On Mon, Aug 09, 2004, Shachar Shemesh wrote about "Re: הדפסת תמונה 75 אג": > The only way such things can be truly prevented is by saying that each > new member must be moderated for X messages. I.e. - after subscribing, > each message you send to the list must be approved until you have gained > the community's trust (as embodied by the list administrator). Since > this is a highly technical list, it is likely a high enough bar for most > spammers to not be able to pass.
Before the level of spam reaches a certain threshold (say, one a week? one a day? not two in a year!), I don't see any reason to bother our mailing list administrator with this extra burden (I don't have the statistics, but I assume that dozens of new members post each month on this list). Moreover, Shachar, before you jump to any conclusions, I invite you to revisit your assumption, which is that the spammer subscribed to the mailing list and then spammed. While this course of spamming is of course possible, the problem with this assumption is that I have NEVER seen this happening. I am running a few mailing lists, and none of them were ever spammed in this manner. Spammers never do it, as yet. In the last round (the job4all spammer) I remember that the list admin claimed that the spammer is not on the list - and I don't know what sort of bug allowed the message to go through. Besides, why should a spammer subscribe to a list and spam from the subscribed address? The spammer should instead just take a random From: address it sees on the mailing list (after subscribing or just looking at the archives), and use THAT address. That address is probably one of a reputable poster on the list, and none of your suggestions that deal with NEW subscribers will help against this attack. But before you panic, remember that this is not yet a relevant problem, and we do not need to prepare for it in advance. > Another option is to have the returned message for list subscription be > an EULA committing to no-slamming, and agreeing on a certain penalty, no > damages proof required. This will make such actions as these actionable. I wholeheartedly OBJECT to this idea. I'm against EULA's in general, and I think that in this case they might worry potential subscribers (note that no other list that I know of have EULAs like this). They are also unenforcable - presumably, the spammer would have software that subscribes to the list automatically. In such a case, a human spammer would never see the EULA (or at least they could plausably claim thus), so how can you enforce it? > Of course, this would require having Hamakor as the other party to the > agreement, as we would need a formal body who can sue. Hamakor is about free software, not about suing spammers. If Hamakor will ever risk its small funds in a legal battle, I am hoping it would be some fundamental battle about free software rights, and not a battle against a spammer. Of course, if you seriously feel that Hamakor should get involved with this, please send a request to the Hamakor board, or discuss it on the Hamakor mailing list, instead of here. -- Nadav Har'El | Tuesday, Aug 10 2004, 23 Av 5764 [EMAIL PROTECTED] |----------------------------------------- Phone +972-523-790466, ICQ 13349191 |May you live as long as you want - and http://nadav.harel.org.il |never want as long as you live. ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]