-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi ztrader,
On 31 August 2000 at 16:09:12 GMT -0700 (which was 00:09 where I live)
ztrader wrote and made these points on the subject of "Someone
spamming us":
CM>> FWIW, I received two copies of this spam, as well ... presumably
CM>> one for each of my subscriptions (TBBETA and TBUDL).
z> I have not received this spam (yet :-). Perhaps it is from the beta
z> list?
LG>>> We'll check the subscribers list, but chances are that they are
LG>>> spider botting the list archives. If this is the case,
... and I don't think it is (see below).
LG>>> then there isn't much that can be done unfortunately.
z> One suggestion is to remove personal email addresses from the
z> archives.
They are already being removed by the archive except where they appear
in the body of the message - as yours does. It would be advisable for
all subscribers to modify your default template to exclude that
"mailto:xxx" at the end for list posting for that very reason. The
archive shows no headers and only the Real Name field of the "From"
header. Actually, I have just changed my "reference attribution" line
that goes at the top of my replies .. that was including the sender's
address :-(. I think, in this case, that's a red herring anyway.
z> The *content* is still there, but the spammers would be foiled. On
z> another list, this was thought to be not too difficult with a perl
z> script, but I don't use perl, so could not comment on that.
Although the address of the archive appears to be under our control,
it is just a forwarding address to a free, public access archive
resource "out there" - www.mail-archive.com - and we don't have access
to the server software on that.
z> Just a thought...
z> ztrader mailto:[EMAIL PROTECTED]
^^^^^^^^^^^^^^^^^^^^^^^^
See what I mean?
Now - see this posting from me? My address does *not* appear on this
message other than in the headers and in the mailto: link for my PGP
key ... and that's not my address, it is the address of my server
itself and will ignore any spam sent to it directly.
I *have* received this spam. Only one copy, and I am active on both
lists. I have not received any messages from my server complaining of
mail containing "Invalid Commands" - which is what would happen if a
spider-bot sucked addresses from the archive and found that of my
server from my sig line.
The server is capable of divulging a list of members but only to
someone armed with the list password - not a possibility. This
suggests that the list is being spammed in some other way than those
suggested so far... and I can only think that a spammer has
infiltrated the system to harvest names.
Any other ideas?
- --
Cheers,
.\\arck
>< Marck D. Pearlstone | Moderator TBUDL / TBBETA ><
>< PGP Key ID: 0x929DCDA0 | www: http://www.silverstones.com ><
>< PGP Key: <mailto:[EMAIL PROTECTED]?Body=GET%20MARCKKEY> ><
Baby's bib: "Spit happens"
____________________________________________________________________
TB! v1.46 Beta/3 S/N 14F4B4B2 on Windows 98 4.10 Build 1998
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8 Secured
Comment: PGP Sealed for freshness!
iQA/AwUBOa2eCTnkJKuSnc2gEQKvYwCdFrFCFcNb8UMiDZQARrwGKkNjw9sAnjJE
cRVigUiNX0AsLOS+u7PnzHq7
=nAgl
-----END PGP SIGNATURE-----
--
--------------------------------------------------------------
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
<mailto:[EMAIL PROTECTED]>
To Unsubscribe from TBUDL, double click here and send the message:
<mailto:[EMAIL PROTECTED]>
--------------------------------------------------------------
You are subscribed as : [email protected]
