Re: Regarding these Olivia messages. Can we do something about the list security?

[Dave]

> On 30 Jul 2015, at 18:16, Alex Zavatone  wrote:
> 
> 
> On Jul 30, 2015, at 9:45 AM, Shane Stanley wrote:
> 
>> On 30 Jul 2015, at 9:36 pm, Alex Zavatone  wrote:
>>> 
>>> Including me, I know of three people who have gotten these.
>> 
>> FWIW, it's also happening to on at least one other Apple mailing list. 
>> Olivia seems to get around.
> 
> Which other ones?  I haven't seen them on ASOC or the Applescript ones (which 
> I am aware you are subbed to).

I’m guessing that a bone fide user has an infected machine, if this is the 
case, then it’s whatever lists they are subscribed to.

It helps if you strip all email addresses except the list from your replies. If 
you want to reply to the sender too, send it as two separate emails.

Cheers
Dave


___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Michael David Crawford]

Blue-Eyed Cass promised me what every man desired but few can obtain
mere hours after we friended each other on Facebook.

"I live with my mother in Ghana."

I expect her really does, but the real tragedy of Blue-Eyed Cass is
not that she depletes lonely men of all they possess, but that she
does not really return our affection.

-- Mike

On 7/31/15, Graham Cox  wrote:
>
>> On 30 Jul 2015, at 11:45 pm, Shane Stanley 
>> wrote:
>>
>> Olivia seems to get around.
>
>
> Maybe we should give her the benefit of the doubt. I sent her my credit card
> details and now she’s promised she’s going to come and visit once she’s
> sorted out the flights. You’ll all be sorry when I’m going out with my new
> sexy girlfriend! Ha!
>
> —Graham
>
>
>
> ___
>
> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
>
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/cocoa-dev/mdcrawford%40gmail.com
>
> This email sent to mdcrawf...@gmail.com


-- 
Michael David Crawford, Consulting Software Engineer
mdcrawf...@gmail.com
http://www.warplife.com/mdc/

Every Deity Hath the Insight to Foretell the Future
Yet G-d Almighty Himself Possesseth Not the Power to Undo the Past.

___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Graham Cox]

> On 30 Jul 2015, at 11:45 pm, Shane Stanley  wrote:
> 
> Olivia seems to get around.


Maybe we should give her the benefit of the doubt. I sent her my credit card 
details and now she’s promised she’s going to come and visit once she’s sorted 
out the flights. You’ll all be sorry when I’m going out with my new sexy 
girlfriend! Ha!

—Graham



___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Michael David Crawford]

Chris,

Your old homey Mike suggests that cocoa-dev could use a little TLC.

Mike

On Thursday, July 30, 2015, Michael David Crawford 
wrote:

> Internet Crime Complaint Center
>
>http://www.ic3.gov/complaint/default.aspx
>
> The CERT Division
>
> http://www.cert.org/
>
> Forum on Risks to the Public in Computers and Related Systems
>
>  http://catless.ncl.ac.uk/
>
> I once used one-time emails to great effect.  Unfortunately my hosting
> service configured my mail to accept any username, commonly but incorrectly
> known as a "postmaster" account.   I once received 400 MB of spam per day!
>
> I strongly recommend one-time emails but dont make them obvious.  Use
> common given names, but not your own name.  Onfigure your mail server to
> accept each one you actually use.  When the spam gets you down, unsubscribe
> from the list, configure a new one-time email, resubscribe.  Keep the
> now-unused mail user for a while but mark everything as spam.  When you
> grow weary of doing so delete the username.
>
> Gmail does work but it is impolite to draw so heavily on a free as in beer
> resource.  If you like Gmail, Google offers a paid service that will
> mailhost your own domain.
>
> Javascript email obfuscation is effective because the bots dont even try
> to crack it:
>
> http://www.warplife.com/moat/alligators.js
>
> For extra credit, design your own custom software.
>
> If you desire only the very best:
>
> Set up an apparently legitimate site with some innocuous content that
> appears to belong to a real business.  Provide a sitemap:
>
>http://www.sitemaps.org/
>
> Put your sitemap's URL in your robots.txt:
>
>   http://www.robotstxt.org/robotstxt.html
>
> supply a permissive one:
>
> User-agent: *
> Disallow:
>
> Sitemap: http://www.example.com/urllist.txt.gz
>
> ... or...
>
> Sitemap-index: http://www.example.com/sitemap-index.xml.gz
>
> ... the sitemap index points to urllist.txt.gz but contains a timestamp
> that reduces everyone's load.
>
> Plaster that site with lots of apparently-legitimate email addies.
>
> Submit your homepage URL:
>
> Painless Search Engine Site Submission
> http://www.warplife.com/tips/webmaster/site-submission.html
>
> ... wait until the spam gets REALLY out of control then install a
> Teergrube:
>
>http://www.catb.org/jargon/html/T/teergrube.html
>
>https://en.m.wikipedia.org/wiki/Tarpit_(networking)
>
> Onw simple way is that when a spammer tries to deliver mail to your smtp
> server you start to cooperate but then pause until just before the timeout,
> then issue a continuation character:
>
>-
>
> .. then pause again.
>
> But do _eventually_ accept the mail, that way the spammer wont receive a
> bounce.
>
> A few hours after each spam arrives, use cURL or wget to fetch each of its
> images.  That's how spammers know that you like to read spam.  Also "click"
> some of their links.
>
> The Coup d' Gras is to drop this domain's emails into a bunch of
> "newsletter" subscription forms.
>
> I'll Send You My Bill In The Mail.
>
> Mike
> mdcrawf...@gmail.com
> 
>
>
>
> --
> Michael David Crawford, Consulting Software Engineer
> mdcrawf...@gmail.com
> 
> http://www.warplife.com/mdc/
>
> Every Deity Hath the Insight to Foretell the Future
> Yet G-d Almighty Himself Possesseth Not the Power to Undo the Past.
>
>

-- 
Michael David Crawford, Consulting Software Engineer
mdcrawf...@gmail.com
http://www.warplife.com/mdc/

Every Deity Hath the Insight to Foretell the Future
Yet G-d Almighty Himself Possesseth Not the Power to Undo the Past.
___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Michael David Crawford]

Internet Crime Complaint Center

   http://www.ic3.gov/complaint/default.aspx

The CERT Division

http://www.cert.org/

Forum on Risks to the Public in Computers and Related Systems

 http://catless.ncl.ac.uk/

I once used one-time emails to great effect.  Unfortunately my hosting
service configured my mail to accept any username, commonly but incorrectly
known as a "postmaster" account.   I once received 400 MB of spam per day!

I strongly recommend one-time emails but dont make them obvious.  Use
common given names, but not your own name.  Onfigure your mail server to
accept each one you actually use.  When the spam gets you down, unsubscribe
from the list, configure a new one-time email, resubscribe.  Keep the
now-unused mail user for a while but mark everything as spam.  When you
grow weary of doing so delete the username.

Gmail does work but it is impolite to draw so heavily on a free as in beer
resource.  If you like Gmail, Google offers a paid service that will
mailhost your own domain.

Javascript email obfuscation is effective because the bots dont even try to
crack it:

http://www.warplife.com/moat/alligators.js

For extra credit, design your own custom software.

If you desire only the very best:

Set up an apparently legitimate site with some innocuous content that
appears to belong to a real business.  Provide a sitemap:

   http://www.sitemaps.org/

Put your sitemap's URL in your robots.txt:

  http://www.robotstxt.org/robotstxt.html

supply a permissive one:

User-agent: *
Disallow:

Sitemap: http://www.example.com/urllist.txt.gz

... or...

Sitemap-index: http://www.example.com/sitemap-index.xml.gz

... the sitemap index points to urllist.txt.gz but contains a timestamp
that reduces everyone's load.

Plaster that site with lots of apparently-legitimate email addies.

Submit your homepage URL:

Painless Search Engine Site Submission
http://www.warplife.com/tips/webmaster/site-submission.html

... wait until the spam gets REALLY out of control then install a Teergrube:

   http://www.catb.org/jargon/html/T/teergrube.html

   https://en.m.wikipedia.org/wiki/Tarpit_(networking)

Onw simple way is that when a spammer tries to deliver mail to your smtp
server you start to cooperate but then pause until just before the timeout,
then issue a continuation character:

   -

.. then pause again.

