[HPFGU-OTChatter] A note about the SPAM flags
Przemyslaw Plaskowicki
przepla at ipartner.com.pl
Thu Feb 5 20:57:38 UTC 2004
Iggy McSnurd wrote:
>I checked into Yahoo's help-files, and the only real reason those
>accounts should be getting flagged as SPAM is if those posts are being
>sent to multiple addresses at the same time, either overtly, or through
>a BCC:.
>
>For those of you who are falling prey to this, I have a bit of advice:
>Have a full system check done by your Anti-Virus and see if it catches
>anything. The big virus that the e-community is dealing with does a few
>things, but one of them is also sending information to certain computers
>via attachments and/or BCC:'s so that the virus can gather information.
>
>This is especially likely if you're connecting on from a work or school
>based e-mail address that requires you to go through your employer or
>school's host servers. (This is because those are the ones most likely
>to be affected by the major aspect of this virus. This can also happen
>to your PC if you have LINUX on it... since the virus is designed to
>latch onto LINUX as its primary function.)
>
>If you don't qualify under the major factors (work/school based e-mail
>and/or LINUX on your personal system) or you're not sending these
>letters to multiple addresses in any way that you know of, then it's
>something that we might want to work on narrowing down. If there's
>another reason for this, we will want to look into it, and/or report it
>to Yahoo for investigation.
>
>(The Elves may also want to check if the SPAM guard has been activated
>for the group, and who did it... This will help as well.)
>
>Thought I would let you all know.
>
>
>Iggy McSnurd
>
>
>
Dear Iggy,
With all due respect, you really shouldn't have written this. Apparently
you have no idea about what are you talking about.
Speaking as a person who does System Administration for a living, all
what have been said above is total nonsense.
Firstly, quick view of those messages classified as spam is that they
are mostly (or even only as I didn't check all messages) send via web
page form since they contain those lines:
User-Agent: eGroups-EW/0.82
X-Mailer: Yahoo Groups Message Poster
As a side note those messages contain this line:
X-eGroups-Rocket-Track:
1: 100 ; SFLAG=OPENRELAY ; IPCR=g-w0,n0,g100 ; SERVER=66.218.86.245
which is apparently an information why it was marked as spam (openrelay
in this case) -- of course how can this be the problem when message is
sent via Web Form, is beyond my comprehension.
Also those spam tags appear only in posts received via e-mail. They are
not tagged as spam on web archives (cf. OT-Chatter mesgs #21399 -- not
tagged in web archive, tagged in my inbox).
Secondly, the description of current virus outbreak internals is just
plain wrong. See this link: http://vil.nai.com/vil/content/v_100983.htm
for REAL info how does it work. Quoting from this site: "Mydoom only
infects systems running Microsoft Windows."
Thirdly, this virus have nothing to do with
Linux/Unix/FreeBSD/HPunix/AmigaDOS and any other Operating System
besides Microsoft WIndows. As a matter of fact MS Windows is the only
modern OS affected with viruses.
Fourthly, since the beginning e-mails are being sent via "your employer
or school's host servers". (I shall refrain from pointing the difference
between terms "host" and "server" and nonsense of "host server" term).
I agree, however, that mods should ASAP disable SpamGuard filters on all
HP4GU groups as current implementation is obviously broken.
Regards,
--
Przemyslaw 'Pshemekan' Plaskowicki
He not busy being born is busy dying. (Bob Dylan)
More information about the HPFGU-OTChatter
archive