On Sat, Sep 06, 2003 at 11:32:04PM +1000, Russell Coker wrote:
DNSBL's and spamassasin seem quite good at dealing with spam and are much
less annoying. That combined with some new laws that are being enacted to
combat spam should keep it to a managable level.
oh, please tell me that these new
On Sat, 6 Sep 2003 06:56, david nicol wrote:
Unlike TMDA's distributed profusion of extended addresses, a
central RAPNAP (return address, peer network address pair) database
only needs to send out a challenge when you change your outgoing
SMTP server. In effect, a central server
On Sat, 2003-09-06 at 08:32, Russell Coker wrote:
Here's how it works. Spammer creates account [EMAIL PROTECTED] and sends
their first spam to a C-R system, when the challenge comes in they
acknowledge it and from then on the C-R system does not bother them because
they keep using the
On Sat, Sep 06, 2003 at 06:02:07PM -0500, david nicol wrote:
Don't hate spammers, figure out a way to bill them. They are in
business, they pay for things, they expect to be billed. Everyone
who has considered sender-pays agrees that it provides a better solution
than legislation.
Again
On Thu, 4 Sep 2003 18:32, david nicol wrote:
I've been trying to popularize a centralized challenge-response
database since last fall. It seems to me that becoming a debian
package maintainer for the software to use it would make sense.
Unlike TMDA's distributed profusion of extended
On Fri, 2003-09-05 at 00:16, Russell Coker wrote:
On Thu, 4 Sep 2003 18:32, david nicol wrote:
I've been trying to popularize a centralized challenge-response
database since last fall. It seems to me that becoming a debian
package maintainer for the software to use it would make sense.
On Fri, Sep 05, 2003 at 03:56:16PM -0500, david nicol wrote:
For challenge response to work it has to be annoying to lots of people.
Anything that stops it being annoying will stop it working. That's why
it is broken.
Challenge-response, BY ITSELF ONLY, suffers from that problem. When
* Kalle Kivimaa
| And yes, I'm actually considering filing grave bugs against each
| such list software package (I'm willing to live with such behaviour
| being optional with the default being no response, if the
| documentation says beware SPAM worms if you enable autoresponse).
Please file a
Hello
I've been trying to popularize a centralized challenge-response
database since last fall. It seems to me that becoming a debian
package maintainer for the software to use it would make sense.
Unlike TMDA's distributed profusion of extended addresses, a
central RAPNAP (return address,
On Sat, Aug 30, 2003 at 11:49:40PM +, Brian May wrote:
2. All checks have to be automatic, and there is no chance of manual
review to ensure that the messages where geniune before bouncing it.
Actually, I'm pretty sure SA is statistically better than an average
person scanning subject lines
on Sat, Aug 30, 2003 at 09:41:39PM -0500, John Hasler ([EMAIL PROTECTED]) wrote:
I wrote:
This is about a quarter of my incoming mail.
Karsten writes:
Which? Bounces to spoofed senders, or improperly addressed mail?
Bounces.
Thanks.
What prevents you from 550ing this at SMTP
On Sat, Aug 30, 2003 at 10:42:17AM +1000, Brian May wrote:
On Fri, Aug 29, 2003 at 03:48:13PM +1000, Craig Sanders wrote:
the point that you keep on missing is that TMDA and similar programs send
confirmation emails to innocent third-parties who did *NOT* send an
email.
TMDA and all
On Sat, Aug 30, 2003 at 04:01:19PM +1000, Russell Coker wrote:
Backup MX servers serve no useful purpose in the modern Internet, this is why
big sites such as microsoft.com and hotmail.com don't have them.
agreed.
If you have a backup MX then it should know all the acceptable email
On Sat, Aug 30, 2003 at 11:49:40PM +, Brian May wrote:
On Sat, Aug 30, 2003 at 04:01:19PM +1000, Russell Coker wrote:
That is the idea behind autorespoonders after all, to tell the sender
that his mail didn't get through because it didn't meet some required
criteria.
A SMTP 550
On Sat, 30 Aug 2003 10:42, Brian May wrote:
On Fri, Aug 29, 2003 at 03:48:13PM +1000, Craig Sanders wrote:
the point that you keep on missing is that TMDA and similar programs send
confirmation emails to innocent third-parties who did *NOT* send an
email.
