Why does this group have so much spam?

Discussion in 'Python' started by casebash, Aug 30, 2009.

  1. casebash

    casebash Guest

    So much of it could be removed even by simple keyword filtering.
    casebash, Aug 30, 2009
    #1
    1. Advertising

  2. casebash

    r Guest

    On Aug 29, 7:18 pm, casebash <> wrote:
    > So much of it could be removed even by simple keyword filtering.


    A more interesting question is what morons are responding to this spam
    and enticing the spammers to proliferate their garbage? Do people
    actually see a spam like "Phallus enlargement pills" and say to
    themself "Alright!, just what i been looking for!". I guess i just
    can't understand foolishness...

    Yes i agree, far to much spam is getting through.
    r, Aug 30, 2009
    #2
    1. Advertising

  3. "casebash" <> wrote in message
    news:...
    > So much of it could be removed even by simple keyword filtering.


    Assuming this is a serious question:

    1. comp.lang.python has relatively little spam, compared to others.

    2. The spam posters aren't looking for responses within the individual NGs,
    they're just hoping you'll click through to the link within the post. It's a
    version of "fire and forget"

    3. Simple keyword filtering /by whom/? There is no central NG governing
    authority.

    The best response is to ignore[1] the spam posts; they'll eventually expire
    and disappear from your newsreader.

    [1] Although if they're egregiously stupid, you may find yourself mocking
    the OP. Realize that as witty and urbane as your response may be, the OP
    ain't listening. :)
    Bruce C. Baker, Aug 30, 2009
    #3
  4. On Sun, 30 Aug 2009 00:00:54 -0500, "Bruce C. Baker"
    <> declaimed the following in
    gmane.comp.python.general:

    "casebash" <> wrote in message
    news:...
    > So much of it could be removed even by simple keyword filtering.


    <snip>
    >
    > 1. comp.lang.python has relatively little spam, compared to others.
    >

    Except when viewing it via the uncontrolled Google Groups function
    -- in which 90% of the spam seems to be posted by users with throw-away
    GMAIL email addresses... Which conditions seem to apply to the original
    poster: both a Google Groups posting, using a gmail address.

    > 3. Simple keyword filtering /by whom/? There is no central NG governing
    > authority.
    >

    And experience shows that Google doesn't care at all...

    > The best response is to ignore[1] the spam posts; they'll eventually expire
    > and disappear from your newsreader.
    >

    Not from someone reading Google Groups -- spammers don't bother with
    "x-no-archive" <G>

    --
    Wulfraed Dennis Lee Bieber KD6MOG
    HTTP://wlfraed.home.netcom.com/
    Dennis Lee Bieber, Aug 30, 2009
    #4
  5. > "casebash" <> wrote in message
    > news:7294bf8b-9819-4b6d-92b2-
    > ...
    >> So much of it could be removed even by simple keyword filtering.


    Funny, I was just thinking recently about how *little* spam this list
    gets--on the other hand, I'm following it via the python-list@ mailing
    list. The list owners do a great job of keeping the level of spam at
    a minimum, though there are occasional false positives (like your
    post, apparently, since I'm only seeing the replies).

    -Miles
    Miles Kaufmann, Aug 30, 2009
    #5
  6. Byung-Hee HWANG, Aug 30, 2009
    #6
  7. casebash

    Nobody Guest

    On Sun, 30 Aug 2009 11:18:35 +0200, David wrote:

    >> So much of it could be removed even by simple keyword filtering.

    >
    > I think there is only one final solution to the spam pestilence: a tiny tax
    > on email and posts.
    > Spammers send hundreds of thousands of emails/posts a day and a tax of
    > 0.0001$ each does not harm normal users but discurages spammers.


    Apart from the impossibility of implementing such a tax, it isn't going to
    discourage spammers when the tax will be paid by the owner of the
    compromised PC from which they're sending their spam.

    If you want to avoid usenet spam and don't want to filter it yourself,
    find a provider with more aggressive spam filter. Ultimately, it's up to
    the person running the news server as to which posts they will or will not
    accept.
    Nobody, Aug 30, 2009
    #7
  8. casebash

    Terry Reedy Guest

    Byung-Hee HWANG wrote:
    > casebash <> writes:
    >
    >> So much of it could be removed even by simple keyword filtering.

    >
    > Use [1], instead.
    >
    > [1] http://mail.python.org/mailman/listinfo/python-list


    Or read python-list as a newsgroup via news.gmane.org, which mirrors
    python-list, not c.l.p.
    Terry Reedy, Aug 30, 2009
    #8
  9. casebash

    Terry Reedy Guest

    Nobody wrote:

    > Apart from the impossibility of implementing such a tax, it isn't going to
    > discourage spammers when the tax will be paid by the owner of the
    > compromised PC from which they're sending their spam.


    It would encourge PC owners to not let their machine be used as a spambot.
    Terry Reedy, Aug 30, 2009
    #9
  10. casebash

    r Guest

    On Aug 30, 4:23 pm, David <> wrote:
    (snip)
    > The owner of compromised PC should be responsible of his computer like the
    > owner of a car is responsible of damages caused by its car.
    > That owner should keep his computer clean as he *must* keep his car
    > functional and safe.


    Yes i agree but your logic is flawed. If someone cuts my brake lines
    and i cannot stop who is to blame? Or if someone throws nails on the
    highway and i crash, who is to blame? Obviously you cannot blame the
    car owner. However if i let my brake pads wear out until they are
    metal on metal and run over some poor old lady crossing the street --
    well now you got me! ;)

    But you cannot apply this logic when a hacker compromises someones
    computer, it the same as cutting their brake lines. How can you
    honestly expect that Joe computer user will know of this infection? Do
    you even know where your brake lines are? Even hackers can be hacked
    without ever knowing it! The only sure fire way is VM's or system re-
    installs.

    > Today most of the people consider cyber security an optional, but all of us
    > pay for their negligence. Those people are externalizing to the rest of the
    > world their costs in terms of SO updating, antivirus, firewall and
    > knowledge. This is unfair.


    Yes, keeping a running AV and proper updating i agree with...

    > This is mainly a matter of sensibility and culture: in '50/60s active and
    > passive car safety was an optional, today is a must.
    > I think it's time to switch to responsible computing and the mail-tax would
    > charge each person of its own costs and annoyances without affectig the rest
    > of the world.


    What, this is madness! If you have terrorist terrorizing your country
    you don't tax the public when they blow up a shopping mall so you can
    rebuild it! No you kill the terrorist in a harsh and painful manner
    and make an example of them, then you seize there monies. You should
    direct your anger to the proper internet security authorities(and more
    importantly to the perpetrator's) and not the innocent victims of such
    attacks. I want you to sit back and think very deeply about your
    proposal here because it is horribly wrong.

    It is so easy to just slap a tax on something, yes that will solve
    everything. *sarcasm*

    > > If you want to avoid usenet spam and don't want to filter it yourself,
    > > find a provider with more aggressive spam filter.

    >
    > This is not the solution. You are saying that if your neighbour makes loud
    > noises you can not call police to impose him to cease but you can only make
    > your home soundproof.


    or you could go over and punch him in the nose, works every time for
    me ;-)
    r, Aug 31, 2009
    #10
  11. casebash

    r Guest

    On Aug 31, 2:04 pm, David <> wrote:
    (snip)
    > It's a question of point of view: in italy if a thief steals a car and
    > causes an accident the car's owner's assurance (having a car assurance is
    > mandatory) must refund the victims. That's because protections of victims is
    > first priority.
    > Obviously the owner can not be charged


    Is the car owner not a victim too? :). i am ok with the filthy
    insurance company paying as long as the owners rates don't increase.
    But why can't we force the criminal into hard labor to pay back the
    lost monies? Seems like that would serve justice to all parties...

    > That's a problem of the computer owner. Why should the rest of the world be
    > charged of *his* problem while keeping him safe from suffering any
    > consequence?


