Discussions on another list bring up something to consider:
---------- Forwarded message ---------- Date: Sat, 5 Jan 2002 11:19:24 -0500 (EST) From: "George F. Nemeyer" <tigerwolf@tigerden.com> To: spam@zorch.sf-bay.org Subject: Re: bulk email explosion this spring?
On Sat, 5 Jan 2002, Tim Pierce wrote:
Has anyone heard rumors that big spamhauses are planning to deploy new technology to attack mailing lists, or for that matter are planning anything specific for this spring?
I've not heard rumors, but the way I read the ominous forecast was that spammers plan to automate the subscription/confirmation process to get into lists initially with the hope of getting at least one spam flood through.
If that's true, it seems the next logical step is to create lists that are 'semi-moderated'.
That is, for any new subscriber, a human reviews and manually approves the first N postings, until the user can be tagged as 'trusted' and their subsequent posts are then allowed onto the list automatically. If any early posts are spam, the user is summarily booted. N can even be zero if the list owner knows and trusts the user when they approve the subscription to the list initially.
I can't see large volume spam houses bothering to actually create on-topic posts long enough to become tagged trusted since doing so by automated means would be nearly impossible for large numbers of lists with widely varying subjects.
This scheme should work at least for lists where the rate of new subscriptions is managable.
Other schemes might involve requiring posting domain to be the same as subscription domain, or other 'source' comparisons which would flag suspicious posts for approval before letting them onto the list.
It will take some list server software changes, so I'm going to copy this to the Mailman developer's list for consideration.
George Nemeyer Tigerden Internet Services