TMDA and all C-R systems are
on Sat, Aug 30, 2003 at 10:42:17AM +1000, Brian May ([EMAIL PROTECTED]) wrote:
On Fri, Aug 29, 2003 at 03:48:13PM +1000, Craig Sanders wrote:
the point that you keep on missing is that TMDA and similar programs send
confirmation emails to innocent third-parties who did *NOT* send an email.
Brian May writes:
You saying that any SMTP MTA that sends bounces to unauthenticated
E-Mail addresses is also broken?
Karsten M. Self writes:
At the very least, this is a small subset of the incoming mail.
This is about a quarter of my incoming mail.
--
John Hasler
[EMAIL PROTECTED]
Dancing
I think challenge response needs extra care.
Anyway, current e-mail worm/virus incident is pretty bad.
On Sat, Aug 30, 2003 at 07:44:56AM -0500, John Hasler wrote:
Brian May writes:
You saying that any SMTP MTA that sends bounces to unauthenticated
E-Mail addresses is also broken?
On Sat, Aug 30, 2003 at 04:01:19PM +1000, Russell Coker wrote:
That is the idea behind autorespoonders after all, to tell the sender
that his mail didn't get through because it didn't meet some required
criteria.
A SMTP 550 code can convey all the information that is needed for bounces.
On Sat, 30 Aug 2003 23:49:40 +
Brian May [EMAIL PROTECTED] wrote:
1. The modular design of SMTP agents like postfix do not allow
scanning of messages before the message has been accepted by the
MTA at the SMTP session. I think you would have to add hooks
into smtpd, but that is going to
On Sat, Aug 30, 2003 at 05:26:59PM -0700, Steve Lamb wrote:
On Sat, 30 Aug 2003 23:49:40 +
Brian May [EMAIL PROTECTED] wrote:
1. The modular design of SMTP agents like postfix do not allow
scanning of messages before the message has been accepted by the
MTA at the SMTP session. I
on Sat, Aug 30, 2003 at 07:44:56AM -0500, John Hasler ([EMAIL PROTECTED]) wrote:
Brian May writes:
You saying that any SMTP MTA that sends bounces to unauthenticated
E-Mail addresses is also broken?
Karsten M. Self writes:
At the very least, this is a small subset of the incoming mail.
I wrote:
This is about a quarter of my incoming mail.
Karsten writes:
Which? Bounces to spoofed senders, or improperly addressed mail?
Bounces.
What prevents you from 550ing this at SMTP connect?
The absence of any such connections. I'm on a dialup.
--
John Hasler
[EMAIL PROTECTED] (John
On Friday 29 August 2003 09:28, Steve Lamb wrote:
On Fri, 29 Aug 2003 00:36:57 -0700
Adam McKenna [EMAIL PROTECTED] wrote:
Well, since we're pointing fingers, it's really SMTP that's broken by
design, and all anti-spam programs (including C-R systems) are merely
stopgap measures that try
On Fri, 29 Aug 2003 16:31:59 +
benfoley [EMAIL PROTECTED] wrote:
On Friday 29 August 2003 09:28, Steve Lamb wrote:
Oddly enough Spamassassin doesn't exasperate the problem. TDMA does.
exacerbate is probably what you meant here.
Quite so. 1:30am emails before the requisite
* Adam McKenna
#0, #1, #2 and #11 are basically opinion and rhetoric.
Well. Let's take a look at what Karsten had to say about point #2,
Misplaced burden:
[...] «C-R may place the burden on third parties either inadvertently
(via spoofed sender spam or virus mail), or deliberately
On Fri, Aug 29, 2003 at 02:46:48AM +0200, Tore Anderson wrote:
Earlier, you've stated that your time is precious. Well, so is mine.
How dare you assume that the time I spent reviewing *your* callenge mail
and deciding it was junk is less precious than the time you (could have)
spent
On Fri, 29 Aug 2003 00:36:57 -0700
Adam McKenna [EMAIL PROTECTED] wrote:
Well, since we're pointing fingers, it's really SMTP that's broken by
design, and all anti-spam programs (including C-R systems) are merely
stopgap measures that try to make up for SMTP's shortcomings.
