qmail Digest 31 Mar 1999 11:00:00 -0000 Issue 596
Topics (messages 23658 through 23785):
Melissa Virus
23658 by: Philip Hands <[EMAIL PROTECTED]>
23659 by: Paul Farber <[EMAIL PROTECTED]>
23661 by: Russ Allbery <[EMAIL PROTECTED]>
23663 by: Paul Farber <[EMAIL PROTECTED]>
23664 by: Russ Allbery <[EMAIL PROTECTED]>
23665 by: Jay Soffian <[EMAIL PROTECTED]>
23670 by: Russell Nelson <[EMAIL PROTECTED]>
23671 by: Russell Nelson <[EMAIL PROTECTED]>
23674 by: Russ Allbery <[EMAIL PROTECTED]>
23675 by: Keith Burdis <[EMAIL PROTECTED]>
23682 by: Russell Nelson <[EMAIL PROTECTED]>
23688 by: Paul Farber <[EMAIL PROTECTED]>
23693 by: "Chris Garrigues" <[EMAIL PROTECTED]>
23694 by: Russ Allbery <[EMAIL PROTECTED]>
23695 by: [EMAIL PROTECTED]
23696 by: [EMAIL PROTECTED]
23697 by: [EMAIL PROTECTED]
23700 by: Paul Farber <[EMAIL PROTECTED]>
23704 by: Stefan Paletta <[EMAIL PROTECTED]>
23709 by: "Sam" <[EMAIL PROTECTED]>
23712 by: John Conover <[EMAIL PROTECTED]>
23715 by: John Conover <[EMAIL PROTECTED]>
23716 by: "Chris Garrigues" <[EMAIL PROTECTED]>
23719 by: Russ Allbery <[EMAIL PROTECTED]>
23725 by: John Conover <[EMAIL PROTECTED]>
23730 by: Kai MacTane <[EMAIL PROTECTED]>
23732 by: John Conover <[EMAIL PROTECTED]>
23733 by: John Conover <[EMAIL PROTECTED]>
23737 by: "Rick McMillin" <[EMAIL PROTECTED]>
23742 by: John Conover <[EMAIL PROTECTED]>
23743 by: Jay Soffian <[EMAIL PROTECTED]>
23746 by: Richard Letts <[EMAIL PROTECTED]>
23747 by: Richard Letts <[EMAIL PROTECTED]>
23748 by: Richard Letts <[EMAIL PROTECTED]>
23749 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
23754 by: Bruno Wolff III <[EMAIL PROTECTED]>
23755 by: Bruno Wolff III <[EMAIL PROTECTED]>
23756 by: Stefan Paletta <[EMAIL PROTECTED]>
23758 by: Richard Letts <[EMAIL PROTECTED]>
23760 by: Russ Allbery <[EMAIL PROTECTED]>
23761 by: Kai MacTane <[EMAIL PROTECTED]>
23762 by: [EMAIL PROTECTED]
23763 by: "Peter C. Norton" <[EMAIL PROTECTED]>
23764 by: "Peter C. Norton" <[EMAIL PROTECTED]>
23765 by: "Peter C. Norton" <[EMAIL PROTECTED]>
23766 by: Kai MacTane <[EMAIL PROTECTED]>
23767 by: "Peter C. Norton" <[EMAIL PROTECTED]>
23768 by: Kai MacTane <[EMAIL PROTECTED]>
23770 by: Faried Nawaz <[EMAIL PROTECTED]>
23776 by: "Alex Shipp" <[EMAIL PROTECTED]>
23777 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
23779 by: "Alex Shipp" <[EMAIL PROTECTED]>
23780 by: "Peter C. Norton" <[EMAIL PROTECTED]>
OT: Melissa Virus
23660 by: [EMAIL PROTECTED]
23662 by: Russ Allbery <[EMAIL PROTECTED]>
23680 by: Mark Delany <[EMAIL PROTECTED]>
23687 by: Jeff Hayward <[EMAIL PROTECTED]>
23689 by: John Conover <[EMAIL PROTECTED]>
23692 by: Mark Delany <[EMAIL PROTECTED]>
23698 by: Jeff Hayward <[EMAIL PROTECTED]>
23699 by: Mark Delany <[EMAIL PROTECTED]>
23703 by: John Conover <[EMAIL PROTECTED]>
23705 by: Russ Allbery <[EMAIL PROTECTED]>
23711 by: Mark Delany <[EMAIL PROTECTED]>
How to ban a spam host.
23666 by: Russell Nelson <[EMAIL PROTECTED]>
23707 by: "Sam" <[EMAIL PROTECTED]>
23717 by: "Fred Lindberg" <[EMAIL PROTECTED]>
mailq
23667 by: William Burrow <[EMAIL PROTECTED]>
23668 by: Van Liedekerke Franky <[EMAIL PROTECTED]>
23669 by: Lars Balker Rasmussen <[EMAIL PROTECTED]>
23672 by: William Burrow <[EMAIL PROTECTED]>
qmail-popbull and multiple messages.
23673 by: Matt Simerson <[EMAIL PROTECTED]>
23681 by: Mark Delany <[EMAIL PROTECTED]>
23691 by: Russell Nelson <[EMAIL PROTECTED]>
23701 by: Mark Delany <[EMAIL PROTECTED]>
[EMAIL PROTECTED]
23676 by: "Tony D'Andrade" <[EMAIL PROTECTED]>
23677 by: Russ Allbery <[EMAIL PROTECTED]>
23685 by: Russell Nelson <[EMAIL PROTECTED]>
23706 by: "Sam" <[EMAIL PROTECTED]>
Kevin Mitnik
23678 by: Vince Vielhaber <[EMAIL PROTECTED]>
23702 by: [EMAIL PROTECTED]
23708 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
23714 by: blip <[EMAIL PROTECTED]>
23718 by: "Fred Lindberg" <[EMAIL PROTECTED]>
23723 by: John Gonzalez/netMDC admin <[EMAIL PROTECTED]>
23731 by: "Jay D. Dyson" <[EMAIL PROTECTED]>
23738 by: [EMAIL PROTECTED]
Virtualdomains and multiple users per domain
23679 by: "Reid Sutherland" <[EMAIL PROTECTED]>
23683 by: Mark Delany <[EMAIL PROTECTED]>
23684 by: Lars Balker Rasmussen <[EMAIL PROTECTED]>
23720 by: "Reid Sutherland" <[EMAIL PROTECTED]>
dot-qmail/fastforward trouble
23686 by: Niklas Alberth <[EMAIL PROTECTED]>
23690 by: Mark Delany <[EMAIL PROTECTED]>
23710 by: Niklas Alberth <[EMAIL PROTECTED]>
23713 by: Mark Delany <[EMAIL PROTECTED]>
Routing incoming emails to another host
23721 by: [EMAIL PROTECTED] (B.G. Mahesh)
23724 by: Mark Delany <[EMAIL PROTECTED]>
23727 by: Greg Owen {gowen} <[EMAIL PROTECTED]>
(OT) Melissa Virus
23722 by: Kai MacTane <[EMAIL PROTECTED]>
aol.com CNAME lookup failed
23726 by: [EMAIL PROTECTED]
23734 by: Scott Schwartz <[EMAIL PROTECTED]>
23735 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
23736 by: Scott Schwartz <[EMAIL PROTECTED]>
23739 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
questions questions questions
23728 by: "Julian L.C. Brown" <[EMAIL PROTECTED]>
failure notice
23729 by: [EMAIL PROTECTED]
23741 by: Vern Hart <[EMAIL PROTECTED]>
revalias equivalent / perl to read cdbs
23740 by: "Efg�" <[EMAIL PROTECTED]>
23744 by: Jos Backus <[EMAIL PROTECTED]>
23745 by: Chris Johnson <[EMAIL PROTECTED]>
23772 by: Hitesh Patel <[EMAIL PROTECTED]>
Strange To: line causes bounce.
23750 by: "David B. Peterson" <[EMAIL PROTECTED]>
23751 by: Kai MacTane <[EMAIL PROTECTED]>
23752 by: Bruno Wolff III <[EMAIL PROTECTED]>
23753 by: Greg Owen {gowen} <[EMAIL PROTECTED]>
23757 by: Stefan Paletta <[EMAIL PROTECTED]>
23759 by: "Fred Lindberg" <[EMAIL PROTECTED]>
qmail and relaying to an aliased address...
23769 by: Grant Stephenson <[EMAIL PROTECTED]>
23782 by: "Sam" <[EMAIL PROTECTED]>
telnet to smtp port doesn't work HELP!!
