Re: [funsec] fuzzing mailing list

[Devdas Bhagat <devdas () dvb homelinux org>]

On 16/04/06 03:18 +0100, n3td3v wrote:

<SNIP>

Spam is Unsolicited Bulk Messaging. In the context of the medium,
Unsolicited Bulk Email.

Was Gadi's post bulk? As bulk as the list.
Was it unsolicited? Only if you think FD is unsolicited.

Was it noise? Possibly.
Was it off-topic for this list? Possibly.
Was it spam? It did not come on an unsolicited transmission, so not
spam.

Are there better places for discussing spam? Yes.
Is discussing spam in the context of the DDoS that it creates on real
mailservers on topic? Yes.

> Can it be spam if its informative and on topic.
Yes.

> Can it be spam if its not inserted into a signature.

Yes.
> Spam to me is when an identical peice of information is sent more than once.
>
> Spam to me includes URLs inserted into sigatures.
Irrelevant.

> Full-Disclosure allows Secunia to spam FD.
No, Secunia hosts FD.

> In return for this spam, we are allowed to use their mailing list.
The hosting isn't free.

> Although, we aren't given the choice if we want Secunia spammed in the footer.
>
> It is a very smart way for Secunia to advertise. I wonder how much
> they paid to be able to spam everyone on FD.
>
> Or are we talking about free unsolicited spam?
>
> Just because Secunia are a partner of FD, doesnt mean the footer URL
> isn't unsolicited.
>
> If the Secunia URL can be classed as unsolicited spam, then surely its
> as illegal as any other spam.
>
> Maybe in the future companies will choose to sponsor mailing lists for
> a socially acceptable way to spam, without facing criminal charges.
Mailing lists are _not_ a problem, as long as they are confirmed opt-in.
(The two step process of subscribing and confirming that subscription.)

> Just wait, SecurityFocus's Bugtraq will have a penis enlargement URL
> in the footer of their message, saying they sponsor the Bugtraq
> mailing list. Or perhaps more likely, some Symantec spam, tell us

If it was solicited, it cannot be spam, by definition.

> about their security center software or anti-virus software. Infact,
> i'm suprised the trend of spammers, sponsoring mailing lists to get
> away with spamming isn't yet common place. However, when spamming

It is cheaper to steal than to pay for legitimate advertising.

> becomes more illegal, you can be sure the trend of spammers sponsoring
> mailing lists will really take off, and they'll of course be court
> case free, and left to spam their way to hell and back, and get away
> with it.
>
> If any company wants to sponsor the n3td3v mailing list and give me
> money for it, i'll gladly add your url to the footer of every message.
> I won't even charge you per url impression. I'll give you legal spam
> rights for a whole year, for a fixed price.
If your list is CoI, it can't be spam :)

> The same applies for any script kids who want to advertise their site
> on my mailing list footer.
>
> Make an unrefuseable offer to me, and the legal way to spam will be
                                        ^^^^^^^^^^^^^^^^^^^^^^^^^^
No such thing exists. Either a message is unsolicited and bulk, or it
isn't.

Devdas Bhagat

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/