[Beowulf] Apologies for the spam/virus yesterday

Robert G. Brown rgb at phy.duke.edu
Wed Feb 8 20:20:13 PST 2006

On Wed, 8 Feb 2006, Bill Broadley wrote:

> I'd vote for banning ALL posts with attachments, HTML, vcard, .exe.
> Has there ever been a useful attachment sent to the beowulf list?

Possibly (I remember some pictures and the like following linux expo
type thingies and might have posted a possibly useless attachment or two
myself over the years:-) but

   a) This is a HORRIBLE way to store/resend anything long -- it
replicates the data N times where N can be a very large number, chewing
through bandwidth and CPU to manage it.

   b) There are better ways to manage it, such as posting a URL.

So I'd second this.

> Amavis filters attachments well.
>> keywords that are configured in Mailman's "hold" rules.  And finally, that
>> user was approved for auto-post for messages that passed all of the
>> previous rules.
> If there's daily work involving hours and we get one spam per 3 years
> I'd argue someones spending too much time on this.

Yeah, ditto this too.  It does keep signal to noise maximally high,
but... a lot of work.

I really liked the idea of using gpg signatures to auth messages instead
of the subscription address.  Even if you implement this just on a
whitelist basis, you should be able to WAY much cut down on both the
delay of legitimate messages and the time you spend on the illegitimate
ones.  No registered signature, no access to the list.  Subscription
open but proctored via an "approval" process that is just slow enough
and human oriented enough to keep out would-be spammers.  That would be
no more work than a message board -- in fact it would be the SAME work
as a message board -- but it would let us keep the mailman/mail list
format that is its appealing feature.

Greg's suggestion is also intriguing -- message board for posting and
email for distribution -- but it still adds another step and would I
suspect significantly reduce list participation, possibly below the
critical point.  One amazing thing about this list is how LONG it has
been productive.  It's coming up on ten years now, isn't it?  That's
damn near infinity in this business.


