-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 23 Mar 2006 11:52:12 -0800 Tony Godshall <[EMAIL PROTECTED]> wrote:
> According to Jacob S, > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > On Thu, 23 Mar 2006 07:48:38 -0800 > > Paul Johnson <[EMAIL PROTECTED]> wrote: > > > > > On Thursday 23 March 2006 02:41, Henning Makholm wrote: > > > > Scripsit Paul Johnson <[EMAIL PROTECTED]> > > > > > > > > > On Wednesday 22 March 2006 09:45, Henning Makholm wrote: > > > > >> Listmasters have been trying to > > > > >> identify the responsible subscriber with no luck > > > > > > > > > > Why not just 500 all posts from sites known to use > > > > > challenge-response? > > > > > > > > The challenges are send directly from the idiot site to the From > > > > address in the list posting. They do not pass through Debian > > > > machines. > > > > > > However, in the future, people from that site would not be able to > > > confirm their subscription in the first place if their site uses > > > challenge-response. > > > > Except that, as has been discussed many times before... 1) the C-Rs > > are coming from uol.com.br 2) there are some legitimate users that > > post from uol.com.br that do not have C-R on their accounts 3) the > > problem address is not a uol.com.br account - the problem account > > has their mail forwarded to a uol.com.br account, so the > > listmasters have not been able to track down the problem account. > > > > So you would be blocking a lot of innocent users and the problem > > account would still be on the list. > > Do the people on uol.com.br have a choice? Perhaps they > could vote with their wallets? Probably. Except, I have a feeling we'd end up blocking all isps and large businesses and only allow traffic from personally owned domains. Not that that's an entirely bad thing, though... :-) Jacob -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFEIwPLkpJ43hY3cTURAtJ/AKC3eU2jgoCHjZUNGdDIKQ3fJziJpQCfd6fk xqSLiw4bUGT1cq3gLsVbCzM= =pPC8 -----END PGP SIGNATURE-----
