[prev in list] [next in list] [prev in thread] [next in thread]
List: perl5-porters
Subject: Re: Moderation lag
From: Eric Cholet <cholet () logilune ! com>
Date: 2005-10-30 19:03:50
Message-ID: 712574FF-0B26-4223-8C2D-0FFCAA960035 () logilune ! com
[Download RAW message or body]
Le 30 oct. 05 à 19:44, Tels a écrit :
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Moin,
>
> On Sunday 30 October 2005 17:21, John E. Malmberg wrote:
>
>> Tels wrote:
>>
>>>>> (If you have a more strict set of filter rules than just the
>>>>> From:,
>>>>> you
>>>>> may look for a message-id ending in @bloodgate.com, and a
>>>>> X-pair-Authenticated: U.X.Y.Z line, too :)
>>>>>
>>>>
>>>> I don't have filters, that would defeat my role of being the human
>>>> filter of last resort. I just look at the messages contents and
>>>> discard the spam.
>>>>
>>
>> Spammers routinely spoof those types of tags and message IDs, so
>> exempting them from moderation would probably increase the amount of
>> spam that gets through.
>>
>
> I think I made that not clear:
>
> When you are auto-approved, any email with the correct From: get's
> automatically through. Thats what I guess it does, anyway.
>
> Since spammers routinely forge the From, right now any mail with a
> forged
> From: would go through, but it shouldn't if it isn't really from me.
>
> I asked if the moderators can put in a more strict rule-set, like
> checking
> for an additional approved-by and message ID signature. Yes, spammers
> forge these, but having them forge the right condition is more
> unlikely
> than just relying on the From:.
>
> An even better solution would be to check the PGP signature.
>
> I have no idea what exactly the auto-approval mechanism checks,
> though.
Unfortunately the only option I have available as a moderator is to
allow an email address -- as far as I know: there maybe some ezmlm
plugin or somesuch that could achieve what you suggest, but I am not
aware of it. Although allowing posts based on the sender's address
(whether subscribed or on the allow list) seems fragile, it has been
working very well, we've seen only a few virus emails make it to the
lists.
--
Eric Cholet
Any view of things that is not strange is false
["PGP.sig" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic