LISTSERV - LSTSRV-L Archives - COMMUNITY.EMAILOGY.COM

LSTSRV-L Archives

LISTSERV Site Administrators' Forum

LSTSRV-L

	LISTSERV Archives
	LSTSRV-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Re: A Chechnya problem

Valdis Kletnieks <[log in to unmask]>

Fri, 11 Dec 1998 17:50:14 -0500

text/plain (2305 bytes) , application/pgp-signature (291 bytes)

On Fri, 11 Dec 1998 15:42:48 EST, you said:
> Well, you see, that's the problem with these terrorist tactics. For all you
> know, it _could_ be part of the conspiracy. If I were an evil dictator scum
> and wanted to cut off email access to a section of the Internet, all I
> would need to do is send spam from there and voila, blacklisters all over
> the world will take care of isolating your little piece of the Internet for
> you. Because these blocks do not block only the originator of the spam,
> they block everyone who shares the same network, guilty and innocent
> alike, and usually there are more innocents than guilties.

Actually, it's done on a per-IP-address basis.  plearn.edu.pl
(148.81.18.1) is affected by the block, but 148.81.18.2 passes
through just fine.

The most probable reason for plearn to be listed is because they're
running an older IBM SMTP that doesn't stop third-party relaying
by spammers.

For what it's worth, I don't see a problem with end sites using the
RBL for deciding who *they* are willing to talk to.  I *do* have a
problem with long-haul providers (such as teleglobe.net) deciding that
a site connected to nordu.net (which is where plearn.edu.pl connects)
should be cut off.

> At the bottom of many of the RBL pages, it says "Loss of connectivity
> hurts us all. Spam hurts us all even more." I say they've got it
> backwards.

Ahh, but if your network infrastructure is swamped due to spam,
you lose *all* productive connectivity, not just to the spam site.

> If someone can find a way to reliably cut off ONLY the spammers, then
> I'm all for it. Otherwise, I'll handle one spammer at a time, without
> punishing large groups of people for the sins of a few.

You can't make 100% reliable programmatic spam detection.  The problem
is in the fact that it's spam based on the *meaning* of the message,
which is a different problem from a simple lexical check of the message.

You're lucky you can handle them one at a time.  Some of us are
seeing hundreds or thousands at a time.  Just the other day, we had
a site in France probe at least several dozen machines on our campus
looking for one that would do third-party relaying of their spam.

--
                                Valdis Kletnieks
                                Computer Systems Senior Engineer
                                Virginia Tech

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM