On Tue, 27 Aug 2002 03:43:42 +, Paul Vixie [EMAIL PROTECTED] writes:
dialup users and get away with it, but that person was VERY busy.
that ratio only works if the rest of the system is designed to repel
the professional spammers, [[SNIP]], and instant termination even at
4AM on sunday
Barry Shein wrote:
Fair enough but let me explain why I find this unsatisfying.
It's like I'm living in a neighborhood where the crime rate is rising
and rising, and you're selling security grates and better locks.
They even seem to keep the crooks out of the bedroom at night for a
http://catless.ncl.ac.uk/Risks/22.19.html#subj7
http://catless.ncl.ac.uk/Risks/22.21.html#subj4
There must be a balance. Mistakes happen. How overzealous do you want
ISP's to be be at shutting off spam sites or accounts? Some might
consider the costs of mistakes acceptable, but are
On Tue, 27 Aug 2002, Paul Vixie wrote:
(once postfix supports dcc i expect to see it change to 8000/1, btw.)
Interesting...I can't find any mention of integrating dcc support into
postfix (other than invoking procmail). Do you have any details or is this
wishful speculation?
That would
From: Paul Vixie [EMAIL PROTECTED]
i measure success by the fraction:
rejected_spam / total_spam
thus if i can reject 6000/1 that may not seem better than rejecting
1000/4000 since i ended up dealing with 4000 received spams rather than
3000, but it actually does mean that my
...and, occasionally, your ISP's abuse desk. If this function of
your ISP costs less than 1 FTE per 10,000 dialups or 1,000 T1's or 100
T3's, then your ISP is a slacker and probably a magnet for professional
spammers as well.
Not to try to undercut the general point, but that would
On Mon, 26 Aug 2002, Greg A. Woods wrote:
Well, you might be able to pay your ISP for that kind of service, but
not all ISPs need supply such service and certainly not many users
really _need_ such a level of service.
So now I have to justify the kind of services I want to use?
Filters are static things, that have to be updated, and can't see every
case that comes thru.
It might be possible to make filters that don't need to be updated that
often if
you apply AI techniques to recognizing SPAM. For instance, check out this
new approach:
I still think that it causes problems for mailing lists.
I understand the proposal to be based on the envelope sender, not the
sender in the body. Hence, mailing lists work, because they are the
envelope sender, not the person who submitted the mail to the mailing
list.
numerically
[EMAIL PROTECTED] (Paul Vixie) writes:
whenever you get spammed, it's because some isp somewhere is a slacker,
what i meant to say was whenever you're getting repeat spam from the same
place, day after week after month, it's because some isp somewhere is a
slacker. any given isp can be
So what's so bad about forwarding all tcp/25 traffic over that relay and
letting that relay decide if the MAIL FROM: is allowed to be relayed?
Because I want to send mail through my own SMTP server that speaks
STARTTLS and uses certificates that are under my control.
Maybe I don't want my
From: JC Dill [EMAIL PROTECTED]
I guess you haven't read RFC 3098 yet then.
http://www.geektools.com/rfc/rfc3098.txt
Wow, I missed that. It's really quite good. So good, in fact, that I
just sent copies of it out to the 300 MILLION ADDRESSES I have on this
CD here...
No, seriously, it's good
On August 27, 2002 at 03:15 [EMAIL PROTECTED] (Paul Vixie) wrote:
Every single purely technical approach to stopping spam has been a
complete loser.
In the fullness of time, the universe itself will die of heat. So what?
How come this makes me want to raise the issue of our
In the fullness of time, the universe itself will die of heat. So what?
How come this makes me want to raise the issue of our immortal souls?
spammers have souls?
So for example saying this or that filter appears to have repelled 1M
spam msgs per day doesn't really prove much unless
Oh to some extent even the first time it's because they're slackers.
If instead of a brainless rush to sign up dial-up accts and check
credentials later they demanded a credit card or other verifiable
information (a phone number we can call you back at to activate) then
they'd burn up about
... (http://dcc.rhyolite.com/) ...
Indeed, that is a cool idea. I definitely want to look into
that a lot more closely. Perhaps we can combine this with deep
blacklist checking (beyond just the first hop), tagging, and Bayesian
content filtering. Perhaps then we will have a
Maybe I don't want my email sitting around in your MTA queue for
your sysadmins to read.
Given the volumes of mail that pass through these kinds of
things, that's not likely to be a problem. More likely to be a
problem would be the fact that the mail might sit there for a week
before it
--On Monday, August 26, 2002 10:34 PM +0200 Iljitsch van Beijnum
[EMAIL PROTECTED] wrote:
As a user, I pay my ISP to forward IP packets. If there happen to be TCP
segments in those packets, that's something between me and the person the
packet is addressed to, whether the destination port
--On Tuesday, August 27, 2002 6:13 PM -0700 David Schwartz
[EMAIL PROTECTED] wrote:
I'm afraid the technology to rapidly sift through large volumes of
information to search for specific areas of interest is widely available.
It is totally reasonable to not want to send mail through
On Tue, 27 Aug 2002 19:40:16 -0700, Jim Hickstein wrote:
--On Tuesday, August 27, 2002 6:13 PM -0700 David Schwartz
[EMAIL PROTECTED] wrote:
I'm afraid the technology to rapidly sift through large volumes of
information to search for specific areas of interest is widely available.
It is
--On Tuesday, August 27, 2002 9:01 PM -0700 David Schwartz
[EMAIL PROTECTED] wrote:
Your secure mail server (i.e. me) just has to be named in a MAIL-FROM MX
record. We do DNS for some of our customers, and can add this trivially;
the others control their own zones. Works for me.
On Mon, 26 Aug 2002 21:12:40 +0200, Jeroen Massar [EMAIL PROTECTED] said:
IMHO, Paul's idea is quite a good one, but all servers will need to be
upgraded, and all dns entries installed.
Given the number of providers who seem to think ingress and/or rfc1918
filtering shouldn't be done, what
On Mon, 2002-08-26 at 13:43, Jeroen Massar wrote:
Read my sentence again, because I really won't see everybody install/use
it.
One can also simply see so by the problems related to the fact of
installing security updates.
Some 'companies' and individuals are simply too sleezy/lousy or
David Van Duzer [EMAIL PROTECTED] writes:
[...]
The presumably appropriate topic for discussion on this list is why
a system such as this would be a problem for network operators who
choose not to implement such a callback feature. So far the only
objection I've seen is It won't make any
Point of Information:
Every single purely technical approach to stopping spam has been a
complete loser.
I understand the old adage that when all you have is a hammer the
whole world looks like a nail.
And that all many people on this list have is a technical hammer, some
ability to hack
On Mon, 2002-08-26 at 15:47, Scott Gifford wrote:
The problem that this deals with is the user who needs to dial in to
AOL and send mail from their corporate account. The proposed solution
is to tunnel mail through the corporate server, by proving your right
to relay via SMTP AUTH or else
David Van Duzer [EMAIL PROTECTED] writes:
On Mon, 2002-08-26 at 15:47, Scott Gifford wrote:
The problem that this deals with is the user who needs to dial in to
AOL and send mail from their corporate account. The proposed solution
is to tunnel mail through the corporate server, by
On Mon, 26 Aug 2002, Greg A. Woods wrote:
As a user, I pay my ISP to forward IP packets. If there happen to be TCP
segments in those packets, that's something between me and the person the
packet is addressed to, whether the destination port of those TCP segments
is 25 or something
Randy Bush wrote:
ISP's should actually block port 25 outgoing, or even better,
reroute/forward it to their own mail relay.
Agreed.
why not do it to port 80 as well? what the hell, why not do it to all
ports? who the hell needs an internet anyway, let's all have a telco
walled
Brad Knowles [EMAIL PROTECTED] writes:
[...]
Moreover, even if all servers on the Internet were secured in
this manner and there were no open relays, it would also require
perfect reverse DNS because the MXes are listed by name and not IP
address -- that's assuming you do a reverse
On Tue, 27 Aug 2002 00:59:49 +0200
Jeroen Massar [EMAIL PROTECTED] wrote:
Nice rant Randy, but if you even ever wondered why the wording Mail
Relay exists you might see that if an
ISP simply forwards all outgoing tcp port 25 traffic to one of their
relays and protects that from weird spam
On August 27, 2002 at 00:59 [EMAIL PROTECTED] (Jeroen Massar) wrote:
We didn't invent stuff like SMTP, POP3, IMAP and stuff to be run on
EVERY single node on the internet.
