[SATLUG] anti-spam effort
Charles D Hogan
cd_satl at futuretechsolutions.com
Tue Dec 5 02:32:51 CST 2006
The problem is not that the spam is going through the list, as the list
is moderated, but rather some clever spammer has found a way to harvest
our addresses. Looking at the message archives on satlug.org, it
wouldn't be all that difficult to REGEX the "me at here.com" for the
sender back to "me at here.com". Take a look at the html of a handful of
messages in the archive, you will see a pattern easy to REGEX for that.
A simple script calling wget, and then running the results through a
fairly simple REGEX will get you all the useable addresses that post to
The address I use for the mailing list is an alias that has never been
used for anything but this list. Yet it still receives SPAM. It never
received spam while I was just lurking, only after my first post.
One way to get around the spammers would be to set up one address that
you use to post to the list, and another that you only receive to. Once
your "post from" address is confirmed by the list, quietly drop all mail
going to that address into /dev/null. Never use the receive address for
sending anything, and make sure that it is not a common word. I would
probably do that, but my spam filters on my mail server, and here at
home, are aggressive enough to keep the majority of spam out. So little
of the spam going to my satlug only address makes it through that it
would be more of a bother for me to do that than delete the ones I get.
Obviously, this won't work if you still wish to get mail on the
address that the vile vermin have already gotten ahold of.
The first spam in about a week or 2 that made it to my satlug only
address arrived just this evening, so it has not yet made it to the
rubbish bin. I am posting the pertinent headers, and you will notice,
it never even hit the satlug server.
-------- Original Message --------
From: - Tue Dec 5 01:29:36 2006
Return-Path: <Some Forged Address>
Received: from dtmd-4db5c273.pool.einsundeins.de
(dtmd-4db5c273.pool.einsundeins.de [18.104.22.168]) by
futuretechsolutions.com (8.12.11/8.12.11) with ESMTP id kB4KGNVA011567;
Mon, 4 Dec 2006 15:16:24 -0500
Received: from 22.214.171.124 (HELO btmx4.sun.com) by
futuretechsolutions.com with esmtp ((5AK;(+.3WN. W(I-,) id
W+*J8+-C*0*CE-5. for <my address for STALUG only>; Mon, 4 Dec 2006
From: Lessie Johnston <Some Forged Address>
To: <my address for STALUG only>
Subject: fwd: Johnston
Date: Mon, 4 Dec 2006 20:05:06 -0060
Message-ID: <01c717df$7e6eb980$6c822ecf at stricterferry>
Content-Type: text/plain; charset="Windows-1252"
> *Which topic categories would you like to subscribe to?*
> By selecting one or more topics, you can filter the traffic on the
> mailing list, so as to receive only a subset of the messages. If a
> message matches one of your selected topics, then you will get the
> message, otherwise you will not.
> If a message does not match any topic, the delivery rule depends on the
> setting of the option below. If you do not select any topics of
> interest, you will get all the messages sent to the mailing list.
> /No topics defined/
> *Do you want to receive messages that do not match any topic filter?*
> This option only takes effect if you've subscribed to at least one topic
> above. It describes what the default delivery rule is for messages that
> don't match any topic filter. Selecting /No/ says that if the message
> does not match any topic filters, then you won't get the message, while
> selecting /Yes/ says to delivery such non-matching messages to you.
> If no topics of interest are selected above, then you will receive every
> message sent to the mailing list.
> If a topic of [SATLUG] were defined, could it be possible, that we'd
> never see spam on the list, again?
More information about the SATLUG