Spam to this list

Martin Pool mbp at sourcefrog.net
Fri Mar 25 23:24:41 GMT 2005 

John Van Essen wrote:
> Off list to rsync list owner (feel free to reply on-list if you like):
>
>
> On Fri, 25 Mar 2005, Dag Wieers <dag at wieers.com> wrote:
>
>>Hi,
>>
>>I'm not sure what the policy of this list is and I bet everyone has a spam
>>filter, so nobody might have noticed, but we got spammed.

The policy is to block as much spam as possible without blocking
legitimate posts.  A 100% solution is impossible, even if we had human
moderation (humans make mistakes).

It seems that these posts got through during a surge of spam when the
filter hit its maximum-process limit.  During the day of the 24th more
than 60 spam messages to the list were blocked.

> I got several.  Delivered to the mailing list from:
>
>   cpe-24-243-54-175.satx.res.rr.com [24.243.54.175]
>   unknown [219.252.105.93]
>   unknown [218.59.89.16]
>   unknown [200.159.206.55]
>

> The first one has been in the dul.dnsbl.sorbs.net blacklist since Oct.
> I use these 4 DNS-based blacklists in the mail server that I manage:
>
>   sbl-xbl.spamhaus.org
>   list.dsbl.org
>   dul.dnsbl.sorbs.net
>   web.dnsbl.sorbs.net
>
> And they have helped a LOT.

> The other 3 have no reverse DNS entries.  A machine with no reverse DNS
> that is sending email is not very likely to be a legitimate email server.
> It's much more likely a compromised machine on a clueless ISP's network.
> Rejecting email from those unidentified machines also has helped a lot.

Using any of those measures alone tends to block legitimate posters,
particularly those running their own mail server, which to my mind is a
greater harm than letting ocassional spam go through.  Our purpose here
is to run a mailing list, not punish ISPs.  So we use all the things you
named as part of a weighted score.

--
Martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://lists.samba.org/archive/rsync/attachments/20050326/bab6ffd0/signature.bin

More information about the rsync mailing list