From nospam at nospam.org Mon May 1 02:52:49 2006 From: nospam at nospam.org (Ejo) Date: Sun Apr 30 20:48:41 2006 Subject: [SpamCop-List] Re: Parser fails to resolve the originating IP In-Reply-To: References: Message-ID: Mike Easter wrote: > Ejo wrote: >> This is an example of a parser error, the result is that spamcop >> reports would be sent in the wrong direction (ip 131.180.0.83) >> whereas the >> spew originates from 212.91.238.95 I suppose that I have to fix the >> mailhost configuration. >> > www.spamcop.net/sc?id=z930656263zb5221611aa988e6db3e66c00e0430ce0z > > It appears that SC does not recognize these bottom 3 looping lines 4-6 > as part of your current mailhost -- where 'loop' implies going thru' the > same IP again, in this case calling itself by different names in the > 'by'. > > Abbreviated Received tracelines *comment > from (mailservice.tudelft.nl [130.161.131.5]) by dutlru2.lr.tudelft.nl > from localhost (localhost [127.0.0.1]) by rav.antivirus > from srv028.tudelft.net (unknown [131.180.0.83]) by mx4.tudelft.nl > *serves you > from mailservice.tudelft.nl ([130.161.131.5]) by srv028.tudelft.net > *serves you > from localhost (localhost [127.0.0.1]) by rav.antivirus *serves you > from di-ve3016.com (unknown [212.91.238.95]) by mx1.tudelft.nl > *sourceline > > If it is going to be funky like that, SC needs the mailhost configured > like that. > > It looks like a Carlie Foxtrot situation, not uncommon at the TUD. Problem is right now that I have to trick the systems to jump into this particular mode of handling incoming e-mail. From nobody at devnull.spamcop.net Mon May 1 00:31:10 2006 From: nobody at devnull.spamcop.net (WazoO) Date: Mon May 1 00:35:06 2006 Subject: [SpamCop-List] Re: What is reported for 63.238.179.181? References: Message-ID: "WazoO" wrote in message news:e2u645$idt$1@news.spamcop.net... > > From: "WazoO" > To: "SpamCop Support - JT" > Subject: Newgroup Archiving dead again > Date: Fri, 28 Apr 2006 17:45:33 -0500 > > Had a user asking for help in the spamcop newsgroup, wasn't > getting what he needed. I reposted his query into the Forum > asking someone with a paid-account type to do a look-up. > Had an answer within minutes. Posted the Forum pointers > to the newsgroup, then was going to cross-link back to the > newsgroup archives ... but saw that the spamcop-list archive > stopped on the 18th of April. I now recall that the same thing > happened the last time there was a major cesmail located issue > and you got the archiving thing restarted. Could I ask for a > repeat action? Thanks! And in catching things up, the archiving bit has been restarted, archives are caught up, and in fact, the new month started as designed. Thanks sent to JT. From nobody at nowhere.not Mon May 1 08:14:12 2006 From: nobody at nowhere.not (Robert Blair) Date: Mon May 1 03:15:07 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: On Mon, 1 May 2006 02:43:16 UTC, "John E. Malmberg" wrote: > > That is, to try and stop a *single* 'rogue' SC user getting an email > > source listed (through laziness, "revenge", stupidity and/or whatever) > > it takes sufficient reports from *two* or more users to get an email > > source on the SCBL... > > > > That is, there needs to be two or more users being lazy or stupid or > > 'angry' OR there is an issue with the list subscription method OR more > > likely something in between... > > I know of cases that were discussed here where there was only one user > doing the reporting where they accidentally reported their own mail server. > > While the idea that it takes two reporters to cause a listing seems to > be mentioned a lot, it does not seem to be the case. Sending a report to your own ISP is bad but it does not get the ISP listed unless there has been other spam reported to the same IP. So my conclusion is that more than one person is reporting spam from that IP. Recently we went through the same process with another mailing list which turned out to be backscatter. So far no one has mentioned this to Patty. How does the list handle email it receives from someone not subscribed to the list? -- Robert Blair From MikeE at ster.invalid Mon May 1 01:58:05 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 04:00:04 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: Robert Blair wrote: > "John E. Malmberg" >> >>> That is, there needs to be two or more users being lazy or stupid >> I know of cases that were discussed here where there was only one >> user doing the reporting >> While the idea that it takes two reporters to cause a listing seems >> to be mentioned a lot, it does not seem to be the case. It is also /my/ belief that there is no 'requirement' for more than one reporter making reports. There is a requirement for more than one report, not for more than one report-er http://www.spamcop.net/fom-serve/cache/297.html How the SCBL Works -- The SCBL will not list an IP address with only one report filed. > Sending a report to your own ISP is bad but it does not get the ISP > listed unless there has been other spam reported to the same IP. Why do you say that? Where are you getting that information? I can see why one reporter making multiple reports of their own ISP as source might /not/ cause a listing for it, because of the server reputation points -- and I can also see why that same ISP might get itself listed for also hitting spamtraps in addition to the one reporter, because of the heavier weight of the spamtraps -- but I'm not aware of a rule in the algorithm to not list the IP if there is only one reporter making reports. > So > my conclusion is that more than one person is reporting spam from that > IP. You are basing that conclusion on a belief that there is a 'requirement' that a listing cannot occur if there is only one reporter making multiple reports. I'm questioning the basis for that belief. > How does the list handle email it receives from someone not > subscribed to the list? That's a good question to ask. -- Mike Easter kibitzer, not SC admin From g.hyde at bigpond.net.au Mon May 1 20:44:57 2006 From: g.hyde at bigpond.net.au (Geoffrey Hyde) Date: Mon May 1 05:50:08 2006 Subject: [SpamCop-List] Possible spam from Tesltra user. Message-ID: http://www.spamcop.net/sc?id=z931966737zcbe8497f877d987e944951d04bbc846dz It would appear that this is coming from a telstra user, probably one of their bigpond customers. It also seems there is a rather large attachment, does that look like a virus or some kind of infectious trojan program? Cheers ... Geoffrey Hyde From patty1515NOSPAM at gmail.com Mon May 1 10:08:21 2006 From: patty1515NOSPAM at gmail.com (Patty) Date: Mon May 1 09:10:03 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1hgr5wksbyk7r$.c49y5rrg8mxi$.dlg@40tude.net> <1tcx1gogz02o6$.3we3du1xf462.dlg@40tude.net> <6h8eaq0ycu51.9xmt3wujifpo.dlg@40tude.net> Message-ID: On Sun, 30 Apr 2006 20:13:33 -0700, Don Wannit wrote: > Patty wrote: > >> I heard back from our SysAdmin, and his concern is that the confirmation >> would cause someone to be subscribed automatically, and he definitely wants >> Administrator review of all profiles submitted. Right now, we review the >> profiles and then manually subscribe the person. I'm not sure how the >> confirmation could be worked in with that type of setup. I like the idea >> of a confirmation, but I'm not sure about how the software (Majordomo) >> handles the subscription requests. I know that right now, the profile and >> subscription request goes to a live person who reads it over before it is >> submitted. Granted, that doesn't ensure that someone can't maliciously >> subscribe their worst enemy, but he wants the human intervention in there. >> >> Thanks Mike. >> >> Patty > > > Hi, Patty! > > Since your subscription process already has the extra step of > the profile being explicitly examined and vetted by a human, > it seems your sysadmins have already changed the normal Majordomo > configuration, at least a bit. Could the necessary addition > be as simple as adjusting your signup process so that it does > not offer the profile form to the user to fill in until *after* > the user has responded to the confirmation email? > > In other words, the profile form would not be filled in > when the user submits his/her email address. To sign up > for a list or lists, the user would just provide the > email address. Then the confirmation email you send to > that address does the usual apology for the intrusion if > someone else submitted this email address, and provides > a link to the web form to fill in the profile, using a > randomly-generated gobblety-gook string as a unique key > that would be nearly impossible to guess. That would > provide the necessary confirmation step and still > let your editor/admin approve the profile, with very > little adjustment to your existing signup process. > > It might be relatively simple to modify your existing > Majordomo automation to do this. I don't know, since > I am not familiar with current Majordomo versions (only > old and decrepit ones; I use GNU Mailman for our lists > now). > > Hope this helps, > Don I am being told that with the current software, sending out a confirmation email would result in that person being subscribed automatically. Modifying it would be difficult and then would be very difficult to maintain when new versions came out. We are using a standard software package (I have not been told which one) and it is very big. I am also told that there are not nearly as many solutions as some would believe. Listservs are hard to set up and maintain for large lists. We have an exceptionally large list (nearly 5,000 members) and many integrated tools that everyone takes for granted. Changing now would require months of full-time effort and several full-time people to administer the list. Since we are a small non-profit organization, we don't have any paid staff, only volunteers that handle the day to day list duties. I guess the feeling is, that since we are an opt-in list (the person must choose to join), and because we are dealing with such a specific subject that has very limited appeal to the masses, a confirmation is not really necessary. Granted, it is considered a good practice, but is not required of a listserv. However, there are a couple of us on the administrative roster who do think that some type of confirmation would be a good idea. So, perhaps this option will be explored more in the future. Thanks everyone for all the suggestions, I have passed them along. Patty From patty1515NOSPAM at gmail.com Mon May 1 10:10:06 2006 From: patty1515NOSPAM at gmail.com (Patty) Date: Mon May 1 09:10:07 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: On Sun, 30 Apr 2006 22:43:16 -0400, John E. Malmberg wrote: > Skiwi wrote: >> I may have missed this in all of the replies in this thread, so "just in >> case" - but my understanding the above sentence should read: >> >> "It is possible for user[s] to incorrectly report a mailing list and get >> it listed, but it is rare." >> >> That is, to try and stop a *single* 'rogue' SC user getting an email >> source listed (through laziness, "revenge", stupidity and/or whatever) >> it takes sufficient reports from *two* or more users to get an email >> source on the SCBL... >> >> That is, there needs to be two or more users being lazy or stupid or >> 'angry' OR there is an issue with the list subscription method OR more >> likely something in between... > > I know of cases that were discussed here where there was only one user > doing the reporting where they accidentally reported their own mail server. > > While the idea that it takes two reporters to cause a listing seems to > be mentioned a lot, it does not seem to be the case. > > -John > wb8tyw@qsl.network > Personal Opinion Only As far as I know, our situation is only one person doing the reporting. The Covad log trace only shows one person making the SC report. Patty From patty1515NOSPAM at gmail.com Mon May 1 10:13:41 2006 From: patty1515NOSPAM at gmail.com (Patty) Date: Mon May 1 09:15:04 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: <1vt5dpskzga7d$.b7m6e4g95quk$.dlg@40tude.net> On Mon, 1 May 2006 07:14:12 +0000 (UTC), Robert Blair wrote: > On Mon, 1 May 2006 02:43:16 UTC, "John E. Malmberg" > wrote: > >>> That is, to try and stop a *single* 'rogue' SC user getting an email >>> source listed (through laziness, "revenge", stupidity and/or whatever) >>> it takes sufficient reports from *two* or more users to get an email >>> source on the SCBL... >>> >>> That is, there needs to be two or more users being lazy or stupid or >>> 'angry' OR there is an issue with the list subscription method OR more >>> likely something in between... >> >> I know of cases that were discussed here where there was only one user >> doing the reporting where they accidentally reported their own mail server. >> >> While the idea that it takes two reporters to cause a listing seems to >> be mentioned a lot, it does not seem to be the case. > > Sending a report to your own ISP is bad but it does not get the ISP > listed unless there has been other spam reported to the same IP. So > my conclusion is that more than one person is reporting spam from that > IP. > > Recently we went through the same process with another mailing list > which turned out to be backscatter. So far no one has mentioned this > to Patty. How does the list handle email it receives from someone not > subscribed to the list? It bounces to an administrator who reviews it. It never makes it to the list. Because we are a subscription only listserv, even if a current member sends from a non-subscribed email address, that email bounces to an administrator. If the administrator is able to confirm the person's membership, it may be forwarded on, but mostly that does not happen. The person must resubmit their email using their subscribed address. Patty From patty1515NOSPAM at gmail.com Mon May 1 10:15:05 2006 From: patty1515NOSPAM at gmail.com (Patty) Date: Mon May 1 09:15:06 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: <1srcb1z64id37.z7k8q5rk6lu2$.dlg@40tude.net> On Mon, 1 May 2006 00:58:05 -0700, Mike Easter wrote: > Robert Blair wrote: >> "John E. Malmberg" >>> > >>>> That is, there needs to be two or more users being lazy or stupid > >>> I know of cases that were discussed here where there was only one >>> user doing the reporting > >>> While the idea that it takes two reporters to cause a listing seems >>> to be mentioned a lot, it does not seem to be the case. > > It is also /my/ belief that there is no 'requirement' for more than one > reporter making reports. There is a requirement for more than one > report, not for more than one report-er > http://www.spamcop.net/fom-serve/cache/297.html How the SCBL Works -- > The SCBL will not list an IP address with only one report filed. > >> Sending a report to your own ISP is bad but it does not get the ISP >> listed unless there has been other spam reported to the same IP. > > Why do you say that? Where are you getting that information? I can see > why one reporter making multiple reports of their own ISP as source > might /not/ cause a listing for it, because of the server reputation > points -- and I can also see why that same ISP might get itself listed > for also hitting spamtraps in addition to the one reporter, because of > the heavier weight of the spamtraps -- but I'm not aware of a rule in > the algorithm to not list the IP if there is only one reporter making > reports. > >> So >> my conclusion is that more than one person is reporting spam from that >> IP. > > You are basing that conclusion on a belief that there is a 'requirement' > that a listing cannot occur if there is only one reporter making > multiple reports. I'm questioning the basis for that belief. > >> How does the list handle email it receives from someone not >> subscribed to the list? > > That's a good question to ask. I just answered that last question. See my prior post. :o) Patty From sgcarney at gmail.com Mon May 1 19:53:56 2006 From: sgcarney at gmail.com (Scott Carney) Date: Mon May 1 09:24:07 2006 Subject: [SpamCop-List] take me off this list Message-ID: <72F1D1C5-2EA2-48E7-861D-D9870AB13A6C@gmail.com> Dear SpamCop, Please unsubscribe me from this list. I get enough mail as is. s ___ Scott Carney Freelance Journalist Mobile: 091-9380185773 www.scottcarneyonline.com From nobody at devnull.spamcop.net Mon May 1 10:31:27 2006 From: nobody at devnull.spamcop.net (Peter) Date: Mon May 1 09:35:02 2006 Subject: [SpamCop-List] Re: take me off this list References: Message-ID: What list? -- Peter Toronto, Canada 2 x XP Pro SP2 (1 everyday, 1 for testing) P4 HT @ 3.0ghz, 2.0gb DDR, 360gb HD "Scott Carney" wrote in message news:mailman.0.1146489848.3606.spamcop-list@news.spamcop.net... > Dear SpamCop, > > Please unsubscribe me from this list. I get enough mail as is. > > s > ___ > Scott Carney > Freelance Journalist > Mobile: 091-9380185773 > www.scottcarneyonline.com > > > > From sgcarney at gmail.com Mon May 1 20:06:45 2006 From: sgcarney at gmail.com (Scott Carney) Date: Mon May 1 09:36:54 2006 Subject: [SpamCop-List] Re: take me off this list In-Reply-To: References: Message-ID: <216ED222-80C5-4B82-A4AA-DA82839B6E8C@gmail.com> Maybe I e-mailed the wrong person. I'm trying toget off the spam cop list. s ___ Scott Carney Freelance Journalist Mobile: 091-9380185773 www.scottcarneyonline.com On May 1, 2006, at 7:01 PM, Peter wrote: > What list? > > -- > Peter > Toronto, Canada > 2 x XP Pro SP2 (1 everyday, 1 for testing) > P4 HT @ 3.0ghz, 2.0gb DDR, 360gb HD > "Scott Carney" wrote in message > news:mailman.0.1146489848.3606.spamcop-list@news.spamcop.net... >> Dear SpamCop, >> >> Please unsubscribe me from this list. I get enough mail as is. >> >> s >> ___ >> Scott Carney >> Freelance Journalist >> Mobile: 091-9380185773 >> www.scottcarneyonline.com >> >> >> >> > > > _______________________________________________ > SpamCop-List mailing list > SpamCop-List@news.spamcop.net > http://news.spamcop.net/mailman/listinfo/spamcop-list From MikeE at ster.invalid Mon May 1 07:40:53 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 09:45:03 2006 Subject: [SpamCop-List] Re: Possible spam from Tesltra user. References: Message-ID: Geoffrey Hyde wrote: www.spamcop.net/sc?id=z931966737zcbe8497f877d987e944951d04bbc846dz > > It would appear that this is coming from a telstra user, probably one > of their bigpond customers. It also seems there is a rather large > attachment, does that look like a virus or some kind of infectious > trojan program? Pharm spam source 144.136.148.123 CPE-144-136-148-123.qld.bigpond.net.au not listed in open proxy db/s, just dynamics spamvertiser fzd.4qatada3909zxmmx9m4x94m4.therterhk.com 58.19.254.157 spamhaused as the /32 rokso Leo Kuvayev / BadCow CNCGROUP HuBei b64 gif attachment promoting Cialis, Viagra, Levitra You don't have to open the spam to examine the gif. You can access the message properties, isolate the attachment and save it as the b64, then b64 decode that into the gif, I use Iceows for various functions of arc/unarc, code/decode convert, and look at the gif with a normal viewer like IrfanView. The disadvantage of opening the spam to inspect it is the traditional insecurity of something like Outlook Express using Internet Explorer's rendering engine under Windows. If you are going to use Win, you don't have to deal with the inherent insecurities of OE/IE. In this case, you can inspect the interior and see that the b64 is a .gif, then all you have to worrry about is what the rendering engine of IE/OE can do insecurely with a malformed .gif. // Double-free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. // named here http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1048 patched here http://www.microsoft.com/technet/security/bulletin/MS04-025.mspx Microsoft Security Bulletin MS04-025 More from me in alt.spam about malformed gifs http://groups.google.com/group/alt.spam/msg/5bf26a618d243915?hl=en& or http://snipurl.com/pvyx From: "Mike Easter" Newsgroups: alt.spam Subject: Re: Nonsense Spam Message-ID: -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Mon May 1 07:49:08 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 09:50:03 2006 Subject: [SpamCop-List] Re: take me off this list References: Message-ID: Scott Carney wrote: > Dear SpamCop, > > Please unsubscribe me from this list. I get enough mail as is. The instructions for unsubbing for the list are present in the following places: - the trailer link on every mailing list item you receive - the page where you signed up - the headers of every mailing list item you receive. The trailer of this message to you says: > SpamCop-List mailing list > SpamCop-List@news.spamcop.net > http://news.spamcop.net/mailman/listinfo/spamcop-list Near the bottom of that page linked above, which I think should be at the very very tip top of the page is a section which sez: To unsubscribe from SpamCop-List, get a password reminder, or change your subscription options enter your subscription email address: where you click the Unsubscribe or Edit options button after entering your subbed addy. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Mon May 1 08:17:25 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 10:20:03 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1hgr5wksbyk7r$.c49y5rrg8mxi$.dlg@40tude.net> <1tcx1gogz02o6$.3we3du1xf462.dlg@40tude.net> <6h8eaq0ycu51.9xmt3wujifpo.dlg@40tude.net> Message-ID: Patty wrote: > I am being told that with the current software, sending out a > confirmation email would result in that person being subscribed > automatically. Does that mean that you /could/ do the human vetting of the profile /first/ and then do the confirmation mail? -- Mike Easter kibitzer, not SC admin From bar_n0ne at hotmail.com Mon May 1 10:47:08 2006 From: bar_n0ne at hotmail.com (Berny) Date: Mon May 1 10:50:03 2006 Subject: [SpamCop-List] Re: take me off this list References: Message-ID: "Scott Carney" wrote in message news:mailman.1.1146490614.3606.spamcop-list@news.spamcop.net... > Maybe I e-mailed the wrong person. I'm trying toget off the spam cop > list. > > s > ___ > Scott Carney > Freelance Journalist > Mobile: 091-9380185773 > www.scottcarneyonline.com > > > > > On May 1, 2006, at 7:01 PM, Peter wrote: > > > What list? > > > > -- > > Peter > > Toronto, Canada > > 2 x XP Pro SP2 (1 everyday, 1 for testing) > > P4 HT @ 3.0ghz, 2.0gb DDR, 360gb HD > > "Scott Carney" wrote in message > > news:mailman.0.1146489848.3606.spamcop-list@news.spamcop.net... > >> Dear SpamCop, > >> > >> Please unsubscribe me from this list. I get enough mail as is. > >> > >> s > >> ___ > >> Scott Carney > >> Freelance Journalist > >> Mobile: 091-9380185773 > >> www.scottcarneyonline.com > >> > >> > >> > >> > > > > > > _______________________________________________ > > SpamCop-List mailing list > > SpamCop-List@news.spamcop.net > > http://news.spamcop.net/mailman/listinfo/spamcop-list > Yeah you did, but there are instructions at the top and/or the bottom of every missive you receive if you are on the mailling liston how to do that, follow them. No one else can do it for you. From bar_n0ne at hotmail.com Mon May 1 10:56:25 2006 From: bar_n0ne at hotmail.com (Berny) Date: Mon May 1 11:00:03 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: "Mike Easter" wrote in message news:e34f23$lqk$1@news.spamcop.net... SNIP > > You are basing that conclusion on a belief that there is a 'requirement' > that a listing cannot occur if there is only one reporter making > multiple reports. I'm questioning the basis for that belief. > Well there was a post from Julian, or a Deputy, a couple of years back about a change to the algorithm,. The change was basically that 2 reporters had to report spams from the same source before listing. There was a bit of grumbling in this newsgroup about that at the time. I don't know if this can be found with google now or not. From patty1515NOSPAM at gmail.com Mon May 1 12:08:43 2006 From: patty1515NOSPAM at gmail.com (Patty) Date: Mon May 1 11:10:04 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1hgr5wksbyk7r$.c49y5rrg8mxi$.dlg@40tude.net> <1tcx1gogz02o6$.3we3du1xf462.dlg@40tude.net> <6h8eaq0ycu51.9xmt3wujifpo.dlg@40tude.net> Message-ID: <1b93cfua8sk2n$.1060nh0bpopj1$.dlg@40tude.net> On Mon, 1 May 2006 07:17:25 -0700, Mike Easter wrote: > Patty wrote: >> I am being told that with the current software, sending out a >> confirmation email would result in that person being subscribed >> automatically. > > Does that mean that you /could/ do the human vetting of the profile > /first/ and then do the confirmation mail? Hi Mike, I don't really know any specifics of the software so I can't answer that question. I have been told that the only way we could implement this type of procedure easily is to have the person processing the profiles manually send a confirmation email first before subscribing the person. At this point in time, that's being frowned on since we only have all volunteers and no one is paid to do this work. Putting extra work on volunteers doesn't always fly well, I'm afraid. There are a couple of us who like the idea, but we'll see what the overall consensus of the admin group is. Patty From patty1515NOSPAM at gmail.com Mon May 1 12:10:33 2006 From: patty1515NOSPAM at gmail.com (Patty) Date: Mon May 1 11:10:06 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: On Mon, 1 May 2006 09:56:25 -0500, Berny wrote: > "Mike Easter" wrote in message > news:e34f23$lqk$1@news.spamcop.net... > SNIP >> >> You are basing that conclusion on a belief that there is a 'requirement' >> that a listing cannot occur if there is only one reporter making >> multiple reports. I'm questioning the basis for that belief. >> > > Well there was a post from Julian, or a Deputy, a couple of years back about > a change to the algorithm,. > > The change was basically that 2 reporters had to report spams from the same > source before listing. > > There was a bit of grumbling in this newsgroup about that at the time. > > I don't know if this can be found with google now or not. I only know that I've been told the log trace from Covad is showing only one person reporting. Patty From spam at nospam.org Mon May 1 18:11:29 2006 From: spam at nospam.org (Andy) Date: Mon May 1 11:15:03 2006 Subject: [SpamCop-List] Pump and Dump Message-ID: The P&D scam was completely new to me until a few weeks ago when I started getting a load of backscatter from a scammer - mail bounces coming to randomly generated user names (typically 3 to 5 random characters) at my domain. The originating IPs of the scam mails appears to indicate a number of bots located around the world, mostly South Korea, Latin America and Texas(!), with a few in Germany. I have researched some of the P&D companies and one is apparently a microscopic oil company located in Canada. There are only 39 share holders and the company appears to consist of one guy - the 'CEO'. The share price has increased by 44% recently. My questions are therefore - 1. Is P&D actually illegal or is it a case of 'caveat emptor'? 2. If it is illegal then where would you make a report? Given that there appear to be only 39 possible beneficiaries in this company it shouldn't be too hard to trace the scammer. 3. At the end of the day would anyone actually follow this up or would I be wasting my time? The scammer may make a few bucks but he won't be retiring on the proceeds of this one. An additional question - can you confirm that Spamcop encourages reporting the mail bounces themselves as spam? I've seen this suggestion a few times on the forums. Originally I was just annoyed by the scammer but the frequency of the incorrectly bounced mail is not decreasing and I'm actually getting more fed up with mail servers that are incapable of recognising a spoofed return address. As an aside - you wouldn't believe how many people out there send out-of-office autoresponses in reply to mail originating from outside their local networks... or maybe you would. :-) Thanks Andy From MikeE at ster.invalid Mon May 1 09:28:47 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 11:30:02 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: Patty wrote: > I only know that I've been told the log trace from Covad is showing > only one person reporting. I'm assuming that what covad gets is the SC report of being spamsource provider. A SC report will provide a link to the evidence, but the report is sent from spamcop, not the reporter, regardless of whether that is a single repetitive IP address, it only means the source of the report remains the same, namely spamcop's IP. The reporter's addy in the evidence To would be munged by standard or default SC munge unless overridden by some action of the reporter or requirement of the notified provider, and the evidence itself would permit analysis of the headers of the mailing list item/s which were received by the reporter. Those items would show the 'mailbox' server for the recipient, such as AOL, but if any addresses of the recipient would have appeared in the recipient's headers in such as Received tracelines, those too would have been spamcop munged by the standard or default algorithm function on the handling of the evidence which is linked in the report to the providers for spamvertiser or source. So, the point of that long description is that I would think that the conclusion might be that all of the reports are being received by a user of only one provider, namely AOL, but not necessarily one 'person' -- since I'm thinking the person isn't being identified by username address, but only by mailbox server. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Mon May 1 09:41:15 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 11:45:04 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1hgr5wksbyk7r$.c49y5rrg8mxi$.dlg@40tude.net> <1tcx1gogz02o6$.3we3du1xf462.dlg@40tude.net> <6h8eaq0ycu51.9xmt3wujifpo.dlg@40tude.net> <1b93cfua8sk2n$.1060nh0bpopj1$.dlg@40tude.net> Message-ID: Patty wrote: > I don't really know any specifics of the software so I can't answer > that question. I have been told that the only way we could implement > this type of procedure easily is to have the person processing the > profiles manually send a confirmation email first before subscribing > the person. At this point in time, that's being frowned on since we > only have all volunteers and no one is paid to do this work. Putting > extra work on volunteers doesn't always fly well, I'm afraid. I agree with that, more volunteer work is bad, but... > There > are a couple of us who like the idea, but we'll see what the overall > consensus of the admin group is. ...there's another concern I have. Now that we've been talking about all of this in here, it is 'common knowledge' that the/your mailing lists don't require confirmed opt-in. That makes the lists a 'target' for those who would cause trouble between antispammers and the 'public' -- where the public in question would be your mailing list admins and your list readers. An unconfirmed mailing list is a 'good thing' to be submitting email addresses to if your wish is to cause friction between blocklists such as spamcop's and the unconfirmed mailing list. Your mailing list doesn't have a feature that allows you to easily listwash based on spamcop reports which have munged the reporter's addy. Even tho' you have had little or no problems up to now over the past 10 years, that is liable to change in the future. The gig would be to subscribe spamcop reporter's addresses to your mailing list, and then those subbed reporters would not be required to confirm their subscription, and then as soon as the mailing list mail begins, the reporters would start reporting them, not unsubbing from a list they never subbed. Of course. This would give rise to much blocklisting of your servers and much interference with the mail to your subscribers. The deputies are not going to manually delist servers which have been listed because of reports caused by unconfirmed mailing lists. They are also not going to help you listwash. Your lists are going to be in the soup and your subscribers are going to have trouble getting their mailing list mail and everyone is going to be unhappy. Houston, we have a problem here. -- Mike Easter kibitzer, not SC admin From not at home.today Mon May 1 17:41:32 2006 From: not at home.today (Ant) Date: Mon May 1 11:45:07 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> <1vt5dpskzga7d$.b7m6e4g95quk$.dlg@40tude.net> Message-ID: "Patty" wrote: > On Mon, 1 May 2006 07:14:12 +0000 (UTC), Robert Blair wrote: >> Recently we went through the same process with another mailing list >> which turned out to be backscatter. So far no one has mentioned this >> to Patty. I mentioned that I didn't think it was happening. >> How does the list handle email it receives from someone not >> subscribed to the list? > > It bounces to an administrator who reviews it. It never makes it to the > list. Because we are a subscription only listserv, even if a current > member sends from a non-subscribed email address, that email bounces to an > administrator. If the administrator is able to confirm the person's > membership, it may be forwarded on, but mostly that does not happen. The > person must resubmit their email using their subscribed address. The important point is that you don't return the mail to who you thought sent it, i.e. the address in the "From:" field. This is forged by spammers, and any bounce will likely go to an innocent party who may report it as spam. From Kilgallen at SpamCop.net Mon May 1 11:42:40 2006 From: Kilgallen at SpamCop.net (Larry Kilgallen) Date: Mon May 1 11:45:09 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1hgr5wksbyk7r$.c49y5rrg8mxi$.dlg@40tude.net> <1tcx1gogz02o6$.3we3du1xf462.dlg@40tude.net> <6h8eaq0ycu51.9xmt3wujifpo.dlg@40tude.net> In article , Patty writes: > I guess the feeling is, that since we are an opt-in list (the person must > choose to join), Not at all. Somebody must merely choose to submit the person's address, perhaps to harass the addressee without any input from the addressee. > and because we are dealing with such a specific subject > that has very limited appeal to the masses, a confirmation is not really > necessary. Your subject matter has nothing at all to do with whether you provide a harassment vehicle. > Granted, it is considered a good practice, but is not required > of a listserv. However, there are a couple of us on the administrative > roster who do think that some type of confirmation would be a good idea. > So, perhaps this option will be explored more in the future. The fact that some will reject your mail due to this practice might be convincing. Consider someone who _wants_ to receive your mail but is prevented from doing so because your organization does not care about whether the email names on the list represent people who actually signed up. From MikeE at ster.invalid Mon May 1 09:55:19 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 12:00:05 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: Berny wrote: > "Mike Easter" >> You are basing that conclusion on a belief that there is a >> 'requirement' that a listing cannot occur if there is only one >> reporter making multiple reports. I'm questioning the basis for >> that belief. >> > > Well there was a post from Julian, or a Deputy, a couple of years > back about a change to the algorithm,. > > The change was basically that 2 reporters had to report spams from > the same source before listing. > > There was a bit of grumbling in this newsgroup about that at the time. > > I don't know if this can be found with google now or not. This is all I've found so far http://news.spamcop.net/pipermail/spamcop-help/2003-August/041753.html http://forum.spamcop.net/forums/lofiversion/index.php/t6038-50.html The forum discussion and question about requiring 2 seems to have never been confirmed by anyone, unless you can find it in that forum discussions which I don't like to dredge thru' repeatedly looking for something. I prefer nice simple plaintext to dig thru' instead of html. The 'illustration' of information from a spamcop parse in the 2nd link which would seem to imply that 2 reporters are required was 'discordant' -- in that the parser's verbose output mentioned a 2 reporter 'requirement' which wasn't met, but then 'turned around' and said there were two reporters. And, my experience with the verbose is that it cannot be counted on to say what it really means or mean what it says -- and in any case the algorithm and its verbose are highly dynamic, unstable, and perpetually changing and cannot be relied upon as a 'real' verification of a requirement which hasn't been verified in the faq or by a deputy or Julian that I can find so far. I only see people 'assuming' it to be the case. I think they are confused by the verified one report concept -- melding it into a one reporter concept. -- Mike Easter kibitzer, not SC admin From tmcgraw at spamcop.net Mon May 1 10:27:06 2006 From: tmcgraw at spamcop.net (Tim McGraw) Date: Mon May 1 12:30:04 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works In-Reply-To: References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1hgr5wksbyk7r$.c49y5rrg8mxi$.dlg@40tude.net> <1tcx1gogz02o6$.3we3du1xf462.dlg@40tude.net> <6h8eaq0ycu51.9xmt3wujifpo.dlg@40tude.net> Message-ID: Patty wrote: > > I am being told that with the current software, sending out a confirmation > email would result in that person being subscribed automatically. Your admin appears to be extremely clueless. That's NOT what a confirmation is. > Modifying it would be difficult and then would be very difficult to > maintain when new versions came out. We are using a standard software > package (I have not been told which one) and it is very big. Big does not mean better, or even easier or harder. Whoever said it would be difficult to maintain a new, better package doesn't want to do their job. Find someone who has experience running opt-in lists and hire them instead. > I am also told that there are not nearly as many solutions as some would > believe. Listservs are hard to set up and maintain for large lists. We > have an exceptionally large list (nearly 5,000 members) and many integrated > tools that everyone takes for granted. Changing now would require months > of full-time effort and several full-time people to administer the list. > Since we are a small non-profit organization, we don't have any paid staff, > only volunteers that handle the day to day list duties. As others have stated there are some excellent programs that will likely import your list and set it up under a new app inside of a day. It appears your admin is feeding you a line of malarky. > I guess the feeling is, that since we are an opt-in list (the person must > choose to join), and because we are dealing with such a specific subject > that has very limited appeal to the masses, a confirmation is not really > necessary. HOGWASH! If you want your recipients to get the emails you need to use a program that adheres to the best practices previously cited. > Granted, it is considered a good practice, but is not required > of a listserv. However, there are a couple of us on the administrative > roster who do think that some type of confirmation would be a good idea. > So, perhaps this option will be explored more in the future. You're a trooper Patty. Keep asking the hard questions! From tmcgraw at spamcop.net Mon May 1 10:27:42 2006 From: tmcgraw at spamcop.net (Tim McGraw) Date: Mon May 1 12:30:07 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] In-Reply-To: References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: Patty wrote: > > I only know that I've been told the log trace from Covad is showing only > one person reporting. I thought you said it was an AOL user...? From DougThegarden at invalid.com Mon May 1 18:28:05 2006 From: DougThegarden at invalid.com (Doug Thegarden) Date: Mon May 1 12:30:09 2006 Subject: [SpamCop-List] Re: Pump and Dump In-Reply-To: References: Message-ID: Andy wrote: > > My questions are therefore - > > 1. Is P&D actually illegal or is it a case of 'caveat emptor'? > Yes > 2. If it is illegal then where would you make a report? Given that there > appear to be only 39 possible beneficiaries in this company it shouldn't be > too hard to trace the scammer. > The SEC or FBI or whoever the local equivalent for the country the company is based in is. > 3. At the end of the day would anyone actually follow this up or would I be > wasting my time? The scammer may make a few bucks but he won't be retiring > on the proceeds of this one. > You are probably wasting your time and the "only 39 shareholders" indicates that at most 39 people have fallen for it. A bit like the FDA and drugs I suspect there are just too many small time players out there and too difficult to prove who did it to make investigation practical. Doug From MikeE at ster.invalid Mon May 1 10:51:40 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 12:55:02 2006 Subject: [SpamCop-List] Insulin pumpers headers Message-ID: I parsed manually and with SpamCop for a non-mailhosted account the headers of an insulin pumpers [hereafter IP] mailing list item and noted two things, one related to the IP mailing list SCbl listing recently and one unrelated. The IP headers do not parse to name the IP server [bizsystems] as source, but instead source the individual who emailed the item to the list, which is often the case for mailing list items, since the individual /was/ the source and the major domo simply forwarded the mail along to the recipient. Whether or not this current result is from a previously untrusted server now being trusted, either by SC experience or by a deputy manually trusting a server I can't say. I also have not tested the parser for this headers on a mailhosted account yet. And, incidentally, the parser does not currently 'require' that a spam have a body to offer to report, ie no need for such as 'empty body' or 'no body text' material change to report a spam. I cancelled the parse for the items unreported. The main point of this new thread on the subject is that at the present time, the IP server would not become listed by a spamcop reporter reporting the IP mailing list items with a non-mailhosted account. -- Mike Easter kibitzer, not SC admin From tmcgraw at spamcop.net Mon May 1 10:55:19 2006 From: tmcgraw at spamcop.net (Tim McGraw) Date: Mon May 1 13:00:04 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers In-Reply-To: References: Message-ID: Mike Easter wrote: > > The main point of this new thread on the subject is that at the present > time, the IP server would not become listed by a spamcop reporter > reporting the IP mailing list items with a non-mailhosted account. This is exactly how Mailman, Yahoo Groups, ya da ya da ya da work. Do the headers hint at what list software is being used? From MikeE at ster.invalid Mon May 1 11:23:16 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 13:25:02 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers References: Message-ID: Tim McGraw wrote: > Mike Easter wrote: >> >> The main point of this new thread on the subject is that at the >> present time, the IP server would not become listed by a spamcop >> reporter reporting the IP mailing list items with a non-mailhosted >> account. > > This is exactly how Mailman, Yahoo Groups, ya da ya da ya da work. > > Do the headers hint at what list software is being used? No. The server which is doing it is identified as pandora.is.bizsystems.com which rDNSes to the nonrouting 192.168.1.190 and also calls itself by another nonrouting in the chain-- which also calls itself in its helo and a traceline bzs.org -- and which ultimately outputs as 69.3.95.130 which rDNSes to ns2.bizsystems.net which was the blocklisted IP that caused the problems earlier. It also calls itself majordomo@localhost and daemon@localhost and mentions itself in X-Authentication-Warning: pandora.is.bizsystems.com: majordomo set sender to insulin-pumpers@insulin-pumpers.org using -f If you can sleuth anything by its id Received: (from majordomo@localhost) by bzs.org (8.11.4/8.11.4) id k41GkQp18393 for insulin-pumpers-outgoing; Mon, 1 May 2006 09:46:26 -0700 In fact, here are 3 contiguous headers involving all of that: Received: (from majordomo@localhost) by bzs.org (8.11.4/8.11.4) id k41GkQp18393 for insulin-pumpers-outgoing; Mon, 1 May 2006 09:46:26 -0700 X-Authentication-Warning: pandora.is.bizsystems.com: majordomo set sender to insulin-pumpers@insulin-pumpers.org using -f Received: from ns2.bizsystems.net (ns2.is.bizsystems.com [192.168.1.171]) by bzs.org (8.11.4/8.11.4) with ESMTP id k41GkOh18386 for ; Mon, 1 May 2006 09:46:24 -0700 I removed the leading whitespaces for posting here -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Mon May 1 11:27:18 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 13:30:03 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers References: Message-ID: Tim McGraw wrote: > Do the headers hint at what list software is being used? Oh, yeah. What's this? X-nag: /home/majordomo/nag.header -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Mon May 1 11:37:04 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 13:40:02 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers References: Message-ID: Tim McGraw wrote: > Do the headers hint at what list software is being used? How would you like to become an insulin pumpers mailing list admin? :-) Here's the how-to http://insulin-pumpers.org/howto/List-Admin-HOWTO.html#toc8 Insulin-Pumper's Mail List Administration HOWTO That is not a 'secret document' -- it is accessible to the public, found by searching on bzs.org -- Mike Easter kibitzer, not SC admin From tmcgraw at spamcop.net Mon May 1 11:52:20 2006 From: tmcgraw at spamcop.net (Tim McGraw) Date: Mon May 1 13:55:03 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers In-Reply-To: References: Message-ID: Mike Easter wrote: > > X-Authentication-Warning: pandora.is.bizsystems.com: majordomo set > sender to insulin-pumpers@insulin-pumpers.org using -f If the result of sending something to insulin-pumpers@insulin-pumpers.org (as spammers tend to do) is an email to the "From" that says, "only members can post to this list," then they deserve to be listed. But we've already established that the way their mail sw works is an SC parse won't finger it as the source - so it's impossible for them to be listed from list traffic. Which probably means someone is lying. From tmcgraw at spamcop.net Mon May 1 11:52:24 2006 From: tmcgraw at spamcop.net (Tim McGraw) Date: Mon May 1 13:55:07 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers In-Reply-To: References: Message-ID: Mike Easter wrote: > Tim McGraw wrote: >> Do the headers hint at what list software is being used? > > How would you like to become an insulin pumpers mailing list admin? :-) > > Here's the how-to > > http://insulin-pumpers.org/howto/List-Admin-HOWTO.html#toc8 > Insulin-Pumper's Mail List Administration HOWTO > > That is not a 'secret document' -- it is accessible to the public, found > by searching on bzs.org I thought this was even better: http://www.insulin-pumpers.org/membersonly.html If I can guess another user's name, I've got the universal password! From nobody at devnull.spamcop.net Mon May 1 11:58:35 2006 From: nobody at devnull.spamcop.net (G?? |\/|AC0|\|) Date: Mon May 1 14:00:03 2006 Subject: [SpamCop-List] Subject lines and topic drift References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1hgr5wksbyk7r$.c49y5rrg8mxi$.dlg@40tude.net> <1tcx1gogz02o6$.3we3du1xf462.dlg@40tude.net> Message-ID: For the purpose of this post, it doesn't matter who wrote: >> I see that winking grin, but you are going to get a semantics discussion >> anyway. If the first person to change the topic from discussing the case of the mailing list operator wondering how spamcop works to the semantics of folder/directory naming would be so kind as to change the subject line, those of us who are interested in the first topic but not the second would find it easier to select posts that interest us. From MikeE at ster.invalid Mon May 1 12:07:46 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 14:10:02 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers References: Message-ID: Tim McGraw wrote: > Do the headers hint at what list software is being used? My gut and some other findings like where Michael A. Robinton converses are causing me to lean toward believing the software is Majordomo http://www.greatcircle.com/majordomo/ -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Mon May 1 12:24:53 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 14:25:02 2006 Subject: [SpamCop-List] Re: Subject lines and topic drift References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1hgr5wksbyk7r$.c49y5rrg8mxi$.dlg@40tude.net> <1tcx1gogz02o6$.3we3du1xf462.dlg@40tude.net> Message-ID: G?? |\/|AC0|\| wrote: > If the first person to change the topic from discussing the case of > the mailing list operator > wondering how spamcop works to the semantics of folder/directory > naming would be so > kind as to change the subject line, those of us who are interested in > the first topic but > not the second would find it easier to select posts that interest us. Of course you are correct. I find it a quaint observation that a subject change among topic drifters leads quickly or even immediately to the end of the subthread's conversation. Maybe that's the way it /should/ be. In this case, it lasted for 3 posts, longer than usual, in my experience. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Mon May 1 12:33:04 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 14:35:03 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers References: Message-ID: Tim McGraw wrote: > But we've already established that the way their mail sw works is an > SC parse won't finger it as the source - so it's impossible for them > to be listed from list traffic. You mean it is /currently/ impossible to be listed from list traffic to a nonmailhosted reporter. Looking at the headers, it is possible that the parser might've tripped while it was unfamiliar with the server chain. Or that it might still trip for a mailhosted account. > Which probably means someone is lying. We have incomplete information because we can't see the evidence. In the past when we the public could access the evidence, we would be able to 'reparse' the headers that had caused the bizsystems server to become listed and perhaps find that now the bizsystems server wouldn't be named as source, whereas/but it had been before. That doesn't mean that someone is lying; it means that the nonmailhosted parse doesn't currently name the server. It is also possible that a mailhosted parse might still show the bizsystem's server as source, since the algorithm's logic is different in several areas for mailhosted vs non-mailhosted. -- Mike Easter kibitzer, not SC admin From nobody at devnull.spamcop.net Mon May 1 12:46:54 2006 From: nobody at devnull.spamcop.net (G|_|Y |\/|AC0|\|) Date: Mon May 1 14:50:03 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1hgr5wksbyk7r$.c49y5rrg8mxi$.dlg@40tude.net> <1tcx1gogz02o6$.3we3du1xf462.dlg@40tude.net> <6h8eaq0ycu51.9xmt3wujifpo.dlg@40tude.net> Message-ID: Patty wrote... > I am being told that with the current software, sending out a confirmation > email would result in that person being subscribed automatically. > Modifying it would be difficult and then would be very difficult to > maintain when new versions came out. We are using a standard software > package (I have not been told which one) and it is very big. > > I am also told that there are not nearly as many solutions as some would > believe. Listservs are hard to set up and maintain for large lists. We > have an exceptionally large list (nearly 5,000 members) and many > integrated > tools that everyone takes for granted. Changing now would require months > of full-time effort and several full-time people to administer the list. > Since we are a small non-profit organization, we don't have any paid > staff, > only volunteers that handle the day to day list duties. May I make a suggestion? Perhaps you can persuade the person(s) who you are discussing this with to post here, and thus avoid the current situation where those who have the technical knowledge are passing messages through someone who is less technical. Have them start here: http://www.cluelessmailers.org/info/listmanagement.html http://www.mail-abuse.com/an_listmgntgdlines.html > I guess the feeling is, that since we are an opt-in list (the person must > choose to join), Alas, you have no way of knowing that the above is true. With your present setup, a bad guy can "opt-in" someone else who does not want to be on your list. Granted, they would have to be somewhat clever to get past your manual confirmation process, but it could be done (and *will* be done if the bad guys get wind of an abusable mailing list) > and because we are dealing with such a specific subject > that has very limited appeal to the masses, a confirmation is not really > necessary. Alas, while it is true that your specific subject has limited appeal, the practice of subscribing somneone who you dislike to thousands of mailing lists has a wide appeal among a certain class of person. These net-abusers tend