On Apr 2, 2009, at 2:25 PM, Sebastien Roy wrote:
Ah, that's the part I didn't understand. I didn't realize that you already use postfix/spamassassin, and that was still not adequate. Thanks for explaining.
Spam doesn't keep me awake at night as I've already stockpiled enough Viagra and even if the system doesn't catch it, most mail clients will quietly put it in a spam folder for later amusement.
What does worry me are blanket whitelists that lower the bar for people who might have an axe to grind or just enough knowledge to be a PITA. That 'lawrence auster' mail, which spoofed a number of sun.com addresses, took advantage of both the assumption that the owner's email address listed at the bottom of the list info page (was until I patched that problem which, again, upset a few people) would be a subscriber and be a valid address. Even in the cases that the owner wasn't a subscriber, some of the lists with the wildcards let the mail pass to the list. The only reason it didn't make it to far more lists is that it snagged on a size limitation.
While nothing will prevent spoofing, I can certainly make it a bit more difficult to shove such mail out to the lists.
e. _______________________________________________ website-discuss mailing list [email protected]
