At 09:24 AM 5/13/03 -0400, Eric Dean wrote:
I've started a new thread to discuss list detectiom just to be search engine
friendly.
There seem to be a variety of methods that lists use including preserving
the original sender as well as sending witht the list's email address. This
particular list sends with the list's email address. For C/R systems, this
often works fine because you often have to send to a list-subscribe in order
to join the list. A C/R will then send a challenge to the list and
subsequently get denied.
For lists that preserve the sender's email address, a C/R system can be a
bit unfriendly. However, we have seen that most list's use a "Sender"
header somewhere inside the message body. for example, this list sends:
Sender: asrg-admin(_at_)ietf(_dot_)org
If we encounter such a header, we will then not challenge the sender but
will require the user to take an action. I'm not trying to have another C/R
discussion but rather am interested in the various list detection methods
available. I've sorted through procmail to see what methods are available
to that source and the above was the best I could come up with.
Spamwolf checks for these headers.
"mailing-list:",
"list-help:",
"list-unsubscribe:",
"precedence: bulk",
"precedence: list",
and it also checks for "(LISTSERV-" anywhere in any header -
though really one should check only in Received headers.
The "(LISTSERV-" check is necessary because versions of that software
written before the RFC recommending the list-* headers do not add them,
for obvious reasons. And yes, there is anchient listserv software
still in operation. Fortunately, all new mailing list software seems
to contain one or more of the others (at least, all that I've seen so far.)
The "mailing-list:" header is deprecated, but again, still in use.
The Spam Assassin checks are more complex, but it's checking for
a particular mailing list program to do more refined "spaminess" checks.
There's no harm in checking for "List-Post:" but all lists (I know of)
which have List-Post: also have either list-help or list-unsubscribe.
Another recommendation made by some (but not me),
is "don't respond unless you're named in the To: field."
It doesn't really identify a mailing list,
but rather a message one should arguably not auto-respond to.
Identifying your own email address is harder than it seems
(for your mail client) so while this test sounds good,
it's actually difficult to implement in practice.
A lessor but easier to implement variant is
"don't respond if there's more than one recipient.".
It doesn't catch as much, but it's far more practical to implement.
(i.e. it's better than nothing, so why not?)
Scott Nelson <scott(_at_)spamwolf(_dot_)com>
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg