| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 7 Sep 2006 09:01:23 -0500 (CDT) From: Chase Venters <chase.venters@...entec.com> To: Stuart MacDonald <stuartm@...necttech.com> cc: 'Chase Venters' <chase.venters@...entec.com>, 'Krzysztof Halasa' <khc@...waw.pl>, ellis@...nics.net, 'Willy Tarreau' <w@....eu>, linux-kernel@...r.kernel.org Subject: [OT] RE: bogofilter ate 3/5 On Thu, 7 Sep 2006, Stuart MacDonald wrote: > From: On Behalf Of Chase Venters >> You can check the From: or envelope sender against the subscriber >> database. Forgery isn't a concern because we're not trying to stop >> forgery with this method. Subscribers subscribing one address > > Forgery is always a concern... > >> The perl script behaves as an optional autoresponder. >> Autoresponders would >> respond to spam as well (well, unless you put a spam filter >> in front of >> them, but I assume that many don't). > > ..because autoresponders are always replying to forged addresses: > http://www.spamcop.net/fom-serve/cache/329.html > >> Also note that a number of people (myself included, at work >> anyway) have >> perl scripts that respond to all incoming mail and require a >> reply cookie from original >> envelope senders. We do it because it almost entirely >> prevents spam from >> arriving in our inboxes (I say almost because there is the occasional > > Autoresponder by another name, see above URL. Fortunately, the bulk of bulk mail I receive these days is forged but not forged from legitimate users. To give you an example from my daily log (which is e-mailed to me so I can keep an eye on the insanity): 2006-09-06T06:25:11 -- Challenged 'Beliefnet Daily Inspiration <BeliefnetDailyInspiration@...tner.beliefnet.com>' 2006-09-06T06:40:23 -- Challenged '"newsletters@...mmers.com" <newsletters@...mmers.com>' 2006-09-06T09:56:13 -- Challenged '"LexingtonLawBringsYou" <LexingtonLawBringsYou@...dchristmastree.net>' 2006-09-06T12:25:34 -- Challenged '"OFFER CONFIRMATION." <slt@...tective-vehicle.com>' 2006-09-06T12:30:39 -- Challenged '"Rate Alert!" <LocalRate@...uiredinstallation.com>' 2006-09-06T12:57:54 -- Challenged '"Rate Alert!" <LocalRate@...derful-scholar.com>' 2006-09-06T12:57:56 -- Challenged '"OFFER CONFIRMATION." <slt@...ated-polymer.com>' 2006-09-06T13:08:02 -- Challenged '"PlatinumRewardsClubEmailOffers" <PlatinumRewardsClubEmailOffers@...itarygroup.com>' 2006-09-06T13:34:18 -- Challenged '"CellPhoneGiveawaysNetDeals" <CellPhoneGiveawaysNetDeals@...lbillymaryann.com>' 2006-09-06T13:39:23 -- Challenged '"Barber" <lpb@...eredrevenue.com>' 2006-09-06T13:59:36 -- Challenged '"Barber" <lpb@...eredrevenue.com>' 2006-09-06T14:08:44 -- Challenged '"LifeScript Healthy Advantage" <LifeScriptHealthyAdvantage@...escript.com>' 2006-09-06T14:27:00 -- Challenged 'FS Report <freeinkplus@...ly.mb00.net>' 2006-09-06T14:46:12 -- Challenged '"OFFER_C0NFIRMATI0N!" <ndc@...ferentirradiation.com>' 2006-09-06T15:07:26 -- Challenged '"Maureen&Team" <maureen@...jwire.com>' 2006-09-06T15:07:27 -- Delivered message from 'Sune Kloppenborg Jeppesen <jaervosz@...too.org>' (whitelist) 2006-09-06T15:09:30 -- Challenged '"BHG.com Kitchen"<Recipe@...il.bhg.com>' 2006-09-06T15:11:40 -- Challenged '"1 2 3 I n k Jets" <ikj@...sequent-grievance.com>' If these challenges bounce (_many_ of them do), the box and host end up on the blacklist. > ..Stu > > Thanks, Chase - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists