Spammers LUV SpamAssassin

Discussion in 'Linux Networking' started by Alan Connor, Aug 31, 2003.

  1. Alan Connor

    John Winters Guest

    ....except when it doesn't.
    ....except that it does.


    OK - I promise. That's the very last time I will rise to the fool's
    John Winters, Sep 4, 2003
    1. Advertisements

  2. Nah .. just forward his post to comp.lang.perl.misc or something.
    Let them deal with him.

    Peter T. Breuer, Sep 4, 2003
    1. Advertisements

  3. Alan Connor

    Timo Voipio Guest

    The whole of spamassassin is available in perl -- however, also a
    client-daemon pair written in C is provided in order to reduce overhead.
    I admit that perl does have a certain footprint; however, it can be reduced
    by using spamd.
    Depends. Well, yes, I do have a shell -- a *crappy* *windoze* shell.
    Hmm. Weird. In order to use SA I didn't have to take any special steps when
    I got an account at the local university.

    When I installed SA at home (when I still had a decent Linux router), I
    used... lessee... about 15 minutes? Half of which went to choosing a decent
    command-line mail client.
    Read above about spamc/spamd pair.
    Okay. SA doesn't barf at list subscription verifications. How about elrav?
    What do you think the list admin does when he gets a challenge? What about
    the situation (after you have managed to get yourself subscribed) when being
    a subscriber of a large mailing list?

    How does elrav handle forged from-headers? I didn't find the answer in the docs.

    Timo Voipio, Sep 4, 2003
  4. Because we don't have enough trolls already?

    No thanks.

    Eric Schwartz, Sep 4, 2003
  5. Alan Connor

    Ed Murphy Guest

    [Forwarded to comp.lang.perl.misc at Peter Breuer's suggestion]
    Ed Murphy, Sep 4, 2003
  6. On that note, does the list admin ever see the challenge? Probably
    not. Most list subscriptions are handled automatically. The RAV sent
    out is not the reply the mailing-list management software is expecting
    so it probably just files the RAV in /dev/null. The list admin never
    sees the challenge, so the user never gets it back and never gets
    subscribed to the list.
    Fun there! Every time somebody posts to the list for the first time,
    they'll get a challenge from the elrav user.
    John-Paul Stewart, Sep 4, 2003
  7. Alan Connor

    Alan Connor Guest

    my sympathies

    Well, I sure have seen a lot of posts that indicate that this is not the rule.

    Much more common is to hear someone say that after a YEAR of messing with it,
    they got their errors down to around 8%.


    How about elrav1?
    Am really not following you. I automatically passlist anyone I send a mail

    What about
    I belong to a half-dozen of them. The address that list mail comes from is
    passlisted. What else?

    I'm sorry, but the answer to that is a big part of the docs, so you didn't
    look very hard.

    (the 1 is part of the name. It isn't a version number: elrav1 . It is the
    first program of a TYPE that I hope to see more of.)

    If mail from an address not passlisted comes in, it is truncated to 100 lines
    and sent to a quarantine directory.

    An RAV is sent out.

    If the RAV doesn't come back with the unique password pasted on the subject
    line, from the same address that was used to acquire it, within 72 hours,
    the mail and the password/address combo are deleted automatically.

    I don't even know the mail arrived in the first place.

    If mail from an address that has failed twice in the past to return an RAV
    comes in, from that point on any mail from that address goes straight to

    Doesn't that answer your question, Timo?

    Alan C
    Alan Connor, Sep 4, 2003
  8. Alan Connor

    Alan Connor Guest

    Do you mean "what do I do about spam on the list" ?

    None of the lists I subscribe to have a spam problem. But if they did, I
    would only passlist list-mail from people I want to hear from, and the rest
    would go to /dev/null.

    I would make sure the list-admin sent me the names and addresses of any
    new members to give a chance.

    I run a mailing list myself, and can guarantee that no spam gets on it.

    First there's the standard RAV to any new subscribers, and then everyone is
    given a unique password that must be included as the last line of their sig
    and is stripped off before posting it to the members of the list.

    The password, envelope address, and name must all match or the post is

    Alan C
    Alan Connor, Sep 4, 2003
  9. Alan Connor

    Alan Connor Guest

    You are very amusing, SPAMMER.

    I can fully understand why you are afraid of my program.

    As it and its ilk grow in popularity, scum like you are going to have
    to get honest jobs.

    Too bad :)

    And good work there, giving credence to Peter Breuer, the most killfiled
    asshole on the Usenet.

    Intelligence is as intelligence does......

    Alan C
    Alan Connor, Sep 4, 2003
  10. Alan Connor

    Alan Connor Guest

    There is NO challenge to any list admins!

    Can't you read plain English?

    I repeat: I am on a half-dozen mailing lists, and the list admin has no
    idea that elrav1 even exists.

    And if you knew my simple program as you claim to, you would know that
    your question is simply not relevant.

    Or are you another damned spammer simply trying to discredit a program
    that might force you to get an honorable job?

    Please keep it up. I'm pretty sure I get at least one new user for every
    dishonest post about my program.

    You folks seem to think that everyone but you is stupid, which of course
    means that YOU are stupid.

    Alan C
    Alan Connor, Sep 4, 2003
  11. So you must have add the list to your whitelist. How is this handled?
    Manually? Automatically by the MUA or MTA?

    And what about individual list members? What I've typically seen on
    mailing lists is that the incoming message appears to be from the e-mail
    address of the list member who posted it in the first place, with a
    reply-to header for the list. For example, if the list is
    , and sends a message to
    , then (as a subscriber to ) I see a
    message to (not to me personally) from
    and reply-to .

    How does elrav1 cope with this? The mail could be from *any* list
    member, not all of whom will be whitelisted yet. Does elrav send a
    challenge to ? Or to ? Or is there
    some other mechanism for it to recognize mailing lists to which you are
    John-Paul Stewart, Sep 4, 2003
  12. \|||/
    (o o)
    | Please |
    | don't feed the |
    | TROLLs ! |
    } |
    | - The Management |
    || ||
    ooO Ooo JW

    Eric Schwartz, Sep 4, 2003
  13. Alan Connor

    Alan Connor Guest

    If you don't want people like Eric to have access to your mailbox,

    try my program.

    He and his ilk are driven by its effectiveness to abandon all reasonable
    argument and must resort to this sort of infantile tactic, worthy of
    of ambulance-chasing lawyers and sleaze-ball politicians and bigots every-

    In-other-words, they must abandon all pretense of ethics and try to put
    a knife in their opponent's back.

    Which is exactly the sort of behaviour one would expect from SPAMMERS.

    They care nothing for your rights of privacy and don't care what sort of
    filth you children see.

    Get them out of your life once and for all.

    Here's the bottom line: If you are going to accept anonymous mail, then
    you are going to be at the mercy of degenerates like Eric.

    Trying to figure out a way to get SOME spam and not other spam is like
    trying to stand in the rain and only be hit by tear-shaped drops.

    That's the reason Eric and his criminal cohorts love SpamAssassin and its
    brethren, because they DON'T WORK.

    I can GUARANTEE you that Eric and friends know SA better than YOU ever

    Alan C
    Alan Connor, Sep 4, 2003
  14. Allan Connor is a troll, Sep 4, 2003
  15. Didn't you read his email? He expects all list administrators to give
    *him* a list of all subscribers. Yeah, like that is going to happen! Like
    that is not a privacy violation. Like spammers could not also ask for such
    a list. Yep, a well thought out solution.

