[Samba] RE: [OT] spam

J. Frisbie frisbie at MIT.EDU
Wed Oct 15 11:33:04 GMT 2003

> First of all: we don't disclose the subscriber addresses to anyone.
> The roster of list members is not available from the web page.  If you
> subscribe and do not post, nobody will know your address.

A mailing list that you can't post to? How useful. 

> Just to be absolutely clear:
>  - We don't disclose the subscriber addresses.
>  - We are not sending you viruses or spam.
>  - Sometimes spam does get onto the lists.  We filter out the vast
>    majority of it.  There is no perfect filtering solution.
>  - This is a public list.  Anything you send to it can be read, used
>    or archived by anyone in the world.  We explain this reasonably
>    clearly. 
>  - We have no control over people who might be sending you viruses.
>    You need to complain to their network admin or your network admin
>    or your government.

Nevertheless, (I stand corrected) POSTING to the samba list is the
kiss of death for an email account. There is a direct causal relationship.
You are essentially acting as a spam pimp for whoever is doing this. Posting
to the "respectable" samba mailing list results in an unending stream of 
attacks. At the minimum, failing to warn people that using your list in its
intended fashion results in attacks on their computer constitutes criminal
negligence. Doubly (or is it triply) so when you are aware of the situation 
and do nothing to remedy it.

> ** If you want something to remain secret, do not post it. **
> I personally don't think keeping your address secret is a good
> solution to spam, but you can try it if you want.
> I think we are being responsible.  The problems are not of our making,
> and we do our best to reduce them.  If you have any concrete
> constructive suggestions we'll consider them.

You should tell people when they sign up that their email addresss will
be posted and that there is a 100% chance that that adddress will be 
> I see you are posting from Outlook, which is the overwhelmingly most
> common virus vector.  Calling us irresponsible is pretty cheeky.  If
> Outlook went away, the email virus problem would nearly disappear
> overnight.

As I said, I've been using the inter/arpa net for over twenty years. No
computer I have been responsible for has ever been infected by a virus,
machines using outlook included.

> We pass through messages with whatever address the sender uses.  Some
> people choose to post from addresses other than their real one, and
> that is allowed.  Of course they take the risk of not seeing direct
> replies.

So, causing every single poster to be spamed/attacked is worth "direct
reply" capability? Nice tradeoff. I hope the people running the lists
have nothing to do with samba proper. Most lists consider "direct replies"
a misfeature -- why not give everyone one on the list the answer?

> > Make the reply to address the mailing list, not the person who sent the
> > message.  
> I don't understand how you think this would help the spam or viruses
> problem.

The only addresses in the email from the list would be the list and the
> I will consider hiding the sender addresses.
> > I don't have this problem with other lists (this account is subscribed
> > to at least 20), so there's no reason why we should have these
> > problems here, either.
> That is a bit of a non sequiter.
> I don't know what other lists you're on.  Similarly high-profile lists
> at kernel.org or debian.org seem to have similar policies and our
> level of spam is as good or better.

The point is (and I've been on hundreds of lists over the years) that other
lists do not have this problem, so clearly there are solutions. Why aren't
you using any of them?

Still pissed,
Joe Frisbie

More information about the samba mailing list