On 1/4/16 4:10 PM, Stephen Hemminger wrote:
> Talk to davem, maybe kernel.org would be safer/better more robust? Damned if I know - vger is one of my problems that I'd wanted to solve with this move 1) my old anti-spam setup made him crazy - now fixed - and 2) vger doesn't use starttls. I'd so hoped that after 10+ years of availability it was basically on universally, and in the post CISA world we could put at least this portion of the middle finger up. for now, for accepting email, (and while I sort out other stuff) I have postfix being strict about what it accepts, and liberal about what it sends. smtp_tls_security_level=may smtpd_tls_security_level=encrypt Only 38 out of 532 email addresses on the bloat list are refusing starttls. The instant anti-spam improvement of making tls mandatory for email was pretty amazing... The ongoing mailman subscribe attack looks to have been going on for months and must be targetted at a metric ton of mailman servers. It's only hitting three users at google, but whoever+somerandomnumber is something I need to teach mailman to sort out. These are the users getting the subscribe spam. kemo.mart+67292...@gmail.com kezukaya+93690...@gmail.com touma3108+42493...@gmail.com On my more paranoid days I'd think this was an attempt at a known plaintext attack... and, alas, poor linode: http://status.linode.com _______________________________________________ Bloat mailing list Bloat@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/bloat