Re: excessive bounces
I recommend reading the autoconf and automake lists via the NNTP server at gmane.org, as the gmane.comp.sysutil.auto{conf,make}.* groups. They filter spam for you and you don't have to screw around with email subscriptions. -- Implementation details are beyond the scope of the Java virtual machine specification. One should not assume that every virtual machine implementation contains a giant squid. --Mr. Bunny's Big Cup o' Java
Re: excessive bounces
On Thu, 27 May 2004, Lars Hecking wrote: o gnu.org has a prohibitively high volume of email, and SA/Bayes require massive resources. Therefore, the volume of mail going through SA or any other tool must be limited. Bogofilter does a fine job of Bayesian filtering and is 50-100X faster than SpamAssassin. Surely it does not offer the extra features of SpamAssassin, but using it would help considerably, and should keep up with gnu.org performance requirements. o Excessive whitelisting: all current gnu.org subscribers should be white- listed, so that their email bypasses anti-spam. Yes, that'll still leave the problem of subscribed spammers, but I believe there won't be too many. This does not work at all. A huge amount of email I receive are bounces or anti-SPAM notices from forged emails sent using my address. More than likely I have received many SPAM emails claiming to be from Lars Hecking. :-) o Ruthless use of DNS blacklists before mails reach anti-spam. Most of spam on GNU lists originates from known bad boys - Korea, China, dialup/dyn-ip hosts, Comcast, *bell etc. Recommended reading: http://makeashorterlink.com/?D20312968. sbl-xbl.spamhaus.org alone would probably work wonders. Usually this is good, but lately I have been noticing that substantial email is arbitrarily rejected due temporary local DNS issues or bugs. It is not pleasant to be on the wrong end of this. Bob == Bob Friesenhahn [EMAIL PROTECTED] http://www.simplesystems.org/users/bfriesen
Re: excessive bounces
On Thu, 2004-05-27 at 18:58, Bob Friesenhahn wrote: On Thu, 27 May 2004, Lars Hecking wrote: o Ruthless use of DNS blacklists before mails reach anti-spam. Most of spam on GNU lists originates from known bad boys - Korea, China, dialup/dyn-ip hosts, Comcast, *bell etc. Recommended reading: http://makeashorterlink.com/?D20312968. sbl-xbl.spamhaus.org alone would probably work wonders. Usually this is good, but lately I have been noticing that substantial email is arbitrarily rejected due temporary local DNS issues or bugs. This matches with what I am currently experiencing. It is not pleasant to be on the wrong end of this. Yeah, I currently seem to be. If this message doesn't appear on the automake-list in short terms, it probably has been filtered out by black-lists black-listing my home-ISP Interestingly some of the common spam-hole checkers, some black-lists use, list some individual IPs my ISP uses, but don't black-list neighboring IPs. Ralf signature.asc Description: This is a digitally signed message part
Re: excessive bounces
Unfortunately, SPAMmers quickly learn how to break through automated defenses so that they can simply subscribe to lists. One way or another, list servers are simply overwelmed. There seems to be no reasonable solution. The problem here is not that spammers subscribe to lists; these lists are open. I believe that a large number of email addresses are being harvested off the web, and there are still a lot of list archives out there that don't obscure email addresses in any way (this must be the single biggest reason why I receive about 15k spam emails a month). Widely published and easily available addresses like those of (most) GNU mailing lists, that have been around for years, are a prime target. I believe that all of the SourceForge lists are also open. They used to support blocking non-subscribers but that became a nightmare for maintainers so the capability was removed. SourceForge uses SpamAssassin. Just for comparison, out of the 1600 spam emails I have archived since last September, 211 came from SF. 635 from the autoconf and automake lists. These are spam emails that made it through the primary defences on the mail gateway. I am subscribed to 2 gnu.org lists, and probably about 10 SF lists, on and off. I have received email on the issue by Paul Fisher of the FSF, but I don't want to repost it here w/o his permission (and because it's off-topic). In my reply, I have outlined a few things that could be done: o gnu.org has a prohibitively high volume of email, and SA/Bayes require massive resources. Therefore, the volume of mail going through SA or any other tool must be limited. o Excessive whitelisting: all current gnu.org subscribers should be white- listed, so that their email bypasses anti-spam. Yes, that'll still leave the problem of subscribed spammers, but I believe there won't be too many. o SMTP from hosts not in the gnu.org domain, but HELO'ing as gnu.org or the associated IP addresses must be refused flat out. That cuts out many viruses/worms, and a good bit of spam, too. o Ruthless use of DNS blacklists before mails reach anti-spam. Most of spam on GNU lists originates from known bad boys - Korea, China, dialup/dyn-ip hosts, Comcast, *bell etc. Recommended reading: http://makeashorterlink.com/?D20312968. sbl-xbl.spamhaus.org alone would probably work wonders.
