[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Recent Spam



On Tue, Jan 04, 2000 at 01:11:05PM -0600, William H. Geiger III wrote:
> 
> This is an *open* list. That means anyone can post here not just
> subscribers. We even had David "FUD" Sternlight posting here a while back.

I agree with the general idea of "open", but I think there is a difference
between "wide open" and "open for anyone to discuss OpenPGP".  Do ads for
coolgirl this or 1,000,000 address that contribute to the discussion?  I
wish there were either an easy technical way to to spot the complete junk,
or an unbiased, well connected person who has nothing better to do with
his time but filter out the junk.  Since I don't know of either, I think
some discussion of alternatives is appropriate.

Suggestions I've seen (or even made) so far are:

(1) blocking certain addresses
(2) restricting posters to subscriber addresses (or some such)
(3) changing the list name to temporarily dodge the spam.

Both (1) and (2) would seem to fall into the "draconian" group, and (3) is only
temporary.

What about (4) requiring each posting to have a PGP signature, or
(5) requiring the message body to contain the phrase "OpenPGP"?
Either could be implemented in a way that didn't require human supervision,
and given the subject material of the list, should not be too onerous to
potential posters.  (I'm not suggesting that the signatures be verifiable,
simply that they be syntactically correct.  This would still let someone
who did not have a pgp key on a server send a message to the list.)

> The amount a "spam" is quite lite <10 messages a month. DL times and the

I had decided to count for a month or so before I opened my mouth again,
but the numbers you give don't come near matching even my partial results.
I've been saving all messages since December 12th in either pgp-junk or
pgp-real.  What follows are the sizes and message counts, not counting today's
messages.

$ ls -l pgp-*
-rw-------  1 tbr  user  347888 Jan  4 19:19 pgp-junk
-rw-------  1 tbr  user   32015 Jan  4 19:24 pgp-real
$ grep '^From imc.org!' pgp-junk | wc -l
      49 
$ grep '^From imc.org!' pgp-real | wc -l 
       9 

> amount of time/effort to hit the delete key is quite insignificant. Not to
> mention the amount of time & bandwidth wasted on complaining about "spam"
> generally exceeds that of the "spam" being complained about. So called

Not if you measure it.  Perhaps in annoyance value if the discussion gets
under your skin :).

> "solutions" to "spam" generally lead to a more restrictive environment for
> all those involved and range from a minor inconvenience for the list
> subscribers to the truly draconian.

True enough, but I find the 5 to 1 ratio in messages an inconvience, and,
since I pay by the minute for downloads I find the 10 to 1 ratio in bytes
a real irritation.  Yes, I know the absolute cost is small, and I should
just accept it, like shopkeepers must accept shoplifting as part of the
cost of doing business.  I don't know many shopkeepers who do absolutely
nothing about their problem though.

> 
> All in all "spam" is a non-issue and there are really better things in
> life to worry about than a few unwanted messages.

Sorta true, but the problem isn't quite as much of a non-issue for everyone,
and my impression is that the spam level is going up.  (I'll need a longer
time-line before that's more than an impression.)

If it is going up, this list could get drowned in the noise.  Given that
cryptographic signatures might someday provide a way to seriously curtail
spam, it's a bit ironic that this list should be plagued by it.

-- 
Tom Rushworth

PGP signature