You are here: Home > Participate > Join a Discussion > Mailman Archives
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: automated spam detection

  • To: Xlink Abuse Task Force < >
  • From: Ragnar Lonn < >
  • Date: Wed, 17 Feb 1999 18:25:11 +0100 (MET)

On Wed, 17 Feb 1999, Xlink Abuse Task Force wrote:

> Ragnar Lonn wrote:
> > > The point about legitimate mailing lists is still a problem though...
> > > 
> > 
> > Mailing lists, and other forms of approved bulk-mailing, would have
> > to be specifically excluded. They are a problem but might not be a big
> > problem. 
> > 
> >   /Ragnar
> Just try and stop spammers from using faked headers. Then there really is
> no big problem. There is no difficulty in faking some From: an To: lines.

No I know. But you can configure your filter to accept e.g. mail
that has "" *and* that was received from
"". That would at least make it slightly more difficult
for a spammer to fake that they are a mailing list.

> Even if we say that legal mailing-lists should have some kind of 
> 'authoritative mailserver' to originate from, spammers won't have any 
> problem to fake a receipt-from: line and inject their spam via a poorly
> configured mailserver :-(

You shouldn't look at Received headers but at what host delivered
the mail to you. Most list servers deliver messages directly to the
recipients (e.g. LISTSERV with LSMTP) or through a single mail host
on their system. It shouldn't be too hard to associate most list servers
with a single SMTP server that delivers the messages to the list

Also, one could lobby listserver-programmers to implement digital
signatures in outgoing mailing list messages so it'd be easy to
confirm that a certain mailing list server actually originated a
certain message.


  • Post To The List:
<<< Chronological >>> Author    Subject <<< Threads >>>