Moderator note: Newsgroup participants under virus attack

Everyone:

I've been receiving one or two meg of virus infected emails every hour. I
noticed that quite a few participants from the moderated business groups are
under attack as well. I suppose its a bit late to say this, and probably not
necessary, but don't open any attachments -- especially those that claim to
be a virus fix from Microsoft.

My mail server took a dive earlier and I know that at least one of the other
moderator's internet connection is down. If things slow down in terms of
moderation this weekend, please be patient.

Regards,

Mike Turco, co-moderator

I was wondering where that was coming from. It just started a few days ago
about the first time I logged on to this newsgroup

Phillip Lyles
prlyles@surry.net

"Mike Turco" <miketurco@yahoo.com> wrote in message
news:bkg9430751@enews2.newsguy.com...
>
> Everyone:
>
> I've been receiving one or two meg of virus infected emails every hour. I
> noticed that quite a few participants from the moderated business groups
are
> under attack as well. I suppose its a bit late to say this, and probably
not
> necessary, but don't open any attachments -- especially those that claim
to
> be a virus fix from Microsoft.
>
> My mail server took a dive earlier and I know that at least one of the
other
> moderator's internet connection is down. If things slow down in terms of
> moderation this weekend, please be patient.
>
> Regards,
>
> Mike Turco, co-moderator
>
>
>

"Phillip Lyles" <prlyles@surry.net> wrote in message
news:bkomr60d5e@enews2.newsguy.com...
>
> I was wondering where that was coming from. It just started a few days
ago
> about the first time I logged on to this newsgroup

I seem to be getting about two or more megabytes worth of this stuff every
hour, which keeps jamming up my Yahoo account.

The business groups are not the only newsgroups under attack. It may not be
an attack against newsgroups, maybe some of the spammers who collect
newsgroup addresses have had their computers hit.

I believe this is the W32/Swen@MM virus, further information here:

http://us.mcafee.com/virusInfo/defau...er&hcName=swen

Mike

"Mike Turco" <miketurco@yahoo.com> wrote:
> I seem to be getting about two or more megabytes worth of this stuff
> every hour, which keeps jamming up my Yahoo account.
>
> The business groups are not the only newsgroups under attack. It may
> not be an attack against newsgroups, maybe some of the spammers who
> collect newsgroup addresses have had their computers hit.
>
> I believe this is the W32/Swen@MM virus, further information here:
>
> http://us.mcafee.com/virusInfo/defau...er&hcName=swen

Well folks, it sure looks like many of the victims of the Swen virus are
Usenet posters (based on my own anecdotal "evidence"). Mike suggested in a
private e-mail that we (the moderators) automatically "munge" the e-mail
addresses of all approved messages. (For a discussion of munging, see for
example: http://www.mailmsg.com/SPAM_munging.htm )

I can modify the moderation software to do this, but I think it needs some
discussion and general agreement. Typical problems: it would be easy to
forget to "de-munge" an address when replying to a poster by direct e-mail.
Also, if a poster already has a munged address, additional munging may
sometimes make reconstruction of the original ambiguous. And lastly, this
is a clear case of closing the proverbial barn door after the horses have
fled. But, alas, another virus or worm writer will come along at some
future point to harvest addresses again, so I don't think it will be a
futile effort.

So what do people think? Shall we automatically munge? If we do, any
suggestions on preferred methods (keeping in mind the tips provided in the
munging URL I included)?

Jim Logajan, business group co-moderator

>Mike suggested in a
> private e-mail that we (the moderators) automatically "munge" the e-mail
> addresses of all approved messages. (For a discussion of munging, see for
> example: http://www.mailmsg.com/SPAM_munging.htm )
>
> I can modify the moderation software to do this, but I think it needs some
> discussion and general agreement.

I am all for this method of protecting us from spam. I also am recieving
countless spam emails every hour and am pretty sure it has something to do
with the business newsgroups. I have another email address (on another
computer through the same ISP) and do not access these newsgroups through
it, and have not recieved a single spam email like the recent ones coming
through.

Any munge format would be fine. They all appear to be self-explanatory. I
wish I had been doing this myself before. What a pain.

Jim Ruzicka
jim(at)nospam_scs-us(dot)com : )

In article <bkrh050bsu@enews1.newsguy.com>,
James Logajan <JamesL@Lugoj.com> wrote:
(snip)
>So what do people think? Shall we automatically munge? If we do, any
>suggestions on preferred methods (keeping in mind the tips provided in the
>munging URL I included)?

I think it makes a lot more sense for munging to be done per-poster,
not per-newsgroup, so a newsgroup-level solution is at the wrong end.
Posters here who are worried about their address being harvested will
still have to deal with the problem in posting to any other groups
that don't automatically munge, and other posters (like me) would
actually prefer their address not to be munged even if it can be done
with no effort on their part. Also, there are more posters than
newsgroups, and diversity in anti-spam measures makes things harder
for the spammers.

That's my two cents, anyway. (-: If the consensus is against me, I'll
still be happy to participate in these fora; the munging issue is not
that big a deal to me.

