On Thu, Jan 29, 2009, Ralph Angenendt wrote:
>The CentOS team likes to offer an apology for the political spam mails
>which went through our mail servers earlier today.
>
>Due to the nature of mailing list software for public discussion groups,
>there aren't that many security measures which can be taken to check which
>mails are supposed to get through and which mails aren't. Total safety can
>only be had by a moderation of all lists - and that is not where we want
>to go.
We have set up Mailman to use the Spamassassin spamd program to
check incoming messages before any other tests are done.
This probably would not have done any good though for these
messages as the were passed into my bulk mail folder here after
our local Spamassassin checks so they had a score <= 4.00 which
is my personal cutoff at which point they go into the spam folder.
The Mailman lists we host are all subscriber-only, as I believe
the CentOS lists are, but this doesn't do any good if the sender
trivially forges the Sender and/or From: headers.
Some spam is going to get through to a mailing list regardless of
the anti-spam measures taken (I have accidentally approved spam
that was forwarded to me for moderation). The only thing is to
remember the short version of the Serenity Prayer -- ``sh*t
happens''.
Bill
--
INTERNET: bill@xxxxxxxxxxxxx Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way
Voice: (206) 236-1676 Mercer Island, WA 98040-0820
Fax: (206) 232-9186
If you want government to intervene domestically, you're a liberal. If you
want government to intervene overseas, you're a conservative. If you want
government to intervene everywhere, you're a moderate. If you don't want
government to intervene anywhere, you're an extremist -- Joseph Sobran
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
