Killing SPAMER/lurker was Re: Fwd: [clug] Unable to write to nfs mounted shares

Kim Holburn kim.holburn at anu.edu.au
Wed Apr 19 06:52:33 GMT 2006 

On 2006 Apr 19, at 10:39 AM, steve jenkin wrote:

> Could we collectively apply ourselves to solving this problem - for  
> these guys and for any future spamers?
>
> 1. These guys have been lurking on the list for more than a year.
> 2. The list admins (thank you guys!) have mentioned this before and  
> tried to solve it.  My understanding is that another address  
> forwards to 'petsupermarket' and it's not been located.
> 3. We have a rather large amount of 'clue' within the list - this  
> problem should not be too deep for us collectively.
>
> I don't know:
> a) how many mail addresses are subscribed to the list [size of  
> problem]

about 500.  As a normal member it looks to me that about 20 are  
hidden.  Perhaps we could start with them?

> b) the version of mailman/whatever is running the list [impediments/ 
> constraints]
> c) if there are any neat scripts to confirm mail addresses...  
> [existing solutions]

Mailman has confirmation/monthly confirmation thingies built in.

> Some possible solutions:
> 0) Maybe this is a solved problem in recent versions of mailman...
>
> i) use a script to individually send a test message to each mail  
> address. The 'from' etc lines to look like the list, but each  
> subject line to be unique (the index number of the mail address in  
> the mailman list?) and the message body to be something like 'test  
> message to <subscribed address>.'

A special "from address" -  this sounds like it would work.  I think  
it would be worth doing this because it seems like a spammer email  
that is being read, at least when it was being set up.  It may be on  
other mailing lists so we might be doing many other people a favour  
here.

> ii) Take script i), add a reply-to address with an autohandler that  
> collects replies.
> Add to the body to 'Please confirm your address to remain on the list'
>
> iii) Create a new list and ask everyone to subscribe to it by a  
> given date [allowing for ppl on holidays/away].
> On D-Day:
> - send last announcement saying 'you have to resubscribe'
> - delete everyone modulo admins from the current list
> - export the subscribed people from the new list [keep this list  
> somewheres, perhaps in the new/temp list]
> - import the new subscriptions to the current list
> - delete everyone from the new list.
> - Optionally, remove the new/temp list
>  [If anyone ever subscribes to the new list, it's a flag that they  
> are spammers]
>
> I don't like to ask the list admins to do extra work - it's not  
> fair on them - they probably have lives offsite from their computer  
> screens :-)

Apart from the hidden emails anyone on the list could do this.  It  
doesn't have to be the list admins.  I am happy to try if someone can  
send me the hidden emails.  It would be better coming from  
lists.samba.org though.

> I can't help with PERL scripting (but could cobble something  
> together with shell script & "sendmail -f")
> - we have enough high quality perl mongers to provide a nice solution.
>
> But I am prepared to help or do the swap of mailman lists .... I'd  
> need to temporarily have a list admin password.
>
> As an on-going admin function, how should dead addresses & spammers  
> be dealt with in the future?
> A once a year clean-out & resubscribe??? [Just before Linux.Conf.AU  
> may be good. Or mid-year?]
> Something else??
>
> cheers
> steve
>
>
>
> Kim Holburn wrote on 19/4/06 8:06 AM:
>> Hey Guys,
>>
>> I got this reply to my last clug post.  Does this mean that  
>> <petsupermarket.sspam at uol.com.br> is a memebr of the clug list?   
>> Can we remove it?
>>
>> Kim
>>
>>
>
>
> -- 
> Steve Jenkin, Info Tech, Systems and Design Specialist.
> 0412 786 915 (+61 412 786 915)
> PO Box 48, Kippax ACT 2615, AUSTRALIA
>
> sjenkin at canb.auug.org.au http://www.tip.net.au/~sjenkin
>

-- 
Kim Holburn
Security Manager, National ICT Australia Ltd.
Ph: +61 2 61258620 M: +61 417820641  F: +61 2 6230 6121
mailto:kim.holburn at nicta.com.au  aim://kimholburn
skype://kholburn - PGP Public Key on request
Cacert Root Cert: http://www.cacert.org/cacert.crt
Aust. Spam Act: To stop receiving mail from me: reply and let me know.

Use ISO 8601 dates [YYYY-MM-DD] http://www.saqqara.demon.co.uk/ 
datefmt.htm
Democracy imposed from without is the severest form of tyranny.
                           -- Lloyd Biggle, Jr. Analog, Apr 1961

More information about the linux mailing list