Oddly enough
On Fri, Aug 29, 2003 at 04:31:59PM +, benfoley wrote:
On Friday 29 August 2003 09:28, Steve Lamb wrote:
On Fri, 29 Aug 2003 00:36:57 -0700
Adam McKenna [EMAIL PROTECTED] wrote:
Well, since we're pointing fingers, it's really SMTP that's broken by
design, and all anti-spam programs
on Thu, Aug 28, 2003 at 08:21:22AM -0700, Adam McKenna ([EMAIL PROTECTED])
wrote:
On Thu, Aug 28, 2003 at 12:35:25PM +0100, Karsten M. Self wrote:
#2, Misplaced burden, is the reason for the 'grave' severity.
People have a right to ask that unkown people that e-mail them confirm
the
On Fri, 29 Aug 2003 11:16, Adam McKenna wrote:
When the next address-spoofing virus hits, if I need to update my filters
again, I'll make a better effort to do it ASAP instead of letting it go for
several days.
Why not make your tmda package depend on amavis-new and clamav-freshclam? If
they
reassign 207300 humanity
thanks
On pe, 2003-08-29 at 10:36, Adam McKenna wrote:
Well, since we're pointing fingers, it's really SMTP that's broken by
design, and all anti-spam programs (including C-R systems) are merely
stopgap measures that try to make up for SMTP's shortcomings.
The fact
On Thu, Aug 28, 2003 at 08:21:22AM -0700, Adam McKenna wrote:
On Thu, Aug 28, 2003 at 12:35:25PM +0100, Karsten M. Self wrote:
#2, Misplaced burden, is the reason for the 'grave' severity.
People have a right to ask that unkown people that e-mail them confirm the
e-mail.
the point that
On Fri, Aug 29, 2003 at 12:12:58PM +1000, Russell Coker wrote:
On Fri, 29 Aug 2003 11:16, Adam McKenna wrote:
When the next address-spoofing virus hits, if I need to update my filters
again, I'll make a better effort to do it ASAP instead of letting it go for
several days.
Why not make
On Fri, Aug 29, 2003 at 03:48:13PM +1000, Craig Sanders wrote:
the point that you keep on missing is that TMDA and similar programs send
confirmation emails to innocent third-parties who did *NOT* send an email.
Really?
TMDA and all C-R systems are broken-by-design, just as many stupid
On Fri, Aug 29, 2003 at 01:42:53AM +1000, Russell Coker wrote:
PS Before someone raises the issue of license of viruses. I believe that
anyone who distributes a virus does so with the desire that it be installed
on as many systems as possible and that the implied license permits you to
On Fri, Aug 29, 2003 at 03:48:13PM +1000, Craig Sanders wrote:
the point that you keep on missing is that TMDA and similar programs send
confirmation emails to innocent third-parties who did *NOT* send an email.
TMDA and all C-R systems are broken-by-design, just as many stupid end-user
On Wed, Aug 27, 2003 at 05:40:46PM -0700, Don Armstrong wrote:
On Wed, 27 Aug 2003, Adam McKenna wrote:
TMDA does not ship with any defaults, except a couple of customizable
text files (templates). It is entirely up to the user to create a
TMDA configuration along with his own whitelist
On Wed, Aug 27, 2003 at 05:40:46PM -0700, Don Armstrong wrote:
If possible, perhaps you could consider whitelisting common debian.org
address by default? [Things like [EMAIL PROTECTED], [EMAIL PROTECTED],
[EMAIL PROTECTED], etc.]
And would probably defeat the purpose since spammers would know
First note: ISP mailbox overflow due to Sobig.F knocked me off a few
Debian lists, I've just resubscribed. I've got a partial copy of this
thread thanks to a friend who forwarded it to me. I've also been
following the discussion in the d-d archives and BTS.
Thanks to all who've commented on
on Thu, Aug 28, 2003 at 08:56:36AM +0200, Rico -mc- Gloeckner ([EMAIL
PROTECTED]) wrote:
On Wed, Aug 27, 2003 at 05:40:46PM -0700, Don Armstrong wrote:
If possible, perhaps you could consider whitelisting common debian.org
address by default? [Things like [EMAIL PROTECTED], [EMAIL
Just some additional data points as I have been following this and other
related C-R threads for a while now.