    Of course the final solution (for him) is that if people cannot get into
    his whitelist, he does not want their email. In other words, he does not
    "want" to receive any email that his system blocks, whether the block is
    rational, reasonable, correct, or not. Disconnecting from the Internet
    would be easier and more effective!
    Allan Connor is a troll., Sep 4, 2003
  16. Yeah, like that's going to happen! Ever heard of:
    1. Privacy
    2. Spammers (yes, they might want to ask for the same email addresses)

    Oh boy, you have a really good solution there!
    Alan Connor is a nasty troll, Sep 4, 2003
  17. Alan Connor

    Ed Murphy Guest

    How does this work? On most (if not all) of my mailing lists, the From:
    is the actual sender, and the To: is the mailing list address. I believe
    elrav1 operates solely on the From: header and not the To: header.

    Is the mailing list whitelisted based on the To: entry, independently
    of elrav1? If so, then this is not a feature of elrav1! And, whenever
    saying "mailing lists work fine for me", you are morally obligated to
    add "but I have to do extra config, outside the scope of elrav1, to make
    them work".

    A mailing list that munges the From: line, combined with elrav1, could
    (depending on elrav1 config) be bad or even disastrous. If I understand
    elrav1 correctly, then consider this scenario:

    a) Message with non-plaintext attachment comes in through the
    mailing list. (One of the recipients got hit by a virus,
    for instance. Or someone sends an HTML message.)

    b) elrav1 sends it to /dev/null. So far, no problem.

    c) elrav1 takes the mailing list off the passlist, and sends a RAV to
    the mailing list.

    d) elrav1 *receives* the RAV from c) - through the mailing list itself -
    and sends *another* RAV to the mailing list.

    e) If the three-strikes option is in use, then elrav1 receives the RAV
    from d) and moves the mailing list to the blocklist. End result,
    everyone on the mailing list gets two RAVs from you, and you get
    cut off from the mailing list! Until you fix it.

    f) If the three-strikes option is not in use, then elrav1 generates an
    infinite stream of RAVs, in response to its previous RAVs! Until
    you fix it, or the mailing list admin "fixes it" by kicking you off
    the list.
    Ed Murphy, Sep 5, 2003
  18. Alan Connor

    Alan Connor Guest

    You simply type or paste the relevant address or string at the prompt
    provided for the purpose, as with any non-automatic listing.

    elrav1 is completely independent of the MTA and MUA of the user.

    For the lists that I am on presently, I use the Return-Path header instead
    of the From header and double check for the list name in brackets on
    the Subject line.

    Works fine.

    Theses are well-run lists and spam is not a problem, so the whole list is
    passlisted. I will occassionally blocklist an individual member.

    Bear in mind that any mails from the lists that are not in-line plain text
    less than a certain size (I do NOT rely on Content-Length headers for this)
    are sent to /dev/null before I see them.

    This is written in my sig for the lists, with some trusted members being
    exempt from the size limitation.

    How many spammers send short, in-line, plain-text messages?

    Can't imagine it would be a problem.

    I really don't put up with shoddily-run mailing lists anyway. If you are
    getting spam on the list, then you are getting trolls on the list, and
    I just move on.

    Alan C
    Alan Connor, Sep 5, 2003
  19. Alan Connor

    Ed Murphy Guest

    Fair enough. Indeed, an examination of elrav1 indicates that this is
    one of its features.
    So the blocklist is checked before the passlist is checked? Okay.
    Does this include HTML messages? What if they have an alternative
    plaintext component (as most non-spam HTML messages do)? Perhaps
    you're happy to never receive such messages, but I hope you can
    understand that many people *do* want to receive some of the messages
    that elrav1 would block.

    And again, is the size-block part of elrav1, or did you configure it
    Ed Murphy, Sep 5, 2003
  20. Alan Connor

    Alan Connor Guest

    There are two factions that luv SpamAssasin and its siblings:

    1) Spammers

    2) Proffessional Spam Fighters

    (where would they be without spam? digging ditches?)

    They like SA because it doesn't work and can never work.


    2. Content-based filters can't distinguish SPAM from
    legitimate mail with sufficient accuracy.

    It's not that it is a badly designed program. Not at all.

    But the premises upon which it is based are false.

    Alan C
    Alan Connor, Sep 5, 2003
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.