[clug] Re: Killing SPAMER/lurker - been there, want to do that...
Paul Wayper
paulway at mabula.net
Fri Apr 21 01:23:50 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
steve jenkin wrote:
> Could we collectively apply ourselves to solving this problem - for
> these guys and for any future spamers?
I hate to say this, but I posted a/my solution to this to Tim Potter and
another guy who runs the Debian development lists (who have the same problem)
a while back now. It was:
1) petsupermarket is not on the list; so mail to the list must be forwarded to
it by another address. It's reasonable to assume that no person that has
posted to the list (excluding spammers) is doing this forwarding.
2) So I went through the entire logs of the list and collected every address
that had sent at least two messages to the list. I then removed duplicates
(and any obvious spammer addresses) from this list. This gives us a list of
'known good' addresses, which I forwarded to Tim.
3) Only they have access to the full subscriber list. Subtract the known good
list from the address list and you have the people who haven't posted at least
twice to the list - a list of addresses that are potentially forwarding mail
to petsupermarket.
4) The mail people get back from petsupermarket includes the subject line of
the message you sent. Therefore, all you have to do is send each of the
suspect addresses an email with an individual subject line - e.g. a unique
identifier like a 32-bit number. Store identifiers keyed to email addresses
in a separate file, and when you get your bounce, the subject line will tell
you which email address it was forwarded from. I also supplied Tim et al with
a program that I'd tested that would do just this.
5) I'm quite willing to do step 4 myself from my own account, but I do not
have the one thing that I need to do this all myself: the list of subscribers.
If someone trusts me enough to forward me this, I will do the whole thing
myself and report back to everyone.
I'm a little disappointed that (what I see as) the solution to this problem
has been in the hands of the people who can actually do something about it,
and nothing has actually been done. I've also made the offer in item 5
before, too.
Have fun,
Paul
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFESDQmu7W0U8VsXYIRAsW/AKDCkiwn5tpCuW1+PRzSOOQ+CrNtIwCfaFdK
xy3Wv2VyvoJrvnHidIzFub0=
=kfJI
-----END PGP SIGNATURE-----
More information about the linux
mailing list