But do _eventually_ accept the mail, that way the spammer wont receive a
bounce.

A few hours after each spam arrives, use cURL or wget to fetch each of its
images.  That's how spammers know that you like to read spam.  Also "click"
some of their links.

The Coup d' Gras is to drop this domain's emails into a bunch of
"newsletter" subscription forms.

I'll Send You My Bill In The Mail.

Mike
mdcrawf...@gmail.com



-- 
Michael David Crawford, Consulting Software Engineer
mdcrawf...@gmail.com
http://www.warplife.com/mdc/

Every Deity Hath the Insight to Foretell the Future
Yet G-d Almighty Himself Possesseth Not the Power to Undo the Past.
___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Alex Zavatone]

It's not a person called Olivia.

It appears to be a group called meetsecret.net.

I was just replying to Shane over on the ASOC list since someone mentioned that 
they are getting Olivia spam too and the very next message I got was from the 
same group with an other Olivia email.

I think that if we set up a filter to scan the email headers for 
*.meetsecret.net and route those to the trash, we should be free of this for at 
least a while.

Here's part of the email header from one of those Olivia emails.

Received: from [172.245.96.12] (unknown [172.245.96.12])
(Authenticated sender: oli...@meetsecret.net)   by ns1.meetsecret.net 
(Postfix)
…
X-Virus-Scanned: Debian amavisd-new at ns1.meetsecret.net

Hope this helps 

Cheers,
Alex Zavatone



On Jul 30, 2015, at 3:22 PM, Flavio Donadio wrote:

> Alex,
> 
> 
> It’s about time the moderators kick this Olivia from this list. Anyone who 
> hangs around with the .net and Android guys should be dangerous.
> 
> 
> Flavio
> 
> On 30/07/2015, at 16:00, Alex Zavatone wrote:
> 
>> On Jul 30, 2015, at 9:45 AM, Shane Stanley wrote:
>> 
>>> FWIW, it's also happening to on at least one other Apple mailing list. 
>>> Olivia seems to get around.
>> 
>> Which other ones?  I haven't seen them on ASOC or the Applescript ones 
>> (which I am aware you are subbed to).
>> 
>> Honestly, I had my hopes up, but now that I know that Olivia is cheating on 
>> this mailing list with other Apple mailing lists, I'm about to lose faith in 
>> her.
>> 
>> I wouldn't be surprised if she's all over the .net and Android guys too.
>> 
>> Spammers aren't what the used to be, I tell ya.
>> 
>> Sigh.
> 
> ___
> 
> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
> 
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
> 
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/cocoa-dev/zav%40mac.com
> 
> This email sent to z...@mac.com

___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Flavio Donadio]

Alex,


It’s about time the moderators kick this Olivia from this list. Anyone who 
hangs around with the .net and Android guys should be dangerous.


Flavio

On 30/07/2015, at 16:00, Alex Zavatone wrote:

> On Jul 30, 2015, at 9:45 AM, Shane Stanley wrote:
> 
>> FWIW, it's also happening to on at least one other Apple mailing list. 
>> Olivia seems to get around.
> 
> Which other ones?  I haven't seen them on ASOC or the Applescript ones (which 
> I am aware you are subbed to).
> 
> Honestly, I had my hopes up, but now that I know that Olivia is cheating on 
> this mailing list with other Apple mailing lists, I'm about to lose faith in 
> her.
> 
> I wouldn't be surprised if she's all over the .net and Android guys too.
> 
> Spammers aren't what the used to be, I tell ya.
> 
> Sigh.

___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Alex Zavatone]

On Jul 30, 2015, at 9:45 AM, Shane Stanley wrote:

> On 30 Jul 2015, at 9:36 pm, Alex Zavatone  wrote:
>> 
>> Including me, I know of three people who have gotten these.
> 
> FWIW, it's also happening to on at least one other Apple mailing list. Olivia 
> seems to get around.

Which other ones?  I haven't seen them on ASOC or the Applescript ones (which I 
am aware you are subbed to).

Honestly, I had my hopes up, but now that I know that Olivia is cheating on 
this mailing list with other Apple mailing lists, I'm about to lose faith in 
her.

I wouldn't be surprised if she's all over the .net and Android guys too.

Spammers aren't what the used to be, I tell ya.

Sigh.




___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Alex Zavatone]

On Jul 30, 2015, at 2:40 AM, Philip Ershler wrote:

> 
> 
>> On Jul 29, 2015, at 11:57 PM, Carl Hoefs  
>> wrote:
>> 
>> 
 On Jul 29, 2015, at 10:30 PM, Joar Wingfors  wrote:
 
> On 29 Jul 2015, at 16:52, Jens Alfke  wrote:
> 
> On Jul 29, 2015, at 4:32 PM, Roland King  wrote:
> 
> That's what I think to and the filth spread to the xcode list, or spread 
> from the xcode list. I wrote to the admins on both lists and asked them 
> to remove this scum feeder from all apple lists.
 
 I don’t think there’s any way to figure out which subscriber it is. The 
 spammer would almost certainly have subscribed under an anonymous Gmail or 
 Yahoo address, not something easily detectable like 
 “scum_fee...@spamsalot.biz ”.
>>> 
>>> Right. If someone can come up with a concrete approach for how to address 
>>> this issue I can make sure that it gets looked at. At the moment I’m just 
>>> not clear on how that would be accomplished.
>> 
>> An additional clue to this puzzle is that not everyone who is subscribed to 
>> the list received such messages. I, for one, did not.
>> -Carl
>> 
> 
> Nor me
> 
> Phil

Selective email address validation to get the most return on each spam message?

I do know that on one older Mac I have, I bounced the email right back and then 
ended up with another email asking for my credit card.  
___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Dave]

Another thing to watch out for is giving “real” file paths in the body of 
emails to the list - e.g. cut and paste from log etc. 



___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Dave]

> On 30 Jul 2015, at 14:57, 2551 <2551p...@gmail.com> wrote:
> 
> I’m on both of the affected lists, but so far have not been treated to 
> Olivia’s favour (meanwhile my inbox is bulging with mail complaining about 
> her, and I apologise in advance to contributing to that count, effectively 
> spamming myself… :(.

Your ISP is probably catching it. I think mine is now as not got any for a 
while.



___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[2551]

I’m on both of the affected lists, but so far have not been treated to Olivia’s 
favour (meanwhile my inbox is bulging with mail complaining about her, and I 
apologise in advance to contributing to that count, effectively spamming 
myself… :(.


> On 30 Jul 2015, at 20:45, Shane Stanley  wrote:
> 
> On 30 Jul 2015, at 9:36 pm, Alex Zavatone  wrote:
>> 
>> Including me, I know of three people who have gotten these.
> 
> FWIW, it's also happening to on at least one other Apple mailing list. Olivia 
> seems to get around.
> 
> -- 
> Shane Stanley 
> 
> 
> 
> ___
> 
> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
> 
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
> 
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/cocoa-dev/sqwarqdev%40icloud.com
> 
> This email sent to sqwarq...@icloud.com


___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Shane Stanley]

On 30 Jul 2015, at 9:36 pm, Alex Zavatone  wrote:
> 
> Including me, I know of three people who have gotten these.

FWIW, it's also happening to on at least one other Apple mailing list. Olivia 
seems to get around.

-- 
Shane Stanley 



___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Dave]

I seem to remember one trick back in the old days, was to munge up your email 
address some thing like this nodaves...@looktowindward.com or some such and I 
seem to remember I had one dedicated email address for lists (or at least the 
Apple Lists). Not sure if that would work on this problem, depends on whether 
the auto reply thing is smart.

Actually thinking about it more, it could be an infected machine of a bona-fibe 
member.

Dave

> On 30 Jul 2015, at 13:29, Bill Cheeseman  wrote:
> 
> People have been asking for this change for at least 15 years, and it has 
> been refused just as many times. As a born skeptic, I doubt there is any 
> point in asking again now.
> 
> -- 
> 
> Bill Cheeseman - wjcheese...@comcast.net
> 
>> On Jul 30, 2015, at 8:24 AM, Uli Kusterer  
>> wrote:
>> 
>> Since you have to be subscribed to the list to post, the likelihood would 
>> even be that either the message would either be rejected right away, or 
>> there would be a sender address subscribed to the list that could be 
>> unsubscribed to cause future bounces. That sounds like an actionable 
>> approach.
>> 
>> List admins, is this a possible setup for whatever list management software 
>> you're using?
> 
> ___
> 
> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
> 
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
> 
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/cocoa-dev/dave%40looktowindward.com
> 
> This email sent to d...@looktowindward.com


___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Bill Cheeseman]

People have been asking for this change for at least 15 years, and it has been 
refused just as many times. As a born skeptic, I doubt there is any point in 
asking again now.

