Double Irony! (was Re: [linux-elitists] ruben's stupid filter)

Karsten M. Self kmself@ix.netcom.com
Mon Mar 25 00:46:46 PST 2002


on Sun, Mar 24, 2002, Dan Wilder (dan@ssc.com) wrote:
> On Sun, Mar 24, 2002 at 04:39:47PM -0800, Karsten M. Self wrote:
> > 
> > Again:  I think automated tools *are* a benefit *if* properly
> > designed.  I think the solution is in improving the tools, not in
> > griping about them.
> 
> Certain automated tools are intended to be used for an unutterably
> mindless and stupid purpose, to wit, auto-reporting.  
> 
> I'm not griping.  
> 
> I'm objecting to the stupidity of that particular purpose, in a public
> forum, hoping that my objection will be argued, noted, etc., and that
> I may perhaps contribute to the building of what I would view as a
> more favorable consensus about what should be done.

One suggestion from me (who happens to _like_ his auto-reporting tools,
and is working to improve on their specificity, accuracy, and
effectiveness), would be for those of the opposite camp to suggest
alternatives.  This I haven't seen.

I'm sorry, but I'm not going to spend five minutes (or two minutes, or
even thirty seconds) manually tracking down the 40-odd spams I get
daily.  That's more than three hours daily at the first estimate, a half
hour at the low end.  I need something that works and works effectively
and quickly.  I'd prefer it didn't waste the time of admins at the other
end, and will even tune my systems to conservative (but reasonable)
triggers to this end.

As it is, I'd prefer a procmail rule or other tool to detect refused
mail to postmaster@ and abuse@ addresses, as well as WHOIS lookups on a
domainspecificity, accuracy, and automate my rfc-ignorant sumbissions.



> I do not raise this objection directly with the authors of these
> tools, believing that those individuals are likely at this time to be
> entirely bought-in to their wrongheadedness, and lost to any form of
> reason with respect to this matter.  I doubt that any one of them
> would even for one instant entertain adding a patch to delete the
> feature in question.  If I am correct, "improving [the tools]" is not
> an option.

I've had a few exchanges with Vipul, of Vipul's Razor fame, also the
author of Ricochet.  While he's not working much on Ricochet these days,
he's indicated that tuning it to do a better job of identifying the
culpable, rather than the merely proximate, would be preferred.

OTOH, a spam storm that hit my work account this weekend, through a
range of open relays ranging from Eastern Europe to the Near-East to
Asia, also generated a large number of bounces from RFC 2821 addresses.
In these cases, a wider net (to catch upstreams, etc.) would be
preferred.  I don't currently have the tools to integrate Ricochet's
initial harvest with the outbound message and eventual results
(hmmm...though I could create a 'ricochet-response@domain.tld' account
which I then poll for email, and filter accordingly....).

Though contacting the relay operators clearly didn't work, the bounces
are filling rfc-ignorant.org's database.

Peace.

-- 
Karsten M. Self <kmself@ix.netcom.com>      http://kmself.home.netcom.com/
 What part of "Gestalt" don't you understand?          
   Keep software free.         Oppose the CBDTPA.         Kill S.2048 dead. 
           http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://allium.zgp.org/pipermail/linux-elitists/attachments/20020325/a81e955f/attachment.pgp 


More information about the linux-elitists mailing list