23771 by: Brent Clements <[EMAIL PROTECTED]>
23774 by: Hitesh Patel <[EMAIL PROTECTED]>
23783 by: "Sam" <[EMAIL PROTECTED]>
Q: Is it possible to bind 2 diffrent qmail instances on 2 diffrent network interfaces
23773 by: Uwe Wuerdinger <[EMAIL PROTECTED]>
23775 by: Hitesh Patel <[EMAIL PROTECTED]>
23781 by: "Sam" <[EMAIL PROTECTED]>
Q: Is it possible to bind 2 diffrent qmail instances on 2 di
23778 by: Stefan Paletta <[EMAIL PROTECTED]>
anyone got the melissa macro?
23784 by: Peter van Dijk <[EMAIL PROTECTED]>
badmailrcptto
23785 by: Georgi Kupenov <[EMAIL PROTECTED]>
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To bug my human owner, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
[EMAIL PROTECTED] writes:
> If and when I come up with something acceptable, it will
> be released to the qmail community, probably under the GPL, but definitely
> for free.
GPL-ing it will of course make it undistributable, since qmail's
distribution conditions are incompatible with the GPL. You could go
for GPL-ing it, with an additional clause granting permission to link
it against qmail though.
Cheers, Phil.
Hmmm, Windows has the ability to write a script that ANYONE can run that
will delete the disk. Hmmm. Why should a Word Processor EVER have the
ability to make system calls?
It IS a MS problem, they should not allow any indescriminate user to run
format or del *.* . IF you don't want a child to shoot themselves, don't
give them a gun to play with.
UNIX/Linux has the ability to say.. "Hey, you can't do that!" with a
simple feature like file permissions and file ownership. Why hasn't MS
followed suit with these basic security precaustions? Half the viruses in
the world would become obsolete with this one patch.
Paul D. Farber II
Farber Technology
Ph. 570-628-5303
Fax 570-628-5545
[EMAIL PROTECTED]
On 30 Mar 1999, Russ Allbery wrote:
> Kai MacTane <[EMAIL PROTECTED]> writes:
>
> > Sort of. The problem isn't really the MUAs so much as the user
> > behaviors: the user has to explicitly activate the virus-attachment. I
> > don't know of any Windows MUAs that *automatically* run any attachment
> > they receive -- even Windows users would consider that a security
> > risk. In general in the Windows world, when you open an attachment, the
> > MUA tells the OS to load the appropriate app for viewing files of that
> > type (where "type" is determined solely by filename extension, of
> > course, rather than something sane like header info).
>
> I'd like to back this up, and point out here that too much Microsoft
> bashing on this one is misplaced. This particular attack is not
> Microsoft-specific in any way other than having happened to be written
> against a widely used Microsoft applciation; the property that it needs to
> be effective is a document viewer with an embedded macro language in which
> macros are executed by default.
>
> You could run precisely this same attack against a Unix user with, for
> example, a DVI document. The DVI formatting language allows for shell
> escapes, and xdvi knows how to execute them. This capability is, of
> course, not the default; you have to run xdvi with a special command-line
> option to tell it that it's safe to do this.
>
> Now, I'm not a Word user, so I don't know for sure, but I've at least
> heard that automatic execution of macros in Word documents is *off* by
> default. Extrapolating from that, however, I would imagine that Word
> probably pops up a warning dialog box, and users get tired of saying "yes,
> it's okay."
>
> In other words, to be blunt, this isn't a Windows problem. This is a user
> stupidity problem. The *only* effective long-term solution to these sorts
> of problems is to bludgeon people about the head with the idea that they
> should NEVER, EVER, *EVER* run *ANYTHING* that they get via e-mail, *even
> if it's from someone that they know*, without explicit confirmation of
> what it is and what it does, and that all of their programs need to be
> configured the same way. And that as annoying as warning boxes might be,
> they're there for a *reason*, and if they can't stand them, the answer is
> to disable all macros always, not turn them on.
>
> --
> Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
>
Paul Farber <[EMAIL PROTECTED]> writes:
> Hmmm, Windows has the ability to write a script that ANYONE can run that
> will delete the disk. Hmmm. Why should a Word Processor EVER have the
> ability to make system calls?
I assume you've deleted vi and emacs from your system? After all, they
allow system calls. Hell, so does ed. pico allows shell escapes. What
*do* you use for an editor?
xdvi supports it because it allows you to do some cool things with
specials. xdvi is hardly a Windows program. If I'm not mistaken,
PostScript interpretors can support the same thing in specials. From the
man page:
-allowshell
(.allowShell) This option enables the shell escape in PostScript
specials. (For security reasons, shell escapes are disabled by
default.) This option should be rarely used; in particular it
should not be used just to uncompress files: that function is
done automatically if the file name ends in .Z, .gz, or .bz2
Shell escapes are always turned off if the -safer option is
used.
> It IS a MS problem, they should not allow any indescriminate user to run
> format or del *.* . IF you don't want a child to shoot themselves,
> don't give them a gun to play with.
> UNIX/Linux has the ability to say.. "Hey, you can't do that!" with a
> simple feature like file permissions and file ownership.
Um, no. rm -rf * will delete all your files in Linux just the same way
that del *.* will on a Microsoft operating system. Windows 95 is a
*single user* operating system, which means that all the files on the disk
are your files if you're sitting in front of the computer. You'll find
that some Linux users are always logged in as root too. This is a
mentality as much as it's a technical design.
> Why hasn't MS followed suit with these basic security precaustions?
Because they're building a single-user operating system. They have
followed suit from the beginning for their *multiuser* operating system,
Windows NT.
If you don't want the user at the console to be considered God, don't use
a single-user operating system. If you're going to bash single-user
operating systems, at least do it equally; Macintoshes are the same way.
It's hardly a Microsoft-specific disease.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
BZZT... but joe blow can't delete SYSTEM FILES, or any file the he does
not own. Log on a a LUSER and try rm -rf /etc see what gets deleted. Not
a darn thing. Same for /bin /sbin etc etc etc.
My trusty vi editor can shell out, but it will only let me harm myself,
not another user or the system proper.
OTOH, I can deltree windows all day long. I wonder, should I start an
anti-virus e-mail saying that they are infected, and the only cure is to
deltree c:\windows\*.exe, thereby deleteing the virus program? How may
idiots.. opps, computer users out there would happily do it, and then brag
to thier co-works about "virus scanning" thier computers over coffee
break? hahahahahaha!
Paul D. Farber II
Farber Technology
Ph. 570-628-5303
Fax 570-628-5545
[EMAIL PROTECTED]
On 30 Mar 1999, Russ Allbery wrote:
> Paul Farber <[EMAIL PROTECTED]> writes:
>
> > Hmmm, Windows has the ability to write a script that ANYONE can run that
> > will delete the disk. Hmmm. Why should a Word Processor EVER have the
> > ability to make system calls?
>
> I assume you've deleted vi and emacs from your system? After all, they
> allow system calls. Hell, so does ed. pico allows shell escapes. What
> *do* you use for an editor?
>
> xdvi supports it because it allows you to do some cool things with
> specials. xdvi is hardly a Windows program. If I'm not mistaken,
> PostScript interpretors can support the same thing in specials. From the
> man page:
>
> -allowshell
> (.allowShell) This option enables the shell escape in PostScript
> specials. (For security reasons, shell escapes are disabled by
> default.) This option should be rarely used; in particular it
> should not be used just to uncompress files: that function is
> done automatically if the file name ends in .Z, .gz, or .bz2
> Shell escapes are always turned off if the -safer option is
> used.
>
> > It IS a MS problem, they should not allow any indescriminate user to run
> > format or del *.* . IF you don't want a child to shoot themselves,
> > don't give them a gun to play with.
>
> > UNIX/Linux has the ability to say.. "Hey, you can't do that!" with a
> > simple feature like file permissions and file ownership.
>
> Um, no. rm -rf * will delete all your files in Linux just the same way
> that del *.* will on a Microsoft operating system. Windows 95 is a
> *single user* operating system, which means that all the files on the disk
> are your files if you're sitting in front of the computer. You'll find
> that some Linux users are always logged in as root too. This is a
> mentality as much as it's a technical design.
>
> > Why hasn't MS followed suit with these basic security precaustions?
>
> Because they're building a single-user operating system. They have
> followed suit from the beginning for their *multiuser* operating system,
> Windows NT.
>
> If you don't want the user at the console to be considered God, don't use
> a single-user operating system. If you're going to bash single-user
> operating systems, at least do it equally; Macintoshes are the same way.
> It's hardly a Microsoft-specific disease.
