[License-review] New settings for license-review
kevin+osi at kpfleming.us
Wed Jun 1 21:23:13 UTC 2016
Rick, thanks for bringing up the backscatter issue... I was about to do the
On Wed, Jun 1, 2016 at 4:53 PM, Rick Moen <rick at linuxmafia.com> wrote:
> Quoting Richard Fontana (fontana at opensource.org):
> > No, this is actually what is being changed. Postings from nonsubscribers
> > will no longer be held in the admin queue, because the situation today
> > was that several thousand spam messages could accumulate in the queue
> > over a period of just a few days.
> I don't want to seem critical of much-appreciated volunteer efforts, but
> this seems to suggest the need for much better spam autorejection /
> autodetection within the receiving MTA. (At the same time, SMTP
> antispam is an art form, and one of the hardest problems we sysadmins
> contend with.)
> My Internet hosts typically use the Debian exim4-daemon-heavy package
> with J.P. Boggis's 'Eximconfig' set of canned antispam configurations as
> a good starting point ('Eximconfig' on http://linuxmafia.com/kb/Mail/ ).
> And of course many people do good antispam work with various tweaks and
> additions to Postfix. The result in my Mailman queues is maybe a dozen
> spams in each held queue per day, and I set queue retention to 3 days
> (General Options) so the spam expires itself out.
> Anyway, with the present set (as clarified -- thank you), you'll be
> choosing between two disagreeable alternatives:
> 1. You can set non-subscribed posts to be autorejected. This increases
> the problem of backscatter spam sent by OSI's MTA back to innocent forged
> (alleged) senders.
> 2. You can set non-subscribed posts to be autodiscarded. This
> efficently makes spam vanish that Mailman would otherwise queue, but
> violates the Principle of Least Surprise for non-spammer senders.
> Personally, I do everything possible to implement antispam primarily in
> the receiving MTA, such that almost all spam is autorejected at SMTP
> time; thus, no backscatter generation (no collateral damage to innocents
> whose addresses were forged). IMO, if you're trying to deal with spam
> in the MLM (mailing list manager), you're solving the wrong problem, and
> fighting the spam war on the wrong battlefield.
> License-review mailing list
> License-review at opensource.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the License-review