Re: excessive bounces
Bob Friesenhahn wrote: On Wed, 26 May 2004, Ralf Corsepius wrote: Face it, this is not 1994 anymore, the internet has lost its innocence, and badly maintained open lists like the auto*tools lists on gnu.org are a relict of the past. Unfortunately, SPAMmers quickly learn how to break through automated defenses so that they can simply subscribe to lists. One way or another, list servers are simply overwelmed. There seems to be no reasonable solution. I believe that all of the SourceForge lists are also open. They used to support blocking non-subscribers but that became a nightmare for maintainers so the capability was removed. Not true. Although the maintainers get the SPAM the SF lists can be closed to subscribers only. For the maintainer it is just a matter of clicking a few checkboxes to Discard or Reject based on whether a true non-member post was attempted. I also setup Forums and direct the post to a common users list so that non list members can ask questions. I do require a SF account to post using a Forum. Earnie -- http://www.mingw.org http://sourceforge.net/projects/mingw https://sourceforge.net/donate/index.php?user_id=15438
Re: excessive bounces
On Thu, May 27, 2004 at 10:12:19AM +0100, Lars Hecking wrote: I believe that all of the SourceForge lists are also open. They used to support blocking non-subscribers but that became a nightmare for maintainers so the capability was removed. SourceForge uses SpamAssassin. Just for comparison, out of the 1600 spam emails I have archived since last September, 211 came from SF. 635 from the autoconf and automake lists. These are spam emails that made it through the primary defences on the mail gateway. I am subscribed to 2 gnu.org lists, and probably about 10 SF lists, on and off. I have received email on the issue by Paul Fisher of the FSF, but I don't want to repost it here w/o his permission (and because it's off-topic). In my reply, I have outlined a few things that could be done: o gnu.org has a prohibitively high volume of email, and SA/Bayes require massive resources. Therefore, the volume of mail going through SA or any other tool must be limited. o Excessive whitelisting: all current gnu.org subscribers should be white- listed, so that their email bypasses anti-spam. Yes, that'll still leave the problem of subscribed spammers, but I believe there won't be too many. o SMTP from hosts not in the gnu.org domain, but HELO'ing as gnu.org or the associated IP addresses must be refused flat out. That cuts out many viruses/worms, and a good bit of spam, too. o Ruthless use of DNS blacklists before mails reach anti-spam. Most of spam on GNU lists originates from known bad boys - Korea, China, dialup/dyn-ip hosts, Comcast, *bell etc. Recommended reading: http://makeashorterlink.com/?D20312968. sbl-xbl.spamhaus.org alone would probably work wonders. As another data point, look at these numbers for lists.debian.org: http://www.redellipse.net/stuff/Debian/spam-counts.story Summary: 96.5% of all inbound mail is blocked as spam. This is done without using any pansy address obfuscation, scattershot DNS blacklists, or (m)any closed lists. And one fairly slow server, which is not delivering any mail that has not been checked with spamassassin, although the bayes tests are not used, but these aren't too useful anyway; they require continual human intervention on a scale comparable to the volume of mail, which is too damn big. I expect this is a similar order of magnitude mail volume as mail.gnu.org deals with. (Talk to the listmasters if you're interested in *how* this is accomplished, I don't know the details). -- .''`. ** Debian GNU/Linux ** | Andrew Suffield : :' : http://www.debian.org/ | `. `' | `- -- | signature.asc Description: Digital signature
Re: excessive bounces
Jay West wrote: You should have sent this to the list owner/admin, not the list. Yes. But the list owner for the automake list is gnulists-ownrr at gnu.org, which is to say, effectively nobody. The list is really running entirely on inertia. For example there are over a hundred messages in the hold queue awaiting attention of the list owner from four months ago. Lars Hecking wrote: Most likely, the same thing happens to OP that happens to me: the lists run at gnu.org are crawling with spam, and a good number of them get rejected somewhere between gnu.org and OP's final destination. After a certain number of rejections, $LIST_MEMBER's subscription is disabled automatically. I see that