Patrick R. McManus wrote: > [Joe Touch: Sat, Mar 16, 2002 at 02:03:22PM -0800] > >>Patrick R. McManus wrote: ... >>>The e2e-interest blacklist is new. It appears to be a reaction to the >>>embarrassing amount of spam that that list has redistributed over the >>>last couple of years >>> >>It's a little over a year since we converted from full-open to >>spam-limited. >> > > I guess I'm referring to the recent blacklist changes I remember you > writing about.. They stuck in my head because there was a big flurry > of messages about a February spam on that list. Yeah - because Mailman's filter field is limited, and it took a little time to determine how to combine procmail's capability with Mailman at our site. > http://www.postel.org/pipermail/end2end-interest/2002-February/001760.html > http://www.postel.org/pipermail/end2end-interest/2002-March/001902.html > > Indeed I only see 2 spam in feb's archive - not exactly an > overwhelmingly large number, We didn't have enough of a problem then to warrant dealing with it. March was a different issue. > Nonetheless, the necessary recent adjustment alone > is clear evidence the system needs constant administrative attention The filter switch was prompted by the event of March's flurry; the spam filter went from nonexistant (actually, only filtering certain kinds of prohibited posts, rather than spam per se), to existant (using a procmail keyword list that has been in use for other lists for several years, without substantial tweaking). The blacklist you refer to involved the yahoogroups.com list; this was needed because the list WAS subscribed to our list, and DID NOT contain any typical spam key words. This is a fall-through that breaks both our default assumptions, so simply is always going to require attention. > Additionally, I just checked the February archives of three other must > be registered to post mailing lists I'm on and they had 0 spams for > that period. They might have had filters. We didn't then. Or had 'user only' posts, in which case what you did not see were the users who had trouble posting or decided not to bother due to the complexity. I.e., this information can't be used to form a substantive conclusion. >>I believe that spam should be filtered out because of WHAT it is, not >>because of WHO it comes from. > > And frankly, that's going to constantly mean you live on the > censorship line. We both do; pity you do not yet see that. (vs. registration) ... > Under this scenario if you crossposted to a new IETF list (say in > response to a last call) you'd get back (more or less) immediately a > message that says "Hey, you're new to this list and I need to verify > that all new people aren't really spammers before I can post your > message. Are you really a person? If so you can reply to this message > with authcode XYZA in the body I looked at that solution too. It works, but again raises the bar higher for posters than I think is reasonable for an open list. There are times when I want to let people post, even if they don't have a valid reply mailing list. All I care about is content. >>I support a >>system that allows spam if the user subscribes (an issue you have not >>yet addressed). > > I assume that's a typo and you mean you don't support a system that > allows spam if the user subscribes. (At least that's consistent with > your message). Typo. I mean "you support...". I.e., you cannot handle spam from real users. Yes, yahoogroups.com 'registered' as a user. I can unsubscribe it, but automatic subscription is too easy to be useful as a deterrent. >> - to you, spam is defined by user >> and assumes a correlation between user and content > > I think this is a little unfair. It implies that some people have less > right to post than others because they are suspected spammers. When > the issue isn't about people at all, it's about forged From:'s and > automated spam bots (i.e. addresses, not users). There are users who still send spam (antivirus messages from automated scanners and vacation messages come to mind). I'm not saying they shouldn't post, but their spam shouldn't make it through. > Anybody that will > verify that they really are able to interpret responses sent back to > the address they post from should be allowed to post - heck, even > anonymous remailers are supported this way. Yes, but they will post their antiviruses and vacation info as well too. Again, the only way to filter spam is to filter spam. > I think you're implying a scenario where user X sends 9 on topic > messages and for the 10th one sends a "CHEAP LASER TONER REFILLS" > missive before returning to his thoughtful analysis. That just doesn't > happen often[1]. It was, in fact, the reason we even installed filters (for antivirus in particular) about a year ago (before we put in spam filters. FWIW, before you bother to use the current spam rate as a metric, I only put a test one in so far. the full one, based on a static list of keywords that has been in use for several years, goes in next week). > [1] Obviously spammers could forge real-subscribee's names as Keith > has said he has seen. An issue which your solution does not address. > Personally, I'm shocked.. Yes, but just goes to show that your solution may become less useful. Joe