On 20:38 3.04.2000, Barbara Koch-Hoffmann could be heard musing
Hi,
it seems that we continously revent the wheel..
1. This patch does already exist (see below).
2. All the SPAM discussion is a ricochet of the old stuff - why doesn't
qmail have a good documentation.
Pls. have
On Tue, Apr 04, 2000 at 10:47:38AM +0100, Will Harris wrote:
/172.(?:1[6-9]|2[0-9]|31).[0-9]+.[0-9]+$/
One line, nice and simple.
add "wrong".
1.172.31.111
You should really use \. and ^
Regards, Uwe
At 10:28 4.04.2000, Uwe Ohse wrote:
On Tue, Apr 04, 2000 at 10:47:38AM +0100, Will Harris wrote:
/172.(?:1[6-9]|2[0-9]|31).[0-9]+.[0-9]+$/
One line, nice and simple.
add "wrong".
1.172.31.111
You should really use \. and ^
Damn! You are so right! The only thing is that for
"Will Harris" [EMAIL PROTECTED] wrote:
I have embedded a Perl engine
into qmail-smtpd which allows you to use Perl's excellent pattern matching
system.
Have you analyzed the impact of this on security and efficiency? E.g.,
does embedding perl carry along the C runtime library, which Dan went
On Sun, Apr 02, 2000 at 03:33:00PM -0500, Chris Hardie wrote:
[snip]
I would be happy to make an attempt at this documentation, as long as
folks agree that it would be useful, and would be willing to provide
feedback on what I come up with.
I'll give feedback :)
Greetz, Peter.
--
Peter
Hi,
it seems that we continously revent the wheel..
1. This patch does already exist (see below).
2. All the SPAM discussion is a ricochet of the old stuff - why doesn't
qmail have a good documentation.
Pls. have a look at my WEB page:
Hi
At 06:40 PM 3/31/00 -0500, you wrote:
At 3:06 PM -0500 3/31/00, Dave Sill wrote:
Do the spammers:
1) throw up their hands and admit defeat, or
2) start using valid (but wrong) domains in their envelope return
paths, thereby defeating your rejection and escalating the arms
On Sat, Apr 01, 2000 at 12:24:43PM -0500, Patrick Bihan-Faou wrote:
Hi,
From: "Peter van Dijk" [EMAIL PROTECTED]
advertise the e-mail address associated with that user account in the
MAIL
FROM, nothing prevents you to advertise your "official" email address in
the
reply-to header.
On Sun, Apr 02, 2000 at 10:55:09AM +0200, Michael Raff wrote:
[snip]
I own the pobox.co.za domain and am having the same problem. Someone is
spamming faking a rubbish source address from the @pobox.co.za domain. The
first line in the headers that gives any smtp info is
Received: from
I guess it's time to close the debate on that issue.
I appreciate the main point here which is: that solution could work, except
that today it is not practical to use "remote" relays that correspond to
your main email domain.
- Original Message -
From: "Peter van Dijk" [EMAIL
On Sun, 2 Apr 2000, Patrick Bihan-Faou wrote:
I guess it's time to close the debate on that issue.
Actually, since I asked the original question, I'd like to clarify what I
think the main point is: "The lack of clear and concise documentation
about anti-spam/security options for the novice
At 11:53 PM -0500 3/31/00, Patrick Bihan-Faou wrote:
Hi,
From: "Paul Schinder" [EMAIL PROTECTED]
At 3:06 PM -0500 3/31/00, Dave Sill wrote:
Do the spammers:
1) throw up their hands and admit defeat, or
2) start using valid (but wrong) domains in their envelope return
"Patrick Bihan-Faou" [EMAIL PROTECTED] wrote:
The problem with spam is that there is no reliable way to split spam from
legitimate mail.
Bingo!
If you try to filter-out spam, you will always end-up filtering out
proper mail as well.
Bingo!
The key is to try to keep track as much as
From: "Len Budney" [EMAIL PROTECTED]
The key is to try to keep track as much as possible of what is accepted
and what is rejected.
Why? To satisfy your curiosity? Or do you then track down all senders of
legitimate email, and tell them what happened?
The reason why I feel that logging of
"Patrick Bihan-Faou" [EMAIL PROTECTED] wrote:
The only thing I am pointing out is that the choice of doing spam
filtering is a personal one, and one has to understand that it will
kill legitimate mail as well.