Actually, I think we did.
Unfortunately it turned out to be a really, really, bad decision.
--
-Barry
On 03:07 PM 8/26/02, Barry Shein wrote:
Let me throw out the following to show how blind the technical
community has been:
There is no RFC or other public standards document which even attempts
to define spam or explain, in a careful and professional manner,
why it is a bad thing.
On Tue, 27 Aug 2002 01:54:39 +0200
Jeroen Massar [EMAIL PROTECTED] wrote:
SMTP is a protocol which is based on relaying messages from one
mailserver to another.
An endnode (especially workstations) don't need to run SMTP.
I'm not sure how to truly disable an SMTP server from running on an
Force forward by default, but allow anyone who wants to use TCP port
25 the ability to do so. They must sign an non-abuse agreement or
whatever. Then they get their host/link put into the TCP port 25 open
path.
Every ISP I have ever worked for and every ISP I have ever used has
On Tue, Aug 27, 2002 at 12:14:46PM +1000, Martin wrote:
but surely an MTA derives it's usefulness by running on port 25. i don't
remember reading about where in the DNS MX RR you could specify what port
the MTA would be listening on...
Surely your not a spammer looking for tips are you? :-)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
Behalf Of Martin
Sent: August 26, 2002 10:15 PM
To: [EMAIL PROTECTED]
Subject: Re: Paul's Mailfrom (Was: IETF SMTP Working Group
Proposal at smtpng.org)
but surely an MTA derives it's usefulness
As a user, I pay my ISP to forward IP packets. If there happen to be TCP
segments in those packets, that's something between me and the person the
packet is addressed to, ...
...and, occasionally, your ISP's abuse desk. If this function of your ISP
costs less than 1 FTE per 10,000 dialups
Every single purely technical approach to stopping spam has been a
complete loser.
In the fullness of time, the universe itself will die of heat. So what?
What matters more is what use is made of time before it gets so full. A
number of purely technical approaches to stopping spam have
$author = John Kristoff ;
On Tue, Aug 27, 2002 at 12:14:46PM +1000, Martin wrote:
but surely an MTA derives it's usefulness by running on port 25. i don't
remember reading about where in the DNS MX RR you could specify what port
the MTA would be listening on...
Surely your not a
On 27 Aug 2002, Paul Vixie wrote:
As a user, I pay my ISP to forward IP packets. If there happen to be TCP
segments in those packets, that's something between me and the person the
packet is addressed to, ...
...and, occasionally, your ISP's abuse desk. If this function of your ISP
If this function of your ISP costs less than 1 FTE per 10,000
dialups or 1,000 T1's or 100 T3's, then your ISP is a slacker and
probably a magnet for professional spammers as well.
... you're offering very definitive figures/labeling, and I'm curious
as to what you are basing your
On Mon, 2002-08-26 at 21:08, Paul Vixie wrote:
...and, occasionally, your ISP's abuse desk. If this function of your ISP
costs less than 1 FTE per 10,000 dialups or 1,000 T1's or 100 T3's, then your
ISP is a slacker and probably a magnet for professional spammers as well. If
Not to try to
as joe pointed out to me privately RFC 2782 specifies SRV RRs which could be
used to point an MX.SRV at a port other then 25. anyone got any examples of
MTAs or MUAs that implement said RFC?
actually it would be _smtp._tcp.$DOMAIN but it's not in use for e-mail.
or web, even though that's
On Tue, 27 Aug 2002, Paul Vixie wrote:
If this function of your ISP costs less than 1 FTE per 10,000
dialups or 1,000 T1's or 100 T3's, then your ISP is a slacker and
probably a magnet for professional spammers as well.
... you're offering very definitive figures/labeling, and I'm
Barry, I have a wrench :) Everything looks like a nut to me.
But in all seriousness. I have to agree with Barry's statement
here. Spam is very much a social, political, ethical, and financial
issue.
Filters are static things, that have to be updated, and can't see every
case that comes
46 matches
Mail list logo
