On Wed, Apr 03, 2002 at 11:10:17AM -0500, Hugo Haas wrote:
> This morning, I received spam from Joseph's address[1]. While I had
> heard about header forging for spam, I had never received one. Now
> that I have, I am furious:
> - they are using other people's identity.
> - my whitelist filtering ("Woohoo, no more spam in my inbox, ever!" --
> Gerald Oskoboiny, 18 Dec 2000[2]) is useless.
> - I cannot reliably filter such emails.
Yeah, that sucks. I have received a few of those too.
> I am thinking of doing the following:
> - start PGP-signing all my emails: people will be able to reliably
> filter emails coming from me.
> That won't solve the problem though, unless I can convince the whole
> world to do the same.
> Still, I am thinking about doing it, and writing tools to have a
> PGP-enabled whitelist.
I'd like to start doing that, but like you say I'm not sure at
what point it will become useful.
> - sue, or otherwise annoy (calling the CEO, etc), the spammers who
> will use my identity. I am not sure how to do that though and how
> successful I will be.
Trying to track down spammers generally seems like a waste of
time to me, but I hope other people do it :) I guess it can be
stress-relieving to flame someone once in a while.
> It seems that there is no immediate nor easy technological answer, and
> no easy legal action either.
How about: start doing whitelists of the relays that transmit
mail to your site instead of (or in addition to) From: lines.
In the case of your email, I would whitelist tux.w3.org, and for
mine you would do un.impressive.net.
For spam to w3.org email lists with forged w3.org From: lines, we
could add a filter to our hub to only accept mail with w3.org From:
lines if they come from a set of officially blessed relays.
> 1.
http://lists.w3.org/Archives/Public/spec-prod/2002AprJun/0001.html
> 2.
http://impressive.net/archives/fogo/[email protected]
--
Gerald Oskoboiny <
[email protected]>
http://impressive.net/people/gerald/