    No, why should spammers feel safe while doing their crimes? I say put
    the pressure on criminals, and NOT the victims. I really doubt much is
    being done to fight spam now that is why it is so prevalent. Two FBI
    hackers can't keep up with billions of spams.

    > Madness, you say? Let's examine the situation a bit moore deeply.
    >
    > First, the mail-tax would is not for rebuilding the destroyed building after
    > the attack but, at the opposite, to prevent the attack. Wouldn't you pay a
    > small tax to prevent terrorist's attacks?


    Only if that tax was given to highly trained US Marines who where
    given a green light to use any and all methods to brutally kill the
    enemy and make an example of him with no worry of prosecution by their
    own government.

    > The mail-tax would be really small, if you send 1000 mails at month (a real
    > huge traffic, for a non spammer!) the bill would be about 10 cents.
    > Do you really think this is too much to get rid of most of the spam?


    I don't think that will stop most spammers since they must be making
    more that a 10c a month profit or they would starve to death! I say
    why not put a 1000.00 fine on any idiot that responds to a spam! What
    about that?

    > We are paying and hidden tax in terms of HW and human resources needed by
    > ISPs to manage that huge (~90%) useless/malicius traffic. (I don't mention
    > const related to dalays, denial of services, theft of informations...)

    (...snip)

    The system is definitely flawed. I am no internet expert so i don't
    really know what we could do to fix it. I do fear goverment or
    corporations taking over of the internet and robbing use of our
    freedom of speech under the pretense that they will *somehow* save us
    from the spammers. Something must be done however.

    I *do* know however that M$ windows ships with its back doors wide
    open and you could put a lot of blame of M$ for this stupidity! And
    since their product is meant for computing morons why do they still
    ship it in such a vulnerable state... complete madness!

    > Finally a little criticims: spam and related malware is a problem growing
    > day by day. I am proposing a solution and if somebody doest't like it, well,
    > he should propose a better one. Just saying "NO!" and turning head aside
    > hoping that the problem will solve by itsef is no more acceptable.

    (snip)

    I agree with you, we must do something...
    r, Sep 1, 2009
    #11
  12. casebash

    Andre Engels Guest

    On Sun, Aug 30, 2009 at 11:18 AM, David<> wrote:
    > Il Sat, 29 Aug 2009 17:18:46 -0700 (PDT), casebash ha scritto:
    >
    >> So much of it could be removed even by simple keyword filtering.

    >
    > I think there is only one final solution to the spam pestilence: a tiny tax
    > on email and posts.
    > Spammers send hundreds of thousands of emails/posts a day and a tax of
    > 0.0001$ each does not harm normal users but discurages spammers. This tax
    > should be applied when a message is routed by a ISP server, this saves
    > mails/posts internal to a LAN.


    What about mailing lists? There exist well-functioning mailing lists
    with thousands of subscribers. Being a posting member of those will
    significantly increase your internet bill under your proposal.


    --
    André Engels,
    Andre Engels, Sep 1, 2009
    #12
  13. casebash

    Terry Reedy Guest

    David wrote:
    >
    > I'm not saying that criminals shouldn't being prosecuted, but we are talking
    > of something else: creating and environment that discurages criminals,
    > because present enviroment is pretty wild and criminals have a big
    > advantage.
    > The mail-tax proposal aims to change this situation.


    I have read at least one person saying he did not mind his machine being
    used to send out spam. I have read more that one person advocating
    leaving one's wi-fi base open for anyone to use as the 'neighborly'
    thing to do.

    A substantial fraction of people have turned off Window's update.
    Consequently, whenever Microsoft announces a vulnerablility and patch,
    malware writers can write an exploit of the announced vulnerability and
    be sure that they will find vulnerable machines.

    All the above are contributors to the problem and are externalizing some
    of the proper cost of ownership and operation of a net-connected computer.

    tjr
    Terry Reedy, Sep 2, 2009
    #13
  14. On Tue, 01 Sep 2009 20:48:19 +0200, David wrote:

    > Il Tue, 1 Sep 2009 11:50:14 +0200, Andre Engels ha scritto:
    >
    >
    >> What about mailing lists? There exist well-functioning mailing lists
    >> with thousands of subscribers. Being a posting member of those will
    >> significantly increase your internet bill under your proposal.