On Thu, 28 Aug 2003 12:35:25 +0100
Karsten M. Self kmself@ix.netcom.com wrote:
[ Snip ]
Specific to my own experience: over half the C-R challenges (TMDA or
otherwise) I've
Karsten M. Self kmself@ix.netcom.com wrote:
[...]
SpamAssassin achieves a false-positive rate (non-spam reported as spam)
of 5% with a default threshold of 5. This can be dramatically improved
using a whitelist, to ~98% in my experience. This is not the best
performance of all filters, so
On Wed, Aug 27, 2003 at 05:35:14PM +0200, Florian Weimer wrote:
That's why it's better to get rid of generic MX secondaries (IOW
secondaries which are not under you administrative control). The
Which is fine if you're lucky enough to have root on a set of
conveniently distributed hosts...
On Fri, Aug 29, 2003 at 12:03:34AM +1000, Russell Coker wrote:
On Thu, 28 Aug 2003 21:35, Karsten M. Self wrote:
Which is a damned good reason for Debian not to package
viruses and spam mailers. Or tools which can be readily subverted as
such.
My Postal program can be used for DOS
On Thu, Aug 28, 2003 at 12:35:25PM +0100, Karsten M. Self wrote:
#2, Misplaced burden, is the reason for the 'grave' severity.
People have a right to ask that unkown people that e-mail them confirm the
e-mail. I'm sorry you don't agree with this, but your opinion is hardly
justification for a
On Fri, 29 Aug 2003 01:32, Wouter Verhelst wrote:
I disagree with your conclusions regarding putting viruses in Debian. I
think it would be a useful service for people who analyse such things to
have copies of viruses in usable form.
The EICAR.COM test pattern exists solely for that
On Thu, Aug 28, 2003 at 08:21:22AM -0700, Adam McKenna wrote:
On Thu, Aug 28, 2003 at 12:35:25PM +0100, Karsten M. Self wrote:
- TMDA should carry a warning to the user about possible consequences
of activating the C-R mechanism, including sending spam, risking
Sorry, but no. I will
On Thu, 28 Aug 2003 21:35, Karsten M. Self wrote:
Which is a damned good reason for Debian not to package
viruses and spam mailers. Or tools which can be readily subverted as
such.
My Postal program can be used for DOS attacks on mail servers, and has been
used for such on at least one
On Thu, Aug 28, 2003 at 05:10:07PM +0100, Mark Brown wrote:
On Thu, Aug 28, 2003 at 08:21:22AM -0700, Adam McKenna wrote:
On Thu, Aug 28, 2003 at 12:35:25PM +0100, Karsten M. Self wrote:
- TMDA should carry a warning to the user about possible consequences
of activating the C-R
On Thu, Aug 28, 2003 at 12:35:25PM +0100, Karsten M. Self wrote:
Thanks to all who've commented on this topic. Interesting reading.
Likewise, Karsten. That was a very well written rebuttal to a C-R
systems. You followed up with suggetions on using C-R only as a last
resort in a mail
On Fri, Aug 29, 2003 at 01:42:53AM +1000, Russell Coker wrote:
On Fri, 29 Aug 2003 01:32, Wouter Verhelst wrote:
I disagree with your conclusions regarding putting viruses in Debian. I
think it would be a useful service for people who analyse such things to
have copies of viruses in
Quoting Adam McKenna ([EMAIL PROTECTED]):
I suggest you take these suggestions to the TMDA worker's mailing list at
tmda.net, and file wishlist bugs against TMDA for each desired feature.
This is an attempt to change the subject: The issue at hand is the
cited maintenance (and acceptance)
On Thu, Aug 28, 2003 at 10:27:43AM -0700, Rick Moen wrote:
Quoting Adam McKenna ([EMAIL PROTECTED]):
I suggest you take these suggestions to the TMDA worker's mailing list at
tmda.net, and file wishlist bugs against TMDA for each desired feature.
This is an attempt to change the
on Thu, Aug 28, 2003 at 03:09:48PM +0200, Andreas Metzler ([EMAIL PROTECTED])
wrote:
Karsten M. Self kmself@ix.netcom.com wrote:
[...]
SpamAssassin achieves a false-positive rate (non-spam reported as spam)
of 5% with a default threshold of 5. This can be dramatically improved
using a
on Fri, Aug 29, 2003 at 12:03:34AM +1000, Russell Coker ([EMAIL PROTECTED])
wrote:
On Thu, 28 Aug 2003 21:35, Karsten M. Self wrote:
Which is a damned good reason for Debian not to package
viruses and spam mailers. Or tools which can be readily subverted as
such.
My Postal program can
severity 207300 grave
quit
* Karsten M. Self
Briefly: challenge-response (C-R) spam fighting systems are
fundamentally broken by design.
I am recommending that TMDA be dropped from Debian.
* Adam McKenna
I will not respond to this bug other than to state that I don't believe it
Tore Anderson [EMAIL PROTECTED] writes:
How many other innocent third parties have you spammed through the use
of this broken program? How many of these are Debian users, do you
think?
I think we could just as well remove postfix[0] on this account. I have
received a lot of so called
[enormous snippage]
Sorry, but I do NOT see how this is a grave bug. It's wishlist (at best).
YOU might not agree that C-R systems are good (personally I detest them),
but that does NOT mean that we shouldn't release one. If the package is in
good shape and functions as advertised, then it IS
On ke, 2003-08-27 at 13:44, Stephen Stafford wrote:
YOU might not agree that C-R systems are good (personally I detest them),
but that does NOT mean that we shouldn't release one. If the package is in
good shape and functions as advertised, then it IS fit for release.
TDMA seems to hurt
[ Please do not send me CC's, as I have not explicitly asked for them. ]
* Stephen Stafford
Sorry, but I do NOT see how this is a grave bug. It's wishlist (at best).
YOU might not agree that C-R systems are good (personally I detest them),
but that does NOT mean that we shouldn't
severity 207300 wishlist
thanks
On Wed, Aug 27, 2003 at 11:08:23AM +0200, Tore Anderson wrote:
severity 207300 grave
quit
Sorry, Tore, but this is not a grave bug. The package does what it says
on the tin, even if you think that its goals are broken in the wider
picture (and I'd happen to
On Wed, Aug 27, 2003 at 01:35:12PM +0200, Tore Anderson wrote:
with is that the C-R system in question ignores the fact that SMTP
headers are trivially (and regulary) forged. I believe this is deliberate,
and that TMDA does not attempt to verify that the recipient of the
challenge truly
[ Please do not send me CC's, as I have not explicitly asked for them. ]
* Tore Anderson
How many other innocent third parties have you spammed through the use
of this broken program? How many of these are Debian users, do you
think?
* Peter Makholm
I think we could just as well
On Wed, Aug 27, 2003 at 12:58:19PM +0200, Peter Makholm wrote:
Tore Anderson [EMAIL PROTECTED] writes:
How many other innocent third parties have you spammed through the use
of this broken program? How many of these are Debian users, do you
think?
I think we could just as well
On Wed, Aug 27, 2003 at 02:54:43PM +0300, Lars Wirzenius wrote:
TDMA seems to hurt innocent outsiders by sending them mail (e.g., in
response to garbage sent by viruses or spammers). The other examples you
gave (Emacs, Gnome, CUPS) don't do that, as far as I know. The
difference is important,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday 27 August 2003 11:08, Tore Anderson wrote:
I do not intend to play BTS games here; if you change the severity back
to grave, or to any other RC state, I will consider it to be abuse of
the BTS and report your actions to the BTS
On Wed, Aug 27, 2003 at 11:08:23AM +0200, Tore Anderson wrote:
[snip... oh my!]
How amusing to see Sobig.F cited as the reason for reassigning grave
severity to a bug! Looks to me as if you just didn't find a sobig-f package
to file the bug against, so something else had to be the culprit.
In
On Wed, Aug 27, 2003 at 01:35:12PM +0200, Tore Anderson wrote:
[ Please do not send me CC's, as I have not explicitly asked for them. ]
Apologies.
* Stephen Stafford
Sorry, but I do NOT see how this is a grave bug. It's wishlist (at best).
YOU might not agree that C-R systems are
Mark Brown [EMAIL PROTECTED] writes:
You do realise that all parts of SMTP are generally completely
unauthenticated and can be trivially forged? A system like this has no
option but to work with unauthenticated data.
Why cannot the C-R system issue the challenge during the SMTP session
On Wed, Aug 27, 2003 at 01:43:29PM +0200, Tore Anderson wrote:
However, a quick test shows that this is not the case (as Postfix
appears to reject the SMTP RCPT command for non-existent accounts),
so I fail to see how it is relevant.
Sometimes, there is no choice. That could be the case
On Wed, Aug 27, 2003 at 01:43:29PM +0200, Tore Anderson wrote:
I fully agree, and I would not hesitate to submit a RC bug on the
Postfix
That's a completely inappropriate use of the RC severity, and possibly
the BTS entirely. The discussion is a good and useful one, trying to
inflate your
On Wed, Aug 27, 2003 at 04:07:58PM +0300, Kalle Kivimaa wrote:
Mark Brown [EMAIL PROTECTED] writes:
You do realise that all parts of SMTP are generally completely
unauthenticated and can be trivially forged? A system like this has no
option but to work with unauthenticated data.
Why
On Wed, Aug 27, 2003 at 10:00:13PM +1000, Brian May wrote:
On Wed, Aug 27, 2003 at 12:58:19PM +0200, Peter Makholm wrote:
Tore Anderson [EMAIL PROTECTED] writes:
How many other innocent third parties have you spammed through the use
of this broken program? How many of these are Debian
Bernd Eckenfels [EMAIL PROTECTED] writes:
Every MTA is sending bounces to mails with forged headers.
The MXes I'm responsible for don't do this (even the secondary MXes
handle such cases gracefully). They just refuse messages with unknown
destinations at the SMTP level. AFAIK, all MTAs which
Peter Makholm [EMAIL PROTECTED] writes:
I think we could just as well remove postfix[0] on this account. I have
received a lot of so called bounces because some silly postfix
installation believes that I have send mail to some non-existant
account.
Most MTAs support rejecting unknown
On Wed, Aug 27, 2003 at 04:07:58PM +0300, Kalle Kivimaa wrote:
Mark Brown [EMAIL PROTECTED] writes:
You do realise that all parts of SMTP are generally completely
unauthenticated and can be trivially forged? A system like this has no
option but to work with unauthenticated data.
Why
John Goerzen [EMAIL PROTECTED] writes:
Sometimes, there is no choice. That could be the case if, for instance, you
are backup MX for a server that is down. You have accepted the message from
the original sender already -- possibly hours ago. The primary server comes
back up and rejects the
Tore Anderson [EMAIL PROTECTED] writes:
severity 207300 grave
quit
* Karsten M. Self
Briefly: challenge-response (C-R) spam fighting systems are
fundamentally broken by design.
I am recommending that TMDA be dropped from Debian.
I use tmda, but not in challenge-response mode. I
Stephen Stafford wrote:
As long as SOME users like it, and find it useful and it fits THEIR needs,
then we should not be removing it from Debian (as long as it meets DFSG).
Great! Then someone needs to revive that ITP filed April 1st 2002. This
new policy will certianly make a lot of script
On Wed, Aug 27, 2003 at 12:37:36PM +0100, Colin Watson wrote:
Perhaps some compromise could be found here to improve the package's
description. Adam, I also think it would be helpful if you could respond
to at least some points from the original bug report. I do believe that
Karsten has
Mark Brown [EMAIL PROTECTED] writes:
Why cannot the C-R system issue the challenge during the SMTP session
(respond with a reject containing the challenge)? With the latest
Sobig flood I've begun to consider all list software sending back
The part where SMTP is completely unauthenticated
Adam McKenna wrote:
The arguments are facile and specious, I do not intend to waste my precious
time responding to them.
Speaking of precious time, let me bore you with another facile and
specious argument..
Like many of us here, I occasionally receive bug reports from our users,
and reply for
* Mark Brown
You do realise that all parts of SMTP are generally completely
unauthenticated and can be trivially forged?
Yes. It's indeed very sad that it is so.
