OT: SPAM in this list?

Kyle Hasselbacher Kyle Hasselbacher <kyle-exp-1095267788.daaad3@toehold.com>
Mon Sep 15 19:02:02 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Sep 15, 2003 at 10:05:04AM +0200, Werner Koch wrote:
>On Mon, 15 Sep 2003 07:51:32 +0200, Martin Schoch said:
>
>>  I know it's OT - but how it comes that we get SPAM in this mailing
>>  list?
>
>I am not aware of any spam since we switch to a subscriber only
>posting policy with moderator approval of non-subscriber postings.

I've gotten spam sent to the email address that I used to subscribe to the
list.  Because it was to the list address, procmail put it in with the
other list mail.  It looked as if it came through the list (by virtue of
where I saw it) until I looked closely at the headers.

Since this has happened on a couple of lists I'm on, I've updated my
procmail filters to be more careful.  I figure spammers could have gotten
addresses in a few ways:

* Subscribe to the list and look at the incoming mail.
* Look at the web archive.
* Use old newsgroup harvesting software and point it at a mail-to-news
  gateway.

Here's the procmail recipe I'm using now:

# GnuPG users mailing list
:0
* ^Delivered-To: kyle-list-gpguser@toehold\.com
* ^Sender: gnupg-users-admin@gnupg\.org
* ^Precedence: bulk
* ^Return-Path: <gnupg-users-admin@gnupg\.org>
$CRYPTOBOX

In case the envelope sender ever changes, mail to the list address that
doesn't get delivered by the above goes through spamassassin and gets
sorted based on the results.  When I start seeing list mail take that
route, I know I need to update the above filter.

Hope this helps.
- -- 
Kyle Hasselbacher
kyle@toehold.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE/ZfDL10sofiqUxIQRAsldAKDU3860vaTK7ZFgWiumoE1bBeZ5IwCgiH+j
09tQBJyJ+XxVTl6qkX6j+KI=
=I3zF
-----END PGP SIGNATURE-----