-- 

Bill Cheeseman - wjcheese...@comcast.net

> On Jul 30, 2015, at 8:24 AM, Uli Kusterer  
> wrote:
> 
> Since you have to be subscribed to the list to post, the likelihood would 
> even be that either the message would either be rejected right away, or there 
> would be a sender address subscribed to the list that could be unsubscribed 
> to cause future bounces. That sounds like an actionable approach.
> 
> List admins, is this a possible setup for whatever list management software 
> you're using?

___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Uli Kusterer]

On 30 Jul 2015, at 13:57, Dave  wrote:
> The easy answer is for the Apple lists NOT to send email addresses of the 
> poster(s) and to direct all replies to the list itself. When I hit reply, it 
> set TO: to the original sender, then CC:The List and others in the thread, 
> this is what the spammer is picking up.
> 
> Then any spam would go to the list and it could dealt with there once, not by 
> all that are affected.


 Since you have to be subscribed to the list to post, the likelihood would even 
be that either the message would either be rejected right away, or there would 
be a sender address subscribed to the list that could be unsubscribed to cause 
future bounces. That sounds like an actionable approach.

 List admins, is this a possible setup for whatever list management software 
you're using?

Cheers,
-- Uli Kusterer
"The Witnesses of TeachtText are everywhere..."




___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Dave]

The easy answer is for the Apple lists NOT to send email addresses of the 
poster(s) and to direct all replies to the list itself. When I hit reply, it 
set TO: to the original sender, then CC:The List and others in the thread, this 
is what the spammer is picking up.

Then any spam would go to the list and it could dealt with there once, not by 
all that are affected.

Cheers
Dave


___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Alex Zavatone]

Including me, I know of three people who have gotten these.

I'll see if I still have the spam in one of my email boxes.

On Jul 30, 2015, at 2:40 AM, Philip Ershler wrote:

> 
> 
>> On Jul 29, 2015, at 11:57 PM, Carl Hoefs  
>> wrote:
>> 
>> 
 On Jul 29, 2015, at 10:30 PM, Joar Wingfors  wrote:
 
> On 29 Jul 2015, at 16:52, Jens Alfke  wrote:
> 
> On Jul 29, 2015, at 4:32 PM, Roland King  wrote:
> 
> That's what I think to and the filth spread to the xcode list, or spread 
> from the xcode list. I wrote to the admins on both lists and asked them 
> to remove this scum feeder from all apple lists.
 
 I don’t think there’s any way to figure out which subscriber it is. The 
 spammer would almost certainly have subscribed under an anonymous Gmail or 
 Yahoo address, not something easily detectable like 
 “scum_fee...@spamsalot.biz ”.
>>> 
>>> Right. If someone can come up with a concrete approach for how to address 
>>> this issue I can make sure that it gets looked at. At the moment I’m just 
>>> not clear on how that would be accomplished.
>> 
>> An additional clue to this puzzle is that not everyone who is subscribed to 
>> the list received such messages. I, for one, did not.
>> -Carl
>> 
> 
> Nor me
> 
> Phil
> 
> 
> 
>> 
>> ___
>> 
>> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
>> 
>> Please do not post admin requests or moderator comments to the list.
>> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>> 
>> Help/Unsubscribe/Update your Subscription:
>> https://lists.apple.com/mailman/options/cocoa-dev/ershler%40cvrti.utah.edu
>> 
>> This email sent to ersh...@cvrti.utah.edu
> 
> 
> ___
> 
> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
> 
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
> 
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/cocoa-dev/zav%40mac.com
> 
> This email sent to z...@mac.com


