Re: [Asrg] Please critique my anti-spam system

On 2005-01-10 09:14:35 +1000, Laird Breyer wrote:
> On Jan 09 2005, Peter J. Holzer wrote:
>
> > > Either you're confused or I am. Michael sends me two messages, once as
> > > Michael (which is unsolicited, and he's not whitelisted, so gets a 
> > > CAPTCHA),
> > > and once as asrg(_at_)ietf(_dot_)org, which is whitelisted since I've 
> > > subscribed to 
> > > the list. 
> > But both messages are sent to an active subaddress, so they are
> > accepted without a CAPTCHA. See
> > http://home.nyc.rr.com/spamsolution/An%20Effective%20Solution%20for%20Spam.htm
> How would Michael's MUA know the subaddress?
It's in your From: header.

> Only the list expander knows the subaddress. Michael's MUA sends mail
> to the main address, which replies with a CAPTCHA.
That's not the way I understood that it works.

ISACS rewrites all outgoing mails to contain a unique subaddress for
each recipient. Thus all your mails to the mailing-list will contain
your subaddress for the recipient asrg(_at_)ietf(_dot_)org, (e.g. 
<laird(_dot_)123(_at_)(_dot_)(_dot_)(_dot_)>),
not your main address <laird(_at_)(_dot_)(_dot_)(_dot_)>.

When Michael hits the group reply button, his MUA will take the
addresses from the headers and compose a mail to <asrg(_at_)ietf(_dot_)org> and
<laird(_dot_)123(_at_)(_dot_)(_dot_)(_dot_)> (It doesn't know that this is a 
subaddress, nor what the
main address is).

        hp

-- 
   _  | Peter J. Holzer    | Je höher der Norden, desto weniger wird
|_|_) | Sysadmin WSR       | überhaupt gesprochen, also auch kein Dialekt.
| |   | hjp(_at_)hjp(_dot_)at         | Hallig Gröde ist fast gänzlich 
dialektfrei.
__/   | http://www.hjp.at/ |   -- Hannes Petersen in desd

pgp1cD6Q9rVwy.pgp
Description: PGP signature

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg