sethw AT fhu.disa DOT mil(Seth, Wayne (Contractor))  20.03.03 07:21


>Joshua,

>The spam comes both ways.  

I searched and the last three spams went totally normally
to "amanda-user"

Be cause i never mail with my subscription address to any mailing list
i can be quite sure that the database is not
in the hand of spammers.

Just look if all emails had the same return path.
(not reply to/from)


>In all cases so far, the message part is in
>several foreign languages, so probably not from one source.  


>My feeling is that somehow the spammers have gotten into to amanda
>user-list database and are using it directly.

No. Possible but rediculess.
That would be much too "expensive" for the spammers.

Rule 1: Spammers are dangerous, stupid and lazy.






To stop littering on the list there are 2..3 ways:

1) make the list "closed" so that only people who subscribed
   can mail. 
   Reject mails of not subscribers (bouncing is no good idea,
   but better than discarding.)
   
2) Use spamassin or other bogos filters.
   (That may give lot of trouble if you are open to
   chinese too..)

3) allow only PGP sigend eMails, verified




To avoid direct spam to my subscription address,
i currently have to use a little trick (because the list software
have no otehr way currently to "cloak" from-address).
I subscribe twice:
One subscription is on holidays since approx. 2032 (some list software
are not 2032 proof). That address is used to mail to the list.
The other address gets all mails from the list.





I would recommend the list owner to make the list "closed".
To avoid spam it is completely sufficient to have no
"confirmed opt in". But of cause there are other _good_ reasons
to use confirmations.

If he as time, he may confirm the subscriptions on his own
or let the robot do it automatically.

The entry to the subscription robot should be 
RBL filtered, so that open relays or proxies can't be used
to make anonymous subscribes. (If there is no confirmation requested
that is a must, IMHO).