>
> --
> Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
>
Paul Farber <[EMAIL PROTECTED]> writes:
> BZZT... but joe blow can't delete SYSTEM FILES, or any file the he does
> not own. Log on a a LUSER and try rm -rf /etc see what gets deleted.
> Not a darn thing. Same for /bin /sbin etc etc etc.
> My trusty vi editor can shell out, but it will only let me harm myself,
> not another user or the system proper.
You didn't read the whole thing I wrote about single-user vs. multiuser
operating systems. If you delete everything on your hard drive under
Windows, you *are* only harming yourself, since there *are* no other
users. All the files on the disk are yours if you're sitting in front of
the computer. You can do the same thing under Linux if you always log on
as root. Windows just doesn't have a user other than root.
The distinction between system files and user files is only meaningful for
a multiuser operating system where you have the possibility of a user
identity other than God.
Furthermore, remember that this particular virus only has to send mail.
It doesn't have to modify system files. It only has to modify your
personal document files. It would therefore work just fine on a Unix
system given a suitable Unix application. It is *not* Microsoft-specific
in concept; it is only Microsoft-specific in implementation. Were some
other operating system run by 90% of the computer users in the world,
you'd see these sorts of things written for that operating system.
Don't fool yourself that it can't happen to you simply by virtue of
running a different operating system. The only way it can't happen to you
is if you always *think* before running random programs on stuff you get
via untrusted channels.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
"Dustin" == Dustin Marquess <[EMAIL PROTECTED]> writes:
Dustin> That's why after you ungzip a binary in Linux that you got
Dustin> from email, you do a: strings file | more on it. Usually
Dustin> if to contains questionable strings (like '/etc/shadow'),
Dustin> then you know to look out :)
Keep in mind that on the Windows box, you're essentially running
everything as root. At least on the Linux box, you are (er, should be)
running it as a user with reduced permissions. Which should at minimum
prevent the binary from being able to read /etc/shadow.
But, I hope you do a lot more than just run strings on binaries of
questionable source. Hiding suspicious strings is a trivial exercise:
An example from a program called lsu:
#define MAKELSUPERM(buf) { /* build the permission file name */ \
/* begin LSUPERM */\
buf[0] = '.';\
buf[1] = '/';\
buf[2] = '.';\
buf[3] = 'l';\
buf[4] = 's';\
buf[5] = 'u';\
buf[6] = '\0';\
/* end LSUPERM */\
If permissions are correct on your OS, the OS should contain most of
the more malicious stuff the binary could do. I'd truss/strace the
binary in a chrooted environment with networking disabled if I were
suspicious. If I were really suspicious, I wouldn't run it at all or
I'd run it on a sacrificial host not plugged into a network.
j.
--
Jay Soffian <[EMAIL PROTECTED]> UNIX Systems Administrator
404.572.1941 Cox Interactive Media
Philip Hands writes:
> [EMAIL PROTECTED] writes:
>
> > If and when I come up with something acceptable, it will
> > be released to the qmail community, probably under the GPL, but definitely
> > for free.
>
> GPL-ing it will of course make it undistributable, since qmail's
> distribution conditions are incompatible with the GPL. You could go
> for GPL-ing it, with an additional clause granting permission to link
> it against qmail though.
It's perfectly fine if you GPL the patch. You could argue that that
makes the resultant source and executables impossible to distribute,
but you *already* don't have permission to distribute modified sources
and executables.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Russ Allbery writes:
> I'd like to back this up, and point out here that too much Microsoft
> bashing on this one is misplaced.
Sorry, Russ, this *is* a Microsoft problem. When many people make the
same mistake, it is a failure of technology, not a failure of people.
Software that fails to adapt to people's usual and expected behavior
is wrong.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Russell Nelson <[EMAIL PROTECTED]> writes:
> Sorry, Russ, this *is* a Microsoft problem. When many people make the
> same mistake, it is a failure of technology, not a failure of people.
!!
That's a vicious condemnation of the entire software industry. No
exceptions.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
On Tue 1999-03-30 (06:34), Russ Allbery wrote:
> Furthermore, remember that this particular virus only has to send mail.
> It doesn't have to modify system files. It only has to modify your
> personal document files. It would therefore work just fine on a Unix
> system given a suitable Unix application. It is *not* Microsoft-specific
> in concept; it is only Microsoft-specific in implementation. Were some
> other operating system run by 90% of the computer users in the world,
> you'd see these sorts of things written for that operating system.
>
> Don't fool yourself that it can't happen to you simply by virtue of
> running a different operating system. The only way it can't happen to you
> is if you always *think* before running random programs on stuff you get
> via untrusted channels.
I agree with Russ. I'm no Microsoft fan, but such problems are not
Windoze-specific. They just have the potential to cause more damage on
Windoze.
Here's an example of a "similar" incident that affected some unix mail
clients (mutt in particular) as well as Windoze ones.
http://www.cert.org/advisories/CA-98.10.mime_buffer_overflows.html
CERT Advisory CA-98.10
Buffer Overflow in MIME-aware Mail and News Clients
Description
A vulnerability in some MIME-aware mail and news clients could allow an
intruder to execute arbitrary code, crash the system, or gain
administrative rights on vulnerable systems. The vulnerability has been
discovered by Marko Laakso and Ari Takanen of the Secure Programming Group
of the University of Oulu. It has received considerable public attention in
the media and through reports published by Microsoft, Netscape, AUSCERT,
CIAC, NTBugTraq, and others.
The vulnerability affects a number of mail and news clients in addition to
the ones which have been the subjects of those reports.
II. Impact
An intruder who sends a carefully crafted mail message to a vulnerable
system can, under some circumstances, cause code of the intruder's choosing
to be executed on the vulnerable system. Additionally, an intruder can
cause a vulnerable mail program to crash unexpectedly. Depending on the
operating system on which the mail client is running and the privileges of
the user running the vulnerable mail client, the intruder may be able to
crash the entire system. If a privileged user reads mail with a vulnerable
mail user agent, an intruder can gain administrative access to the system.
As Russ said it is a mindset problem. I doubt many people here would have
been hurt by this bug if they used mutt as a MUA, because they probably don't
read mail as root (since they're running qmail :) and they are careful about
what they execute.
Sure Microsoft is part of the problem, but they are by no means alone. As
long as the people who write software don't take security seriously enough
such things will continue to happen. And, with more Windoze and Mac software
being ported to Unix-like systems like Linux and FreeBSD, I reckon we're
going to being seeing more incidents on these systems. The impact probably
won't be as great as on Windoze 95/98/2000, but then it's not as great on
Windoze NT either.
> -- Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
- Keith
--
Keith Burdis - MSc (Com Sci) - Rhodes University, South Africa
Email : [EMAIL PROTECTED]
WWW : http://www.rucus.ru.ac.za/~keith/
IRC : Panthras JAPH
"Any technology sufficiently advanced is indistinguishable from a perl script"
Standard disclaimer.
---
Russ Allbery writes:
> Russell Nelson <[EMAIL PROTECTED]> writes:
>
> > Sorry, Russ, this *is* a Microsoft problem. When many people make the
> > same mistake, it is a failure of technology, not a failure of people.
>
> !!
>
> That's a vicious condemnation of the entire software industry. No
> exceptions.
Nahhhh. I call it the Full Employment Principle for Computer
Programmers. :) It just *happens* in this case to condemn Microsoft's
macro viruses. It can be used to condemn many other mistakes. For
example, I should be able to say (as root) ``rm -rf /'', and then say
"oops. undo." (as long as there was sufficient free space prior to
that to avoid ongoing filesystem activity from writing over any
just-removed files -- and even if there wasn't, the first files
overwritten were the least-recently accessed files). And yeah, this
can all be done in user space.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Again, this is a security issue, not a single/multi user issue. It should
be difficult to delete or modify a .dll/exe program file.
You SHOULD have to type into a special "admin" account to install/remove a
program. Single user or not. You cannot make it any "righter" by saying
a single user is only hurting himself. It's just a bad policy/secruity
measure to alway log in as root, but MS seems not to care, let the user,
or IS or tech support figure out what go changed.
Windows already supports user profiles, why not extend that into a super
user that you must change to to modify the system?
Paul D. Farber II
Farber Technology
Ph. 570-628-5303
Fax 570-628-5545
[EMAIL PROTECTED]
On 30 Mar 1999, Russ Allbery wrote:
> Paul Farber <[EMAIL PROTECTED]> writes:
>
> > BZZT... but joe blow can't delete SYSTEM FILES, or any file the he does
> > not own. Log on a a LUSER and try rm -rf /etc see what gets deleted.
> > Not a darn thing. Same for /bin /sbin etc etc etc.
>
> > My trusty vi editor can shell out, but it will only let me harm myself,
> > not another user or the system proper.
>
> You didn't read the whole thing I wrote about single-user vs. multiuser
> operating systems. If you delete everything on your hard drive under
> Windows, you *are* only harming yourself, since there *are* no other
> users. All the files on the disk are yours if you're sitting in front of
> the computer. You can do the same thing under Linux if you always log on
> as root. Windows just doesn't have a user other than root.
>
> The distinction between system files and user files is only meaningful for
> a multiuser operating system where you have the possibility of a user
> identity other than God.
>
> Furthermore, remember that this particular virus only has to send mail.
> It doesn't have to modify system files. It only has to modify your
> personal document files. It would therefore work just fine on a Unix
> system given a suitable Unix application. It is *not* Microsoft-specific
> in concept; it is only Microsoft-specific in implementation. Were some
> other operating system run by 90% of the computer users in the world,
> you'd see these sorts of things written for that operating system.
>
> Don't fool yourself that it can't happen to you simply by virtue of
> running a different operating system. The only way it can't happen to you
> is if you always *think* before running random programs on stuff you get
> via untrusted channels.
>
> --
> Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
>
> From: Russell Nelson <[EMAIL PROTECTED]>
> Date: 30 Mar 1999 16:15:20 -0000
>
> Russ Allbery writes:
> > Russell Nelson <[EMAIL PROTECTED]> writes:
> >
> > > Sorry, Russ, this *is* a Microsoft problem. When many people make the
> > > same mistake, it is a failure of technology, not a failure of people.
> >
> > !!
> >
> > That's a vicious condemnation of the entire software industry. No
> > exceptions.
>
> Nahhhh. I call it the Full Employment Principle for Computer
> Programmers. :) It just *happens* in this case to condemn Microsoft's
> macro viruses. It can be used to condemn many other mistakes. For
> example, I should be able to say (as root) ``rm -rf /'', and then say
> "oops. undo." (as long as there was sufficient free space prior to
> that to avoid ongoing filesystem activity from writing over any
> just-removed files -- and even if there wasn't, the first files
> overwritten were the least-recently accessed files). And yeah, this
> can all be done in user space.
As one of the contributors to "The UNIX-HATERS Handbook", I can assure you
that it really is a vicious condemnation of the entire software industry (or
at least a *very* large part of it), but the industry needs quite a bit of
condemnation.
Software could be so much better than it is, but the fact that it isn't better
doesn't excuse the companies/programers who made it the way it is.
The sad thing is that 10 years ago we* were raving about how bad Unix
is...today we're raving about how much worse Microsoft is than Unix. This
isn't because Unix got any better.
Chris
* For some poorly defined "we" which certainly includes me and which may
or may not include you.
--
Chris Garrigues Deep Eddy Internet Consulting
+1 512 432 4046 609 Deep Eddy Avenue O-
http://www.DeepEddy.Com/~cwg/ Austin, TX 78703-4513
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
PGP signature
Paul Farber <[EMAIL PROTECTED]> writes:
> Again, this is a security issue, not a single/multi user issue. It
> should be difficult to delete or modify a .dll/exe program file.
> You SHOULD have to type into a special "admin" account to install/remove
> a program. Single user or not.
While this may very well be a good idea, I'm not aware of any Unix which
requires this, provided that the program doesn't want to talk on
priveleged ports or have access to raw hardware.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
>What is needed is something that alerts the user to something that is
>unusual in some way.
Yes. More precisely, the situation has to be something the *user*
considers unusual, not something the system (which means the programmer)
so considers.
That turns out to be a very hard problem, which I got into (somewhat)
in my other longish post.
tq vm, (burley)
>Russ Allbery writes:
> > I'd like to back this up, and point out here that too much Microsoft
> > bashing on this one is misplaced.
>
>Sorry, Russ, this *is* a Microsoft problem. When many people make the
>same mistake, it is a failure of technology, not a failure of people.
>Software that fails to adapt to people's usual and expected behavior
>is wrong.
Well, yes and no.
Yes, in the sense that Microsoft has actively convinced people that their
products are "easy to use", when clearly they aren't: they aren't easy to
use to send RFC-conforming work via RFC-conforming channels (else I wouldn't
get so much gratuitously-MIME-encoded email, and come up against so many
web pages largely inaccessible using my own choice of browser).
And, they aren't easy to use in a way that protects against the harsh,
cruel, outside world. (There's somebody's .signature somewhere that
includes two quotes claimed to be from some MS higher-up -- one line
says something like "Windows 9[58] should not be used in a hostile
environment", the other "The Internet is hostile".)
No, in the sense that, to the extent Linux and other advocates claim
*their* favorite software is "easy to use", reduced to the extent that
their software has similar problems, they're making the same unfulfilled
promises.
The "rm -i" problem mentioned earlier highlights this.
It is, I believe, a fact that human beings can be lulled into responding
incorrectly to *any* question via simple repetition and the occasional
misdirection:
Okay to delete file foo.o (no)? y
Okay to delete file foo (no)? y
Okay to delete file foo.c (no)? y
(Oops, just deleted the source. Okay, given alphabetical ordering of
typical globbing, that particular example wouldn't happen, but is
anyone going to claim that's the result of sound ergonomic design? ;-)
(I should mention, I've gotten nearly-life-or-death prompts from programs
that were too poorly worded for me to be sure of the right answer,
sometimes in a context where on-line documentation was unavailable.
E.g. a start-up run of fsck that prompts something like `File foo is
listed as deleted, but is not deleted...fix (yes/no)?'. That particular
problem has a "local" fix, though.)
So, these problems will persist throughout all software, to the extent
that software doesn't *faithfully* represent the models humans use,
in their minds, when viewing the objects being manipulated by the
software, and doesn't then properly account for potentially risky
differences between the view a human *might* have about a situation,
and the "reality" as the computer sees it.
I know that might seem pretty weird, but a straightforward example of
something computers *must* someday account for is the difference (not
just binary, either) between *source* and *derived* content.
If the computer (apps, OS, network, etc.) knows which are source files
(including distinctions between newly-authored source and source
obtained, e.g., via the net) and which are derived files (object files,
executables, yacc/bison output, etc.), many worries, in the forms of
prompts, displays, etc., could be dispensed with.
And *that* would be an important step, but *just* a step, towards not
bothering the user with spurious queries. Which, in turn, would tend
to decrease the likelihood of incorrect responses to such queries.
(One of my favorite examples of a poorly formed query was from a
air-traffic-control tower, to a plane they saw was losing altitude
too early during the approach. The tower radioed something like
"Is everything okay up there?" The answer was "Yes", because, after
all, the pilot and crew were working on the problem -- the lightbulb
for the landing-gear-down indicator being out. Shortly thereafter,
the jet plunged into the Everglades, killing pretty much everyone
on board. Had the tower communicae been "Report your current altitude
immediately", the crew would, in my opinion, almost certainly looked
at the altimeter, reported the altimeter reading, gotten confirmation
from the tower, and perhaps realized they'd accidentally disabled the
autopilot while trying to localize the landing-gear-indicator problem.
Instead, by the time they *did* look at the altimeter, took a few
moments to discuss whether *it* was failing, and finally noticed the
autopilot was off, it was too late. Among many things, this incident
highlights the importance of asking a potentially-stressed human
for *more* information than they wish to provide at the time, and
cross-checking that information, because, even though such a question
might increase short-term stress, it could avoid disaster.)
Another example is that systems must accommodate, even insist on, is
more clear, straightforward communication.
Almost *nobody* ever really "means" `rm' when they type `rm', because
`rm' is so vastly overloaded with meaning and effect. Instead, they
*usually* mean just a *few* of the following (a partial list, I'm sure):
- I think I might need the disk space occupied by this file, later
- I'm pretty sure I don't need the information in this file
- I *know* I don't need the information in this file
- I don't want this file's name listed in this directory anymore
- I want to see if this file gets automatically regenerated later
- I want to force this file to get automatically regenerated later
- I no longer need this old version of some other file
- This file contains a potentially dangerous security breach
- I want to signal (to another process/system/user) by removing
this file from this (shared) directory
- I want to run my `rm' script, which is friendler than the default
The (sometimes subtle) differences among the above can be teased out,
if they aren't already evident, by asking yourself just how faithfully
a system would carry out the simple `rm' request in the context of
the following system facilities:
- The system chooses whether to prompt before deletion
- The system chooses whether to produce a list of prompts for
consideration, by the user, at a later time, picked by the
user
- The system chooses whether to immediately reclaim the disk space
- The system chooses whether to allow for "un-rm"-ing (undeleting)
the file
- The system chooses whether to make a backup copy of the file
- The system chooses whether to simply hide the file (e.g. shove
it into a "trashcan" the user can choose when to *really* delete
it)
- The system chooses when and how to notify other users sharing the
same directory structure that the file has been removed (via making
that removal visible in *their* view of that directory)
- The system chooses whether to immediately overwrite any persistent
memories containing the file's contents with garbage
Note how some of the above seem to interact and conflict. Also, some of
them might have seemingly simple answers, which might only push the
complexity elsewhere (e.g. the trashcan approach can be naively implemented
in a way that doesn't scale well, up to millions of files and/or millions
of users sharing access to the directory).
(I could go on and on, but I already have. :)
So, until we have software that has some clue about what we are thinking,
and we have the ability to actually tell the computer what we think we're
trying to do (I call this Say What You Mean (SWYM), as versus Do What
I Say (DWIS), the difference being most evident in language/interface
design), the problem won't be *near* to being solved. (And, it's highly
questionable whether it ever *will* be solved, in the sense of coping
with all humans in all situations. That would presumably require every
automaton interacting with a human to faithfully model the current,
and thus predict the future, mental state of the human.)
The problem, therefore, isn't owned by Microsoft, though MS does
probably do more to amplify the problem than any other entity on
the planet. In a sense, MS does the equivalent of selling houses
with electricity supplied in huge voltages by open wires about
6" off the ground, where kids can easily get at it. But we don't have
anything quite like Underwriter's Laboratories (UL) listings -- yet --
to keep them from so easily profitting from such clearly dangerous
practices.
(One of the main reasons I didn't, long ago, just plunge into this whole
GUI/iconic approach, when it came to writing new programs, is because
I saw the perils in assuming they'd really produce "easy-to-use" results.
I'd rather wait and do it right. MS employees prefer earning $B by
doing it wrong and selling people the results. :)
tq vm, (burley)
Russ, I forwarded your explanation (of the importance of *user* education)
to my wife, who now has the whole Information Technology (IT) department
in her area, in her organization. Hope that was okay. Thanks!
tq vm, (burley)
This is not about ports or C language.... I cannot write a program to
delete a program unless I have the priviledge to delete that file (at
least not a shell script... and not SUID).
There may be all kinds of inode tricks you can play, but at that point,
you probibly already know not to delete the entire file system.
Paul D. Farber II
Farber Technology
Ph. 570-628-5303
Fax 570-628-5545
[EMAIL PROTECTED]
On 30 Mar 1999, Russ Allbery wrote:
> Paul Farber <[EMAIL PROTECTED]> writes:
>
> > Again, this is a security issue, not a single/multi user issue. It
> > should be difficult to delete or modify a .dll/exe program file.
>
> > You SHOULD have to type into a special "admin" account to install/remove
> > a program. Single user or not.
>
> While this may very well be a good idea, I'm not aware of any Unix which
> requires this, provided that the program doesn't want to talk on
> priveleged ports or have access to raw hardware.
>
> --
> Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
>
Paul Farber wrote/schrieb/scribsit:
> Again, this is a security issue, not a single/multi user issue. It
> should be difficult to delete or modify a .dll/exe program file.
>
> You SHOULD have to type into a special "admin" account to install/remove
> a program.
So ordinary users would no longer be able to install MS Office...
Stefan
Russ Allbery writes:
> Paul Farber <[EMAIL PROTECTED]> writes:
>
> > Hmmm, Windows has the ability to write a script that ANYONE can run that
> > will delete the disk. Hmmm. Why should a Word Processor EVER have the
> > ability to make system calls?
>
> I assume you've deleted vi and emacs from your system? After all, they
> allow system calls. Hell, so does ed. pico allows shell escapes. What
> *do* you use for an editor?
Right. But neither, vi, emacs, nor ed are setuid to root.
--
Sam
Russ Allbery writes:
> Paul Farber <[EMAIL PROTECTED]> writes:
>
> > Again, this is a security issue, not a single/multi user issue. It
> > should be difficult to delete or modify a .dll/exe program file.
>
> > You SHOULD have to type into a special "admin" account to install/remove
> > a program. Single user or not.
>
> While this may very well be a good idea, I'm not aware of any Unix which
> requires this, provided that the program doesn't want to talk on
> priveleged ports or have access to raw hardware.
>
Hi Russ. Actually, we used to do just that. That was what /usr/local/*
was all about. The executables (and the /usr/local directory
structure,) were owned by other than UID GID root or bin. There was a
special UID and GID for everything in /usr/local. (Its been too long,
I can't remember the UID GID.)
If a program required HW access, or a socket, it had to be
chown/chgrp'ed to root/bin by the sysadmin. So, a group of non-admin,
high level users could manage the /usr/local stuff, install/upgrade
new programs, blah, blah. You could, also, upgrade the system without
risk of overwriting the users programs and config files.
I have no idea why we dropped the concept. Probably a casualty in the
name of user friendly.
John
--
John Conover, 631 Lamont Ct., Campbell, CA., 95008, USA.
VOX 408.370.2688, FAX 408.379.9602
[EMAIL PROTECTED], http://www2.inow.com/~conover/john.html
[EMAIL PROTECTED] writes:
> >Russ Allbery writes:
> > > I'd like to back this up, and point out here that too much Microsoft
> > > bashing on this one is misplaced.
> >
> >Sorry, Russ, this *is* a Microsoft problem. When many people make the
> >same mistake, it is a failure of technology, not a failure of people.
> >Software that fails to adapt to people's usual and expected behavior
> >is wrong.
>
> Well, yes and no.
>
FWIW, what I did, since I use procmail as a local delivery agent with
qmail, is scan the top 50 lines of all incoming, (when its delivered
to the user's Mailbox out of ~/.qmail,) and if an attachment is found,
mime encapsulate around the attachment with a text warning the user
can't miss that attachments can contain evil stuff, click at your own
risk. It at least stops automatic execution of the MS Office
suite. (Unfortunately, it requires an RFC 932 compliant MUA on the PCs
to get a valid attachment, which are kind of hard to come buy-but
Netscape seems to work OK.) At least there is no excuse for someone
clicking on Melissa or Papa.
They can't say they didn't know.
Scanning the top 50 lines does not seem to hammer box resources too
bad, and is done on the rcpt's machine, which is not the mail server
in my case, (cheap Linux boxes work.)
John
BTW, I put the address of the sender of the attachment in the warning,
since procmail's formail will extract such stuff, and a statement that
if you don't know this person, don't click. Also, a link to an
IntrAnet page explaining the situation concerning the problems with
attachments, that link into the web media stuff, blah, blah, blah.
--
John Conover, 631 Lamont Ct., Campbell, CA., 95008, USA.
VOX 408.370.2688, FAX 408.379.9602
[EMAIL PROTECTED], http://www2.inow.com/~conover/john.html
> From: Stefan Paletta <[EMAIL PROTECTED]>
> Date: Tue, 30 Mar 1999 19:17:56 +0200 (MEST)
>
>
> So ordinary users would no longer be able to install MS Office...
Now *that*'s a step forward!!!
Chris
--
Chris Garrigues Deep Eddy Internet Consulting
+1 512 432 4046 609 Deep Eddy Avenue O-
http://www.DeepEddy.Com/~cwg/ Austin, TX 78703-4513
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
PGP signature
John Conover <[EMAIL PROTECTED]> writes:
> Hi Russ. Actually, we used to do just that. That was what /usr/local/*
> was all about. The executables (and the /usr/local directory structure,)
> were owned by other than UID GID root or bin. There was a special UID
> and GID for everything in /usr/local. (Its been too long, I can't
> remember the UID GID.)
I don't think people are quite understanding what I'm saying here.
One can install a binary or other executable on a Unix system without
being root. One cannot modify *system* binaries (this multiuser system
thing again), but one can quite certainly modify binaries that the user
runs, if they have any of their own software installed. Now maybe it's
now out of vogue for a Unix user to actually install software in ~/bin,
owned by them, but I certainly still do this.
Furthermore, one can create ~/bin (or ~/... or some other such thing), put
it in the user's PATH by editing their dotfiles, and stick ls, rm, and
whatnot in there and have the user execute them instead of system
binaries. You can produce something that's very much like a "virus" this
way, provided that the user has some program (any program) in their own
directories.
There is nothing in Unix that requires that you have special privileges to
modify an executable program, in general.
Of course, such a virus, in the absence of other security holes, cannot
infect more than one user's files. I again contend that this is precisely
the difference between a single-user and multiuser system, and regardless
of what people think of the stupidity of creating a single-user system,
this IS NOT MICROSOFT'S SOLE FAULT because IT WASN'T THEIR IDEA IN THE
FIRST PLACE and THE MACINTOSH, AND NEARLY EVERY OTHER "HOME" COMPUTER EVER
MADE, WORKS EXACTLY THE SAME WAY.
Sorry.
I will point out that the presence of programs that users want to run and
that require access to the underlying hardware means that personal
computers are often more careless about root level privileges than one
would like, that games are such programs, and that games are one of the
major uses of computers in general. Note all the setuid root SVGAlib
programs under Linux.
Oh, and once you're creating a distinguished profile that owns the system
binaries and the system binaries can't be modified without authenticating
as that profile, you have made a multiuser system. There is the normal
user and the privileged user, thus making two users. Of course, without
memory protection, this is rather pointless, and with memory protection,
you end up with a real operating system.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Russ Allbery writes:
>
> Of course, such a virus, in the absence of other security holes, cannot
> infect more than one user's files. I again contend that this is precisely
> the difference between a single-user and multiuser system, and regardless
> of what people think of the stupidity of creating a single-user system,
> this IS NOT MICROSOFT'S SOLE FAULT because IT WASN'T THEIR IDEA IN THE
> FIRST PLACE and THE MACINTOSH, AND NEARLY EVERY OTHER "HOME" COMPUTER EVER
> MADE, WORKS EXACTLY THE SAME WAY.
>
> Sorry.
>
Oh, Russ, I think we all agree with you, or we wouldn't be running
Unix boxes-at least most of us are. The Unix permission structure is
what PC users hate about Unix. But tying a single user box on the
Internet is asking for trouble, like you say, because it immediately
becomes a multi-user box. When you come right down to it, the age of
the PC has gone. A multi-user personal computer is an oxymoron.
It is just probably difficult for a company like MS to change its
internal mentality and culture away from its foundations, which was
the PC.
Not to mention a lot of folks that think the PC is what computing is.
There is a lot of secretary software out there.
John
--
John Conover, 631 Lamont Ct., Campbell, CA., 95008, USA.
VOX 408.370.2688, FAX 408.379.9602
[EMAIL PROTECTED], http://www2.inow.com/~conover/john.html
Text written by John Conover at 05:48 PM 3/30/99 -0000:
>BTW, I put the address of the sender of the attachment in the warning,
>since procmail's formail will extract such stuff, and a statement that
>if you don't know this person, don't click.
But part of the point (and the evil) of Melissa is that you *do* know the
person. It sends itself to folks that it finds at the top of someone's
Outlook address book -- presumably, folks they correspond with on some
basis or another.
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
house wizard /n./
A hacker occupying a technical-specialist, R&D, or systems position
at a commercial shop. A really effective house wizard can have influ-
ence out of all proportion to his/her ostensible rank and still not
have to wear a suit.
Kai MacTane writes:
> Text written by John Conover at 05:48 PM 3/30/99 -0000:
>
> >BTW, I put the address of the sender of the attachment in the warning,
> >since procmail's formail will extract such stuff, and a statement that
> >if you don't know this person, don't click.
>
> But part of the point (and the evil) of Melissa is that you *do* know the
> person. It sends itself to folks that it finds at the top of someone's
> Outlook address book -- presumably, folks they correspond with on some
> basis or another.
>
> -----------------------------------------------------------------
> Kai MacTane
> System Administrator
> Online Partners.com, Inc.
> -----------------------------------------------------------------
> >From the Jargon File: (v4.0.0, 25 Jul 1996)
>
> house wizard /n./
>
> A hacker occupying a technical-specialist, R&D, or systems position
> at a commercial shop. A really effective house wizard can have influ-
> ence out of all proportion to his/her ostensible rank and still not
> have to wear a suit.
--
John Conover, 631 Lamont Ct., Campbell, CA., 95008, USA.
VOX 408.370.2688, FAX 408.379.9602
[EMAIL PROTECTED], http://www2.inow.com/~conover/john.html
Kai MacTane writes:
> Text written by John Conover at 05:48 PM 3/30/99 -0000:
>
> >BTW, I put the address of the sender of the attachment in the warning,
> >since procmail's formail will extract such stuff, and a statement that
> >if you don't know this person, don't click.
>
> But part of the point (and the evil) of Melissa is that you *do* know the
> person. It sends itself to folks that it finds at the top of someone's
> Outlook address book -- presumably, folks they correspond with on some
> basis or another.
>
Some of them don't, and it does mean, that no matter what, or how the
PC is configured, it won't extract the attachment automatically. It
requires intervention, after reading a message.
John
--
John Conover, 631 Lamont Ct., Campbell, CA., 95008, USA.
VOX 408.370.2688, FAX 408.379.9602
[EMAIL PROTECTED], http://www2.inow.com/~conover/john.html
Other than educating your users and that silly "filter the
message by the subject line" fix, has anyone come up
with a feasible way to protect your network and servers
from the load this "virus" could potentially cause?
Rick McMillin
Network Operations Center
I-Land Internet Services
----- Original Message -----
From: John Conover <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 30, 1999 1:54 PM
Subject: Re: Melissa Virus
> Kai MacTane writes:
> > Text written by John Conover at 05:48 PM 3/30/99 -0000:
> >
> > >BTW, I put the address of the sender of the attachment in the warning,
> > >since procmail's formail will extract such stuff, and a statement that
> > >if you don't know this person, don't click.
> >
> > But part of the point (and the evil) of Melissa is that you *do* know
the
> > person. It sends itself to folks that it finds at the top of someone's
> > Outlook address book -- presumably, folks they correspond with on some
> > basis or another.
> >
>
> Some of them don't, and it does mean, that no matter what, or how the
> PC is configured, it won't extract the attachment automatically. It
> requires intervention, after reading a message.
>
> John
>
> --
>
> John Conover, 631 Lamont Ct., Campbell, CA., 95008, USA.
> VOX 408.370.2688, FAX 408.379.9602
> [EMAIL PROTECTED], http://www2.inow.com/~conover/john.html
>
>
Rick McMillin writes:
> Other than educating your users and that silly "filter the
> message by the subject line" fix, has anyone come up
> with a feasible way to protect your network and servers
> from the load this "virus" could potentially cause?
>
A lot of folks run smtp under tcpserver to do that.
John
--
John Conover, 631 Lamont Ct., Campbell, CA., 95008, USA.
VOX 408.370.2688, FAX 408.379.9602
[EMAIL PROTECTED], http://www2.inow.com/~conover/john.html
"Chris" == Chris Garrigues <[EMAIL PROTECTED]> writes:
Chris> Software could be so much better than it is, but the fact
Chris> that it isn't better doesn't excuse the
Chris> companies/programers who made it the way it is.
I find this especially true of MS software. With the resources that
Microsoft has, their software should be the best in the world. It
should be so good that no one would even think of using anyone else's
software. Yet MS software is at best, mediocre, and at worst, total
dung. I fault Bill Gates more than anyone else in the company for
this. It's truely sad.
j.
--
Jay Soffian <[EMAIL PROTECTED]> UNIX Systems Administrator
404.572.1941 Cox Interactive Media
On Tue, 30 Mar 1999, Paul Farber wrote:
> BZZT... but joe blow can't delete SYSTEM FILES, or any file the he does
> not own. Log on a a LUSER and try rm -rf /etc see what gets deleted. Not
> a darn thing. Same for /bin /sbin etc etc etc.
funny, that doesn't work on my windows NT system when I logon as a LUSER
either.
RjL
On Tue, 30 Mar 1999, Paul Farber wrote:
> It IS a MS problem, they should not allow any indescriminate user to run
> format or del *.* . IF you don't want a child to shoot themselves, don't
> give them a gun to play with.
ONE moment!!! you're comparing UNIX with win95/WIN3.1. I can assure you
that when you login on my NT desktop machine as an ordinary user you can't
just format the disk.
> UNIX/Linux has the ability to say.. "Hey, you can't do that!" with a
> simple feature like file permissions and file ownership. Why hasn't MS
> followed suit with these basic security precaustions? Half the viruses in
> the world would become obsolete with this one patch.
they have, it's known as windowsNT... surely you've heard of it?
I'm interested in discussions about how I can plug a proper anti-virus
products into qmail. I have no interest in OS bashing like I'm seeing on
this list at the moment.
