[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Jerk spammers on tor-relays

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Jerk spammers on tor-relays
From: Mirimir <mirimir@xxxxxxxxxx>
Date: Fri, 21 Sep 2018 16:33:05 -0700
Autocrypt: addr=mirimir@xxxxxxxxxx; prefer-encrypt=mutual; keydata= xsBNBFEN49cBCADWl1VZKYO8L+f/65G2nBWzh41VTAZDcJSxMWXrBSvpJzzLt6sJf0L0Rjmy W4VPxJMCm/32auRAp8Xx1iNmBpvYENSM1YJVWfk43tlSOY8CR3TVODMxWPhUu48Pb9OKSntz WHGwdZmOr14zF9vr4PaS9A6+Hyt9FPKuGcQFw7K8jK1Hpp5XgdY/DMHKeaJykJ8JH1HBTFTT OJdxIWu6cZ+spNaNfKdnNjk98hMPw69isVGzcm7b3lJUsjVnMSqnrtZ8CSIv1njyxJH7NB5n LzrE7EiXR37k+4Poc9/DeLSAKrq5N3ZMpX1EDOoXFa8lLVGWHBTwVN/tl7FLM0NmVuL5ABEB AAHNHG1pcmltaXIgPG1pcmltaXJAcmlzZXVwLm5ldD7CwIEEEwECACsCGyMGCwkIBwMCBhUI AgkKCwQWAgMBAh4BAheAAhkBBQJafNQ7BQkNMVdkAAoJEGINZVEXwuQ+5LoIAKyZQDkNqj+Y E26o1bdEQlmOLhhXev45euNCnaFrnbOyKLivHdF4vvXyWBTzJmCsoRxTJ0A3Zmwa3ZihbKaU FCAdRgspLfA+TGICVYOztB+faWV18k5OTCk7ZiBQ/mOMQA4p3RPOV+UCgdelvZRHrFdUgHro dho/FqZhRoPdsPPB08QBisDO7SfFMMe9U9EZ03n4f2TvMgaTjK/kZCopwgLj2nB11SnCYfWJ jxUFDs+VFObf/jSK8T0SX9O6p430NWZm30vutUVac9lfodMjBcJqTnFxmZrwQomlCYGvSqNw 4Xy5+/gBzv/flXHngQSU053smHRtrMlGK5OU1RSixDfOwE0EUQ3j1wEIAMDcexhcaIO5jpl+ SHM14zuBvF2QG61IpH4Lag6nQmSMTljizuJg2kLaLbfc69AxmjuL5obqYi5ywXn4kQKqiwfa OHvVlKn662/J5YgXuc8tRLyqvgb+hibtAnlhWAuusP0eoQQP6SAASRjtrb8RVapTzJXy2Snf PtkcdtkTLLLcyeGoDOkpPkspnnp8avvI9ayzhGFLg9qNWaIuBMudxT6oHK4rZH+Sv6km9viI /ziV6E8Z+PpvMsGdebeYBLQA7ueuTbyOGbDyProwvocrKynI/UM40VYS8bS1PjWtljUlj7Vx 8C/746hnfdge0m24jnaWfu5UDjwpsHzs/JXqklsAEQEAAcLAZQQYAQIADwIbDAUCWnzURgUJ DTFXbwAKCRBiDWVRF8LkPsCjCACNvnnmpcDwEbtXUFZD/+ewNlPfM9o0mIXgi7DIVR9MVCw/ u14+mJUlQny4jPRV+hv/erjbiqEcVPZ296J3I4kUvO4slI+ZyODsRQSzwMz6ihwC6nN1xove YSBzVKKQrV+FDHVk6dJVLtgPdewOR9ZAar7mEbCLTJZ/e5aVb+NrlC1jWx3V3mMGCKOsEHhu 97cu3AswlxhzqPjczTo3rjtcfxdjeGU6mIEEAlhUlVDdfbGLODIyCXrP39zYxYXFFpVcbGAu +cndl1AQkIXUiMoJuzTMU8TQ+zz8yLof9fB7Y8O8VbmZBPQqN2IiHPeGbfqZjk/uHjJQUayI +beL0kxL
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 21 Sep 2018 19:33:22 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1537572789; bh=KJPdfe2gMPKR6rxpk2AMSEoQtlHOxXHw99oTyohi2Nw=; h=Subject:To:References:From:Date:In-Reply-To:From; b=p3XMyKVyApQkRAV+5uJOn60FdSa8YRGeh2UTXupVPD9zq9oV2NSGEor6wNjL9gtej fJBCqQPe8Mtgocv0iQXXDY5ZKG7BcQSAY3y6yCH/Cq9NtnjkfZ8IAgxtjFnkm+E2BJ tSPMh+f52omvFFI5v2yj5rVC8WsY5raHol9kO798=
In-reply-to: <CADqUGAO_9EwYi=cXAFt6sfd-twgMaYummws18sZEyJx2bkJHfg@mail.gmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
Openpgp: preference=signencrypt
References: <CADqUGANCot_6SZF5H=pKkOziNyNDhqUBEQoVxQreZ+anWEv4kw@mail.gmail.com> <b1c1f27d-445e-fe77-5dbe-1339744113e3@riseup.net> <5b496440.1c69fb81.07ba.c1b7@mx.google.com> <CADqUGAP8Egb7vWdZQBVjn41-bnVFrfa324pCPDs6F5Oo++PxCw@mail.gmail.com> <CADqUGAOE=75FfgeA444MCr5prNT24mJDF8op61H1x-Hrxkbz5g@mail.gmail.com> <71354e12-5875-1347-caa0-bbce21db22cf@riseup.net> <1537540811.445943.1516102176.15B323E7@webmail.messagingengine.com> <7e72b684-280e-eb19-7562-4bfa2d1fa8d4@monksofcool.net> <20180921154302.GD10663@inner.h.apk.li> <53855f87-1045-2e40-03e2-a112a9308cfa@monksofcool.net> <20180921175040.GE10663@inner.h.apk.li> <08199cd9-9038-61aa-dee8-767fd310e439@riseup.net> <5ba5539e.1c69fb81.d50e8.27b3@mx.google.com> <bfe08f73-81e0-86ce-ffa8-fcaf346c8e4d@riseup.net> <CADqUGAO_9EwYi=cXAFt6sfd-twgMaYummws18sZEyJx2bkJHfg@mail.gmail.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On 09/21/2018 02:42 PM, Keifer Bly wrote:
> I do agree. I had said before that this could possibly be an attempted
> attack on the network by trying to infect relay operators machines with
> spyware, etc.
> 
>> Sure. For those, you just keep filing abuse reports. Just automate it,
> so every message triggers a report. If enough list members do that,
> there'll be lots of abuse reports.
> 
> How would you suggest we do that? thank you.