However, my main issue still remains -- the difference (for the user)
between
«I'm installing this package and accept
Mark Brown [EMAIL PROTECTED] writes:
The part where SMTP is completely unauthenticated means that this
doesn't help - the SMTP envelope sender can be forged just as easily as
the From: inside the message.
You're right, I forgot to say that the idea only applies to
non-relayed mail where the
On Wed, Aug 27, 2003 at 05:16:40PM +0200, Florian Weimer wrote:
Most MTAs support rejecting unknown destinations at the SMTP level.
They don't generate bounce messages in such cases.
It's a pity if Postfix can't do this. So far, I assumed only qmail
had this weird property.
Postfix
* Florian Weimer [EMAIL PROTECTED] [030827 19:08]:
That's why it's better to get rid of generic MX secondaries (IOW
secondaries which are not under you administrative control). The
effect you describe hampers effective anti-spam measures, too.
It can also help anti-spam measures. They are
On Wed, 27 Aug 2003 11:44:34 +0100
Stephen Stafford [EMAIL PROTECTED] wrote:
Sorry, but I do NOT see how this is a grave bug. It's wishlist (at best).
I tend to agree with the grave aspect.
YOU might not agree that C-R systems are good (personally I detest them),
but that does NOT mean
This one time, at band camp, Joey Hess said:
I don't think that TMDA is yet enough of a problem for this to be a big
deal, but I think it has the potential to become one. Debian as a whole
is empowered to override the wishes of one maintainer, if it turns out
that the software he is
On Wed, Aug 27, 2003 at 12:30:07PM -0400, Joey Hess wrote:
Adam McKenna wrote:
The arguments are facile and specious, I do not intend to waste my
precious time responding to them.
That's a shame. I don't believe Karsten to be in the habit of putting
forward specious arguments.
Speaking of
On Wed, Aug 27, 2003 at 12:30:07PM -0400, Joey Hess wrote:
Adam McKenna wrote:
The arguments are facile and specious, I do not intend to waste my precious
time responding to them.
Speaking of precious time, let me bore you with another facile and
specious argument..
[snip]
He's not
On Wed, Aug 27, 2003 at 07:49:27PM +0100, Colin Watson wrote:
On Wed, Aug 27, 2003 at 12:30:07PM -0400, Joey Hess wrote:
Adam McKenna wrote:
The arguments are facile and specious, I do not intend to waste my
precious time responding to them.
That's a shame. I don't believe Karsten to
On Wed, Aug 27, 2003 at 03:02:33PM -0400, Stephen Gran wrote:
I think that either a large warning on bugs.d.o about the use of C-R
systems in corrspondence, or a similar warning in the description of
TMDA would suffice. I am not familiar with TMDA, so I may be wrong, but
couldn't it be
Stephen Gran dijo [Wed, Aug 27, 2003 at 03:02:33PM -0400]:
The project certainly can and should prohibit maintainers from uploading
things that will cause problems for the project (crypto, copyright
infringement, etc.), but that is a different case than this.
Distributing TMDA doesn't infringe
Colin Watson wrote:
Some of those challenges arrive at [EMAIL PROTECTED] instead.
I'm curious; how many would you say it gets per package on avarage, that
have some real impact? (A TMDA response to a BTS ACK mail has little
impact.) Perhaps my numbers were low, since I only counted the ones I
This one time, at band camp, Adam McKenna said:
Stephen,
TMDA does not ship with any defaults, except a couple of customizable
text files (templates). It is entirely up to the user to create a TMDA
configuration along with his own whitelist and filter directives.
TMDA is actually not
On Wed, 27 Aug 2003, Adam McKenna wrote:
TMDA does not ship with any defaults, except a couple of customizable
text files (templates). It is entirely up to the user to create a
TMDA configuration along with his own whitelist and filter
directives.
If possible, perhaps you could consider
On Wed, Aug 27, 2003 at 07:26:24PM -0400, Joey Hess wrote:
Colin Watson wrote:
Some of those challenges arrive at [EMAIL PROTECTED] instead.
I'm curious; how many would you say it gets per package on avarage, that
have some real impact? (A TMDA response to a BTS ACK mail has little
98 matches
Mail list logo