You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Greg Troxel <gd...@ir.bbn.com> on 2010/12/12 16:51:50 UTC
linkedin invitation spam
I've also been having problems with invitation spam, and have complained
to linkedin with no useful results.
Trying to block this is a bit tricky, because when a user of one of
these sites invites a specific person by entering an email address, it
isn't really spam. The problem appears to be that the sites offer the
ability to upload one's entire email contact list and then clueless
users somehow click on the 'spam my entire addressbook' button.
A possible approach in SA is to have
rules that matches each invitation type
a metarule for INVITATION
rules that match mailinglist messages (eg List-Id: for mailman)
a metarule for mailinglists
a metarule for invitation over a mailinglist, which IMHO is
intrinsically spam and could well just get 5 points
Re: linkedin invitation spam
Posted by mouss <mo...@ml.netoyen.net>.
Le 13/12/2010 15:33, Matus UHLAR - fantomas a écrit :
>>>>>> Michelle Konzack wrote:
>>>>>>> 300-500 INVITE spams per day from more than 400 socialnetworks
>>>>>>> worldwide is realy annoying or better, I would call it
>>>>>>> terrorism.
>>>>>
>>>>> On 12.12.10 22:03, Per Jessen wrote:
>>>>>> Just reject them all?
>>>
>>>> Matus UHLAR - fantomas wrote:
>>>>> Do those invitations contain headers by whose they could be
>>>>> detected and that would prevent them to be passed to mailing lists?
>>>
>>> On 13.12.10 09:55, Per Jessen wrote:
>>>> Yep. The mailing list operator could just reject everything coming
>>>> from/via "member@linkedin.com" (that is my most recent invitation
>>>> came from). Of course, the real issue is probably lists that don't
>>>> require subscription.
>
>> Matus UHLAR - fantomas wrote:
>>> No. Such mails should contain something that would not be re-sent to
>>> any kind of mailing lists, such a Precedence: or similar headers, so
>>> the list operator should not be required to do anything.
>
> On 13.12.10 11:50, Per Jessen wrote:
>> AFAICT, there is no resending involved here. linkedin (and others) is
>> given a long list of addresses to which to send inviattions. Linkedin
>> can't determine that an address is a list-address, so isn't it only the
>> list manager that can reject such invitations?
>
> there are ways to avoid redistribution of mail messages, as there are ways
> to avoid receiving bounces and OOO-messaged on them.
> If linkedin sends that many messages, it can insert headers that would avoid
> this behaviour.
like what? please give details instead of generic medicine.
which headers would prevent resending by debian lists?
linkedin send messages to individual addresses. the fact that debian
lists are open isn't _their_ problem.
>
> List admins can and should prevent resending of unwelcome messages (spam) to
> lists.
Nah. list admins do what they want. they decide the list policy and
handling spam is part of the policy.
debian lists are _open_. read it again: _open_. this is a philosophy.
can you hear it saying "despite the spam, despite the vigilantes,
despite anything: we'll stay open"?
whatever you say, debian lists are still usable. despite the junk that
slips. and really, I see more "junk" on the SA list than on debian lists
(on debian lists, with a threaded view, I can easily skip mail that I
know I don't care for. on SA, subject lines are hardly useful).
> But no list admins can know all kinds of invitations and bulk/automated
> messages to fill their filters with.
>
> I think that anyone sending invites and similar messages should make every
> possible effort to avoid his messages being broadcaster over the internet
> etc.
and he does that how? how can I know that joe@example.com is a mailing
list?
- there is no registry of mailing list addresses
- there is no standard that dictates mailing list adresses
- it is a fact that mailing list email and individual email uses the
same protocol and infrastructure
Re: linkedin invitation spam
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
> >> >> Michelle Konzack wrote:
> >> >> > 300-500 INVITE spams per day from more than 400 socialnetworks
> >> >> > worldwide is realy annoying or better, I would call it
> >> >> > terrorism.
> >> >
> >> > On 12.12.10 22:03, Per Jessen wrote:
> >> >> Just reject them all?
> >
> >> Matus UHLAR - fantomas wrote:
> >> > Do those invitations contain headers by whose they could be
> >> > detected and that would prevent them to be passed to mailing lists?
> >
> > On 13.12.10 09:55, Per Jessen wrote:
> >> Yep. The mailing list operator could just reject everything coming
> >> from/via "member@linkedin.com" (that is my most recent invitation
> >> came from). Of course, the real issue is probably lists that don't
> >> require subscription.
