[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.0609061658440.18840@turbotaz.ourhouse>
Date: Wed, 6 Sep 2006 17:05:05 -0500 (CDT)
From: Chase Venters <chase.venters@...entec.com>
To: Krzysztof Halasa <khc@...waw.pl>
cc: Chase Venters <chase.venters@...entec.com>, ellis@...nics.net,
w@....eu (Willy Tarreau), linux-kernel@...r.kernel.org
Subject: Re: bogofilter ate 3/5
On Wed, 6 Sep 2006, Krzysztof Halasa wrote:
> Chase Venters <chase.venters@...entec.com> writes:
>
>> 1. Incoming mail from subscribers is accepted
>
> How do you know if the sender is really a subscriber?
You can check the From: or envelope sender against the subscriber
database. Forgery isn't a concern because we're not trying to stop
forgery with this method. Subscribers subscribing one address and sending
from another is also not a problem since a lookup failure just means you
get to ride through the bogofilter. Note as well that #4 is a separate
program; this lookup is likely done by the mailing list software.
#1 should significantly reduce the load on the bogofilter (not sure if
that matters though).
>> 4. A handy Perl script subscribes to lkml, and for any message it gets
>> with an X-Bogofilter: SPAM header, it sends a notification
>> (rate-limited) to the message sender
>
> How do you know who the sender really is? IMHO bouncing anything
> (especially spam) after SMTP OK is worse than the spam itself.
>
The perl script behaves as an optional autoresponder. Autoresponders would
respond to spam as well (well, unless you put a spam filter in front of
them, but I assume that many don't).
Also note that a number of people (myself included, at work anyway) have
perl scripts that respond to all incoming mail and require a reply cookie from original
envelope senders. We do it because it almost entirely prevents spam from
arriving in our inboxes (I say almost because there is the occasional
spammer that doesn't forge their sender address and has some kind of
autoresponder behind it). I had to do this for my work account to stop the
hundreds of messages I was getting each day after a co-worker "pranked me"
by signing me up for all that crap.
Thanks,
Chase
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists