Off Topic, But List Related -- Tired of Getting Spammed Via The Python List?
Peter F. Ferris
python at gbronline.com
Sat May 25 12:03:12 EDT 2002
Good Morning, Good Afternoon and Good Evening,
I'm not sure if this is happening to everyone or just myself, but for the
4th time in approximately two-three weeks (since I've joined the Python.org
list), I been spammed because I'm a list member.
I've noticed in at least one instance my raw e-mail address appeared in the
'attribution' line of the posted reply, i.e.: "In a message dated xx/xx/xx
someone at somewhere.com wrote:
>blah
>blah
> etc."
How do I know that the spam I'm receiving is coming from the Python.org
list? Simple, I subscribed with a specific e-mail address that has been
used EXCLUSIVELY on & for this list. It has not been used for any other
public or private appearances. Yet within a week or two I'm collecting an
unusually high amount of spam (considering time on list, etc.) sent to the
'python only' address.
I would like to think no one in the group is a spammer (I may be naive at
times!). Perhaps a spammer has subscribed to the list merely to harvest
these sorts of errors. Whatever the reason, I have a couple of suggestions
that I believe can help minimize spam. Even if only a few readers are being
spammed, steps could and SHOULD (IMHO) be taken to minimize or PREVENT it.
I'm not extremely familiar with Gnu's "Mailman", so I don't know how
security aware it is currently configured in our case specifically, and what
it's capable of in general. Maybe there are some easy tweaks that can be
done to enhance what's available for this list.
Also, I subscribe to several other lists, some are served by systems we
probably wouldn't care for (due to embedded advertising/HTML, etc.) such as
Yahoo, etc.
However, Majordomo seems to do an above average job. In one digest I
subscribe to, I've been spammed less than 5 times in as many years. Not bad
at all, in my opinion.
However, another list manager package that strikes me as extremely secure
AND user friendly (easy to subscribe/suspend/quit/add/drop sub-groups, etc.)
is Shibboleth. One list I've subscribed to for around 3 years or so and has
*NEVER* been hacked, compromised, spammed, etc. that I am aware of. In part
no doubt due to the integrity & self-policing of the users, but in a LARGE
part due to the integrity of the list-ware (Shibboleth). I have no
'interest' in Shibboleth, other than I believe it to be an extremely secure
list manager. It seems to genuinely meet or exceed all advertised
specifications as far as I am concerned. It's at least worth a look if
anyone is looking for a secure mail list manager.
Learn more about Majordomo at: http://www.greatcircle.com/majordomo/
Learn more about Shibboleth at: http://sourceforge.net/projects/shibboleth/
Read a Shibboleth White Paper at: http://www.interhack.net/pubs/shibboleth/
Just eager to minimize the spam via this list...
Many folks here have helped me with their code suggestions, etc. This is
perhaps one way I can return the favor. :-)
Ok, I've got my asbestos tuxedo on, flame away! ;-)
Cheers,
--Pete
More information about the Python-list
mailing list