spam?

New Message Reply About this list Date view Thread view Subject view Author view

Marcus Watts (mdw@umich.edu)
Sun, 22 Nov 98 07:13:58 -0500


I looked through my past month's worth of mail from toad.com
(well, at this point, excepting the past few hours).
I found:

152 "real" messages (including meeting announcements,
        discussion of asteroid probabilities, and other
        "soft" cryptographic material.)
  9 messages wondering if the list was broken, attempts to
        unsubscribe from, or list out the list, and
        discussion pertaining to.
  2 messages (1 from me, 1 to me) with my attempt to
        list out the CodherPlunks list
 21 messages regarding how to control spam on CodherPlunks
  2 possible spam message ("orato")
 16 real spam messages

---
204 messages total

This means I saw more messages about spam, than I saw actual spam, and a *lot* more real traffic, than spam.

The amount of spam I saw may be slightly less than the actual amount that was sent to CodherPlunks. I've started to put logic into sendmail to recognize certain really obvious kinds of spam and to reject it sight unseen. The only thing worse than spam is the same spam over and over again. So, for instance, with luck, I'll never see mail from World Wide Networking Marketing again.

I also did some statistics gathering on this mail. Looking at the 185 messages from non-spam people, I found 195 From: lines, from 89 different e-mail addresses. Of these 89 adddresses, I found that 40 of them were apparently not subscribed to the list under that name. I think some of these people were subscribed under another name, or were members of a group that was expanded locally, or were posting via some anonymous server. I didn't see many that looked obviously anonymous, but I'm not sure how to classify "nobody@hotmail.com" or "dnsmanager@webcorp.com". My suspicion, off-hand, is that trying to force a "members-only" policy is going to be a lot of work, and may not be exactly the best way to think about the problem.

I had originally proposed rejecting mail that didn't contain "CodherPlunks" in the To: address field. I looked to see how well that would work. Out of about 2944 messages sent since january, 117 of them did not contain "coderpunk" in a To: or Cc: field. Of these, 55 appear to be real spam, and the rest consist of messages sent by Robert Hettinga ("Recipient.List.Suppressed:;"), Robin Lee Powell ("unlisted-recipients:; (no To-header on input)"), a few random entries to "cryptography@c2.net", "pr_list4@samsara.LAW.CWRU.Edu", and a random assortment of odd entries (several people listed only themself in the To: field - to keep "reply-to" from going to the list?) *Every* entry that was addressed to "(Dear Friend)", "Friend@public.com", ""website@traffic", "Friend@toad.com", and, surprisingly enough, "<cypherpunks@toad.com>", turned out to be spam. So, I don't think my original idea is exactly right, but I think with some fine tuning (perhaps allowing cryptography@c2.net, mail from people whose first name starts with R, resent-to/resent-cc (does anyone use this??), etc.) this could be refined into a useful rule. I also think that rejecting mail to "(Dear Friend)" is an obvious good thing to do no matter what (*I* certainly never intend to receive any such mail ever again.)

There are probably another 100-200 spam messages that do contain "coderpunk", so this rule, like any other mechanical solution, is not going to stop all spam.

I have one major qualm with the idea of a moderator. I don't mind at all a moderator who cares to undertake the job of getting rid of obvious spam. I *DO* object to the idea of a moderator who would undertake any other sort of content control, and I in particular object to the idea of a moderator that would reject "off topic" postings. I may not this instant have any plans to ever attend one of Robert Hettinga's meetings (the ones that require "proper attire"), but that doesn't mean I mind hearing about them. Ditto with asteroids and (at least in *considerable* moderation), the *very occasional* snarking about GPL and who-did-what/patent/credits stuff. It at least reminds me that copyleft issues aren't always that simple, and that cryptographers can be just as petty and selfish as anyone else.

I think one possibility might be to try to reorganize this list into several successive lists, such that people can choose the level of editting and moderation they desire, perhaps like this:

raw input ("CodherPlunks") *Everyone* would post messages to this list, and this is the visible name the list would generally have. | v input mechanical deleting of *really* obvious bogus stuff ("(Dear Friend)") that anyone could get around, and shunting aside replies that are almost certainly not useful to the general list ("unsubscribe" and "who CodherPlunks"). No human would be involved at this stage. | v ("raw-CodherPlunks-list?") First stage distribution of the list. Anyone who objects to any form of censorship (perhaps as described in http://www.instantweb.com/~salem/ ?) [Do we have any such people on this list, and how do they feel about "(Dear Friend)"?] | v mechanical aid classifies incoming mail 3 ways: clearly spam, possible spam, probably not spam. not spam would be forwarded without delay ("people subscribed to the list" + perhaps more ?) clearly spam could be bit-bucketed, perhaps after being logged. (This could be any mail with a subject "your site" that contains the phone number 916-771-4739.) possible spam would be reviewed by a human. the human might forward it, if it's not spam, and might revise the mechanical rules to better classify future such mail into the first 2 groups. (This might be, for instance, mail that's properly addressed to CodherPlunks@, but doesn't come from someone on the list or otherwise "known".) (the emphasis at this stage would be for the minimal non-controversial editting of the data stream consistent with eliminating most, but not all spam, with the *least* amount of human work or delay.) | v ("CodherPlunks-list"?) second stage distribution of the list. People who don't like spam, but would otherwise prefer to be fairly anarchistic and let ordinary social pressures regulate human behavior. | v final stage processing ("editting") or ("moderation"). One or more people who have objections to asteroids, patents, fuzzy green dinosaurs, or the possibility that a clever spammer could forge mail "sent" by a list participant, could prepare human reviewed extracts of the list that don't contain such extraneous information, and forward them on. | v ("cryptography@c2.net"?) ("summary-CodherPlunks-list"?) ("schneiers-CodherPlunks-list"??) final stage list distribution. People who only want "on topic" postings, and don't mind a bit of delay to get this.

There could be more than one "final stage processing" happening in parallel, perhaps people with different editorial bents. A useful "special purpose" editting list would be a "summary" list that contains no actual raw mail traffic, just an editted summary of the hightlights that went by, perhaps with URL's pointing to more complete archived text.

-Marcus Watts UM ITD PD&D Umich Systems Group


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:17:18