[pvrusb2] Spammer managed to hit pvrusb2 list

Mike Isely isely at isely.net
Tue Apr 13 18:57:12 CDT 2010 

Hi,

You all might have seen the spam post on this list from 
mnyerges at gmail.com.  That is actually the *first* time since the 
creation of this list that a spammer has managed to get through.  
Sigh...  Let me tell you a bit about what happened and what this list 
does to defend against spammers.

As you all know, the pvrusb2 list only allows posts from actual 
subscribers.  This is the list's primary defense against spammers.  
Since this list isn't all that large (161 subscribers) I don't believe 
it's been tempting enough of a target for one of those pond scum 
spammers to expend the manual effort needed to subscribe first.  And 
believe me, I have seen COUNTLESS attempts to spam this list using 
non-subscribed addresses.  If a non-subscriber attempts to post, the 
list softare will bounce the message back to the sender with an apology 
about the requirement to subscribe first along with an explanation.

So how did that post get onto the list?

Well it's not a perfect system.  Obviously a determined enough spammer 
could attempt to subscribe anyway and spew to the list.  Were that to 
happen I'd ban him instantly, but unfortunately at least one such 
message would get through first.  But that's not what actually happened 
here.

The "only-subscribers-can-post" rule is not exactly bullet-proof.  The 
mailing list software basically looks at the from: address and if it 
names a subscriber, the post is let through.  Matt has been a subscriber 
to this list since 24-Jan-2007, and obviously he's been a good citizen 
that entire time.  The headers would seem to suggest that the post 
likely came from elsewhere.  So this is probably a case of the spammer 
joe-jobbing mnyerges at gmail.com and just getting lucky because he also 
happened to include the pvrusb2 posting address in his spew list.

When I saw the spam message, I first just banned the address.  But then 
I looked deeper and upon realizing he's been here for 3 years I 
concluded that this probably wasn't his fault.  So for now I 
resubscribed him to the list but he's on moderation until I hear from 
him and get some assurance that it really wasn't his fault.

Going forward in time, this is probably going to happen more.  I really 
hope not, but it might.  I already also run a grey list on isely.net, 
which also knocks the spam influx down *enormously*, but those 
scum-of-the-internet spammers will probably still get lucky every once 
in a while.  If this starts to become a real problem, then I will react 
by putting the entire list on moderation, as a last manual defense 
against these jerks.  That will be annoying, but the traffic level here 
is low enough that I think I can deal with it.  Maybe somebody else 
might also help out and be a moderator, if it comes to that.

Anyway, that I guess is a long way of saying sorry about what got posted 
and I'm doing my best to keep that under control.

  -Mike


-- 

Mike Isely
isely @ isely (dot) net
PGP: 03 54 43 4D 75 E5 CC 92 71 16 01 E2 B5 F5 C1 E8

More information about the pvrusb2 mailing list