First you get all of the spam from addresses. I did that by exporting
from Thunderbird to text files, and then using grep to grab all of the
"From:" lines. Then I massaged the data in gnumeric, to pull unique
"foo@xxxxxxx". I have 43 so far, and 65% are Gmail.

In Thunderbird, one can create a filter on Inbox that selects messages
by from address, forwards them somewhere, and then puts them wherever
you like, or deletes them. So you configure a filter for each one, and
forward messages to the appropriate abuse address.

> On Fri, Sep 21, 2018 at 2:35 PM Mirimir <mirimir@xxxxxxxxxx> wrote:
> 
>> On 09/21/2018 01:24 PM, Keifer Bly wrote:
>>>
>>> ➢ There are lots of technical folk on these tor lists.
>>> There ought to be at least a few who'd enjoy killing some spam servers.
>>>
>>> What exactly do you mean by “killing them”? If you are referring to
>> forcibly taking the servers offline, that would most likely be illegal.
>>
>> As Marv says, "I love hitmen. No matter what you do to them, you don't
>> feel bad." So I don't care so much about "illegal". Indeed, there is
>> effectively no law that protects us from jerks like this. Maybe they're
>> just sex spammers, but you gotta treat them like malicious attackers,
>> because they might be. That's especially so because they're targeting
>> Tor Project lists. So it comes down to the right of self-defense.
>>
>>> Not to mention an amount of the spamming addresses are using Gmail and
>> Yahoo mail accounts, and we can’t “kill” those sources.
>>
>> Sure. For those, you just keep filing abuse reports. Just automate it,
>> so every message triggers a report. If enough list members do that,
>> there'll be lots of abuse reports.
>>
>> <SNIP>
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays@xxxxxxxxxxxxxxxxxxxx
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
> 
> 
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Jerk spammers on tor-relays
  - From: Keifer Bly
- Re: [tor-relays] Jerk spammers on tor-relays
  - From: Mirimir

References:
- Re: [tor-relays] Jerk spammers on tor-relays (was Re: Fwd: Tor GuardRelay)
  - From: Keifer Bly
- Re: [tor-relays] Jerk spammers on tor-relays (was Re: Fwd: Tor GuardRelay)
  - From: Mirimir
- Re: [tor-relays] Jerk spammers on tor-relays (was Re: Fwd: Tor GuardRelay)
  - From: Dave Warren
- Re: [tor-relays] Jerk spammers on tor-relays
  - From: Ralph Seichter
- Re: [tor-relays] Jerk spammers on tor-relays
  - From: Andreas Krey
- Re: [tor-relays] Jerk spammers on tor-relays
  - From: Ralph Seichter
- Re: [tor-relays] Jerk spammers on tor-relays
  - From: Andreas Krey
- Re: [tor-relays] Jerk spammers on tor-relays
  - From: Mirimir
- Re: [tor-relays] Jerk spammers on tor-relays
  - From: Keifer Bly
- Re: [tor-relays] Jerk spammers on tor-relays
  - From: Mirimir
- Re: [tor-relays] Jerk spammers on tor-relays
  - From: Keifer Bly

Prev by Author: Re: [tor-relays] Policy Question: Tor Exits at Universities, Corporate Networks, etc
Next by Author: Re: [tor-relays] Zwiebelfreunde: "shutting down more and more because, of lack of time"
Previous by thread: Re: [tor-relays] Jerk spammers on tor-relays
Next by thread: Re: [tor-relays] Jerk spammers on tor-relays
Index(es):
- Author
- Thread