This is unbelievable:
We have seen these kinds of spam-messages over the last weeks on different
mail accounts and still Spamassassin & others don't recognize them.
Isn't a topic of "Fw: important" compared with the greeting "Hey friend"
something that must be spam?
Now Nanog was hit which is really annoying.
Yes, this message might originate from an authenticated sender and the
(faked) sender's domain might light spf and so on - but where is artificial
intelligence when one needs it?
Time to charge for emails so that this channel will become too expensive for
spammers, isn't it?
Yes, it is. Quoting back a spammer's entire message to the entire list,
including the payload, is unbelievably stupid. It would have been
better to call this to the attention of those charged with the
care and feeding of this list, who are available at admins@nanog.org
per the nanog.org web site. (Although even that is probably not
necessary: I presume that they're keeping eyeballs on the list and
quite likely noticed this on their own.)
Blocking mailing list spam sent by/via addresses belonging to the
mailing list is exceedingly tricky. There are a few methods that
are modestly effective but none which present sufficiently low FP/FN
performance to be trusted without human intervention. And those
which rely on content, like all anti-spam methods which rely on
content, can be and are defeated at will by spammers. I have studied
this problem in considerable depth over the past several years and
have concluded that -- so far -- the only truly reliable method is
clueful list moderation with individual approval of every message.
This is, however, labor-intensive for high-volume lists and is thus
dependent on the availability of trained/practiced teams of list-owners
with sufficient available time.