auto59872302 spake unto us the following wisdom: > > I already put this guy in the spam filters, he won't be making it > > through again. There's no need, in general, to reply to the list to > > "deal with" spam. If you notice a high level of leakage, let a Pidgin > > developer know so we can deal with it --- but note that almost all of > > the "list" spam I get doesn't actually pass through lists on its way > > to my inbox. I believe spammers put list addresses in the To/Cc, but > > send the mail directly, to try to defeat spam filters. You can > > determine if a spam actually passed through the list (as this one did) > > by consulting the headers. > > Ethan, sorry for any inconvenience I may have caused you. That was far > from my intentions, I assure you. I will follow your advice about > handing them in the future. But I have a question about one point in > your instructions. So that I can recognize it better, would you explain > this differently:
It's not an inconvenience to me, specifically, it's just added noise on the list. You're far from the first to do it, which is why I made a list announcement about it. > > "... all of > > the "list" spam I get doesn't actually pass through lists on its way > > to my inbox. I believe spammers put list addresses in the To/Cc, but > > send the mail directly, to try to defeat spam filters..." > > I am not following your meaning there. Thanks. I'm simply saying that, before someone starts sending me (or another Pidgin developer) email saying "I got spam off the Pidgin support list!", it's good to verify that that's actually what happened. The To: and Cc: fields on an email are not actually how the email servers determine where to send the message. They're largely cosmetic. This means that a user can construct a message that says: To: support@pidgin.im Subject: Free Nigerian Prince Money Dear beloved, it has come to my attention that you are probably very, very stupid and I would like to give you money, in the sense that I hope you will give me money. Please go directly to Western Union and wire a not at all suspicious amount of money to Nigeria. As I am a prince in Nigeria, when I see this money I will understand that you are a wise individual in your stupidity and give you my massive fortunes so that you can keep them for no reason at all. In this manner we shall both become rich. Prince "Moneybags" Dinga They then tell the *mail server* to send this message to e...@pidgin.im, in the hopes that I will receive it as spam, because my mail filters "know" that support@pidgin.im is a legitimate list from which I receive all kinds of emails. So ... you want to look at the mail headers, and see if it actually passed through a mailing list, before telling a mail server admin that their list is spamming. You can do this by checking the Received-By: headers, as well as looking for mailing list headers such as X-Been-There: or List-Id:. These can also be spoofed, of course, but as there's little point in doing so, spammers generally don't bother. Ethan _______________________________________________ Support@pidgin.im mailing list Want to unsubscribe? Use this link: http://pidgin.im/cgi-bin/mailman/listinfo/support