    >
    > It's an implementation issue, it doesn't touch the sense of proposal.
    > One possibility is register the mail list to official registers and mail
    > from a subscriber to other subscribers will be excluded from taxation or
    > will have a lower tax rate.
    > An excessive mailing from a single or few subscribers can be easily
    > detected, traced, filtered and, if the case, prosecuted.


    This can be done already, without the need for an email tax. ISPs could
    easily detect spammers, if they cared to.

    There are a few things that can already be done to cut the spam problem
    to manageable size:

    (1) Why aren't ISPs blocking port 25 for home users by default? My home
    ISP does, I can only send email through their mail server unless I ask
    them nicely, in which case I'd be responsible for any spam that leaves my
    home network. If I send spam, I'll be breaking my terms of service.

    (2) Why aren't ISPs cutting off detected spam bots? Owners of zombied PCs
    are menaces to society. ISPs are in the best position to detect PCs which
    are spamming, and alert the owner. If no action is taken in a week, warn
    the owner that they're in breach of their terms of service, and if the
    behaviour persists, cut the owner off until they clean up their PC.
    Repeat offenders should be banned.

    (3) ISPs who won't cut off spam bots are either incompetent or have a
    financial incentive to do business with spammers. Therefore, responsible
    ISPs should cut them off. If this means the email universe divides into
    two halves, the Wild West where 999 emails out of every 1000 are spam,
    and Civilization where only one in a thousand is spam, I'm okay with that.

    As for the argument that home users who send spam are the victim, that's
    true up to a point, but not very far. Here's an analogy: suppose that
    terrorists sneak into your house after picking the lock -- or in the case
    of Windows users with no firewall or anti-malware, stroll through the
    unlocked front door -- and spend the next six months camped in your spare
    bedroom, using your home for their base of operations while they make
    terrorist attacks. When the FBI kicks your doors down, don't you think
    you would be arrested and would have to prove that you couldn't be
    reasonably expected to know they were there? If millions of spam emails
    are coming out of your PC, that's prima facie evidence that YOU are
    spamming. You would need to prove that you're an innocent victim who
    couldn't *reasonably* be expected to know that your machine was hijacked
    -- you would need to prove that the spam bot was so sophisticated that it
    infected your PC despite the firewall, that you didn't install it
    yourself in order to get some stupid game, that no commonly available
    anti-malware program detects it. Anything less than that is *at least*
    negligence, and possibly willful negligence.

    Negligence is a crime too, especially willful negligence. Perhaps a
    lesser crime than deliberate bad behaviour, but if you kill somebody
    because you neglected to service your car, the argument "I'm the victim
    here, blame somebody else!" wouldn't get you very far. Not knowing how to
    service your car to keep it in good working order is not an excuse -- if
    you don't know how to change the brakes, there are people who do. If you
    don't know how to set up an effective firewall and anti-malware software,
    there are people who do. Stop hiding behind your ignorance, and pay an
    expert to service -- and secure -- your computer. It is 2009, and the
    malware problem isn't some theoretical threat that only a handful of
    people know about. Anyone with an infected PC who does nothing about it
    is, in my opinion, *equally* responsible for the spam being sent out as
    the criminals who hijacked the PC in the first place.

    Yes, I'd like to see the criminals, the malware authors and the spammers
    punished, but I'd be satisfied to see them put out of business. The weak
    link is the zombie PCs -- fix the home users' PCs, or block them, take
    them off the Internet, and spam becomes manageable again.



    --
    Steven
    Steven D'Aprano, Sep 2, 2009
    #14
  15. On Tue, 01 Sep 2009 19:33:47 -0400, Terry Reedy wrote:

    > David wrote:
    >>
    >> I'm not saying that criminals shouldn't being prosecuted, but we are
    >> talking of something else: creating and environment that discurages
    >> criminals, because present enviroment is pretty wild and criminals have
    >> a big advantage.
    >> The mail-tax proposal aims to change this situation.

