding archive group. All messages go
to both groups. Messages in the archive group never expire, but messages
in the active group expire after 60 days. This will help reduce clutter
in the group reader agents.

For Windows-based users, the newsgroup mechanism will appear in Outlook
and will go bold when there is stuff you haven't seen. Other interfaces
appear to have similar behavior.

One approach to solving the notification problem, if that proves to be
desirable, is that I could set up an RSS feed that shows recent
postings. RSS feeds are the things that drive the "summary" view in
evolution, for those of you who use that. Various browsers support RSS,
and there are windows-based notification tools that use RSS also.

Ironically, netnews was *created* to support discussion groups. It was
abandoned largely because of spam, but for something like our discussion
groups we can solve the spam problem if we can get even a mild
authentication system going (which should be pretty easy).

If I work at it a bit, I can probably also make it be true that you only
need one account to contribute to any discussion group.

Reactions?


shap

_______________________________________________
e-lang mailing list
e-lang@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/e-lang
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic