10 Jan
2006
10 Jan
'06
7:15 p.m.
Can someone do something about the spam? I just have to "stand up", "be
erect", "be solid", and do it longer than ever before, to get this stopped.
(Unless it lasts more than 4 hours, then I'll see a doctor)
Mike
10 Jan
10 Jan
7:36 p.m.
On Tue, 2006-01-10 at 19:13 -0600, Mike Moranz wrote:
Can someone do something about the spam? I just have
to "stand up", "be
erect", "be solid", and do it longer than ever before, to get this
stopped.
(Unless it lasts more than 4 hours, then I'll see a doctor)
Mike
Heh the million dollar complaint about email these days.
Or should I say billion dollar... I forget what the current
corporate estimates are for the amount of money spent trying
to deal cut down on spam.
Unfortunately it appears that the spaammer have as much
access to the spam filtering methods as the rest of us
and they are doing a good job of keeping ahead of the
filter rules.
There is still the option of closing the list to subscribers
only but that always gets voted down and being to annoying.
7:50 p.m.
Seems odd, but I don't get any of the SPAM others complain about. Must be the
ISP. My VISI.com account is protected by the Postini spam service.
- Hipple
Quoting Russell Cattelan <cattelan(a)xfs.org>:
On Tue, 2006-01-10 at 19:13 -0600, Mike Moranz wrote:
Can someone do something about the spam? I just
have to "stand up", "be
erect", "be solid", and do it longer than ever before, to get this
stopped.
(Unless it lasts more than 4 hours, then I'll see a doctor)
Mike
Heh the million dollar complaint about email these days.
Or should I say billion dollar... I forget what the current
corporate estimates are for the amount of money spent trying
to deal cut down on spam.
Unfortunately it appears that the spaammer have as much
access to the spam filtering methods as the rest of us
and they are doing a good job of keeping ahead of the
filter rules.
There is still the option of closing the list to subscribers
only but that always gets voted down and being to annoying.
9:47 p.m.
Gary D Hipple wrote:
Seems odd, but I don't get any of the SPAM others
complain about. Must be the
ISP. My VISI.com account is protected by the Postini spam service.
Yup probably.
VISI has an at least one dedicated engineer keeping up with there
postini filtering.
Unfortunatly I probably can't affort the postini service for thebarn.com.
I try to keep SpamAssassin uptodate as possible and in the past SA usally
does a good job... but ya it's not keeping up as much as it should.
But just for reference SA has found this many spam's since 9am this morning.
slurp[9:42pm]-=>grep spam /var/log/maillog | grep identified | wc -l
591
slurp[9:44pm]-=>grep spam /var/log/maillog | grep process |wc -l
710
- Hipple
Quoting Russell Cattelan <cattelan(a)xfs.org>:
On Tue, 2006-01-10 at 19:13 -0600, Mike Moranz
wrote:
Can someone do something about the spam? I just
have to "stand up", "be
erect", "be solid", and do it longer than ever before, to get this stopped.
(Unless it lasts more than 4 hours, then I'll see a doctor)
Mike
Heh the million dollar complaint about email these days.
Or should I say billion dollar... I forget what the current
corporate estimates are for the amount of money spent trying
to deal cut down on spam.
Unfortunately it appears that the spaammer have as much
access to the spam filtering methods as the rest of us
and they are doing a good job of keeping ahead of the
filter rules.
There is still the option of closing the list to subscribers
only but that always gets voted down and being to annoying.
10:25 p.m.
Since we're all giving our thoughts here -- How about using an RBL
(Real-time Blacklist) via rblsmtpd on the smtp server in combination
with SpamAssassin? Personally I went from getting 300-500 SPAM a day
(without any spam protection) to next to nothing (5-10) -- and some days
nothing.
It's been working fairly well except for the spam sent through mba.
Ryan
Russell Cattelan wrote:
Gary D Hipple wrote:
Seems odd, but I don't get any of the SPAM
others complain about.
Must be the
ISP. My VISI.com account is protected by the Postini spam service.
Yup probably.
VISI has an at least one dedicated engineer keeping up with there
postini filtering.
Unfortunatly I probably can't affort the postini service for thebarn.com.
I try to keep SpamAssassin uptodate as possible and in the past SA usally
does a good job... but ya it's not keeping up as much as it should.
