Hi dear friends.
Here is a summary of what's been going on with the cypherpunks list and server
since Saturday September 16.
Two factors combined that resulted in the cpunks list being temporarily
throttled or rate-limited by gmail, yahoo and probably a few other big email
services.
One factor is Karl's rate of messaging, mentioned below. I counted 115 unique
messages sent to the list over a 6-hour period on September 16.
This rate of messaging is much higher than typical, and gmail and yahoo
automatically started rate-limiting our messages. Here's a typical response
from gmail - note that it's from today. We are still rate-limited:
77E2511C0DDF 12495 Wed Sep 20 02:09:59 cypherpunks-boun...@lists.cpunks.org
(host alt1.gmail-smtp-in.l.google.com[74.125.193.27] said: 421-4.7.28
[69.55.231.143 15] Our system has detected an unusual rate of 421-4.7.28
unsolicited mail originating from your IP address. To protect our 421-4.7.28
users from spam, mail sent from your IP address has been temporarily 421-4.7.28
rate limited. Please visit 421-4.7.28
https://support.google.com/mail/?p=UnsolicitedRateLimitError to 421 4.7.28
review our Bulk Email Senders Guidelines.
z15-20020adff74f00b00321773bb921si909870wrp.463 - gsmtp (in reply to end of
DATA command))
There are currently almost 100 messages to cypherpunks that have not been
delivered to gmail addresses. (This message will, presumably, soon be one of
them.)
The second factor is that Karl was victim of an unsubscription mailbombing
attack. Over 200,000 unique IP addresses visited the page at lists.cpunks.org
to send a password reminder to his gmail address. At one point there were over
33,000 messages queued up to Karl on the cpunks server. Gmail started bouncing
these, too. I deleted a whole bunch that were pending and the attack stopped on
Saturday night.
Now, several days later, gmail is still blocking messages. The cpunks list has
around 50 subscribers with gmail addresses. Those folks probably won't see this
note until gmail allows messages to flow.
The link above has Google's guidance on this situation. The cpunks server is
fully compliant with all the technical controls like SPF, and hopefully all the
messages will eventually be delivered.
Meanwhile, messages always go to the list archive, here:
https://lists.cpunks.org/pipermail/cypherpunks/
To address the first issue, on Saturday I asked Karl to consider sending fewer
messages per day. Combining many short messages into fewer longer messages will
be less likely to trigger rate limiting on the big mail services.
To address the second issue, if the problem reoccurs I can put some
captcha-style blocks on the list management page(s) and/or simply disable the
password reminder feature. It would be great if the problem simply doesn't
occur again, though, since it has a big impact on the server and other
subscribers, not just Karl.
For that broader context, the cpunks server at https://lists.cpunks.org is the
main production server for Project Gutenberg, from which we publish around 200
new free eBooks/month. On Saturday, messages to one of the key production
coordinators who has a yahoo.com email address could not get through because
yahoo, like gmail, was blocking us.
Many of us will remember that historically, cypherpunks was a set of lists
connected via remailers. That is something that could happen again if there is
interest - certainly I would do what I can to support it. Meanwhile, though,
the list lives on a single physical server.
I hope this background is useful. I don't feel any need to keep this type of
situation a secret, and it's the nature of cpunks that subscribers want the
list to keep working. Suggestions and discussion are welcome.
~ Greg
On Tue, Sep 19, 2023 at 09:50:55PM -0400, mailbombbin wrote:
> i miss spamming the cypherpunks list densely
> it gave me relief to know i was flooding [good people] [relief from my
> learned experiences]
> i’ve been thinking some of continuing it despite greg’s request
> draft saved at 2149, 2147-8
>
> i guess it would make sense to use a unique host
>
> i don’t really understand gregs emails, how are my posts issues
> compared to thousands of bomb things? i imagine its complicated to
> reciew, huge logs, many recipients, different error messages
>
> 2150