to make up lists of abusable mailing lists, and once you get on such a list you will see a huge increase in bogus subscriptions. > Granted, it is considered a good practice, but is not required > of a listserv. Alas, delivering the emails your listserv sends is *also* not required, and many of them will end up being blocked as the abusers subscribe unwilling victims and some of the victims report you to spamcop and other blocklists and ask their system admins to block your IP address. If you really want to take the position that getting a person's consent before sending them a bunch of email is "not required", then please don't complain when a bunch of your recipients start asking why your emails are blocked; delivering those emails is also "not required." >However, there are a couple of us on the administrative >roster who do think that some type of confirmation would be a good idea. >So, perhaps this option will be explored more in the future. I urge you in the strongest possible terms to not wait. Do what is suggested in the following webpages http://www.cluelessmailers.org/info/listmanagement.html http://www.mail-abuse.com/an_listmgntgdlines.html now, before net-abusers discover that you have given them a loaded gun to "punish" their enemies with and destroy your reputation while doing it. -- G.M. From nobody at devnull.spamcop.net Mon May 1 14:56:05 2006 From: nobody at devnull.spamcop.net (WazoO) Date: Mon May 1 15:00:03 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: "Mike Easter" wrote in message news:e35b0s$7ge$1@news.spamcop.net... > > http://forum.spamcop.net/forums/lofiversion/index.php/t6038-50.html > > The forum discussion and question about requiring 2 seems to have never > been confirmed by anyone, unless you can find it in that forum > discussions which I don't like to dredge thru' repeatedly looking for > something. I prefer nice simple plaintext to dig thru' instead of html. Ummmm ... RW / Richard is one of the Deputies .... > The 'illustration' of information from a spamcop parse in the 2nd link > which would seem to imply that 2 reporters are required was > 'discordant' -- in that the parser's verbose output mentioned a 2 > reporter 'requirement' which wasn't met, but then 'turned around' and > said there were two reporters. RW did say to "read carefully" ..... the question was about an IP address getting listed by a single reporter .... the answer was dealing with an IP address that had been listed already, such that another report was seen as a "reoccurrence" of the spew .... not quite the same thing. Not addressed at all was just how (in that case) just two reports could have been sufficient to trip the flag .... but that's a whole different issue. > And, my experience with the verbose is that it cannot be counted on to > say what it really means or mean what it says -- and in any case the > algorithm and its verbose are highly dynamic, unstable, and perpetually > changing and cannot be relied upon as a 'real' verification of a > requirement which hasn't been verified in the faq or by a deputy or > Julian that I can find so far. And I doubt you will .. that "not for public consumption" thing again ... > I only see people 'assuming' it to be the case. I think they are > confused by the verified one report concept -- melding it into a one > reporter concept. Once again, dialog with the Deputies has them repeatedly advising that the two-reporter thing is a fact .... but even I'll point out that these folks are not the actual coders of the toolset .... From MikeE at ster.invalid Mon May 1 13:06:33 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 15:10:02 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: WazoO wrote: > "Mike Easter" >> http://forum.spamcop.net/forums/lofiversion/index.php/t6038-50.html >> >> The forum discussion and question about requiring 2 seems to have >> never been confirmed by anyone, unless you can find it in that forum >> discussions which I don't like to dredge thru' repeatedly looking for >> something. I prefer nice simple plaintext to dig thru' instead of >> html. > > Ummmm ... RW / Richard is one of the Deputies .... And Richard the deputy did *not* answer the question which was asked, but instead stated, enigmatically, "read carefully..." blah blah -- when in fact the question was crystal clear, Is it or is it not necessary for 2 or more reporters to report an IP to become listed. Richard didn't answer that and he had a perfectly good opportunity to say Yes or No. He chose to say neither. > RW did say to "read carefully" Which was non helpful in the context of the question that /Steve/ presented: "I have sent a request to the deputies to clarify this issue. It has always been my understanding (perhaps back to my usenet days) that it required 2 REPORTERS to list an IP address, but the actual FAQ (http://www.spamcop.net/fom-serve/cache/297.html) states: The SCBL will not list an IP address with only one report filed." Then, Richard cited that statement and answered 'read carefully'. Big help. >> I only see people 'assuming' it to be the case. I think they are >> confused by the verified one report concept -- melding it into a one >> reporter concept. > > Once again, dialog with the Deputies has them repeatedly advising > that the two-reporter thing is a fact .... Show me where. Richard didn't say that in the link above when asked directly. And you haven't cited anything else. > but even I'll point out > that these folks are not the actual coders of the toolset .... -- Mike Easter kibitzer, not SC admin From tmcgraw at spamcop.net Mon May 1 13:44:25 2006 From: tmcgraw at spamcop.net (Tim McGraw) Date: Mon May 1 15:45:02 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers In-Reply-To: References: Message-ID: Mike Easter wrote: > Tim McGraw wrote: > >> Do the headers hint at what list software is being used? > > My gut and some other findings like where Michael A. Robinton converses > are causing me to lean toward believing the software is Majordomo > http://www.greatcircle.com/majordomo/ If you are correct then someone /is/ lying. The link you provided says one of the features of Majordomo is that it "Supports confirmation of subscriptions, to protect against forged subscription requests." From MikeE at ster.invalid Mon May 1 14:12:49 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 16:15:03 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers References: Message-ID: Tim McGraw wrote: > Mike Easter wrote: >> Tim McGraw wrote: >> >>> Do the headers hint at what list software is being used? >> >> My gut and some other findings like where Michael A. Robinton >> converses are causing me to lean toward believing the software is >> Majordomo http://www.greatcircle.com/majordomo/ > > If you are correct then someone /is/ lying. > > The link you provided says one of the features of Majordomo is that it > "Supports confirmation of subscriptions, to protect against forged > subscription requests." You like that 'lying' term more than I do. Not only is it inflammatory, it presumes facts not in evidence, including intent. It is my understanding that majordomo supports confirmed optin by default. What I am not up to understanding is how the IP admin has chosen to configure the 'pathways' of using majordomo and its incorporation of the human oversight and profile process -- all of which is elaborated from an 'external' administration by email description at the link I gave. That is, I can read what a 'lay' non-IT-tech can do administratively from the 'outside' of majordomo which name is not even mentioned in the administrative pages. What I am not familiar with is how to IT-tech configure the actual software majordomo so as to both enable confirmed optin while maintaining the current human oversight profile management descibed in the length external email administration. That is, said another way: There is a very 'elaborate' external administration by email routine established in 1999 for the IP volunteers by Michael and Mary Jean who are familiar with the 'workings' of majordomo - which I am not - and those elaborate external administrative routines result in the type of non-confirmed optin which we are now dealing with, and with which the human oversight business is met to the satisfaction of someone adminstrative at IP. What would need to happen would be a rewrite [who knows how much, a little or a lot?] and retraining of the external administrative process for the majordomo which would incorporate its presumed 'builtin' confirmed optin character. However -- what we presume is that the *current* version of majordomo does confirmed optin by default. We don't know which version of majordomo we are dealing with here, and in fact, it is currently a guess as to whether it is actually majordomo of any version or not. -- Mike Easter kibitzer, not SC admin From Someone at invalid.foo Mon May 1 22:45:49 2006 From: Someone at invalid.foo (Someone who hates spam) Date: Mon May 1 16:50:04 2006 Subject: [SpamCop-List] Feature idea: Strip X-Headers Message-ID: I use my spamcop.net reporting (paid) account with mundged reports selected. However, my personal domain name sometimes shows up in x-headers. Recently, someone did a backscatter-come-joe-job, which is still ongoing. I would like to be able to manually select certain X-Headers to be stripped out or mundged AND/OR have the ability to have certain keywords stripped out on mundged, such as my personal and/or identifying domain names. Thanks From tmcgraw at spamcop.net Mon May 1 14:46:53 2006 From: tmcgraw at spamcop.net (Tim McGraw) Date: Mon May 1 16:50:07 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers In-Reply-To: References: Message-ID: Mike Easter wrote: > Tim McGraw wrote: > >> If you are correct then someone /is/ lying. >> >> The link you provided says one of the features of Majordomo is that it >> "Supports confirmation of subscriptions, to protect against forged >> subscription requests." > > You like that 'lying' term more than I do. Not only is it inflammatory, > it presumes facts not in evidence, including intent. Fair enough. > What I am not familiar with is how to IT-tech configure the actual > software majordomo so as to both enable confirmed optin while > maintaining the current human oversight profile management descibed in > the length external email administration. Well stated. > What would need to happen would be a rewrite [who knows how much, a > little or a lot?] and retraining of the external administrative process > for the majordomo which would incorporate its presumed 'builtin' > confirmed optin character. However -- what we presume is that the > *current* version of majordomo does confirmed optin by default. We > don't know which version of majordomo we are dealing with here, and in > fact, it is currently a guess as to whether it is actually majordomo of > any version or not. Noted. From borgholio at storymind.com Mon May 1 14:45:53 2006 From: borgholio at storymind.com (Borgholio) Date: Mon May 1 16:50:09 2006 Subject: [SpamCop-List] Archiving Spam Message-ID: I just realized that my Thunderbird Junk folder is full of spam that is as much as several years old. Would there be any purpose to keeping this stuff tucked away, or should I just nuke it all? From tmcgraw at spamcop.net Mon May 1 14:51:30 2006 From: tmcgraw at spamcop.net (Tim McGraw) Date: Mon May 1 16:55:03 2006 Subject: [SpamCop-List] Re: Pump and Dump In-Reply-To: References: Message-ID: Andy wrote: > > 1. Is P&D actually illegal or is it a case of 'caveat emptor'? Illegal. See http://www.investopedia.com/ask/answers/05/061205.asp > 2. If it is illegal then where would you make a report? Given that there > appear to be only 39 possible beneficiaries in this company it shouldn't be > too hard to trace the scammer. The conventional wisdom seems to be that investors, NOT the owners of the small or microcap company themselves, buy up penny stocks creating an artificial demand through spam, raising the stock's price for a very short period. At which time those investors obviously sell. From bar_n0ne at hotmail.com Mon May 1 17:13:30 2006 From: bar_n0ne at hotmail.com (Berny) Date: Mon May 1 17:15:03 2006 Subject: [SpamCop-List] Re: Pump and Dump References: Message-ID: "Andy" wrote in message news:e358h6$5pi$1@news.spamcop.net... > The P&D scam was completely new to me until a few weeks ago when I started > getting a load of backscatter from a scammer - mail bounces coming to > randomly generated user names (typically 3 to 5 random characters) at my > domain. The originating IPs of the scam mails appears to indicate a number > of bots located around the world, mostly South Korea, Latin America and > Texas(!), with a few in Germany. > > I have researched some of the P&D companies and one is apparently a > microscopic oil company located in Canada. There are only 39 share holders > and the company appears to consist of one guy - the 'CEO'. The share price > has increased by 44% recently. > > My questions are therefore - > > 1. Is P&D actually illegal or is it a case of 'caveat emptor'? > > 2. If it is illegal then where would you make a report? Given that there > appear to be only 39 possible beneficiaries in this company it shouldn't be > too hard to trace the scammer. > > 3. At the end of the day would anyone actually follow this up or would I be > wasting my time? The