too. Here are some things that can be done about it. Whitelist monty-python.gnu.org in your access lists. Never reject mail to it. If you want to block spam at the MTA level (always a good thing) then discard messages instead of rejecting messages from monty-python.gnu.org. Generally for viruses I am discarding and for spam I am rejecting with the exceptions being known mailing list servers. I recommend spamassassin deal with what comes through from the mailing lists. Alien9 wrote: This is very frustrating, I'm running linux, don't have any viruses, and I don't spam people, I hardly ever sent a mail to this list... Your address is @users.sourceforge.net. That is most likely the machine which is bouncing the messages. As stated there is a huge amount of spam from gnu.org and if it is rejected then it looks like your account is rejecting mail. It is not usual for large mailing list servers to get listed in the various RBLs. sf.net does use RBLs and so that may also be a source of the problem. http://sourceforge.net/docman/display_doc.php?docid=6747group_id=1#top You might be better off receiving mail directly on your server. Then you could whitelist monty-python.gnu.org which sends the spam, I mean mailing list messages. It is also possible that in the path between sourceforge.net and your final mailbox rejections are taking place. Check your spam filtering and ensure that you are not generating rejects to spam or viruses. If those rejections are getting back to the mailing list software on gnu.org then it will appear as if your account is bouncing mailing list message. Hope that helps, Bob
Re: excessive bounces
Ralf Corsepius wrote: On Wed, 2004-05-26 at 07:43, Bob Proulx wrote: Jay West wrote: You should have sent this to the list owner/admin, not the list. Lars Hecking wrote: Most likely, the same thing happens to OP that happens to me: the lists run at gnu.org are crawling with spam, and a good number of them get rejected somewhere between gnu.org and OP's final destination. After a certain number of rejections, $LIST_MEMBER's subscription is disabled automatically. I see that too. Here are some things that can be done about it. Whitelist monty-python.gnu.org in your access lists. Are you serious? I know what you mean, but I feel this is playing with symptoms. Given the amount of spam gnu.org relays, the auto*tools's list policy finally should be reconsidered. Face it, this is not 1994 anymore, the internet has lost its innocence, and badly maintained open lists like the auto*tools lists on gnu.org are a relict of the past. Is it really gnu.org lists or is it something else? I'm on the phpgroupware lists and the dotgnu lists and I have received NOT ONE SPAM and they are hosted by gnu.org. However, most of the mail I see from autoconf, automake and libtool seems riddled with SPAM, more than half. Sorry, if this sounds like ranting, but I feel something needs to change. Here's to hoping something can be done. Earnie -- http://www.mingw.org http://sourceforge.net/projects/mingw https://sourceforge.net/donate/index.php?user_id=15438
Re: excessive bounces
On Wed, 2004-05-26 at 07:43, Bob Proulx wrote: Jay West wrote: You should have sent this to the list owner/admin, not the list. Lars Hecking wrote: Most likely, the same thing happens to OP that happens to me: the lists run at gnu.org are crawling with spam, and a good number of them get rejected somewhere between gnu.org and OP's final destination. After a certain number of rejections, $LIST_MEMBER's subscription is disabled automatically. I see that too. Here are some things that can be done about it. Whitelist monty-python.gnu.org in your access lists. Are you serious? I know what you mean, but I feel this is playing with symptoms. Given the amount of spam gnu.org relays, the auto*tools's list policy finally should be reconsidered. Face it, this is not 1994 anymore, the internet has lost its innocence, and badly maintained open lists like the auto*tools lists on gnu.org are a relict of the past. Hope that helps, No, AFAIS, somebody at gnu.org seems to have configured their mailserver in a way, I seem to have been automatically unsubscribed from many of their lists without prior notice. Worse, the gnu.org-mailserver now seems to filter out way too much, in such a way most of my postings doesn't seem to make it through the gnu.org server. Sorry, if this sounds like ranting, but I feel something needs to change. Ralf
Re: excessive bounces
