This spam flood is kinda hilarious in a way. Any idea why no one with mod or admin privs for the mailing list has bothered to step in and deal with this?
It isn't a quick flip of a switch would be my guess.
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
My spam filtering must be working correctly. Because, I have only seen 1
or 2...this may be the case for those with the privs.
Thank You
Bob Evans
CTO
It's mailman - I believe there's a moderation switch to stop all messages dead in their tracks for approval. I've used it before, but don't remember the exact name of the feature in the mailman admin UI.
That would be a lot of work to keep up with, though...
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
You can find people who have been convinced that NANOG is fundamentally pro-abuse because to many of them, it is revenue traffic.
I asked a similar question myself on another list.
But then after a minute's reflection, the fact that we all got 200+
messages like this on the NANOG list and not a single other message
complaining about it suggests that someone did actually hit the big
red moderation button promptly, and just waited until Monday to sort
it out (which would not have been completely unreasonable, I think).
The residual messages that tricked through after that seem likely to
be nothing more than outbound queues draining.
Joe
I considered the same thing as you, initially. Went back and looked at the raw headers though, and the early Received headers - shows the messages were still coming in over the course of the weekend rather then just say Friday night and then it was a queue purge.
My filters kicked in on Sat evening once I added something to counteract the whitelist for nanog's mails (going through nanog servers), so I'm missing alot of the later spew from Sunday.
It is indeed much simpler and can even be done via a mobile device
from anywhere in the world. The magic sauce: Moderate the user
account being abused to post to this list.
-Jim P.
> It's mailman - I believe there's a moderation switch to stop all messages
> dead in their tracks for approval. I've used it before, but don't remember
> the exact name of the feature in the mailman admin UI.
http://mailman.nanog.org/mailman/admin/nanog/?VARHELP=general/emergency
Emergency moderation
That would be a lot of work to keep up with, though...
Almost no real messages were sent for more than a day...
Marcin
Yep - saw ONE message on AFNOG, and that was the end of it, and I think
two, or three on the Freeradius lists, and that was the end of that...
Hundreds, and hundreds on NANOG however.
I've been seeing spates of these messages in other lists, including at least one I co-administer. And yes, moderation of the abused user does seem to work. As administrator I still have to kill the messages off, but Mailman makers this fairly easy.
Tom Taylor
I have been getting these all weekend as well, and am well over 200. Pings
via Twitter, and attempts to contact NANOG's upstream (SCNET) via NANOG
have gone unanswered.
I get such mixed messages from people on this list when it comes to network abuse (esp spam).
I'd almost venture to say that viewpoint is justified somewhat by the attitude of many major providers about the crap that spews forth from their or their customer's IP space.
I get it that it is hard for large providers to be proactive about things going on due to the sheer size of their networks, but come on. That excuse only works for so long.
1. It's not hard. It's far easier for large providers than small ones,
although many of them flat-out lie and claim the opposite.
2. Whatever happened to "never build what you can't control?" If you
can't stop your operation from emitting abuse, you should shut it down.
Immediately. That's what professionals do.
3. Large providers pretend to be "leaders", but are among the worst in
terms of actually leading by example. Just try getting a response from
them via postmaster@ or abuse@. Of course these large operations should
individually answer *every* message to those addresses promptly, 24x7,
and initiate immediate investigation/remediation on *every* complaint.
That's baseline operational competence 101, and given their enormous
financial and personnel resources, it would require only a tiny amount
of resources. But they don't -- and everyone else pays the price for it.
---rsk