> Matus UHLAR - fantomas wrote:
> > No. Such mails should contain something that would not be re-sent to
> > any kind of mailing lists, such a Precedence: or similar headers, so
> > the list operator should not be required to do anything.
On 13.12.10 11:50, Per Jessen wrote:
> AFAICT, there is no resending involved here. linkedin (and others) is
> given a long list of addresses to which to send inviattions. Linkedin
> can't determine that an address is a list-address, so isn't it only the
> list manager that can reject such invitations?
there are ways to avoid redistribution of mail messages, as there are ways
to avoid receiving bounces and OOO-messaged on them.
If linkedin sends that many messages, it can insert headers that would avoid
this behaviour.
List admins can and should prevent resending of unwelcome messages (spam) to
lists. But no list admins can know all kinds of invitations and bulk/automated
messages to fill their filters with.
I think that anyone sending invites and similar messages should make every
possible effort to avoid his messages being broadcaster over the internet
etc.
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
How does cat play with mouse? cat /dev/mouse
Re: linkedin invitation spam
Posted by Per Jessen <pe...@computer.org>.
Matus UHLAR - fantomas wrote:
>> >> Michelle Konzack wrote:
>> >> > 300-500 INVITE spams per day from more than 400 socialnetworks
>> >> > worldwide is realy annoying or better, I would call it
>> >> > terrorism.
>> >
>> > On 12.12.10 22:03, Per Jessen wrote:
>> >> Just reject them all?
>
>> Matus UHLAR - fantomas wrote:
>> > Do those invitations contain headers by whose they could be
>> > detected and that would prevent them to be passed to mailing lists?
>
> On 13.12.10 09:55, Per Jessen wrote:
>> Yep. The mailing list operator could just reject everything coming
>> from/via "member@linkedin.com" (that is my most recent invitation
>> came from). Of course, the real issue is probably lists that don't
>> require subscription.
>
> No. Such mails should contain something that would not be re-sent to
> any kind of mailing lists, such a Precedence: or similar headers, so
> the list operator should not be required to do anything.
AFAICT, there is no resending involved here. linkedin (and others) is
given a long list of addresses to which to send inviattions. Linkedin
can't determine that an address is a list-address, so isn't it only the
list manager that can reject such invitations?
/Per Jessen, Zürich
Re: linkedin invitation spam
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
> >> Michelle Konzack wrote:
> >> > 300-500 INVITE spams per day from more than 400 socialnetworks
> >> > worldwide is realy annoying or better, I would call it terrorism.
> >
> > On 12.12.10 22:03, Per Jessen wrote:
> >> Just reject them all?
> Matus UHLAR - fantomas wrote:
> > Do those invitations contain headers by whose they could be detected
> > and that would prevent them to be passed to mailing lists?
On 13.12.10 09:55, Per Jessen wrote:
> Yep. The mailing list operator could just reject everything coming
> from/via "member@linkedin.com" (that is my most recent invitation came
> from). Of course, the real issue is probably lists that don't require
> subscription.
No. Such mails should contain something that would not be re-sent to any
kind of mailing lists, such a Precedence: or similar headers, so the list
operator should not be required to do anything.
(unless the linkedin admins want such mail to be relayed through lists - if
so, shame on them).
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Spam is for losers who can't get business any other way.
Re: linkedin invitation spam
Posted by Per Jessen <pe...@computer.org>.
Matus UHLAR - fantomas wrote:
>> Michelle Konzack wrote:
>>
>> > 300-500 INVITE spams per day from more than 400 socialnetworks
>> > worldwide is realy annoying or better, I would call it terrorism.
>
> On 12.12.10 22:03, Per Jessen wrote:
>> Just reject them all?
>
> Do those invitations contain headers by whose they could be detected
> and that would prevent them to be passed to mailing lists?
>
Yep. The mailing list operator could just reject everything coming
from/via "member@linkedin.com" (that is my most recent invitation came
from). Of course, the real issue is probably lists that don't require
subscription.
/Per Jessen, Zürich
Re: linkedin invitation spam
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
> Michelle Konzack wrote:
>
> > 300-500 INVITE spams per day from more than 400 socialnetworks
> > worldwide is realy annoying or better, I would call it terrorism.
On 12.12.10 22:03, Per Jessen wrote:
> Just reject them all?
Do those invitations contain headers by whose they could be detected and
that would prevent them to be passed to mailing lists?
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
My mind is like a steel trap - rusty and illegal in 37 states.
Re: linkedin invitation spam
Posted by Per Jessen <pe...@computer.org>.
