On Tue, 30 Dec 2003, Bill Stewart wrote:

> At 07:46 PM 12/30/2003 +0000, Richard Clayton <[EMAIL PROTECTED]> 
> wrote:
> > [what about mailing lists]
> Obviously you'd have to whitelist anybody's list you're joining
> if you don't want your spam filters to robo-discard it.
> ><moan>
> >I never understand why people think spam is a technical problem :( let
> >alone a cryptographic one :-(
> ></moan>

It has always been mostly a technical problem, and only partially a
social problem. 

> The reason it's partly a cryptographic problem is forgeries.
> Once everybody starts whitelisting, spammers are going to
> start forging headers to pretend to come from big mailing lists
> and popular machines and authors, so now you'll not only
> need to whitelist Dave Farber or Declan McCullough if you read their lists,
> or Bob Hettinga if you're Tim (:-), you'll need to verify the
> signature so that you can discard the forgeries that
> pretend to be from them.

I had to change my (admittedly simple) whitelisting recently, when
spammers started using the same domain name we do business under, or the
name of partners.

> You'll also see spammers increasingly _joining_ large mailing lists,
> so that they can get around members-only features.
> At least one large mailing list farm on which I've joined a list
> used a Turing-test GIF to make automated list joining difficult,
> and Yahoo limits the number of Yahoogroups you can join in a day,
> but that's the kind of job which you hire groups of Indians
> or other English-speaking third-world-wagers to do for you.

Yep. Spam rates have been creeping up on Debian lists, lately.
Another list I'm on having to do with Oracle has been having similar

"Who is a meaningful member?"

That's a tough question, if you don't charge, and if you do, you miss
quite a bit, thus lowering the value. Commons, tragedy, etc.


Jamie Lawrence                                        [EMAIL PROTECTED]
"Those who make peaceful revolution impossible will make violent revolution
   -John F. Kennedy

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to