Linux Advanced Routing and Traffic Control list
 help / color / mirror / Atom feed
From: "Taylor, Grant" <gtaylor@riverviewtech.net>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] question regarding spam and
Date: Sat, 14 May 2005 22:48:29 +0000	[thread overview]
Message-ID: <4286803D.9010207@riverviewtech.net> (raw)

>> OK, this is what is interesting.  The domain sentrisystems.com is
>> registered to an organization located in New Orleans in the USA, while
>> the email comes from a dialup host located on the India based Touchtel
>> ISP network, as pointed out by Denys.
> 
> Wow, you just discovered the fact that e-mail addresses can be faked.
> 
>> Can't the listadmin just block this address?
> 
> Can't people just look into the archives for past discussions on this
> topic? Can't people just put that address into their own blacklists?
> 
> Threads like this start to cause more traffic than the actual virus
> mails themselves. And they are at least as annoying as those mails.

This is yet another form of the age old problem of fixing the bug in the program that causes it to chew up resources or just give it more resources.  If people just ignore, black list, or tolerate the problem that exists the problem is still there.  This ""solution (if you will) does nothing to actually resolve the problem.  IMHO ignoring these emails is not even really a patch.

I personally sent an email to the Who-Is contact for the IP range that these messages are coming from asking that they contact their client to request that s/he clean his/her system.  From that email the viral traffic from ""Wilson stopped for about a week, but then picked up again.  At that point in time there were between 1 and 3 messages from ""Wilson (or who ever) coming to the mail list daily.  What would happen, what would people's reaction be if there were 10 - 20 messages coming from ""Wilson per day?  Would your actions be any different?  I personally would be getting extremely upset and possibly unsubscribe from the list as it would not be worth my time to have to wade through all the bogus emails to (try to) help the people that I do.  Nor would I recommend this (mostly wonderful) mail list to others to join.  IMHO just ignoring such traffic is akin to letting cancer grow in something that is other wise good.  There is also the idea / fact that those that have an a
bility to do something also have the responsibility to do something ("National Treasure" any one?).  Some of us on this list are Systems Administrators that have the knowledge and responsibility to take care of (read resolve / stop / prevent) such actions if they were coming from any one of our users / clientele.  What makes this any different?  Do we not have some sort of moral obligation / responsibility to try to stop the prevention / spread of viruses and the stopping of viral activity if we have the know how?  I personally am apalled at the fact that the list maintainer has not done any thing to mitigate this problem as of uet.  Do we have a responsibility as Network Administrators to prevent bogus traffic from leaving our networks?  Is this not akin to stopping bogus email from entering our mail list by taking action to stop it?  IMHO something about this should have been done LONG ago.  From April 16 (2005) to present (May 14 (2005)) I have 64 emails from ""Wilso in my
 trash folder making for on average more than 2 emails per day.

I personally think that it is high time that we get some action from the list administrator on this matter.  If me voicing my opinion on this gets me unsubscribed and baned form this list I will be disappointed but I think this is an issue that should be addressed.  This is very close to dealing with spam on the net in general.  Some of the more recent figures that I have heard is that spam is taking up as much as half of the bandwidth of all email.  If this is left unchecked this will ultimately be wasted traffic as people just delete spam.

Here is my email to the abuse contacts in the WhoIs information for the subnet where the viral email is coming from.  http://mailman.ds9a.nl/pipermail/lartc/2005q2/015613.html  Seeing as (ultimately) nothing was done to resolve this issue it may be time for more to be done, possibly black listing that subnet or provider.



Grant . . . .
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

             reply	other threads:[~2005-05-14 22:48 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-05-14 22:48 Taylor, Grant [this message]
2005-05-14 22:51 ` [LARTC] question regarding spam and Taylor, Grant

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4286803D.9010207@riverviewtech.net \
    --to=gtaylor@riverviewtech.net \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox