[IMC-Tech] File 13 for Email, I Give Up
Stuart Levy
slevy at ncsa.uiuc.edu
Mon Oct 16 10:21:09 CDT 2006
On Mon, Oct 16, 2006 at 09:06:47AM -0500, Mike Lehman wrote:
> Hi Dan,
> I am going to have to give up on trying to manually extract email
> domains to be banned. The problem has just gotten too big and it takes
> too much time to do this by cutting and pasting. The last list of names
> of below my sig.
>
> I think it is clear that Mailman is totally inadequate, like Dada was,
> for dealing with spam given the current state of internet abuse. Banning
> individual email accounts, which is the only option admins have, is
> pointless. Unless Mailman can be configured to ban email domains with
> one click, I think we really need to explore other solutions. Even that
> solution seems to only be a stopgap, without some sort of strong
> whitelist or other features to automatically start weeding out spam posts.
> Mike Lehman
Curious -- are there simple patterns in the spam that gets through?
Almost all of the stuff that slips through the filters to the
peace@ and peace-discuss at lists.chambana.net lists
is stock-pumping spam which has, so far, a pretty reliable structure:
a randomly generated From address, 1- to 3-word random english title,
a bunch of innocuous English text and then an attached ".gif" image
containing the stock ad. We're getting maybe 50 of those per list per day --
there's other stuff, much detectable with simple patterns like PH[a-z]*RMA,
but little enough gets through to be noise.
Would it be appropriate simply to ban image attachments (gif/jpeg/png),
is there any way to do that? Detecting them looks straightforward with procmail,
but I don't know how mail gets fed into mailman.
More information about the IMC-Tech
mailing list