Michelle Konzack wrote:
> Hello Per Jessen,
>
> Am 2010-12-12 22:03:34, hacktest Du folgendes herunter:
>> Michelle Konzack wrote:
>>
>> > 300-500 INVITE spams per day from more than 400 socialnetworks
>> > worldwide is realy annoying or better, I would call it terrorism.
>>
>> Just reject them all?
>
> Not possibel, because the are sending with the E-Mail addresse from
> the inviter and not one of the social network
Not to me they don't - as far back as 2007, my linkedin inviations have
come from "invitations@linkedion.com", more
recently "member@linkedin.com".
/Per Jessen, Zürich
Re: linkedin invitation spam
Posted by mouss <mo...@ml.netoyen.net>.
Le 13/12/2010 11:30, Michelle Konzack a écrit :
> Hello Per Jessen,
>
> Am 2010-12-12 22:03:34, hacktest Du folgendes herunter:
>> Michelle Konzack wrote:
>>
>>> 300-500 INVITE spams per day from more than 400 socialnetworks
>>> worldwide is realy annoying or better, I would call it terrorism.
>>
>> Just reject them all?
>
> Not possibel, because the are sending with the E-Mail addresse from the
> inviter and not one of the social network
>
can you please show evidence?
Re: linkedin invitation spam
Posted by Michelle Konzack <li...@tamay-dogan.net>.
Hello Per Jessen,
Am 2010-12-12 22:03:34, hacktest Du folgendes herunter:
> Michelle Konzack wrote:
>
> > 300-500 INVITE spams per day from more than 400 socialnetworks
> > worldwide is realy annoying or better, I would call it terrorism.
>
> Just reject them all?
Not possibel, because the are sending with the E-Mail addresse from the
inviter and not one of the social network
> /Per Jessen, Zürich
Thanks, Greetings and nice Day/Evening
Michelle Konzack
--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
itsystems@tdnet France EURL itsystems@tdnet UG (limited liability)
Owner Michelle Konzack Owner Michelle Konzack
Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstraße 17
67100 Strasbourg/France 77694 Kehl/Germany
Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix
<http://www.itsystems.tamay-dogan.net/> <http://www.flexray4linux.org/>
<http://www.debian.tamay-dogan.net/> <http://www.can4linux.org/>
Jabber linux4michelle@jabber.ccc.de
ICQ #328449886
Linux-User #280138 with the Linux Counter, http://counter.li.org/
Re: linkedin invitation spam
Posted by Per Jessen <pe...@computer.org>.
Michelle Konzack wrote:
> 300-500 INVITE spams per day from more than 400 socialnetworks
> worldwide is realy annoying or better, I would call it terrorism.
Just reject them all?
/Per Jessen, Zürich
Re: linkedin invitation spam
Posted by Michelle Konzack <li...@tamay-dogan.net>.
Hello Greg Troxel,
Am 2010-12-12 10:51:50, hacktest Du folgendes herunter:
> Trying to block this is a bit tricky, because when a user of one of
> these sites invites a specific person by entering an email address, it
> isn't really spam. The problem appears to be that the sites offer the
> ability to upload one's entire email contact list and then clueless
> users somehow click on the 'spam my entire addressbook' button.
Sometimes my mailinglists are hit in a very short time by 10 to 20
invitations and multiply each be the factor 3-4000 which is not funny
if you have only a 100 Mbit internet connection.
> A possible approach in SA is to have
>
> rules that matches each invitation type
> a metarule for INVITATION
>
> rules that match mailinglist messages (eg List-Id: for mailman)
> a metarule for mailinglists
>
> a metarule for invitation over a mailinglist, which IMHO is
> intrinsically spam and could well just get 5 points
1+
I vote for a SA rule concerning MAILINGLISTS+INVITATION
And I hate INVITE messages which use the Original Senders E-Mail because
if they would use the own domain I could block it on SMTP Level.
300-500 INVITE spams per day from more than 400 socialnetworks worldwide
is realy annoying or better, I would call it terrorism.
Thanks, Greetings and nice Day/Evening
Michelle Konzack
--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux
itsystems@tdnet France EURL itsystems@tdnet UG (limited liability)
Owner Michelle Konzack Owner Michelle Konzack
Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstraße 17
67100 Strasbourg/France 77694 Kehl/Germany
Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix
<http://www.itsystems.tamay-dogan.net/> <http://www.flexray4linux.org/>
<http://www.debian.tamay-dogan.net/> <http://www.can4linux.org/>
Jabber linux4michelle@jabber.ccc.de
ICQ #328449886
Linux-User #280138 with the Linux Counter, http://counter.li.org/