But just for reference SA has found this many spam's since 9am this
morning.
slurp[9:42pm]-=>grep spam /var/log/maillog | grep identified | wc -l
591
slurp[9:44pm]-=>grep spam /var/log/maillog | grep process |wc -l
710
- Hipple
Quoting Russell Cattelan <cattelan(a)xfs.org>:
On Tue, 2006-01-10 at 19:13 -0600, Mike Moranz
wrote:
Can someone do something about the spam? I just
have to "stand
up", "be
erect", "be solid", and do it longer than ever before, to get this
stopped.
(Unless it lasts more than 4 hours, then I'll see a doctor)
Mike
Heh the million dollar complaint about email these days.
Or should I say billion dollar... I forget what the current
corporate estimates are for the amount of money spent trying
to deal cut down on spam.
Unfortunately it appears that the spaammer have as much
access to the spam filtering methods as the rest of us
and they are doing a good job of keeping ahead of the
filter rules.
There is still the option of closing the list to subscribers
only but that always gets voted down and being to annoying.
11:11 p.m.
RBLs have the nasty habit of also filtering out legitimate email due to
overzealous RBL maintainers who blacklist entire domains over dubious
complaints. I'd be leary of giving any RBL too much power.
Ryan Sinn wrote:
Since we're all giving our thoughts here -- How
about using an RBL
(Real-time Blacklist) via rblsmtpd on the smtp server in combination
with SpamAssassin? Personally I went from getting 300-500 SPAM a day
(without any spam protection) to next to nothing (5-10) -- and some
days nothing.
It's been working fairly well except for the spam sent through mba.
Ryan
Russell Cattelan wrote:
Gary D Hipple wrote:
Seems odd, but I don't get any of the SPAM
others complain about.
Must be the
ISP. My VISI.com account is protected by the Postini spam service.
Yup probably.
VISI has an at least one dedicated engineer keeping up with there
postini filtering.
Unfortunatly I probably can't affort the postini service for
thebarn.com.
I try to keep SpamAssassin uptodate as possible and in the past SA
usally
does a good job... but ya it's not keeping up as much as it should.
But just for reference SA has found this many spam's since 9am this
morning.
slurp[9:42pm]-=>grep spam /var/log/maillog | grep identified | wc -l
591
slurp[9:44pm]-=>grep spam /var/log/maillog | grep process |wc -l
710
- Hipple
Quoting Russell Cattelan <cattelan(a)xfs.org>:
On Tue, 2006-01-10 at 19:13 -0600, Mike Moranz
wrote:
> Can someone do something about the spam? I just have to "stand
> up", "be
> erect", "be solid", and do it longer than ever before, to get this
> stopped.
> (Unless it lasts more than 4 hours, then I'll see a doctor)
> Mike
>
Heh the million dollar complaint about email these days.
Or should I say billion dollar... I forget what the current
corporate estimates are for the amount of money spent trying
to deal cut down on spam.
Unfortunately it appears that the spaammer have as much
access to the spam filtering methods as the rest of us
and they are doing a good job of keeping ahead of the
filter rules.
There is still the option of closing the list to subscribers
only but that always gets voted down and being to annoying.
11:17 p.m.
You might not be seeing them, but RBL is a poor idea because it has way
too many "false positives". That is, quite a bit of your legitimate
email is going to be considered spam, and you won't get it.
Once one spammer borrows an AOL account (and they do it all the time),
then all of aol.com is blacklisted in RBL for several days, and nobody
at aol.com can send you any legitimate mail. That includes your Aunt
Zelda who uses aol, who won't be able to send you email. Here at the
university, we have constant fights with RBL because spammers love to
fake our return address, and then we cannot send any outbound mail. Or
if one student in one dorm room lets their PC get hacked and turned into
a spam-bot, that's another reason they'll blacklist the entire
university for several days. When you RBL us, any mail sent to you from
a list bounces back and often results in your list subscribtion being
automatically unsubscribed. This is *NOT* a solution, because mainly it
punishes the victims.
The sheer quantity of spam seems to have doubled since about Christmas
Day. Don't know why, but it has.
We use spamassassin. What is unbelievable is that the dozen or so that
get throguh to me every day, represents about 1% of the spam that is
actually directed my way, so it's really amazingly effective considering
the onslaught. We are using a supercomputer-sized system staffed by 1.0
FTE just to run spamassassin and keep it updated. Since Christmas Day,
it's been overwhelmed and we are rushing to upgrade it. The email stream
overall is now running about 90% spam and 10% legitimate. (This is
called "the spam-to-ham ratio" among us who deal with it for a living.
Ham is the good stuff.)