___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Philip Ershler]

> On Jul 29, 2015, at 11:57 PM, Carl Hoefs  
> wrote:
> 
> 
>>> On Jul 29, 2015, at 10:30 PM, Joar Wingfors  wrote:
>>> 
 On 29 Jul 2015, at 16:52, Jens Alfke  wrote:
 
 On Jul 29, 2015, at 4:32 PM, Roland King  wrote:
 
 That's what I think to and the filth spread to the xcode list, or spread 
 from the xcode list. I wrote to the admins on both lists and asked them to 
 remove this scum feeder from all apple lists.
>>> 
>>> I don’t think there’s any way to figure out which subscriber it is. The 
>>> spammer would almost certainly have subscribed under an anonymous Gmail or 
>>> Yahoo address, not something easily detectable like 
>>> “scum_fee...@spamsalot.biz ”.
>> 
>> Right. If someone can come up with a concrete approach for how to address 
>> this issue I can make sure that it gets looked at. At the moment I’m just 
>> not clear on how that would be accomplished.
> 
> An additional clue to this puzzle is that not everyone who is subscribed to 
> the list received such messages. I, for one, did not.
> -Carl
> 

Nor me

Phil



> 
> ___
> 
> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
> 
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
> 
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/cocoa-dev/ershler%40cvrti.utah.edu
> 
> This email sent to ersh...@cvrti.utah.edu


___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Charles Srstka]

> On Jul 30, 2015, at 12:57 AM, Carl Hoefs  
> wrote:
> 
> An additional clue to this puzzle is that not everyone who is subscribed to 
> the list received such messages. I, for one, did not.
> -Carl

Yeah, why is that? We’ve all been getting them, but you haven't! Why is that, 
Carl? Why haven’t they been sending them to you, Carl? How do I know *you’re* 
not the one behind all this, huh? You hear that, everybody? *He’s* the one! 
He’s the spammer! Get him! RRRGHHH!!!

(excerpt from: “The Spammers Are Due on Maple Street”)

Charles

___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Carl Hoefs]

> On Jul 29, 2015, at 10:30 PM, Joar Wingfors  wrote:
> 
>> On 29 Jul 2015, at 16:52, Jens Alfke  wrote:
>> 
>>> On Jul 29, 2015, at 4:32 PM, Roland King  wrote:
>>> 
>>> That's what I think to and the filth spread to the xcode list, or spread 
>>> from the xcode list. I wrote to the admins on both lists and asked them to 
>>> remove this scum feeder from all apple lists.
>> 
>> I don’t think there’s any way to figure out which subscriber it is. The 
>> spammer would almost certainly have subscribed under an anonymous Gmail or 
>> Yahoo address, not something easily detectable like 
>> “scum_fee...@spamsalot.biz ”.
> 
> Right. If someone can come up with a concrete approach for how to address 
> this issue I can make sure that it gets looked at. At the moment I’m just not 
> clear on how that would be accomplished. 

An additional clue to this puzzle is that not everyone who is subscribed to the 
list received such messages. I, for one, did not.
-Carl


___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Joar Wingfors]

> On 29 Jul 2015, at 16:52, Jens Alfke  wrote:
> 
> 
>> On Jul 29, 2015, at 4:32 PM, Roland King  wrote:
>> 
>> That's what I think to and the filth spread to the xcode list, or spread 
>> from the xcode list. I wrote to the admins on both lists and asked them to 
>> remove this scum feeder from all apple lists.
> 
> I don’t think there’s any way to figure out which subscriber it is. The 
> spammer would almost certainly have subscribed under an anonymous Gmail or 
> Yahoo address, not something easily detectable like 
> “scum_fee...@spamsalot.biz ”.


Right. If someone can come up with a concrete approach for how to address this 
issue I can make sure that it gets looked at. At the moment I’m just not clear 
on how that would be accomplished. 

Joar



___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Charles Srstka]

> On Jul 29, 2015, at 6:52 PM, Jens Alfke  wrote:
> 
> I don’t think there’s any way to figure out which subscriber it is. The 
> spammer would almost certainly have subscribed under an anonymous Gmail or 
> Yahoo address, not something easily detectable like 
> “scum_fee...@spamsalot.biz”.
> 
> —Jens

Would it help track this person down if we posted some of the Received: headers 
from the e-mails we’ve been getting?

