UOL spam issue

[Paul Howarth]

Arthur Pemberton wrote:
> On 1/24/06, *Tim* <ignored_mailbox at yahoo.com.au 
> <mailto:ignored_mailbox at yahoo.com.au>> wrote:
> 
>     On Tue, 2006-01-24 at 14:00 +0000, Paul Howarth wrote:
>      > This list already uses a confirmation step.
> 
>     I know.  I didn't sign up by magic.  ;-)  I went through the process.
>     My comment was about the idea of doing it more than once, and with more
>     than just the lists "from" address (since some might think to whitelist
>     the list based simply on the from address, which will change when
>     contributors post, rather than some other details).
> 
>     It occurs to me that some sort of honeypot approach might be worth it,
>     too.  A few bogus members that if they ever receive spam, are used in
>     some way to blacklist a member.  I did that with my mail server, it
>     worked a treat for identifying spam.
> 
>     Also, random, challenge/response spot checks on members.  Combined with
>     a honeypot source address, perhaps, that could send unique messages to
>     each member to identify the real sources of problems.  It also occurs to
>     me that this person mightn't be just stupidly sending crud to people,
>     but be doing so as an address harvesting technique.
> 
>     Though the most obvious solution to me is to stop trying to be a news
>     group on a mailing list, and actually be a news group.  You don't need
>     to provide any e-mail address when you post to usenet.  Nobody can spam
>     my mailbox from any data in my usenet posts.  News servers can wipe out
>     spam, too.  And you get the added bonus of being able to get prior
>     messages, not just the ones that come through after you join.  Not to
>     mention all of the other things that news clients do so much better than
>     mail clients.
> 
> 
> Umm, why don't we just black list these guy's mail server?

Where "we" = every list member of course.

I've done my bit, and I don't see any old.br spam.

Paul.