ietf
[Top] [All Lists]

Re: Spammers answering TMDA Queries

2007-10-03 07:14:54


--On 2. oktober 2007 18:49 -0400 Russ Housley <housley(_at_)vigilsec(_dot_)com> 
wrote:

The Secretariat tells me that Spammers are responding to TDMA queries so
that their mail goes through.  They have made the suggestion that we
clear the list of people once per year.  This would mean that a
legitimate user of a list that uses TDMA would get a TDMA query once a
year if they are not subscribed to any ietf.org mail list.  There is no
TDMA query for people who are on at least one ietf.org mail list.

Here is the info that I have:

 > Russ wants to know how many people have responded to the TMDA
 > challenge but are not on any IETF mailing list.

1025 mail addresses have "confirmed" their address.  I would bet that
at least 20% of the confirmed are spam addresses (or autoconfirmed
addresses)

Thoughts?

get a documented case (copy of the confirmation email + copy of the spam that got through) before jumping to conclusions.

I don't think clearing the list is reasonable without relatively solid evidence that there are 200 spammers' addresses in that list.

Interestingly, a confirmation email, with trace headers, is evidence of the location of a spammer that is far more solid than most kinds of evidence one can gather from just the spam; after all, the spammer was available at his MX to get and reply to the confirmation email.

If the spammers were indeed auto-replying, I'd set up a honeypot running TMDA so that I could collect their whereabouts....

                       Harald


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>