Well, Mailman's authentication model is very weak, that's the problem.
The FSF sysadmins have been working on something better for spam. This may mitigate the problem - when it's done. Else, you can moderate all posts on your list. Or set [EMAIL PROTECTED] as a moderated member. Else, you can write a new feature in Mailman to check for GPG signatures, and have every subscriber sign their mail. I don't see much else to do... :/ -- Sylvain On Sun, Jul 02, 2006 at 11:30:31PM +0200, Werner LEMBERG wrote: > > Perhaps you can add some comments... > > > Werner > X-Mailer: XFMail 1.3-alpha-031298 [p0] on Linux > Date: Sun, 02 Jul 2006 16:50:49 +0100 (BST) > From: Ted Harding <[EMAIL PROTECTED]> > To: walter harms <[EMAIL PROTECTED]> > Subject: RE: [Groff] Spam > Cc: groff@gnu.org > > On 01-Jul-06 walter harms wrote: > > hi people, > > i get a bunch of spam since a few days via this list. > > > > Am i the only one or have some more people seen spam also ? > > > > re, > > wh > > I should think everyone has. And not just the last few days. > Last Thu-Fri (22-23 June) I got 12 such messages. > Then Tue-Wed (27-28 June) I got 17 of them. > > I also received a number later in the week but simply deleted > them without inspection. > > All the above-itemised emails were sent to the list with "From:" > addresses like > > Williams <[EMAIL PROTECTED]> > > with various other names also in place of "Williams", like > "Darla", "Dave", "Molly", "Harriet" ... , but they all have > "[EMAIL PROTECTED]". > > Of course, "[EMAIL PROTECTED]" is our Werner Lemberg, which is why > these messages were allowed through to the list, since Werner > is of course subscribed to the list. > > These "From:" addresses are of course forged, and no blame > whatsoever can be attributed to Werner. > > But this forgery also means that it is impossible to prevent > them coming through to the list -- unless perhaps (in view of > their content) they could be trapped by a spam-filter. Whether > that is a reasonable option is something for the list managers > at gnu.org to consider. > > For what it's worth, during the second phase (27-28) above, > I also received additional copies of some of these directly to > my email address (i.e. not via the list). For example: > > From: Cecile <[EMAIL PROTECTED]> > To: groff@gnu.org > Subject: [Groff] prOblems with meds expencies, you Are On right way > > From: Cecile <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: prOblems with meds expencies, you Are On right way > > Note the interesting comparison between the two "From:" addrsses. > And there is no such user as TNkX on nessie.mcc.ac.uk > > They were received directly by gnu.org from some 16 different IP > addresses (the ones sent directly to me also being from these > addresses), and the typical relevant header is: > > Received: from [253.21.8.247] (port=3275 helo=253.21.8.247) > by gnu.org with esmtp > Received: from [253.21.8.247] (port=9752 helo=253.21.8.247) > by gnu.org with esmtp > > etc., so it looks as though gnu.org is allowing them in > without attempting a reverse DNS lookup -- and indeed, though > I have not checked every case, the 6 or so I have checked do > not resolve. > > Hence, I wonder if this amouts to gnu.org acting as an open > relay? > > Best wishes to all, > Ted. > > -------------------------------------------------------------------- > E-Mail: (Ted Harding) <[EMAIL PROTECTED]> > Fax-to-email: +44 (0)870 094 0861 > Date: 02-Jul-06 Time: 16:50:39 > ------------------------------ XFMail ------------------------------ _______________________________________________ Savannah-help-public mailing list [EMAIL PROTECTED] http://lists.gnu.org/mailman/listinfo/savannah-hackers