    >
    > I have read at least one person saying he did not mind his machine being
    > used to send out spam.


    *Lots* of people have that attitude. I know a number of kiddies whose
    attitude is they don't care what malware is on their PC, when performance
    slows down to the point they can't play World of Warcrack any more,
    they'll just rebuild it.


    > I have read more that one person advocating
    > leaving one's wi-fi base open for anyone to use as the 'neighborly'
    > thing to do.


    That's a different kettle of fish. You don't do anybody any harm by
    paying for Internet access for your neighbours (and anyone driving down
    the street with a laptop and wi-fi).


    > A substantial fraction of people have turned off Window's update.
    > Consequently, whenever Microsoft announces a vulnerablility and patch,
    > malware writers can write an exploit of the announced vulnerability and
    > be sure that they will find vulnerable machines.


    Which wouldn't matter if their system was behind a proper firewall, and
    if they didn't willingly install malware because it came with a cool
    game. Or accidentally installed it because they thought it was anti-virus.

    The one and only time my Windows PC was infected by malware was because
    my wife decided to do the right thing by installing the Windows update.
    Somewhere in the process -- I never worked out how -- ActiveX got turned
    back on in IE, and within an hour the machine had a dozen drive-by
    malware packages installed. I know they were drive-by, because the missus
    started the update process and then left the house, nobody else was
    there. When she returned, she came in to a hundred pop-ups on screen, and
    a hijacked browser.

    Took me two weeks of elapsed time and around 30 hours of effort to remove
    those suckers from the machine. Now I run Linux, behind two firewalls.




    --
    Steven
    Steven D'Aprano, Sep 2, 2009
    #15
  16. casebash

    r Guest

    On Sep 1, 10:16 pm, Steven D'Aprano
    <> wrote:
    (snip)
    > That's a different kettle of fish. You don't do anybody any harm by
    > paying for Internet access for your neighbours (and anyone driving down
    > the street with a laptop and wi-fi).


    naughty, naughty! somebody's been wardriving! ;-)


    > Took me two weeks of elapsed time and around 30 hours of effort to remove
    > those suckers from the machine. Now I run Linux, behind two firewalls.


    Takes me less than one hour to rebuild my system including personal
    files, but excluding however winders updates cause there sure are a
    lot of thems updates :-O
    r, Sep 2, 2009
    #16
  17. casebash

    Terry Reedy Guest

    Steven D'Aprano wrote:

    >> I have read more that one person advocating
    >> leaving one's wi-fi base open for anyone to use as the 'neighborly'
    >> thing to do.

    >
    > That's a different kettle of fish. You don't do anybody any harm by
    > paying for Internet access for your neighbours (and anyone driving down
    > the street with a laptop and wi-fi).


    Unless the 'neighbor' is your friendly local spam or malware merchant ;-)

    The rationale I have seen is this: if one leaves the wi-fi router open
    and illegal activity is conducted thru it, and there is no residual
    evidence on the hard drives of on-premises machines, then one may claim
    that it must have been someone else. On the other hand, if the router is
    properly closed, then it will be hard to argue that someone hacked
    trough it.

    There are, of course, flaws in this argument, and I take it as evidence
    of intention to conduct illegal activity, whether properly so or not.

    tjr
    Terry Reedy, Sep 2, 2009
    #17
  18. On Wed, 02 Sep 2009 02:16:27 -0400, Terry Reedy wrote:

    > Steven D'Aprano wrote:
    >
    >>> I have read more that one person advocating leaving one's wi-fi base
    >>> open for anyone to use as the 'neighborly' thing to do.

    >>
    >> That's a different kettle of fish. You don't do anybody any harm by
    >> paying for Internet access for your neighbours (and anyone driving down
    >> the street with a laptop and wi-fi).

    >
    > Unless the 'neighbor' is your friendly local spam or malware merchant
    > ;-)


    Since they're sending spam through your account, it's the same as you
    sending the spam, and you're responsible for it.


