[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: spam

On Fri, 16 Sep 2005, Wesley Craig wrote:

ITCS Directors decided to deploy DSPAM only on the IMAP servers. Personally, I don't disagree with this decision, as it improved the SPAM situation for a portion of the population, while limiting the scope of potential negative impacts. I think that most IT Managers on campus also agreed with the decision, especially given that the Anti-SPAM WG was supposed to deliver a decision immanently.

Deploying DSPAM on the ITCS IMAP servers was definitely helpful for controlling spam to personal mailboxes. My only points are that it is not a complete solution and there is a need for either something more and/or something different.

Without rewriting history, a new decision might be made today.

Yes, please!

However, there are still groups that might disagree with moving DSPAM to the gateway, and their opinions must also be considered.

I can't see how any end user would have trouble with this under the scheme I proposed -- specifially, that the mail gateway servers just tag messages and that all filtering is done elsewhere.

Am I missing something related to potential end-user concerns?
If not, then it would seem that any groups that might disagree
would be IT staff -- can you share any concerns you have heard
from IT staff regarding doing anti-spam tagging on the mail
gateway servers?

Putting DSPAM (or a comparable filter) on the gateway will not completely solve this problem. As long as the FootPrints server accepts mail from off-campus, it will get unfiltered SPAM.

Yes. But that is easily fixed. The problem is that there's little upside in making this change now, from an end-user's point of view. And note that this concern is also not unique to FootPrints -- no campus service that accepts email should accept it from anywhere except the gateway servers in order for anti-spam tagging to be effective.

Keep in mind this is NOT a FootPrints-specific problem: it
affects regular UMOD groups, listserves on campus, and much more.
I've fielded a complaint just yesterday about the unix-admins mailing
list (which is not a listserve, just a regalar UMOD group) about
the amount of spam the group receives.

I might suggest making unix-admins members-only.

Yes, that is what is currently being discussed. I oppose this on philosophical grounds because I think the community should be open to everyone (at least everyone on-campus) regardless of whether or not they are a member of the group. But I may lose this argument.

Making every UMOD group and every listserve on campus members-only
will certainly help control spam, but it is also a huge but subtle
cultural change that will have long-reaching implications.  And
again, it is still not a complete solution to the problem since
it will not help FootPrints or other services that need to accept
incoming email from people who have not been identified and
authorized a priori.

Thanks for the constructive messages on this subject. My intent here is not to stir up a lot of stuff during a busy time of year, I was just taking advantage of Willie's original message to say, "See? This is a problem on campus and it negatively affects ITCS mailing lists such as umce.linux too". If anyone would LIKE to do anything about this, they'll have my full support and I'll contribute in any way I can.

                Mark Montague
                LS&A Information Technology