scammer may make a few bucks but he won't be retiring > on the proceeds of this one. > > > An additional question - can you confirm that Spamcop encourages reporting > the mail bounces themselves as spam? I've seen this suggestion a few times > on the forums. Originally I was just annoyed by the scammer but the > frequency of the incorrectly bounced mail is not decreasing and I'm actually > getting more fed up with mail servers that are incapable of recognising a > spoofed return address. > > As an aside - you wouldn't believe how many people out there send > out-of-office autoresponses in reply to mail originating from outside their > local networks... or maybe you would. :-) > > Thanks > Andy > > > P&D is Illegal, but difficult to prove. It depends on where the shares have been traded, probably at the Vancouver Stock Exchange,which is part of the TSX, so you need to file a formal complaint with the Ontario, and, British Columbia Securities comissions, they have a web page, complaint would have to be on paper., I would CC the NASDAQ and SEC (USA) also. Because these shares may be purchased over the counter anywhere, in particular anywhere they pump, that means multiple jurisdictions could (in principle) get involved. Several of the companies i have seen share a president or chairman who lives in Penticton BC., probably has several names and one house. One of the garment manufacturers I've seen has years of letters of intent to buy this and that, but no revenues for several years, like 0 revenue, and negative income. I guess anyone can write a letter stating they intend to do something and then sign it and announce the writing of their signature. They don;t have to actually send the letter anywhere. From dws at dealing-with-spam.info Tue May 2 00:13:50 2006 From: dws at dealing-with-spam.info (D-W-S) Date: Mon May 1 17:15:06 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1hgr5wksbyk7r$.c49y5rrg8mxi$.dlg@40tude.net> <1tcx1gogz02o6$.3we3du1xf462.dlg@40tude.net> <6h8eaq0ycu51.9xmt3wujifpo.dlg@40tude.net> Message-ID: Patty wrote on Mon, 1 May 2006 09:08:21 -0400: > I am being told that with the current software, sending out a confirmation > email would result in that person being subscribed automatically. Sorry to be so blunt, but your current software sucks. > Modifying it would be difficult and then would be very difficult to > maintain when new versions came out. We are using a standard software > package (I have not been told which one) and it is very big. Could you find out which one? There are many people here who maintain mailing lists such as yours and they'll be able to tell you flat out whether or not it's true that a request for confirmation equates to a confirmed signup. From bar_n0ne at hotmail.com Mon May 1 17:18:29 2006 From: bar_n0ne at hotmail.com (Berny) Date: Mon May 1 17:20:03 2006 Subject: [SpamCop-List] Re: Pump and Dump References: Message-ID: "Tim McGraw" wrote in message news:e35scg$is2$2@news.spamcop.net... > Andy wrote: > > > > 1. Is P&D actually illegal or is it a case of 'caveat emptor'? > > Illegal. See http://www.investopedia.com/ask/answers/05/061205.asp > > > 2. If it is illegal then where would you make a report? Given that there > > appear to be only 39 possible beneficiaries in this company it shouldn't be > > too hard to trace the scammer. > > The conventional wisdom seems to be that investors, NOT the owners of > the small or nanocrap company themselves, buy up penny stocks creating > an artificial demand through spam, raising the stock's price for a very > short period. At which time those investors obviously sell. Yeah, but these stocks are so thinly held, I think that the investors are the principals in most of these. That "It wasn't us " excuse just doesn't wash look at KooKy Oil ;) , they contract with nonexistent companies for meaningless well surveys etc. according to their announcements.. I'd be really surprised , if at the end of the day the spam and some principal at kooky are well connected. From tmcgraw at spamcop.net Mon May 1 15:29:34 2006 From: tmcgraw at spamcop.net (Tim McGraw) Date: Mon May 1 17:30:03 2006 Subject: [SpamCop-List] Re: Pump and Dump In-Reply-To: References: Message-ID: Berny wrote: > > P&D is Illegal, but difficult to prove. > > It depends on where the shares have been traded, probably at the Vancouver > Stock Exchange,which is part of the TSX, so you need to file a formal > complaint with the Ontario, and, British Columbia Securities comissions, > they have a web page, complaint would have to be on paper., I would CC the > NASDAQ and SEC (USA) also. I'm not an investor, but I don't believe NASDAQ has anything to do with microcaps. From bar_n0ne at hotmail.com Mon May 1 17:43:19 2006 From: bar_n0ne at hotmail.com (Berny) Date: Mon May 1 17:45:03 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: "Mike Easter" wrote in message news:e35b0s$7ge$1@news.spamcop.net... > I only see people 'assuming' it to be the case. I think they are > confused by the verified one report concept -- melding it into a one > reporter concept. > > -- > Mike Easter > kibitzer, not SC admin > Well the messages I recall were specifically about requiring 2 reporting accounts, so one reporter could do this, but like you could, they would need to submit and report their spam through 2 accounts. From nttp.sc.s at bigsleep.org Mon May 1 22:56:09 2006 From: nttp.sc.s at bigsleep.org (Blammo) Date: Mon May 1 18:00:03 2006 Subject: [SpamCop-List] Re: Archiving Spam References: Message-ID: On 01 May 2006, - Borgholio entered spamcop and left news:e35s5e$d7p$1@news.spamcop.net: > I just realized that my Thunderbird Junk folder is full of spam that is > as much as several years old. Would there be any purpose to keeping > this stuff tucked away, or should I just nuke it all? > I archive all my mail several times a year. You can search for a file called "Junk", that is if you don't know where your Thunderbird Profile and Mail is stored. There will be a Junk.msf (message summary file) right next to it, which doesn't need to be saved. Archive it, as in zip it up, then store it somewhere, it'll take up very little space then. I store them by year, as in "mail/2005". Since this is simply a text file, you can easily search it for text strings, so you could see how much spam you got last year, what IPs it came from, or whatever. You can even rename it (to avoid copying over new mail), then copy it back in the Mail folder, and reopen it in the program again. Each message starts with the line "From -" like this... >From - Sun Dec 05 11:46:50 2004 You can do this with all your Thunderbird/Mozilla/Seamonkey mail "folders", and once archived you can delete all the messages from within the program. You could just delete the Junk and Junk.msf files, but I recomend you delete messages from within the program. -- | Ric | From g.hyde at bigpond.net.au Tue May 2 09:15:51 2006 From: g.hyde at bigpond.net.au (Geoffrey Hyde) Date: Mon May 1 18:20:03 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: "Mike Easter" wrote in message news:e35m7e$fcq$1@news.spamcop.net... > WazoO wrote: >> RW did say to "read carefully" > > Which was non helpful in the context of the question that /Steve/ > presented: > > "I have sent a request to the deputies to clarify this issue. It > has always been my understanding (perhaps back to my usenet days) that > it required 2 REPORTERS to list an IP address, but the actual FAQ > (http://www.spamcop.net/fom-serve/cache/297.html) states: The SCBL will > not list an IP address with only one report filed." > > Then, Richard cited that statement and answered 'read carefully'. Big > help. The actual link you quoted above sets out in sufficient detail how an IP can get listed. I can understand that - why do you have a problem with READING what Richard asked you to in the first place?? Here is a large chunk of the above link that I think you SHOULD read, cause I'm way dumber than you are (insofar as mucking around with spam and headers anyway) and I can quite easily understand it: SCBL Rules The system currently operates based on these rules: SCBL lists IP addresses with a large number of reports relative to reputation points. The SpamCop team manually balances the threshold in an effort to make the list as accurate as possible. The SCBL weights reports depending on how recently the mail was received (or "freshness"): The SCBL counts the most recently received reports 4:1. The SCBL counts reports for email 48 hours and older 1:1, with a linear sliding scale between the most recent and 48 hours past. The SCBL ignores reports for email received more than one week ago. The SCBL uses Spamtrap reports to weight total reports. For spamtrap scores less than 6, the SCBL multiplies by 5 the quantity of spamtrap reports and adds this to the report score. For larger spamtrap scores, the SCBL squares the quantity. Examples: If an IP address has 2 spamtrap reports and 3 SpamCop user-reported reports, its weighted score is 13: (2 * 5) + 3 = 13. If a host has 7 spamtrap reports and 3 manual reports, its weighted score is 52: (7 * 7) + 3 = 52. The SCBL does not count reports regarding URLs or addresses in the body of the email. Therefore, the SCBL does not list websites or email addresses used to receive replies in reported email, unless that IP is also used to send the mail. The SCBL will not list an IP address with only one report filed. With only two reports against an IP address, the SCBL will list the IP address for a maximum of 12 hours after the most recent reported mail was sent. HTH. If you have a part of that which you don't understand please ask. I'm sure myself and other enthusiastic posters will gladly fill in the blanks. Cheers ... Geoffrey Hyde From MikeE at ster.invalid Mon May 1 16:41:14 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 18:45:03 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: Geoffrey Hyde wrote: > HTH. If you have a part of that which you don't understand please > ask. I'm sure myself and other enthusiastic posters will gladly fill > in the blanks. I understand everything in that faq, and in fact, I have cited the one salient line about not listing for one report. Which is not at all the same thing as multiple reports by one single reporter account. There is nothing in what you posted that gives any indication that if a single reporting address or 'reporter account' reported sufficient spam items for an IP to become mathematically eligible for listing, that it wouldn't be listed. There is nothing in all of what you posted that would explain what I linked to here earlier being a part of a confusing verbose: "but there are fewer than two individual users reporting" Posting a lot of lines you copied from a faq page doesn't do anything to clarify the issue. You haven't added anything helpful at all. -- Mike Easter kibitzer, not SC admin From Someone at invalid.foo Tue May 2 01:03:57 2006 From: Someone at invalid.foo (Someone who hates spam) Date: Mon May 1 19:05:03 2006 Subject: [SpamCop-List] Spamcop blocking SSH tunelling / COTSE? Message-ID: Any spamcop users out there who can help with this, please? I can proxy read news.spamcop using SSH forwarding, but when I try and post the following happens: Outlook Express could not post your message. Subject '', Account: 'news.spamcop.net', Server: '127.0.0.1', Protocol: NNTP, Server Response: '440 Posting not allowed', Port: 120, Secure(SSL): No, Server Error: 440, Error Number: 0x800CCCA9 Port 120, listed above, is the local reading port. The remote port is still news.spamcop.net:119 From Someone at invalid.foo Tue May 2 01:23:44 2006 From: Someone at invalid.foo (Someone who hates spam) Date: Mon May 1 19:25:03 2006 Subject: [SpamCop-List] Re: Spamcop blocking SSH tunelling / COTSE? References: Message-ID: "Someone who hates spam" wrote in message news:e3644u$ooq$1@news.spamcop.net... > Any spamcop users out there who can help with this, please? > > I can proxy read news.spamcop using SSH forwarding, but when I try and > post the following happens: > > > Outlook Express could not post your message. Subject '', > Account: 'news.spamcop.net', Server: '127.0.0.1', Protocol: NNTP, > Server Response: '440 Posting not allowed', Port: 120, Secure(SSL): > No, Server Error: 440, Error Number: 0x800CCCA9 > > > Port 120, listed above, is the local reading port. > > The remote port is > still news.spamcop.net:119 > > > Turns out that spamcop block the COTSE proxy. From MikeE at ster.invalid Mon May 1 17:25:23 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 19:30:03 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: In 2006 Feb jeffg sed: "at last check Reports from two or more humans are necessary for an IP Address to be listed by the SCBL." http://news.spamcop.net/pipermail/spamcop-list/2006-February.txt >From jeffg at spamcop.net Fri Feb 24 03:49:49 2006 Date: Fri Feb 24 03:50:03 2006 Subject: [SpamCop-List] Re: Need help To get our system setup correctly Message-ID: That two or more humans is certainly in error, as we/I have seen listings based on spamtraps only; and I also think it is another reflection or 'misstatement' of the two or more report requirement. It is my belief that the basis for a listing is a sufficient number of 'points' -- however they might be derived, all from spamtraps, all from one reporter, or any combination thereof. The explanation of the SCbl doesn't state exactly how the reputation or traffic points are used in the calculation, nor does it clarify how those points are derived. But the faq sez that if there is only one report, the implication being whether it is a spamtrap report or a human report doesn't matter, that the IP would not be listed, regardless of how low its reputation points. There is nothing in the scoring system other that the 'one report' statement that puts any other restrictions on the scoring of points for a listing, most specifically it does not require two different humans or nor even any humans, for that matter. The subject of whether or not the algorithm should list based on spamtraps only has been discussed, and a deputy stated that spamtraps were more reliable as in less error prone than humans -- ergo there was no problem with listing for spamtrap hits only. By my interpretation, there would have to be two or more reports, any kind of report; one spamtrap one human, two spamtraps, two same human reports would all be suficient if that achieved a high enough score considering the reputation points. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Mon May 1 17:51:57 2006 From: MikeE at ster.invalid (Mike Easter) Date: Mon May 1 19:55:03 2006 Subject: [SpamCop-List] Re: Spamcop blocking SSH tunelling / COTSE? References: Message-ID: Someone who hates spam wrote: > Turns out that spamcop block the COTSE proxy. Perhaps it has been used to abuse the spamcop newsgroups in the past by the trollish spoofer I mentioned in my recent posts on this subject alt.cotse. If cotse is going to allow its proxy to be used to abuse the SC newsserver, then it should be permanently blocked. -- Mike Easter kibitzer, not SC admin From nttp.sc.s at bigsleep.org Tue May 2 04:47:33 2006 From: nttp.sc.s at bigsleep.org (Blammo) Date: Mon May 1 23:50:03 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: On 01 May 2006, - Berny entered spamcop and left news:e35vdp$ljp$1@news.spamcop.net: > Well the messages I recall were specifically about requiring 2 reporting > accounts, so one reporter could do this, but like you could, they would > need to submit and report their spam through 2 accounts. > Where would be the logic in that? I have over a dozen valid eMail addresses, and only use 1 Spamcop reporting account. Certainly multiple addresses receiving the same message is greater proof that is it spam, and even multiple messages sent to the same address proves a greater amount of (possible) spam. -- | Ric | From nobody at devnull.spamcop.net Tue May 2 00:28:29 2006 From: nobody at devnull.spamcop.net (WazoO) Date: Tue May 2 00:30:03 2006 Subject: [SpamCop-List] Re: Pump and Dump References: Message-ID: "Andy" wrote in message news:e358h6$5pi$1@news.spamcop.net... > > 3. At the end of the day would anyone actually follow this up or would I be > wasting my time? The scammer may make a few bucks but he won't be retiring > on the proceeds of this one. If you want to believe the "bragging" ..... http://spamkings.oreilly.com/archives/2006/03/stock_spammers_stung_by_secret.html#trackbacks "According to the February 17 complaint, Moeller boasted to a fellow spammer (working for the feds as a confidential informant or CI) that he and Vitale were making $40,000 per week sending spam that touted shares of small-cap stocks -- a practice known as pump-and-dump spamming. The two operated a company called Viatelecom aka Via Telecom LLC to do their stock deals. In an April, 2005 instant message conversation with the CI, Moeller claimed that he had 40 servers for sending spam, as well as 35,000 "peas" or proxies to disguise the true origin of the spams. He said he exclusively spammed AOL members and boasted he could send millions of spams per hour, with less than 20 percent getting caught in AOL's spam filters." From nttp.sc.s at bigsleep.org Tue May 2 05:56:56 2006 From: nttp.sc.s at bigsleep.org (Blammo) Date: Tue May 2 01:00:03 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers References: Message-ID: On 01 May 2006, - Mike Easter entered spamcop and left news:e35q3m$hrd$1@news.spamcop.net: > What I am not familiar with is how to IT-tech configure the actual > software majordomo so as to both enable confirmed optin while > maintaining the current human oversight profile management descibed in > the length external email administration. > According to the documentation I have on Majordomo and MajorCool, this is how it works. First, I believe, but can't be sure, that the web form sends an eMail to the admin. The admin checks the subscription, then adds the address to the Majordomo list which sends out the welcome message. I can't be sure how this process is set up at IP, however I can interject here at the point of "add the address to the Majordomo list" with this documentation: ---------- 3.7. Further Testing of the Configuration ... To see if the aliases are working properly, try subscribing and unsubscribing yourself to the list. [jarchie@kes jarchie]$ echo subscribe test | mail majordomo You will receive an E-mail message containing instructions on how to confirm your subscription as well as a letter confirming that your command was successful. After sending back your confirmation, Majordomo should send back two letters--one letter stating that your subscribe request was successful and another letter welcoming you to the test list. The owner of the list will also be sent a message stating that you have subscribed to the list. To unsubscribe from a list, send a unsubscribe command [jarchie@kes jarchie]$ echo unsubscribe test | mail majordomo You should be sent back a letter stating that your command was successful. ---------- So, either: confirmation is turned off, subscription is automatic, and the admin adds the subscription information (not needed by Majordomo) to a database or unsubscribes that address. Or: confirmation is turned off, subscriptions are manually added by the admin. It seems pretty simple to me to turn on confirmation and do manual subscriptions, and seems like a good idea anyway. Since they claim to do manual confirmation, the admin can simply subscribe the ones they would not otherwise unsubscribe, and ignore the rest. -- | Ric | From nttp.sc.s at bigsleep.org Tue May 2 06:38:32 2006 From: nttp.sc.s at bigsleep.org (Blammo) Date: Tue May 2 01:40:02 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers References: Message-ID: On 01 May 2006, - Blammo entered spamcop and left news:Xns97B6DF8058716blammo@216.154.195.61: > Or: confirmation is turned off, subscriptions are manually added by the > admin. > Further reading leads me to believe that they are using the "approve" option... Approval ======== When Majordomo requests your approval for something, it sends you a message that includes a template of the approval message; if you concur, you simply need to replace "PASSWORD" in the template with your list password, and send the template line back to Majordomo. ... You can approve any "subscribe" or "unsubscribe" request, regardless of whether Majordomo has requested this approval, with an "approve" command. Thus, you can subscribe or unsubscribe people from your list without them having to send anything to Majordomo; just send an appropriate "approve PASSWORD subscribe LIST ADDRESS" or "approve PASSWORD unsubscribe LIST ADDRESS" command off to Majordomo. ... In addition, the following is from the majordomo config file... 'subscribe_policy', "One of three values: open, closed, auto; plus an optional modifier: '+confirm'. Open allows people to subscribe themselves to the list. Auto allows anybody to subscribe anybody to the list without maintainer approval. Closed requires maintainer approval for all subscribe requests to the list. Adding '+confirm', ie, 'open+confirm', will cause majordomo to send a reply back to the subscriber which includes a authentication number which must be sent back in with another subscribe command.", ... Confirmation has been an option for quite some time, so if that is not an option, obviously they need to upgrade. -- | Ric | From nobody at nowhere.not Tue May 2 07:17:54 2006 From: nobody at nowhere.not (Robert Blair) Date: Tue May 2 02:20:02 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: On Mon, 1 May 2006 23:25:23 UTC, "Mike Easter" wrote: > "at last check Reports from two or more humans are necessary for an IP > Address to be listed by the SCBL." > > http://news.spamcop.net/pipermail/spamcop-list/2006-February.txt > > From jeffg at spamcop.net Fri Feb 24 03:49:49 2006 > Date: Fri Feb 24 03:50:03 2006 > Subject: [SpamCop-List] Re: Need help To get our system setup correctly > Message-ID: > > That two or more humans is certainly in error, as we/I have seen > listings based on spamtraps only; and I also think it is another > reflection or 'misstatement' of the two or more report requirement. What is the error? The quote from jeff says two humans, a spamtrap is not a human. So a single spamtrap could list the IP. -- Robert Blair From nobody at spamcop.net Tue May 2 08:40:09 2006 From: nobody at spamcop.net (TimeLord) Date: Tue May 2 02:45:03 2006 Subject: [SpamCop-List] Re: Feature idea: Strip X-Headers References: Message-ID: "Someone who hates spam" wrote in message news:e35s21$iu2$1@news.spamcop.net... >I use my spamcop.net reporting (paid) account with mundged reports >selected. > > However, my personal domain name sometimes shows up in x-headers. > > Recently, someone did a backscatter-come-joe-job, which is still ongoing. > > I would like to be able to manually select certain X-Headers to be > stripped > out or mundged AND/OR have the ability to have certain keywords stripped > out > on mundged, such as my personal and/or identifying domain names. > > Thanks I'd go with that. I've been thinking for some time that X-Headers in mails I report often contain detail I'd rather not be passed on. Kev From MikeE at ster.invalid Tue May 2 01:02:49 2006 From: MikeE at ster.invalid (Mike Easter) Date: Tue May 2 03:05:03 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> Message-ID: Robert Blair wrote: >"Mike Easter" >> "at last check Reports from two or more humans are necessary for an >> IP Address to be listed by the SCBL." > What is the error? The quote from jeff says two humans, a spamtrap is > not a human. So a single spamtrap could list the IP. "reports from two or more humans are necessary" I'm saying no humans are necessary, as opposed to two humans being required, spamtraps are sufficient; "reports from two or more (different) humans are necessary" and that one human (reporting account) is sufficient if that human account approves sufficient numbers of reports, such as two. I suppose you could call it semantics -- you want to be sure that semantics is about what something *means*. The only statement I understand and grasp comprehensively is "One report is not sufficient" [of any kind, spamtrap or human]. -- Mike Easter kibitzer, not SC admin From Kilgallen at SpamCop.net Tue May 2 06:24:21 2006 From: Kilgallen at SpamCop.net (Larry Kilgallen) Date: Tue May 2 06:25:11 2006 Subject: [SpamCop-List] Re: Wondering about how SpamCop works two or more users] References: <1xx4tg2b8c8sv.nkjnv1d51ayj.dlg@40tude.net> <1evh8vcq35soj$.c7kahuiwpym5$.dlg@40tude.net> <44556697.4020800@spamcop.net> In article , "Robert Blair" writes: > What is the error? The quote from jeff says two humans, a spamtrap is > not a human. So a single spamtrap could list the IP. That has long been my understanding of how it works. 