Hi dear friends. Here is a summary of what's been going on with the cypherpunks list and server since Saturday September 16. Two factors combined that resulted in the cpunks list being temporarily throttled or rate-limited by gmail, yahoo and probably a few other big email services. One factor is Karl's rate of messaging, mentioned below. I counted 115 unique messages sent to the list over a 6-hour period on September 16. This rate of messaging is much higher than typical, and gmail and yahoo automatically started rate-limiting our messages. Here's a typical response from gmail - note that it's from today. We are still rate-limited: 77E2511C0DDF 12495 Wed Sep 20 02:09:59 cypherpunks-bounces@lists.cpunks.org (host alt1.gmail-smtp-in.l.google.com[74.125.193.27] said: 421-4.7.28 [69.55.231.143 15] Our system has detected an unusual rate of 421-4.7.28 unsolicited mail originating from your IP address. To protect our 421-4.7.28 users from spam, mail sent from your IP address has been temporarily 421-4.7.28 rate limited. Please visit 421-4.7.28 https://support.google.com/mail/?p=UnsolicitedRateLimitError to 421 4.7.28 review our Bulk Email Senders Guidelines. z15-20020adff74f000000b00321773bb921si909870wrp.463 - gsmtp (in reply to end of DATA command)) There are currently almost 100 messages to cypherpunks that have not been delivered to gmail addresses. (This message will, presumably, soon be one of them.) The second factor is that Karl was victim of an unsubscription mailbombing attack. Over 200,000 unique IP addresses visited the page at lists.cpunks.org to send a password reminder to his gmail address. At one point there were over 33,000 messages queued up to Karl on the cpunks server. Gmail started bouncing these, too. I deleted a whole bunch that were pending and the attack stopped on Saturday night. Now, several days later, gmail is still blocking messages. The cpunks list has around 50 subscribers with gmail addresses. Those folks probably won't see this note until gmail allows messages to flow. The link above has Google's guidance on this situation. The cpunks server is fully compliant with all the technical controls like SPF, and hopefully all the messages will eventually be delivered. Meanwhile, messages always go to the list archive, here: https://lists.cpunks.org/pipermail/cypherpunks/ To address the first issue, on Saturday I asked Karl to consider sending fewer messages per day. Combining many short messages into fewer longer messages will be less likely to trigger rate limiting on the big mail services. To address the second issue, if the problem reoccurs I can put some captcha-style blocks on the list management page(s) and/or simply disable the password reminder feature. It would be great if the problem simply doesn't occur again, though, since it has a big impact on the server and other subscribers, not just Karl. For that broader context, the cpunks server at https://lists.cpunks.org is the main production server for Project Gutenberg, from which we publish around 200 new free eBooks/month. On Saturday, messages to one of the key production coordinators who has a yahoo.com email address could not get through because yahoo, like gmail, was blocking us. Many of us will remember that historically, cypherpunks was a set of lists connected via remailers. That is something that could happen again if there is interest - certainly I would do what I can to support it. Meanwhile, though, the list lives on a single physical server. I hope this background is useful. I don't feel any need to keep this type of situation a secret, and it's the nature of cpunks that subscribers want the list to keep working. Suggestions and discussion are welcome. ~ Greg On Tue, Sep 19, 2023 at 09:50:55PM -0400, mailbombbin wrote:
i miss spamming the cypherpunks list densely it gave me relief to know i was flooding [good people] [relief from my learned experiences] i’ve been thinking some of continuing it despite greg’s request draft saved at 2149, 2147-8
i guess it would make sense to use a unique host
i don’t really understand gregs emails, how are my posts issues compared to thousands of bomb things? i imagine its complicated to reciew, huge logs, many recipients, different error messages
2150
Thank you for this information, Greg. This is a matter that should be discussed here. The cpunks mailing list has been under spam email attacks for years, but in the last few years, a person claiming to be named "Karl" has been sending a large number of spam emails. I refer to this person as the user with the username "Karl," of course, this is not “their” real identity. Of course, they use some intermediary programs while doing these. This is an attack, just like in previous years. There are even more important details; most of the emails disappear in the archive. These spam emails coming from Karl and various usernames are disrupting the archive. These are attacks similar to those in previous years, but they serve as a barrier for many to escape from here and exchange ideas with each other. It leads to the breakdown of the community and causes people worldwide who share similar ideas to abandon this community, among many other things. This situation prevents the discussion of many important topics; people have become much more indifferent towards governments compared to the 90s. Except for the 2010s, now most people don't care about their data being collected, and those in such communities are being blocked with this 'exhaustion method’ While usernames like Karl (may sound anti-democratic), technical sanctions should be applied. My message to the people here is to overlook these and discuss again what we can do next. Regards Zeynep
participants (2)
-
Greg Newby
-
zeynep@keemail.me