Re: Spam getting out of hands

Replies:

  • None.

Parents:

On Wed, Apr 03, 2002 at 11:10:17AM -0500, Hugo Haas wrote:
> This morning, I received spam from Joseph's address[1]. While I had
> heard about header forging for spam, I had never received one. Now
> that I have, I am furious:
> - they are using other people's identity.
> - my whitelist filtering ("Woohoo, no more spam in my inbox, ever!" --
>   Gerald Oskoboiny, 18 Dec 2000[2]) is useless.
> - I cannot reliably filter such emails.

Yeah, that sucks. I have received a few of those too.

> I am thinking of doing the following:
> - start PGP-signing all my emails: people will be able to reliably
>   filter emails coming from me.
>   That won't solve the problem though, unless I can convince the whole
>   world to do the same.
>   Still, I am thinking about doing it, and writing tools to have a
>   PGP-enabled whitelist.

I'd like to start doing that, but like you say I'm not sure at
what point it will become useful.

> - sue, or otherwise annoy (calling the CEO, etc), the spammers who
>   will use my identity. I am not sure how to do that though and how
>   successful I will be.

Trying to track down spammers generally seems like a waste of
time to me, but I hope other people do it :) I guess it can be
stress-relieving to flame someone once in a while.

> It seems that there is no immediate nor easy technological answer, and
> no easy legal action either.

How about: start doing whitelists of the relays that transmit
mail to your site instead of (or in addition to) From: lines.
In the case of your email, I would whitelist tux.w3.org, and for
mine you would do un.impressive.net.

For spam to w3.org email lists with forged w3.org From: lines, we
could add a filter to our hub to only accept mail with w3.org From:
lines if they come from a set of officially blessed relays.

>   1. http://lists.w3.org/Archives/Public/spec-prod/2002AprJun/0001.html
>   2. http://impressive.net/archives/fogo/[email protected]

--
Gerald Oskoboiny <[email protected]>
http://impressive.net/people/gerald/

HURL: fogo mailing list archives, maintained by Gerald Oskoboiny