2 humans or 1 spamtrap. From patty1515NOSPAM at gmail.com Tue May 2 08:58:30 2006 From: patty1515NOSPAM at gmail.com (Patty) Date: Tue May 2 08:00:03 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers References: Message-ID: On Tue, 2 May 2006 05:38:32 +0000 (UTC), Blammo wrote: > On 01 May 2006, - Blammo entered spamcop and left > news:Xns97B6DF8058716blammo@216.154.195.61: > >> Or: confirmation is turned off, subscriptions are manually added by the >> admin. >> > > Further reading leads me to believe that they are using the "approve" > option... > > Approval ======== > When Majordomo requests your approval for something, it sends you a message > that includes a template of the approval message; if you concur, you simply > need to replace "PASSWORD" in the template with your list password, and > send the template line back to Majordomo. > ... > You can approve any "subscribe" or "unsubscribe" request, regardless of > whether Majordomo has requested this approval, with an "approve" command. > Thus, you can subscribe or unsubscribe people from your list without them > having to send anything to Majordomo; just send an appropriate "approve > PASSWORD subscribe LIST ADDRESS" or "approve PASSWORD unsubscribe LIST > ADDRESS" command off to Majordomo. > > ... > > In addition, the following is from the majordomo config file... > > 'subscribe_policy', > "One of three values: open, closed, auto; plus an optional > modifier: '+confirm'. Open allows people to subscribe themselves to > the list. Auto allows anybody to subscribe anybody to the list without > maintainer approval. Closed requires maintainer approval for all > subscribe requests to the list. Adding '+confirm', ie, > 'open+confirm', will cause majordomo to send a reply back to the > subscriber which includes a authentication number which must be sent > back in with another subscribe command.", > I believe we must be set to closed in some manner. The list maintainer must subscribe NEW people. You cannot subscribe yourself to the list without first supplying a profile and request to the Administration. So, would not 'open+confirm' negate that setup by allowing someone to subscribe themself? Just trying to understand this. Thanks. Patty From nobody at devnull.spamcop.net Tue May 2 10:19:09 2006 From: nobody at devnull.spamcop.net (POP) Date: Tue May 2 09:20:02 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers References: Message-ID: "Patty" wrote in message news:j7xu4ynj11h9$.rn3y1um2rgc4.dlg@40tude.net... > On Tue, 2 May 2006 05:38:32 +0000 (UTC), Blammo wrote: > >> On 01 May 2006, - Blammo entered spamcop and left >> news:Xns97B6DF8058716blammo@216.154.195.61: >> >>> Or: confirmation is turned off, subscriptions are manually >>> added by the >>> admin. >>> >> >> Further reading leads me to believe that they are using the >> "approve" >> option... >> >> Approval ======== >> When Majordomo requests your approval for something, it sends >> you a message >> that includes a template of the approval message; if you >> concur, you simply >> need to replace "PASSWORD" in the template with your list >> password, and >> send the template line back to Majordomo. >> ... >> You can approve any "subscribe" or "unsubscribe" request, >> regardless of >> whether Majordomo has requested this approval, with an >> "approve" command. >> Thus, you can subscribe or unsubscribe people from your list >> without them >> having to send anything to Majordomo; just send an appropriate >> "approve >> PASSWORD subscribe LIST ADDRESS" or "approve PASSWORD >> unsubscribe LIST >> ADDRESS" command off to Majordomo. >> >> ... >> >> In addition, the following is from the majordomo config >> file... >> >> 'subscribe_policy', >> "One of three values: open, closed, auto; plus an optional >> modifier: '+confirm'. Open allows people to subscribe >> themselves to >> the list. Auto allows anybody to subscribe anybody to the list >> without >> maintainer approval. Closed requires maintainer approval for >> all >> subscribe requests to the list. Adding '+confirm', ie, >> 'open+confirm', will cause majordomo to send a reply back to >> the >> subscriber which includes a authentication number which must >> be sent >> back in with another subscribe command.", >> > > I believe we must be set to closed in some manner. The list > maintainer > must subscribe NEW people. You cannot subscribe yourself to > the list > without first supplying a profile and request to the > Administration. So, > would not 'open+confirm' negate that setup by allowing someone > to subscribe > themself? > > Just trying to understand this. > > Thanks. > > Patty Open +confirm, I believe, was simply an example. It looked like it could be used with any of the options. e.g. option +confirm. So it could be used wtih any of the options. Please read the description references for what 'confirmed subscriptions' are. You don't sound as though you've read them at all? Pop From MikeE at ster.invalid Tue May 2 08:25:31 2006 From: MikeE at ster.invalid (Mike Easter) Date: Tue May 2 10:30:02 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers References: Message-ID: POP wrote: > Please read the description references for what 'confirmed > subscriptions' are. You don't sound as though you've read them > at all? Try to understand where the 'disconnect' is here -- and this is based on some assumptions, which are probably valid. Majordomo is the listserv software. It actually doesn't handle any mail, but it sets up the instructions for some mail server software. Patty is not the listserv software majordomo 'manager' -- which is Michael Robinton and perhaps others. Majordomo was designed to be remotely administered by 'others' who have no access to the server or the server's software or the server's software's listserv software majordomo. This remote administration can be done by email -- or if implemented by a web manager called MajorCool. Michael Robinton and Mary Jean Renstrom wrote up a very very detail set of instructions to guide the non-tech volunteers about how to communicate by email with the majordomo software. They actually may not even know the majordomo software's name or anything about its configuration. Patty is one of the several volunteers who administers for the mailing lists by this email correspondence and its numerous webpages of guidelines for how to do so. We have determined that majordomo should be configured for optin confirmation. Patty and the other volunteers have no control over that, they only can control what they can administer to by email. The necessary reconfiguration would have to be done by Michael, and following that reconfiguration, some adjustment to the pages of guidelines which were written in 1999. It is possible that the majordomo version is of an old vintage. It is possible that the old majordomo is not so configurable. Majordomo's 'evolution' is described at the GreatCircle website -- in which the different versions may be incompatible with different versions of the Perl script and similar tediums. Patty ran into a snag when the list's server managed to get itself onto the SCbl. We've never seen the evidence, we only know what Patty told us had been told to her admin which had been told by covad the notify for the IP. Currently the headers do not parse to name the server, for whatever reason and significance that is at this point. The admin thinks it would be very difficult to reconfigure the majordomo or the majordomo plus the guidelines for the remote administration process. Ric doesn't think so. I'm not sure -- but it surely would require the motivation of Michael the majordomo admin or similar to do so because of the necessity to rewrite the guidelines a little or a lot, besides the majordomo reconfig. -- Mike Easter kibitzer, not SC admin From patty1515NOSPAM at gmail.com Tue May 2 11:37:49 2006 From: patty1515NOSPAM at gmail.com (Patty) Date: Tue May 2 10:40:03 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers References: Message-ID: On Tue, 2 May 2006 07:25:31 -0700, Mike Easter wrote: > POP wrote: > >> Please read the description references for what 'confirmed >> subscriptions' are. You don't sound as though you've read them >> at all? > > Try to understand where the 'disconnect' is here -- and this is based on > some assumptions, which are probably valid. > > Majordomo is the listserv software. It actually doesn't handle any > mail, but it sets up the instructions for some mail server software. > > Patty is not the listserv software majordomo 'manager' -- which is > Michael Robinton and perhaps others. > > Majordomo was designed to be remotely administered by 'others' who have > no access to the server or the server's software or the server's > software's listserv software majordomo. This remote administration can > be done by email -- or if implemented by a web manager called MajorCool. > > Michael Robinton and Mary Jean Renstrom wrote up a very very detail set > of instructions to guide the non-tech volunteers about how to > communicate by email with the majordomo software. They actually may not > even know the majordomo software's name or anything about its > configuration. > > Patty is one of the several volunteers who administers for the mailing > lists by this email correspondence and its numerous webpages of > guidelines for how to do so. > > We have determined that majordomo should be configured for optin > confirmation. Patty and the other volunteers have no control over that, > they only can control what they can administer to by email. > > The necessary reconfiguration would have to be done by Michael, and > following that reconfiguration, some adjustment to the pages of > guidelines which were written in 1999. It is possible that the > majordomo version is of an old vintage. It is possible that the old > majordomo is not so configurable. Majordomo's 'evolution' is described > at the GreatCircle website -- in which the different versions may be > incompatible with different versions of the Perl script and similar > tediums. > > Patty ran into a snag when the list's server managed to get itself onto > the SCbl. We've never seen the evidence, we only know what Patty told > us had been told to her admin which had been told by covad the notify > for the IP. > > Currently the headers do not parse to name the server, for whatever > reason and significance that is at this point. > > The admin thinks it would be very difficult to reconfigure the majordomo > or the majordomo plus the guidelines for the remote administration > process. Ric doesn't think so. I'm not sure -- but it surely would > require the motivation of Michael the majordomo admin or similar to do > so because of the necessity to rewrite the guidelines a little or a lot, > besides the majordomo reconfig. I would like to know, however, where Ric got his information about the majordomo guidelines. I've searched the web and got some limited information about majordomo systems, but nothing that appeared to be as concise as what Ric had. I would love to read it, granted I may not understand a lot of it, but I still would like to be able to more familiarize myself with the process. Patty From MikeE at ster.invalid Tue May 2 08:52:05 2006 From: MikeE at ster.invalid (Mike Easter) Date: Tue May 2 10:55:05 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers References: Message-ID: Patty wrote: > Mike Easter wrote: >> The admin thinks it would be very difficult to reconfigure the >> majordomo or the majordomo plus the guidelines for the remote >> administration process. Ric doesn't think so. I'm not sure -- but >> it surely would require the motivation of Michael the majordomo >> admin or similar to do so because of the necessity to rewrite the >> guidelines a little or a lot, besides the majordomo reconfig. > > I would like to know, however, where Ric got his information about the > majordomo guidelines. I've searched the web and got some limited > information about majordomo systems, but nothing that appeared to be > as concise as what Ric had. I would love to read it, granted I may > not understand a lot of it, but I still would like to be able to more > familiarize myself with the process. I think Ric has access to both Majordomo and MajorCool, its webadmin tool which can be used as an alternate to the emal management. I have done reading at the GreatCircle website [and also at the I-P admin website] but I've never handled any listserv or specifically Majordomo. As an outsider with zero experience managing lists as a listserv or majordomo admin or as a remote email admin of majordomo, the first solution that jumps into my mind, considering the difficulty of the IP mail admin 'writeup' or volunteer instruction pages, would be to implement the current version majordomo, because majordomo is what Michael knows, and also to implement the MajorCool web management administration tool for the volunteers. That assumes that by doing so, that everything which is currently operational would remain so, including the role of the volunteers and the profile management process of human oversight, plus the email optin confirmation step. If the webmanagement system were satisfactory or even preferred by the cadre of volunteers as well as the majordomo admins, then there would be no need for even a partial rewrite of the email admin instructions -- let it all be done by webadmin MajorCool. Otherwise, if the current email admin was required or preferred or necessary, there would need to be some perhaps little rewrite of the old 1999 email admin instructions. Maybe just a few sentences. -- Mike Easter kibitzer, not SC admin From MikeE at ster.invalid Tue May 2 09:07:15 2006 From: MikeE at ster.invalid (Mike Easter) Date: Tue May 2 11:10:02 2006 Subject: [SpamCop-List] Re: Insulin pumpers headers References: Message-ID: Patty wrote: > I would like to know, however, where Ric got his information about the > majordomo guidelines. I've searched the web and got some limited > information about majordomo systems, but nothing that appeared to be > as concise as what Ric had. I would love to read it, granted I may > not understand a lot of it, but I still would like to be able to more > familiarize myself with the process. Maybe some clarification would be useful here. There are very many different softwares for performing majordomo or listserv functions, and those words are often used 'generically' -- like 'which' listserv/majordomo software? But, there are /actually/ 'brandname' products, namely Majordomo and Listserv -- where Majordomo's home is GreatCircle and LISTSERV is L-Soft's product. Majordomo is free and open source. L-Soft's listserv [caps] is a commercial product. We are assuming here [because I've seen Michael discussing Majordomo and because the majordomo description fits with the email remote admin at I-P] that the actual software is Majordomo, not some generic or 'other' listserv/majordomo. There is a brief wiki overview of Majordomo here http://en.wikipedia.org/wiki/Majordomo_%28software%29 Majordomo is an open source mailing list manager (MLM) developed by Brent Chapman of Great Circle Associates. It works in conjunction with sendmail on UNIX and related operating systems. There is a more comprehensive di