[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-crypto
Subject:    Re: Somebody stop the junk mail!
From:       Hubert Chan <hubert () uhoreg ! ca>
Date:       2005-03-31 1:33:34
Message-ID: 87mzsk7g5t.fsf () evinrude ! uhoreg ! ca
[Download RAW message or body]

>>>>> "Rik" == Rik van Riel <riel@surriel.com> writes:

Rik> On Wed, 30 Mar 2005, Hubert Chan wrote:
>> What I'm proposing is that messages that meet any of the following
>> criteria are accepted:
>> 
>> - messages from subscribers
>> - messages from whitelisted people

Rik> Would it be acceptable to have a "self whitelisting" system here -
Rik> ie. a "mailing list" that people can subscribe to, but not post to,
Rik> and subscribers from that silent list would be allowed to post to
Rik> the linux-crypto list ?

That would be fine with me.  I guess if nobody complains about this, we
can go ahead with this.

Rik> Something like that can be implemented in minutes, using the
Rik> software that is already installed.

>> - PGP/GPG-signed messages (if spammers start signing their messages,
>> this can be made more strict -- e.g. signed messages with public key
>> on a keyserver, etc.)  
>> - replies to messages that already got through (checked via the
>> References/In-Reply-To header)

Rik> These two will be a bit harder, since ecartis only has a
Rik> blacklisting mechanism, but not a whitelisting one.

That's unfortunate.  I guess we can try it out without these, and see
how annoying it is to new people, although my guess is that it should be
mostly fine.

>> - messages with a low SpamAssassin (or other spam filtering software)
>> score

Rik> This would let through a lot of the 419 mails, which seem to be the
Rik> bulk of the spam making it through the filters currently.
Rik> Are you sure you want this ?

In that case, probably not.

I don't know if there's any easy way to get stats on this, but is there
any reasonable cut-off point that would stop most of the 419 mails, but
let in a reasonable amount of real mail?  (Reasonable, so that it's
useful to actually implement it.)  I'm thinking of something like the
-1.0 or -2.0 range.

>> Everything else is either rejected, or held for further approval by
>> the administrators (depending on how much work this would create for
>> the administrators).

Rik> Any volunteers ?

I wouldn't mind helping out.  Although I probably wouldn't be able to
take it all on (e.g. I may be out of town at some points).

The amount of spam that actually does get through doesn't seem to be
that much (and after we close the list, that should get rid of the guy
who's using the list address to sign up for various things), so my guess
is that this should only require a couple other people.

-- 
Hubert Chan <hubert@uhoreg.ca> - http://www.uhoreg.ca/
PGP/GnuPG key: 1024D/124B61FA
Fingerprint: 96C5 012F 5F74 A5F7 1FF7  5291 AF29 C719 124B 61FA
Key available at wwwkeys.pgp.net.   Encrypted e-mail preferred.


-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



[prev in list] [next in list] [prev in thread] [next in thread]