Okay, sorry for the warm response. If ``personal'' means the same thing
to you
On Sat, Apr 01, 2000 at 11:07:05AM -0500, Patrick Bihan-Faou wrote:
[snip]
Well I am certainly not saying that this should be done for all domains. But
for some sensitive ones (yahoo ? hotmail ? aol ?), it would probably be
You could perhaps indeed consider yahoo and/or hotmail since these
Hi,
From: "Peter van Dijk" [EMAIL PROTECTED]
advertise the e-mail address associated with that user account in the
MAIL
FROM, nothing prevents you to advertise your "official" email address in
the
reply-to header.
Uhm. You are correct. Nothing prevents you from doing that. But it kinda
On Sat, 1 Apr 2000, Patrick Bihan-Faou wrote:
Hey, don't flame me. I said this is a personal choice. For my part I don't
filter anything out (yet) because spam is not enough of a problem for me at
this time. The only thing I am pointing out is that the choice of doing spam
filtering is a
-BEGIN PGP SIGNED MESSAGE-
We all know the qmail documentation is perfect.
-BEGIN PGP SIGNATURE-
Version: 2.6.2
iQCVAwUBOORj81pGPE+AF6qBAQFChgP/ctdvtjCI4sEZSrMpjgVbunb8VX2y3Dzz
kTegfYBUs6v95NLoPCyK+npe+f+FCVwD0wy3EX655ACC29HCpxeuMxaT5U5MpC8F
Chris Hardie [EMAIL PROTECTED] wrote:
I've been observing what seems to be a lack of clear and concise
documentation about anti-spam/security options for the novice and/or
average qmail user.
LWQ doesn't cover anti-spam options in depth because I've personally
never felt the need to implement
I agree with most of what you said here Dave, but I'd have to say
that rejecting mail with envelope sender domains that don't exist is
a good thing (either an A or CNAME record, or an MX). If for no other
reason, you can't bounce back to them. I don't consider this aspect
an arms race with
Jon Rust [EMAIL PROTECTED] wrote:
I agree with most of what you said here Dave, but I'd have to say
that rejecting mail with envelope sender domains that don't exist is
a good thing (either an A or CNAME record, or an MX). If for no other
reason, you can't bounce back to them. I don't
Jon Rust [EMAIL PROTECTED] wrote:
I agree with most of what you said here Dave, but I'd have to say
that rejecting mail with envelope sender domains that don't exist is
a good thing (either an A or CNAME record, or an MX). If for no other
reason, you can't bounce back to them.
You have two
Points (Charles' too) taken. Both good arguments. Dunno know if they
changed my mind, but got my thinking anyway...
jon
At 3:06 PM -0500 3/31/00, Dave Sill wrote:
Jon Rust [EMAIL PROTECTED] wrote:
I agree with most of what you said here Dave, but I'd have to say
that rejecting mail with
On Thu, Mar 30, 2000 at 03:10:08PM -0800, Jon Rust wrote:
Chris,
I'm in the exect same place. Finally implemented rblsmtpd, and would
now like to reject addresses with fake domains. I found this:
http://qmail.area.com/qmail-1.03-mfcheck.3.patch, but have not yet
tried it. I was hoping
At 3:06 PM -0500 3/31/00, Dave Sill wrote:
Do the spammers:
1) throw up their hands and admit defeat, or
2) start using valid (but wrong) domains in their envelope return
paths, thereby defeating your rejection and escalating the arms
race?
Note that many are already doing
Hi,
From: "Paul Schinder" [EMAIL PROTECTED]
At 3:06 PM -0500 3/31/00, Dave Sill wrote:
Do the spammers:
1) throw up their hands and admit defeat, or
2) start using valid (but wrong) domains in their envelope return
paths, thereby defeating your rejection and escalating the
Jon Rust [EMAIL PROTECTED] wrote:
I agree with most of what you said here Dave, but I'd have to say
that rejecting mail with envelope sender domains that don't exist is
a good thing (either an A or CNAME record, or an MX). If for no other
reason, you can't bounce back to them. I don't
Patrick Bihan-Faou [EMAIL PROTECTED] writes on 31 March 2000 at 23:53:31 -0500
Maybe one way to deal with this is:
1. verify that the domain of MAIL FROM is correct
2. verify that the address of the server sending the mail
resolves to that domain...
This is probably not the best
Folks,
I've been observing what seems to be a lack of clear and concise
documentation about anti-spam/security options for the novice and/or
average qmail user.
In my particular situation, I've recently moved to the tcpserver/rblsmtpd
way of doing things, and now I'm interested in blocking
Chris,
I'm in the exect same place. Finally implemented rblsmtpd, and would
now like to reject addresses with fake domains. I found this:
http://qmail.area.com/qmail-1.03-mfcheck.3.patch, but have not yet
tried it. I was hoping to get some feedback from list on it, but
apparently no one here
31 matches
Mail list logo
