From owner-freebsd-questions@FreeBSD.ORG Mon Apr 14 08:04:07 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3F56E37B401 for ; Mon, 14 Apr 2003 08:04:07 -0700 (PDT) Received: from mired.org (ip68-97-54-220.ok.ok.cox.net [68.97.54.220]) by mx1.FreeBSD.org (Postfix) with SMTP id 3036C43FAF for ; Mon, 14 Apr 2003 08:04:06 -0700 (PDT) (envelope-from mwm-dated-1050764645.65f0b1@mired.org) Received: (qmail 53485 invoked from network); 14 Apr 2003 15:04:05 -0000 Received: from localhost.mired.org (HELO guru.mired.org) (127.0.0.1) by localhost.mired.org with SMTP; 14 Apr 2003 15:04:05 -0000 Received: by guru.mired.org (tmda-inject, from uid 100); Mon, 14 Apr 2003 10:04:05 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <16026.52708.652981.8345@guru.mired.org> Date: Mon, 14 Apr 2003 10:04:04 -0500 To: Willie Viljoen In-Reply-To: <200304140814.50253.will@unfoldings.net> References: <20030413114437.GC22242@kurdistan.ath.cx> <200304131639.40759.freebsd.nospam@mekanix.dk> <20030413164312.GA69263@keyslapper.org> <200304140814.50253.will@unfoldings.net> X-Mailer: VM 7.07 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`; h9L,Yg`+vb1>RG% *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\ From: Mike Meyer X-Delivery-Agent: TMDA/0.73 (Jet Pilot) cc: freebsd-questions@freebsd.org Subject: Re: E-mail Scam, Addressess being collected of mailing list ::Advice Requested X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Apr 2003 15:04:07 -0000 In <200304140814.50253.will@unfoldings.net>, Willie Viljoen typed: > If spamasassin doesn't work, another approach I have found is whitelisting. > Go googling for tools to do this automatically. I am too lazy, so I use > spamassassin, but some have had success with whitelisting mailing lists > they want by hand, and letting the rest come through with a challenge > response authentication method, ie: I recommend tmda as a whitelist tool. It's in the ports tree. > The problem with this method is that it will also eventually be overcome, as > spammers install transport filters on their servers that detect this and > send a reply. The problem with *any* method is that it will eventually be overcome. Bayesian filtering means you can use one tool that will adopt to changing attacks, but spam will still get through until the filter adopts. I've as yet to see spam that was auto-replied for the confirmation. In fact, the only spam I get that isn't from a whitelisted list is the nigerian bank account scam, which is the only spam I know of that requires a valid reply address to start with. FWIW, spammers don't use "their" servers any more. They break into other peoples computers to use. It's the only way they can deal with servers at large ISPs that shut them off after so many messages. They switch IPs almost instantly after the connection is shut down. That's also how the beat blacklisting IP addresses. http://www.mired.org/consulting.html Independent Network/Unix/Perforce consultant, email for more information.