Killing SPAMER/lurker was Re: Fwd: [clug] Unable to write to nfs mounted shares

Robert Edwards bob at cs.anu.edu.au
Wed Apr 19 23:16:20 GMT 2006 

Another strategy might be to bisect the list (using the proposed new
mail server) and then we can tell which "half" the errant address is
in (ie. which list address the return goes to). Keep moving addresses
from one list to the other in smaller increments until we can zero in
on the errant address. Would use a bit of someone's time, but with
approx. 500 addresses, could be done with 9 regular list messages.

Cheers,

Bob Edwards.

Kim Holburn wrote:
> 
> On 2006 Apr 19, at 10:39 AM, steve jenkin wrote:
> 
>> Could we collectively apply ourselves to solving this problem - for  
>> these guys and for any future spamers?
>>
>> 1. These guys have been lurking on the list for more than a year.
>> 2. The list admins (thank you guys!) have mentioned this before and  
>> tried to solve it.  My understanding is that another address  forwards 
>> to 'petsupermarket' and it's not been located.
>> 3. We have a rather large amount of 'clue' within the list - this  
>> problem should not be too deep for us collectively.
>>
>> I don't know:
>> a) how many mail addresses are subscribed to the list [size of  problem]
> 
> 
> about 500.  As a normal member it looks to me that about 20 are  
> hidden.  Perhaps we could start with them?
> 
>> b) the version of mailman/whatever is running the list [impediments/ 
>> constraints]
>> c) if there are any neat scripts to confirm mail addresses...  
>> [existing solutions]
> 
> 
> Mailman has confirmation/monthly confirmation thingies built in.
> 
>> Some possible solutions:
>> 0) Maybe this is a solved problem in recent versions of mailman...
>>
>> i) use a script to individually send a test message to each mail  
>> address. The 'from' etc lines to look like the list, but each  subject 
>> line to be unique (the index number of the mail address in  the 
>> mailman list?) and the message body to be something like 'test  
>> message to <subscribed address>.'
> 
> 
> A special "from address" -  this sounds like it would work.  I think  it 
> would be worth doing this because it seems like a spammer email  that is 
> being read, at least when it was being set up.  It may be on  other 
> mailing lists so we might be doing many other people a favour  here.
> 
>> ii) Take script i), add a reply-to address with an autohandler that  
>> collects replies.
>> Add to the body to 'Please confirm your address to remain on the list'
>>
>> iii) Create a new list and ask everyone to subscribe to it by a  given 
>> date [allowing for ppl on holidays/away].
>> On D-Day:
>> - send last announcement saying 'you have to resubscribe'
>> - delete everyone modulo admins from the current list
>> - export the subscribed people from the new list [keep this list  
>> somewheres, perhaps in the new/temp list]
>> - import the new subscriptions to the current list
>> - delete everyone from the new list.
>> - Optionally, remove the new/temp list
>>  [If anyone ever subscribes to the new list, it's a flag that they  
>> are spammers]
>>
>> I don't like to ask the list admins to do extra work - it's not  fair 
>> on them - they probably have lives offsite from their computer  
>> screens :-)
> 
> 
> Apart from the hidden emails anyone on the list could do this.  It  
> doesn't have to be the list admins.  I am happy to try if someone can  
> send me the hidden emails.  It would be better coming from  
> lists.samba.org though.
> 
>> I can't help with PERL scripting (but could cobble something  together 
>> with shell script & "sendmail -f")
>> - we have enough high quality perl mongers to provide a nice solution.
>>
>> But I am prepared to help or do the swap of mailman lists .... I'd  
>> need to temporarily have a list admin password.
>>
>> As an on-going admin function, how should dead addresses & spammers  
>> be dealt with in the future?
>> A once a year clean-out & resubscribe??? [Just before Linux.Conf.AU  
>> may be good. Or mid-year?]
>> Something else??
>>
>> cheers
>> steve
>>
>>
>>
>> Kim Holburn wrote on 19/4/06 8:06 AM:
>>
>>> Hey Guys,
>>>
>>> I got this reply to my last clug post.  Does this mean that  
>>> <petsupermarket.sspam at uol.com.br> is a memebr of the clug list?   Can 
>>> we remove it?
>>>
>>> Kim
>>>
>>>
>>
>>
>> -- 
>> Steve Jenkin, Info Tech, Systems and Design Specialist.
>> 0412 786 915 (+61 412 786 915)
>> PO Box 48, Kippax ACT 2615, AUSTRALIA
>>
>> sjenkin at canb.auug.org.au http://www.tip.net.au/~sjenkin
>>
>

More information about the linux mailing list