--On Monday, February 24, 2003 2:28 AM -0800 J C Lawrence <[EMAIL PROTECTED]> wrote: > On Mon, 24 Feb 2003 04:57:35 -0500 > Tom Neff <[EMAIL PROTECTED]> wrote: > >> I spam protect my lists by making them members only. Simplest most >> effective technique I've found. > > I found that header forging virus, and the newer trend toward header > forging spam were getting mail onto my member-sonly lists. Not often to > be sure -- no more than a few per month -- but that was more than enough > for me (and this was a year ago; I suspect the situation is worse now).
I guess I should add that I also either strip attachments or block on them, depending on the list, so there's never an actual infection. Like JC, I never actually saw more than a couple of successful (tho harmless) forged postings from infected members. I think this is because of the way the "reinfector" works: on most of these worms, it pulls someone else's From: address at random, AND a To: address at random, from the address book or message spool. Except perhaps with really clubby cliquey exclusive listnerds :) it would seem that the likelihood of a successful "matchup" this way - i.e., the randomly chosen To: address is that of a listserv, and the randomly chosen From: address happens to be in that listserv's roster - is fairly low. Most of the time, if the listserv address is picked for To:, the From: will be garbage or some other random friend who's not a member, so the members-only criterion stops the posting. The biggest problem with members-only lists is that people keep changing their friggin' addresses, or having Systems Support change them for them unbeknownst!
