drewzhrodague hates spam on the dev.SW list

Ken ken at ipl31.net
Fri Jun 30 13:12:39 PDT 2006 

On 6/30/06, Sheldon T. Hall <shel at tandem.artell.net> wrote:
> Drew writes, on the subject of spam on the list ...
>
> [ headers of one of the spams]
>
> > Return-Path: <dev-bounces at seattlewireless.net>
> > Received: from gir.seattlewireless.net (gir.seattlewireless.net
> > [72.1.140.203])
> >      by auntie.zhrodague.net (8.13.1/8.13.1) with ESMTP id
> > k5UHrhlY011686
> >      for <drew at zhrodague.net>; Fri, 30 Jun 2006 13:53:44 -0400
> > Received: by gir.seattlewireless.net (Postfix, from userid 1018)
> >      id D49737133A; Fri, 30 Jun 2006 10:53:36 -0700 (PDT)
> > Received: from gir.seattlewireless.net (localhost [127.0.0.1])
> >      by gir.seattlewireless.net (Postfix) with ESMTP
> >      id 1883F712E2; Fri, 30 Jun 2006 10:53:27 -0700 (PDT)
> > X-Original-To: dev at gir.seattlewireless.net
> > Delivered-To: dev at gir.seattlewireless.net
> > Received: by gir.seattlewireless.net (Postfix, from userid 1018)
> >      id ED484712D7; Fri, 30 Jun 2006 10:53:24 -0700 (PDT)
> > Received: from shoveler.freenetworks.org (unknown [63.251.162.74])
> >      (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits))
> >      (No client certificate requested)
> >      by gir.seattlewireless.net (Postfix) with ESMTP id 977407119A
> >      for <dev at seattlewireless.net>; Fri, 30 Jun 2006 10:53:23 -0700 (PDT)
>
> Of course, nothing past here is trustworthy, but I've seen quite a number of
> spams to the list that have been presented by shoveler.freenetworks.org.  As
> a result, I'm simply refusing any mail that has passed through that machine.
> Obviously, the admins there aren't in control, so t'ell with'm.

That box is doing nothing wrong. It is an MX for seattlewireless.net.
Its job is to queue mail for the seattlewireless.net domain and
deliver to the seattlewireless.net mail server. The fact that a third
of the mail comes from that machine is due to the fact that is a Mail
Exchanger for the seattlewireless.net domain.


>
> All the spams coming from the list seem to be claiming
> "<mattw at seattlewireless.net>" as the sender, with various names attached.
> Obviously, this is how they get past the gatekeeper and get sent along to
> the list.

Yes this is correct. Any mail sent with a from address of a valid
subscriber will more than likely be let through mailman.

>
> Of the spams that made it here today, about a third are from APNIC or LACNIC
> netspace, and about a third are from shoveler.freenetworks.org.  I'm not
> keeping statistics, nor a list, but there are enough of them that I've begun
> to look at the headers....
>
> I run my own mailserver, and spam sent through the DEV list is the _only_
> spam I've gotten this month.  All the rest has been blocked, but spam
> relayed through a trusted mail source is tough to block.  Even if I block
> it, there's still a problem in that it will generate backscatter from the
> DEV mailhost.

Yes is it quite annoying I agree. Running a public mailing list with
tons of subscribers and trying to make sure everyone is able to speak
with out being blocked by overzealous spamfilters or RBLs can be
frustrating at times. Its not going unoticed though.

>
> In any case, I do wish someone would do something about this.  If TPTB for
> the list need help in dealing with it, I can supply same.
>
> -Shel
>
> _______________________________________________
> Dev mailing list
> Dev at seattlewireless.net
> http://seattlewireless.net/mailman/listinfo/dev
>


-- 
Ken Caruso
ken at ipl31.net

More information about the Dev mailing list