On Wed, 26 May 2004, Ralf Corsepius wrote: Face it, this is not 1994 anymore, the internet has lost its innocence, and badly maintained open lists like the auto*tools lists on gnu.org are a relict of the past. Unfortunately, SPAMmers quickly learn how to break through automated defenses so that they can simply subscribe to lists. One way or another, list servers are simply overwelmed. There seems to be no reasonable solution. I believe that all of the SourceForge lists are also open. They used to support blocking non-subscribers but that became a nightmare for maintainers so the capability was removed. Bob == Bob Friesenhahn [EMAIL PROTECTED] http://www.simplesystems.org/users/bfriesen
Re: excessive bounces
More succinctly put, the list server is having trouble reliably reaching your machine. Most likely this isn't the list servers problem, it's yours due to either sporadic connectivity on your part, or somewhere between the list server and you, or sporadic DNS service on your part. If you have any issues after looking into this, contact me off-list and I'll try to help. Most likely, the same thing happens to OP that happens to me: the lists run at gnu.org are crawling with spam, and a good number of them get rejected somewhere between gnu.org and OP's final destination. After a certain number of rejections, $LIST_MEMBER's subscription is disabled automatically.
excessive bounces
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Every 10 days I get a message from the automake-mailing list that I have to re-enable my subscription, because of excessive bounces. This is very frustrating, I'm running linux, don't have any viruses, and i don't spam people, i hardly ever sent a mail to this list... why do i have to re-enable this subscription every 10 days, and is there a way so that it doesn't happen anymore? - -- Alien is my name and headbiting is my game. PGP key: http://users.pandora.be/Alien9/alien.gpg -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFAsiyAuBWKXETrtdcRAszCAJ9wtwU9ZWuxmgwizyHL57OzRB1OgQCggXVl MtrYlhA16p36ncYuVkCAw6U= =7mKX -END PGP SIGNATURE-
Re: excessive bounces
You should have sent this to the list owner/admin, not the list. You didn't include the headers below so I can only guess as to specifics. But the long and short of it is: For users.sourceforge.net: mail exchanger = externalmx-1.sourceforge.net (preference 20) mail exchanger = mail.sourceforge.net (preference 10) So you should do traceroutes from your linux system to those two and make sure you don't have any issues. You still may, ICMP blocking is quite common. You should also make sure you can telnet to port 25 on those servers, that would certainly be allowed as a test. If you have a domain name registered that you're using on your linux box, please tell us you're not using dynamic DNS. If so, live with the problems (and there will be lots of them). You also want to make sure the public IP address of your linux box resolves out on the net with the exact same info both forward and reverse, many servers are picky about that nowdays. Also, try looking at your MTA logs on your linux box, may well be something germane there. Lastly, check with the black hole databases and make sure your IP isn't listed. More succinctly put, the list server is having trouble reliably reaching your machine. Most likely this isn't the list servers problem, it's yours due to either sporadic connectivity on your part, or somewhere between the list server and you, or sporadic DNS service on your part. If you have any issues after looking into this, contact me off-list and I'll try to help. Regards, Jay West - Original Message - From: Alien9 [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, May 24, 2004 12:10 PM Subject: excessive bounces -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Every 10 days I get a message from the automake-mailing list that I have to re-enable my subscription, because of excessive bounces. This is very frustrating, I'm running linux, don't have any viruses, and i don't spam people, i hardly ever sent a mail to this list... why do i have to re-enable this subscription every 10 days, and is there a way so that it doesn't happen anymore? - -- Alien is my name and headbiting is my game. PGP key: http://users.pandora.be/Alien9/alien.gpg -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFAsiyAuBWKXETrtdcRAszCAJ9wtwU9ZWuxmgwizyHL57OzRB1OgQCggXVl MtrYlhA16p36ncYuVkCAw6U= =7mKX -END PGP SIGNATURE- --- [This E-mail scanned for viruses by Declude Virus]