NANOG Spam?

Jim Popovitch jimpop at yahoo.com
Wed Jul 5 21:20:04 UTC 2006


William Allen Simpson wrote:
> The spammers have figured out how to bypass the NANOG members-only
> posting, in this case by pretending to be John Fraizer and sending
> directly to trapdoor.

On our public list servers we now require admin approval of all new 
subscriptions as well as email verification.  It takes time, but it is 
worth it.  Additionally, the admins occassionally reply to new 
subscribers with "questionable" addresses and ask them for a bit more 
info (who/what/why/etc).  Finally all new subscribers are automatically 
moderated until their first post proves them to in fact be legit and on 
topic.  Finally, we crawled the archives of the big lists and have come 
up with a list of subscribers who haven't posted in over 9 months, we 
plan to set the mod bit on them too very soon.   These are necessary 
steps simply because we see at least 30 requests each week for what 
amounts to invalid subscriptions, if those subscriptions went through 
unfettered then users would be upset.  Even if one bogus subscription 
slips through, the auto-mod provides a second chance to stop them. 
Perhaps these are some ideas for the NANOG mailinglist admins to implement.

-Jim P.





More information about the NANOG mailing list