Write your congressman to urge the United States to really outlaw spam,
as Australia has done with some success. The "can spam act" was a sham
that actually encourages more spam. If the U.S. can do it so
successfully with spam telephone calls interrupting you at dinnertime,
then we can do it with email. When you talk to your congressman, ask
them to consider the cost to the taxpayers of just the federal
government's own spam blocking efforts. It's got to be astronomical,
just for the government's own operations.
Meanwhile, why not enjoy it? Nearby to you all is the Spam Museum, in
Austin MN.
Roger Deschner University of Illinois at Chicago rogerd(a)uic.edu
======== Spam, spam, spam, spam. Spam, spam, spam, spam, SPAM! =========
=================== -- Monty Python's Flying Circus ====================
On Tue, 10 Jan 2006, Ryan Sinn wrote:
Since we're all giving our thoughts here -- How
about using an RBL
(Real-time Blacklist) via rblsmtpd on the smtp server in combination
with SpamAssassin? Personally I went from getting 300-500 SPAM a day
(without any spam protection) to next to nothing (5-10) -- and some days
nothing.
It's been working fairly well except for the spam sent through mba.
Ryan
Russell Cattelan wrote:
Gary D Hipple wrote:
Seems odd, but I don't get any of the SPAM
others complain about.
Must be the
ISP. My VISI.com account is protected by the Postini spam service.
Yup probably.
VISI has an at least one dedicated engineer keeping up with there
postini filtering.
Unfortunatly I probably can't affort the postini service for thebarn.com.
I try to keep SpamAssassin uptodate as possible and in the past SA usally
does a good job... but ya it's not keeping up as much as it should.
But just for reference SA has found this many spam's since 9am this
morning.
slurp[9:42pm]-=>grep spam /var/log/maillog | grep identified | wc -l
591
slurp[9:44pm]-=>grep spam /var/log/maillog | grep process |wc -l
710
- Hipple
Quoting Russell Cattelan <cattelan(a)xfs.org>:
On Tue, 2006-01-10 at 19:13 -0600, Mike Moranz
wrote:
> Can someone do something about the spam? I just have to "stand
> up", "be
> erect", "be solid", and do it longer than ever before, to get this
> stopped.
> (Unless it lasts more than 4 hours, then I'll see a doctor)
> Mike
>
Heh the million dollar complaint about email these days.
Or should I say billion dollar... I forget what the current
corporate estimates are for the amount of money spent trying
to deal cut down on spam.
Unfortunately it appears that the spaammer have as much
access to the spam filtering methods as the rest of us
and they are doing a good job of keeping ahead of the
filter rules.
There is still the option of closing the list to subscribers
only but that always gets voted down and being to annoying.
11 Jan
11 Jan
12:02 a.m.
Actually if the tyrade could have started after you'd looked at ordb.org
that would have been nice.
Using relays.ordb.org only blocks open relays that they test on submission.
If someone is running an open email relay and knowingly or unknowingly
distributing SPAM -- I think it's OK to block it. They can either
request a open relay test or wait until the ordb.org scanner checks to
release them from blocking. And because it's an RBL it's relatively
quick about it.
SPAM Assassin has to read content / subject / sender or whatever you
have it setup to do. I used to routinely get 25+ emails on a single day
from the same email address advertizing a products and services because
it was new to that day and never occurred again. the ordb.org RBL
blocks based on sender location rather then content which really saves
you from getting blasted from 25 different open mail relays while each
time receiving the same basic email garbage.
We can disagree on resolution, but we can all agree that SPAM sucks.
The problem isn't whether or not people can spam -- the problem is
people keep buying through that method... otherwise it wouldn't be
profitable and people wouldn't do it. For some reason I think if you
keep asking government to step in they're going to require a one cent
tax per email to try to keep things legitimate even though the only part
they play in the process is taking your money. I know it's a
pessimistic attitude, but they're already gearing up for GPSing your
milage (some already are, Oregon...) because apparently a tax @ the pump
isn't enough.
</rant>
Roger Deschner wrote:
You might not be seeing them, but RBL is a poor idea
because it has way
too many "false positives". That is, quite a bit of your legitimate
email is going to be considered spam, and you won't get it.
Once one spammer borrows an AOL account (and they do it all the time),
then all of aol.com is blacklisted in RBL for several days, and nobody
at aol.com can send you any legitimate mail. That includes your Aunt
Zelda who uses aol, who won't be able to send you email. Here at the
university, we have constant fights with RBL because spammers love to
fake our return address, and then we cannot send any outbound mail. Or
if one student in one dorm room lets their PC get hacked and turned into
a spam-bot, that's another reason they'll blacklist the entire
university for several days. When you RBL us, any mail sent to you from
a list bounces back and often results in your list subscribtion being
automatically unsubscribed. This is *NOT* a solution, because mainly it
punishes the victims.
The sheer quantity of spam seems to have doubled since about Christmas
Day. Don't know why, but it has.
We use spamassassin. What is unbelievable is that the dozen or so that
get throguh to me every day, represents about 1% of the spam that is
actually directed my way, so it's really amazingly effective considering
the onslaught. We are using a supercomputer-sized system staffed by 1.0
FTE just to run spamassassin and keep it updated. Since Christmas Day,
it's been overwhelmed and we are rushing to upgrade it. The email stream
overall is now running about 90% spam and 10% legitimate. (This is
called "the spam-to-ham ratio" among us who deal with it for a living.
Ham is the good stuff.)
Write your congressman to urge the United States to really outlaw spam,
as Australia has done with some success. The "can spam act" was a sham
that actually encourages more spam. If the U.S. can do it so
successfully with spam telephone calls interrupting you at dinnertime,
then we can do it with email. When you talk to your congressman, ask
them to consider the cost to the taxpayers of just the federal
government's own spam blocking efforts. It's got to be astronomical,
just for the government's own operations.
Meanwhile, why not enjoy it? Nearby to you all is the Spam Museum, in
Austin MN.
Roger Deschner University of Illinois at Chicago rogerd(a)uic.edu
======== Spam, spam, spam, spam. Spam, spam, spam, spam, SPAM! =========
=================== -- Monty Python's Flying Circus ====================
On Tue, 10 Jan 2006, Ryan Sinn wrote:
Since we're all giving our thoughts here --
How about using an RBL
(Real-time Blacklist) via rblsmtpd on the smtp server in combination
with SpamAssassin? Personally I went from getting 300-500 SPAM a day
(without any spam protection) to next to nothing (5-10) -- and some days
nothing.
It's been working fairly well except for the spam sent through mba.
Ryan
Russell Cattelan wrote:
Gary D Hipple wrote:
Seems odd, but I don't get any of the SPAM
others complain about.
Must be the
ISP. My VISI.com account is protected by the Postini spam service.
Yup probably.
VISI has an at least one dedicated engineer keeping up with there
postini filtering.
Unfortunatly I probably can't affort the postini service for thebarn.com.
I try to keep SpamAssassin uptodate as possible and in the past SA usally
does a good job... but ya it's not keeping up as much as it should.
But just for reference SA has found this many spam's since 9am this
morning.
slurp[9:42pm]-=>grep spam /var/log/maillog | grep identified | wc -l
591
slurp[9:44pm]-=>grep spam /var/log/maillog | grep process |wc -l
710
- Hipple
Quoting Russell Cattelan <cattelan(a)xfs.org>:
>On Tue, 2006-01-10 at 19:13 -0600, Mike Moranz wrote:
>
>
>
>>Can someone do something about the spam? I just have to "stand
>>up", "be
>>erect", "be solid", and do it longer than ever before, to get this
>>stopped.
>>(Unless it lasts more than 4 hours, then I'll see a doctor)
>>Mike
>>
>
>Heh the million dollar complaint about email these days.
>
>Or should I say billion dollar... I forget what the current
>corporate estimates are for the amount of money spent trying
>to deal cut down on spam.
>
>Unfortunately it appears that the spaammer have as much
>access to the spam filtering methods as the rest of us
>and they are doing a good job of keeping ahead of the
>filter rules.
>
>There is still the option of closing the list to subscribers
>only but that always gets voted down and being to annoying.
>
>
>
>
>
10:05 a.m.
On Wed, 11 Jan 2006 00:01:10 -0600 , Ryan Sinn writes:
Actually if the tyrade could have started after
you'd looked at ordb.org
that would have been nice.
Using relays.ordb.org only blocks open relays that they test on submission.
If someone is running an open email relay and knowingly or unknowingly
distributing SPAM -- I think it's OK to block it. They can either
request a open relay test or wait until the ordb.org scanner checks to
release them from blocking. And because it's an RBL it's relatively
quick about it.
Ah... open relays, those were the days :-)
Spammers mostly moved on from these to open proxies
several years ago. From open proxies, they've moved
on to botnets which have the distinct advantage of
being harder for third parties to test, and can be
"reserved" for the use of a single spammer, as well
as bought and sold for real $$$.
Some (if not most) of the e-mail viruses going around
will turn your PC into one of these botnet hosts,
and you will be part of the spam problem unless you
keep your AV software and OS patches up to date (or
switch to a more virus-proof OS :-)
--
Chris Mikkelson | Disclaimer: the plural of "anecdote" is not
"data."
chris(a)mikk.net | -- spencer(a)engin.umich.edu
9:56 a.m.
On Tue, 10 Jan 2006 23:17:12 -0600 (CST) , Roger Deschner writes:
Blacklists which do this quickly find themselves not
being used anymore, and disappear over time (or
become the maintainer's personal hobby-horse).
I get mildly annoyed when people talk about "RBLs" as if
they are somehow all the same. The difference between
SPEWS and the CBL is about like natural ice vs. Westvleteren
12.... There's no comparison, all they have in common
is being a dnsbl/alcoholic beverage.
Personally, I would recommend the spamhaus sbl-xbl
(a combined list of the sbl, the cbl, and two other
open proxy lists) as a good one which catches a lot
of spam with few if any false positives, and none
of the "spite listings" and "escalations/collateral
damage" which give RBLs a bad name.
--
Chris Mikkelson | If the world were merely seductive, that would be easy.
chris(a)mikk.net | If it were merely challenging, that would be no problem.
| But I arise in the morning torn between a desire to
| improve the world, and a desire to enjoy the world.
| This makes it hard to plan the day. - E. B. White
10:39 a.m.
I love lurking on this list. I have very little to contribute because
you people are so much more knowledgeable about beer; the main focus
of the list. I can't tell you how much I have learned by listening to
the discussions on the list. But, I too am unhappy about the amount
of spam that comes through this list and I think we should do something
about it.
I have been, and continue to be, an advocate of making the list policy
be that we only accept mail from members of the list. This policy
change would stop most (almost all) spam.
In the past, members of the group felt that that would be too limiting.
I am going to ask again if this policy change would be acceptable to
the list members. It would require that you fix your "from address" if
you have a misconfigured mail program. For most of us it would be
a transparent change.
On Tue, Jan 10, 2006 at 07:13:32PM -0600, Mike Moranz wrote:
Can someone do something about the spam? I just have
to "stand up", "be
erect", "be solid", and do it longer than ever before, to get this
stopped.
(Unless it lasts more than 4 hours, then I'll see a doctor)
Mike
--
bob hain
bob(a)me.umn.edu
(612) 626-9800
11:04 a.m.
Three cheers! Spammers *LOVE* open lists, because they magnify their
miserable detestable efforts many times over. The other thing we have
had to do, unfortunately, is to remove the list server function for a
member to get a list of the other members. We had a spammer join a list
just so they could get a list of the list's members; it was one of those
outfits that sells those CDs with 1,000,000 addresses to other spammers.
Close the list, solve the problem at the source, relax don't worry and
have a homebrew. In my own experience, the slight administrative effort
to keep everybody disciplined about From: addresses and about not
relying on forwarding, is more than repaid by having practically NO
SPAM.
Roger Deschner Listmeister, Chicago Beer Society rogerd(a)uic.edu
On Wed, 11 Jan 2006, Bob Hain wrote:
I love lurking on this list. I have very little to contribute because
you people are so much more knowledgeable about beer; the main focus
of the list. I can't tell you how much I have learned by listening to
the discussions on the list. But, I too am unhappy about the amount
of spam that comes through this list and I think we should do something
about it.
I have been, and continue to be, an advocate of making the list policy
be that we only accept mail from members of the list. This policy
change would stop most (almost all) spam.
In the past, members of the group felt that that would be too limiting.
I am going to ask again if this policy change would be acceptable to
the list members. It would require that you fix your "from address" if
you have a misconfigured mail program. For most of us it would be
a transparent change.
On Tue, Jan 10, 2006 at 07:13:32PM -0600, Mike Moranz wrote:
Can someone do something about the spam? I just
have to "stand up", "be
erect", "be solid", and do it longer than ever before, to get this
stopped.
(Unless it lasts more than 4 hours, then I'll see a doctor)
Mike
--
bob hain
bob(a)me.umn.edu
(612) 626-9800
7269
days inactive
7270
days old
12 comments
9 participants
participants (9)
-
Bob Hain -
chris@mikk.net -
Gary D Hipple -
Matt Stegmeir -
Mike Moranz -
Rick Larson -
Roger Deschner -
Russell Cattelan -
Ryan Sinn