Charles


___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Jens Alfke]

> On Jul 29, 2015, at 4:32 PM, Roland King  wrote:
> 
> That's what I think to and the filth spread to the xcode list, or spread from 
> the xcode list. I wrote to the admins on both lists and asked them to remove 
> this scum feeder from all apple lists.

I don’t think there’s any way to figure out which subscriber it is. The spammer 
would almost certainly have subscribed under an anonymous Gmail or Yahoo 
address, not something easily detectable like “scum_fee...@spamsalot.biz 
”.

—Jens

___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Roland King]

> On 30 Jul 2015, at 6:24 am, Charles Srstka  wrote:
> 
>> On Jul 29, 2015, at 2:16 PM, Alex Zavatone  wrote:
>> 
>> But honestly, the listserv is open and query-able and it looks like the 
>> spammers have found that out.
> 
> I actually suspect it’s that a spammer has become registered for the list and 
> is receiving the e-mails (and then sending an auto-reply), given that I’ve 
> been getting one Olivia e-mail per message I send to the list, and not long 
> after I send it.
> 
> Charles
> 

That's what I think to and the filth spread to the xcode list, or spread from 
the xcode list. I wrote to the admins on both lists and asked them to remove 
this scum feeder from all apple lists. Haven't heard back yet, guess it's long 
since not been Scott moderating as this cr*p would have lasted 2 minutes. 


___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Graham Cox]

> On 30 Jul 2015, at 9:24 am, Charles Srstka  wrote:
> 
>> On Jul 29, 2015, at 2:16 PM, Alex Zavatone  wrote:
>> 
>> But honestly, the listserv is open and query-able and it looks like the 
>> spammers have found that out.
> 
> I actually suspect it’s that a spammer has become registered for the list and 
> is receiving the e-mails (and then sending an auto-reply), given that I’ve 
> been getting one Olivia e-mail per message I send to the list, and not long 
> after I send it.


Same here. I reported the problem to the list moderator listed at the bottom of 
every message, but that in itself triggered a bounce. I’m not sure if there is 
actually any way to contact the moderators unless they happen to take a look at 
the list themselves (i.e they apparently only poll, they do not register for 
notifications).

—Graham



___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Charles Srstka]

> On Jul 29, 2015, at 2:16 PM, Alex Zavatone  wrote:
> 
> But honestly, the listserv is open and query-able and it looks like the 
> spammers have found that out.

I actually suspect it’s that a spammer has become registered for the list and 
is receiving the e-mails (and then sending an auto-reply), given that I’ve been 
getting one Olivia e-mail per message I send to the list, and not long after I 
send it.

Charles

___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Re: Regarding these Olivia messages. Can we do something about the list security?

[Eric E. Dolecki]

Gotta agree. I was shocked when that came in.

On Wed, Jul 29, 2015 at 3:18 PM Alex Zavatone  wrote:

> I guess this is more of a list admin request, but it's rather shocking to
> get these emails from "Olivia" coming from replying to an Apple listserve
> thread.
>
> Is there anything we can do about the harvesting of our PII (Personally
> Identifiable Information) from the list so that we don't have the joy of
> dealing with getting emails with nude photos of random girls who want our
> credit card numbers in the middle of our work day?
>
> I'd prefer to save those tender moments for when I'm not in the office.
>
> But honestly, the listserv is open and query-able and it looks like the
> spammers have found that out.
>
> Any ideas?
>
> Thanks,
> Alex Zavatone
> ___
>
> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
>
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/cocoa-dev/edolecki%40gmail.com
>
> This email sent to edole...@gmail.com
___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Regarding these Olivia messages. Can we do something about the list security?

[Alex Zavatone]

I guess this is more of a list admin request, but it's rather shocking to get 
these emails from "Olivia" coming from replying to an Apple listserve thread.

Is there anything we can do about the harvesting of our PII (Personally 
Identifiable Information) from the list so that we don't have the joy of 
dealing with getting emails with nude photos of random girls who want our 
credit card numbers in the middle of our work day?

I'd prefer to save those tender moments for when I'm not in the office.  

But honestly, the listserv is open and query-able and it looks like the 
spammers have found that out.

Any ideas?

Thanks,
Alex Zavatone
___

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com