-- Mark

On 24 Sep 2003 07:27:01 GMT, James Logajan <JamesL@Lugoj.com> wrote:

>I can modify the moderation software to do this, but I think it needs some
>discussion and general agreement. Typical problems: it would be easy to
>forget to "de-munge" an address when replying to a poster by direct e-mail.
>Also, if a poster already has a munged address, additional munging may
>sometimes make reconstruction of the original ambiguous. And lastly, this
>is a clear case of closing the proverbial barn door after the horses have
>fled. But, alas, another virus or worm writer will come along at some
>future point to harvest addresses again, so I don't think it will be a
>futile effort.
>
>So what do people think? Shall we automatically munge? If we do, any
>suggestions on preferred methods (keeping in mind the tips provided in the
>munging URL I included)?

Thanks for the link to the URL on mail munging. My vote is that we do
not do any automatic munging, mostly because of the potential problem
(which you state) of making reconstruction harder if the address is
already munged. I think it should be left to each poster to decide if
he or she wants to munge their own return e-mail address, which I will
do as soon as this message is posted. :-)

--
Vic Roberts

"Jim Ruzicka" <jim@ruzickasolutions.com> wrote in message
news:bksdrh01l40@enews3.newsguy.com...
>
> >Mike suggested in a
> > private e-mail that we (the moderators) automatically "munge" the e-mail
> > addresses of all approved messages. (For a discussion of munging, see
for
> > example: http://www.mailmsg.com/SPAM_munging.htm )
> >
> > I can modify the moderation software to do this, but I think it needs
some
> > discussion and general agreement.
>
> I am all for this method of protecting us from spam. I also am receiving
> countless spam emails every hour and am pretty sure it has something to do
> with the business newsgroups. I have another email address (on another
> computer through the same ISP) and do not access these newsgroups through
> it, and have not received a single spam email like the recent ones coming
> through.
>
> Any munge format would be fine. They all appear to be self-explanatory.
I
> wish I had been doing this myself before. What a pain.
>
> Jim Ruzicka
> jim(at)nospam_scs-us(dot)com : )
>
>

Personally, I agree with Jim, as I am also having serious troubles right
now. The problem is getting worse and worse. I've had that yahoo account for
at least a few years, and if things keep going the way they are, I am going
to have to shut that account down. What a shame!

I also understand that people want to have their email addresses published
as they wrote them within their post. As an alternative to munging, maybe we
moderators could drop a one-time note to all non-mungers that explains the
issue, etc.

Again, I'd like to say that the participants of many newsgroups are under
attack, not just the business groups. I'm thinking that some major spammers,
who get their addresses from Usenet, have virus infected computers.

Mike

"Jim Ruzicka" <jim@ruzickasolutions.com> wrote in message
news:<bksdrh01l40@enews3.newsguy.com>...
> >Mike suggested in a
> > private e-mail that we (the moderators) automatically "munge" the e-mail
> > addresses of all approved messages. (For a discussion of munging, see for
> > example: http://www.mailmsg.com/SPAM_munging.htm )

For what it's worth, I'm in agreement with Mike. Although I'm a
regular lurker and occasional poster to this newsgroup, I have also
experienced a flood of spam even after changing my e-mail address.

I do suggest, however, that we agree on a common method of munging our
e-mail address. This would identify us as single newsgroup.

Harvey Wasserman
Lyndhurst, OH

I've already started to munge, although the horse may indeed be already out
of the barn. I believe it should be an individual decision, however. The
same problem may exist for other newsgroups.

I suggest sending an email to all non-mungers giving them the choice and
informing them of the consequences.

Further, suggest sending emails to the central wizards of all forums, asking
them to inform all moderators in all groups to make the same suggestions to
all non-mungers.

*whew*

--
Barry Stevens


"Victor Roberts" <Vic@Lighting-Research.com> wrote in message
news:bksdth01j92@enews4.newsguy.com...
>
> On 24 Sep 2003 07:27:01 GMT, James Logajan <JamesL@Lugoj.com> wrote:
>
> >I can modify the moderation software to do this, but I think it needs
some
> >discussion and general agreement. Typical problems: it would be easy to
> >forget to "de-munge" an address when replying to a poster by direct
e-mail.
> >Also, if a poster already has a munged address, additional munging may
> >sometimes make reconstruction of the original ambiguous. And lastly, this
> >is a clear case of closing the proverbial barn door after the horses have
> >fled. But, alas, another virus or worm writer will come along at some
> >future point to harvest addresses again, so I don't think it will be a
> >futile effort.
> >
> >So what do people think? Shall we automatically munge? If we do, any
> >suggestions on preferred methods (keeping in mind the tips provided in
the
> >munging URL I included)?
>
> Thanks for the link to the URL on mail munging. My vote is that we do
> not do any automatic munging, mostly because of the potential problem
> (which you state) of making reconstruction harder if the address is
> already munged. I think it should be left to each poster to decide if
> he or she wants to munge their own return e-mail address, which I will
> do as soon as this message is posted. :-)
>
> --
> Vic Roberts