    > The rationale I have seen is this: if one leaves the wi-fi router open
    > and illegal activity is conducted thru it, and there is no residual
    > evidence on the hard drives of on-premises machines, then one may claim
    > that it must have been someone else. On the other hand, if the router is
    > properly closed, then it will be hard to argue that someone hacked
    > trough it.
    >
    > There are, of course, flaws in this argument, and I take it as evidence
    > of intention to conduct illegal activity, whether properly so or not.


    So, if somebody leaves their car unlocked, is that evidence that they
    were intending to rob a bank and wanted a fast getaway car?

    If you leave your window open on a hot summer's night, is that evidence
    that you're planning to fake a burglary?

    If you leave your knife and fork unattended in a restaurant while you go
    to the toilet, is that evidence that you intended to stab the waiter and
    blame somebody else?


    I assume you would answer No to each of these. So why the harsher
    standard when it comes to computer crime?



    --
    Steven
    Steven D'Aprano, Sep 2, 2009
    #18
  19. casebash

    MRAB Guest

    Steven D'Aprano wrote:
    > On Tue, 01 Sep 2009 20:48:19 +0200, David wrote:
    >
    >> Il Tue, 1 Sep 2009 11:50:14 +0200, Andre Engels ha scritto:
    >>
    >>
    >>> What about mailing lists? There exist well-functioning mailing lists
    >>> with thousands of subscribers. Being a posting member of those will
    >>> significantly increase your internet bill under your proposal.

    >> It's an implementation issue, it doesn't touch the sense of proposal.
    >> One possibility is register the mail list to official registers and mail
    >> from a subscriber to other subscribers will be excluded from taxation or
    >> will have a lower tax rate.
    >> An excessive mailing from a single or few subscribers can be easily
    >> detected, traced, filtered and, if the case, prosecuted.

    >
    > This can be done already, without the need for an email tax. ISPs could
    > easily detect spammers, if they cared to.
    >
    > There are a few things that can already be done to cut the spam problem
    > to manageable size:
    >
    > (1) Why aren't ISPs blocking port 25 for home users by default? My home
    > ISP does, I can only send email through their mail server unless I ask
    > them nicely, in which case I'd be responsible for any spam that leaves my
    > home network. If I send spam, I'll be breaking my terms of service.
    >
    > (2) Why aren't ISPs cutting off detected spam bots? Owners of zombied PCs
    > are menaces to society. ISPs are in the best position to detect PCs which
    > are spamming, and alert the owner. If no action is taken in a week, warn
    > the owner that they're in breach of their terms of service, and if the
    > behaviour persists, cut the owner off until they clean up their PC.
    > Repeat offenders should be banned.
    >

    The preferred option these days is to slow down net access of the
    offenders, not cut them off completely. I'm not sure how many ISPs
    actually do that yet.
    MRAB, Sep 2, 2009
    #19
  20. On 9/1/2009 9:22 PM r said...
    > On Sep 1, 10:16 pm, Steven D'Aprano
    >> Took me two weeks of elapsed time and around 30 hours of effort to remove
    >> those suckers from the machine. Now I run Linux, behind two firewalls.

    >
    > Takes me less than one hour to rebuild my system


    If that's your job (as it's sometimes mine) then that sounds about
    right. Otherwise, you must have a lot of practice rebuilding!

    Emile
    Emile van Sebille, Sep 2, 2009
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Rene Pijlman
    Replies:
    22
    Views:
    706
    Fredrik Lundh
    Dec 10, 2003
  2. Mr. SweatyFinger
    Replies:
    2
    Views:
    1,756
    Smokey Grindel
    Dec 2, 2006
  3. Sergio Correia
    Replies:
    7
    Views:
    281
    Ben Finney
    Sep 18, 2007
  4. Replies:
    3
    Views:
    456
  5. David Binnie
    Replies:
    2
    Views:
    435
    Rich Webb
    May 22, 2009
Loading...

Share This Page