RjL
On Tue, 30 Mar 1999, Paul Farber wrote:
> You SHOULD have to type into a special "admin" account to install/remove a
> program. Single user or not. You cannot make it any "righter" by saying
> a single user is only hurting himself. It's just a bad policy/secruity
> measure to alway log in as root, but MS seems not to care, let the user,
> or IS or tech support figure out what go changed.
funnily enough I have to login on my windowsNT machine as 'administrator'
to install/remove a program. when I login as ais007 I can't ...
> Windows already supports user profiles, why not extend that into a super
> user that you must change to to modify the system?
it does
richard
From: Richard Letts <[EMAIL PROTECTED]>
: On Tue, 30 Mar 1999, Paul Farber wrote:
:
: > You SHOULD have to type into a special "admin" account to install/remove
a
: > program. Single user or not. You cannot make it any "righter" by
saying
: > a single user is only hurting himself. It's just a bad policy/secruity
: > measure to alway log in as root, but MS seems not to care, let the user,
: > or IS or tech support figure out what go changed.
:
: funnily enough I have to login on my windowsNT machine as 'administrator'
: to install/remove a program. when I login as ais007 I can't ...
:
: > Windows already supports user profiles, why not extend that into a super
: > user that you must change to to modify the system?
: it does
It does, IF you have set up NT properly. If your system partition is on a
FAT drive, for instance, you have NO file security in NT. Same if you have
converted your FAT partition to NTFS. (system file security is not set at
this time). Also, as long as a program doesn't try to modify something
besides HKEY_CURRENT_USER or write somewhere it's not allowed to, then WinNT
has no problem installing it.
--Adam
On Tue, Mar 30, 1999 at 07:17:56PM +0200,
Stefan Paletta <[EMAIL PROTECTED]> wrote:
>
> Paul Farber wrote/schrieb/scribsit:
> > Again, this is a security issue, not a single/multi user issue. It
> > should be difficult to delete or modify a .dll/exe program file.
> >
> > You SHOULD have to type into a special "admin" account to install/remove
> > a program.
>
> So ordinary users would no longer be able to install MS Office...
I would prefer it if I had different accounts with different levels of
access on my home MS machine. I don't like installs being able to write
stuff anywhere making complete uninstalls impossible in some cases.
I don't like the fact that whenever I run something it can trash my system
or use my network connection to leak information.
Unix isn't perfect, but having accounts with different levels of trust
is a lot better that what MS does even for machines that are used just by
one person.
On Tue, Mar 30, 1999 at 06:18:24AM -0800,
Russ Allbery <[EMAIL PROTECTED]> wrote:
> Paul Farber <[EMAIL PROTECTED]> writes:
>
> > Hmmm, Windows has the ability to write a script that ANYONE can run that
> > will delete the disk. Hmmm. Why should a Word Processor EVER have the
> > ability to make system calls?
>
> I assume you've deleted vi and emacs from your system? After all, they
> allow system calls. Hell, so does ed. pico allows shell escapes. What
> *do* you use for an editor?
This isn't the same thing. They don't run commands imbedded in the the
documents. The shell escapes have to be run by the person using the
editor.
>
> xdvi supports it because it allows you to do some cool things with
> specials. xdvi is hardly a Windows program. If I'm not mistaken,
> PostScript interpretors can support the same thing in specials. From the
These kind of programs can have problems. And people need to be careful
viewing stuff with them. Also people need to be careful when writing
mailcap entries since those can have unexpected things happen when
special characters appear in file names or other strings passed to
the programs they run.
Bruno Wolff III wrote/schrieb/scribsit:
> On Tue, Mar 30, 1999 at 07:17:56PM +0200,
> Stefan Paletta <[EMAIL PROTECTED]> wrote:
>> So ordinary users would no longer be able to install MS Office...
> I would prefer it if I had different accounts with different levels of
> access on my home MS machine. I don't like installs being able to write
> stuff anywhere making complete uninstalls impossible in some cases.
The point is that an MS Office install _requires_ being able to write
stuff anywhere. (Same with StarOffice on Linux btw, comes with its own
libc.)
Furthermore, users IME
o don't want to
o are too stupid
o start working with admin-privs anyway
Stefan
On Tue, 30 Mar 1999, Adam D. McKenna wrote:
> From: Richard Letts <[EMAIL PROTECTED]>
>
>
> : > Windows already supports user profiles, why not extend that into a super
> : > user that you must change to to modify the system?
> : it does
>
> It does, IF you have set up NT properly. If your system partition is on a
> FAT drive, for instance, you have NO file security in NT. Same if you have
> converted your FAT partition to NTFS. (system file security is not set at
> this time).
please! surely one would not run linux using UMSDOS if one were interested
in security?
I use a disk image built for use in a student lab on the NT machine in
my ofice at work. most unixes don't ship secure out of the box, why should
anything else?
> Also, as long as a program doesn't try to modify something besides
> HKEY_CURRENT_USER or write somewhere it's not allowed to, then WinNT has
> no problem installing it.
hey, I can install IRC into my filestore under a UNIX operating system as
long as it doesn't try to write somewhere it's not allowed to.
Richard
Bruno Wolff <[EMAIL PROTECTED]> writes:
> This isn't the same thing. They don't run commands imbedded in the the
> documents.
emacs does.
> These kind of programs can have problems. And people need to be careful
> viewing stuff with them. Also people need to be careful when writing
> mailcap entries since those can have unexpected things happen when
> special characters appear in file names or other strings passed to the
> programs they run.
Right. That's sort of my general point. The mailcap bit is probably a
slightly better illustration of it.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Text written by Richard Letts at 12:38 AM 3/31/99 +0100:
>
>I use a disk image built for use in a student lab on the NT machine in
>my ofice at work. most unixes don't ship secure out of the box, why should
>anything else?
Heck, most Unices ship with *Sendmail* out of the box. How good is *that*
for security? :)
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
cracking /n./
The act of breaking into a computer system; what a cracker does.
Contrary to widespread myth, this does not usually involve some
mysterious leap of hackerly brilliance, but rather persistence and
the dogged repetition of a handful of fairly well-known tricks that
exploit common weaknesses in the security of target systems. Accord-
ingly, most crackers are only mediocre hackers.
Bruno Wolff III <[EMAIL PROTECTED]> writes on 30 March 1999 at 17:14:16 -0600
> On Tue, Mar 30, 1999 at 06:18:24AM -0800,
> Russ Allbery <[EMAIL PROTECTED]> wrote:
> > Paul Farber <[EMAIL PROTECTED]> writes:
> >
> > > Hmmm, Windows has the ability to write a script that ANYONE can run that
> > > will delete the disk. Hmmm. Why should a Word Processor EVER have the
> > > ability to make system calls?
> >
> > I assume you've deleted vi and emacs from your system? After all, they
> > allow system calls. Hell, so does ed. pico allows shell escapes. What
> > *do* you use for an editor?
>
> This isn't the same thing. They don't run commands imbedded in the the
> documents. The shell escapes have to be run by the person using the
> editor.
Oh yeah?
I couldn't live without emacs; I run it on Linux, Solaris,
Windows 95, and Windows NT, and I have my bash command line editing
configured in emacs mode. Heck, I've reconfigured Word to use basic
emacs movement commands, they're so deeply etched into my spinal
cord. However, it's quite easy to put code into a document that will
be run when you open it in emacs. (Local variables lists)
As it says in the man page:
The `eval' "variable," and certain actual variables, create a
special risk; when you visit someone else's file, local variable
specifications for these could affect your Emacs in arbitrary
ways. Therefore, the option `enable-local-eval' controls whether
Emacs processes `eval' variables, as well variables with names
that end in `-hook', `-hooks', `-function' or `-functions', and
certain other variables. The three possibilities for the option's
value are `t', `nil', and anything else, just as for
`enable-local-variables'. The default is `maybe', which is
neither `t' nor `nil', so normally Emacs does ask for confirmation
about file settings for these variables.
--
David Dyer-Bennet [EMAIL PROTECTED]
http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon
http://ouroboros.demesne.com/ The Ouroboros Bookworms
Join the 20th century before it's too late!
On Tue, Mar 30, 1999 at 10:23:50PM +0100, Richard Letts wrote:
> funnily enough I have to login on my windowsNT machine as 'administrator'
> to install/remove a program. when I login as ais007 I can't ...
A big difference is in the application software, though. Most (nearly
all?) unix software can be installed as a regular user at this point.
Any office suite, that's fer sure.
I haven't heard of any major application software under NT that hasn't
required administrator privliges (needing to install components under
c:\winnt\system32, etc), which means that to not prevent users from
working many places grant local administrator privliges to their
desktop users. So programs that do malicious things to the system
have free run, and the good ideas in the privlige system in NT are
sitelined (I love being able to add groups to groups, and would like
that in unix). I presume that it would also make it more difficult to
create read-only copies of applications on a network share instead of
having it installed on each desktop. This makes those applications
more vulnerable to virii... The implications go on.
In contrast to this, a unix user can have their own everything in the
space they're allocated - they can even link their programs to their
own C library if they really want to.
-Peter
On Wed, Mar 31, 1999 at 01:19:13AM +0200, Stefan Paletta wrote:
> The point is that an MS Office install _requires_ being able to write
> stuff anywhere. (Same with StarOffice on Linux btw, comes with its own
> libc.)
A quick quibble: that's not the same thing. Staroffice may come w/
its own libc (I didn't know about this) but I recall that you can
create a complete installation in ~someuser/ and it'll work and not
need system privliges. I don't see the same think being available in ms-land.
-Peter
On Tue, Mar 30, 1999 at 03:52:31PM -0800, Russ Allbery wrote:
> Bruno Wolff <[EMAIL PROTECTED]> writes:
>
> > This isn't the same thing. They don't run commands imbedded in the the
> > documents.
>
> emacs does.
I had been told that it didn't anymore, unless you enable that
behavior.
-Peter
Text written by Peter C. Norton at 09:27 PM 3/30/99 -0500:
>>
>> > This isn't the same thing. They don't run commands imbedded in the the
>> > documents.
>>
>> emacs does.
>
>I had been told that it didn't anymore, unless you enable that
>behavior.
Similarly, MS Word doesn't run any macros automatically, unless you
specifically enable them in a particular document as you're opening it, or
you specifically disable the feature that alerts you to the presence of
code that wants to be automatically executed. By default, it ships with
that feature activated, and anyone opening a document containing "auto
macros" -- ones that attempt to run themselves without user intervention --
sees a dialog box alerting them to that fact and advising them that they
shouldn't enable those macros unless they trust the document's author and
know what's going on.
And, FWIW, I don't think people share documents like that very often. I
think it's seldom enough that they'd say things to each other when passing
them around, like "Word will tell you this document might have a virus in
it, but it doesn't -- it's just this thing I wrote that does such-and-so."
Hell, most MS Word users don't even know how to write a normal macro, much
less an auto macro.
So the "alias rm='rm -i' effect" doesn't really come into play here.
(Sorry, I've been thinking about that one a bit since it was mentioned
earlier. I really don't think the average MS Word user bothers with macros
at all, based on my experience as a word processing temp.)
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
scram switch /n./
[from the nuclear power industry] An emergency-power-off switch (see
Big Red Switch), esp. one positioned to be easily hit by evacuating
personnel. In general, this is *not* something you frob lightly;
these often initiate expensive events (such as Halon dumps) and are
installed in a dinosaur pen for use in case of electrical fire or
in case some luckless field servoid should put 120 volts across
himself while Easter egging.
On Tue, Mar 30, 1999 at 06:48:35PM -0800, Kai MacTane wrote:
> >I had been told that it didn't anymore, unless you enable that
> >behavior.
>
> Similarly, MS Word doesn't run any macros automatically, unless you
> specifically enable them in a particular document as you're opening it, or
> you specifically disable the feature that alerts you to the presence of
> code that wants to be automatically executed.
Really? I thought that others here had said that there was a loophole
when you received documents that were somehow trusted. I don't know
how that works, though.
> And, FWIW, I don't think people share documents like that very often. I
> think it's seldom enough that they'd say things to each other when passing
> them around, like "Word will tell you this document might have a virus in
> it, but it doesn't -- it's just this thing I wrote that does such-and-so."
Offices do set up documents with macros. Automated crud from HR and
finance related things, in my experience. A document for filing
expense reports with a table that adds things automaticly and prompts
for missing fields is one that I've seen. It's the standard at one
office that just seems to keep getting hit by virii. If that document
got infected and sent around they'd lose *days* of IS time.
-Peter
Text written by Peter C. Norton at 10:16 PM 3/30/99 -0500:
>
>Really? I thought that others here had said that there was a loophole
>when you received documents that were somehow trusted. I don't know
>how that works, though.
The only version of that I've heard of is: Word and other Office apps have
a "most-recently-used" (MRU) files list at the bottom of the File menu. If
you open a document off the MRU, it applies the same settings as last time
you opened it (enable auto macros or disable them).
This is not a problem unless you're sharing files with someone else who's
infected. If you open the file, knowing that it's okay (because, for
example, you just created it, auto macros included) and say "enable the
macros", then close it, then your pal across the office network who's just
gotten a copy of Melissa (or any other MS Office macro virus) opens the
thing and makes some changes, then you're screwed the next time you open
the sucker.
>Offices do set up documents with macros. Automated crud from HR and
>finance related things, in my experience. A document for filing
>expense reports with a table that adds things automaticly and prompts
>for missing fields is one that I've seen. It's the standard at one
>office that just seems to keep getting hit by virii. If that document
>got infected and sent around they'd lose *days* of IS time.
I'm not saying people never use these features -- our office has an Excel
spreadsheet exactly like what you describe -- just that it's rare enough
that most people probably don't just hit "enable macros" without thinking
about it.
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
die horribly /v./
The software equivalent of crash and burn, and the preferred emphatic
form of die. "The converter choked on an FF in its input and died
horribly".
[EMAIL PROTECTED] (Russ Allbery) writes:
Bruno Wolff <[EMAIL PROTECTED]> writes:
> This isn't the same thing. They don't run commands imbedded in the the
> documents.
emacs does.
Emacs is a bad example -- it explicitly asks before executing code.
>Faried Nawaz writes:
>
>Emacs is a bad example -- it explicitly asks before executing code.
Like Word then!
_________________________________________________________________
This message has been checked for all viruses (including Melissa)
by the Star Screening System
http://academy.star.co.uk/public/virustats.htm
From: Alex Shipp <[EMAIL PROTECTED]>
: >Faried Nawaz writes:
: >
: >Emacs is a bad example -- it explicitly asks before executing code.
:
: Like Word then!
Think about the people you know who use emacs. Now think about the people you
know who use word. Is the difference clear to you now?
--Adam
-----Original Message-----
From: Adam D. McKenna <[EMAIL PROTECTED]>
: >
: >Emacs is a bad example -- it explicitly asks before executing code.
:
: Like Word then!
:
:Think about the people you know who use emacs. Now think about the people
you
:know who use word. Is the difference clear to you now?
I don't know anyone who uses emacs (or who admits it). On the other hand I
know many
many people who use word. I therefore deduce: one is a package used by
millions of people, many of whom know very little about computers. The other
isn't.
I guess this is the conclusion you were hoping I would reach. ;-)
Alex
_________________________________________________________________
This message has been checked for all viruses (including Melissa)
by the Star Screening System
http://academy.star.co.uk/public/virustats.htm
_________________________________________________________________
This message has been checked for all viruses (including Melissa)
by the Star Screening System
http://academy.star.co.uk/public/virustats.htm
On Wed, Mar 31, 1999 at 02:16:58AM -0500, Adam D. McKenna wrote:
> From: Alex Shipp <[EMAIL PROTECTED]>
> : >Faried Nawaz writes:
> : >Emacs is a bad example -- it explicitly asks before executing code.
> : Like Word then!
> Think about the people you know who use emacs. Now think about the
> people you know who use word. Is the difference clear to you now?
Yeah. It's not a UI issue, it's more of just a user issue.
Emacs require that users explicitly and continually learn, where
windows applications give users little "hints" (a lot of MS-ware
reminds me of a skinner box - do good, get good pellet/printout from
box/printer, do "bad" get electrical shock/BSOD - but skinner boxes
aren't arbitrary).
Emacs doesn't pretend to even like you until you've put in some work
and then it's mutual long-term love. Word always makes you feel a bit
like it's a cheap hussy - some color, some talk... amounting to just a
few dollars and some faux results. But it requires no learning, no
work, and the end product can often be the same so it's seen as an
option.
-Peter
Russ Allbery <[EMAIL PROTECTED]> writes on 30 March 1999 at 01:04:26 -0800
> I'd like to back this up, and point out here that too much Microsoft
> bashing on this one is misplaced. This particular attack is not
> Microsoft-specific in any way other than having happened to be written
> against a widely used Microsoft applciation; the property that it needs to
> be effective is a document viewer with an embedded macro language in which
> macros are executed by default.
Yes, but...who except Microsoft markets such an application?
> Now, I'm not a Word user, so I don't know for sure, but I've at least
> heard that automatic execution of macros in Word documents is *off* by
> default. Extrapolating from that, however, I would imagine that Word
> probably pops up a warning dialog box, and users get tired of saying "yes,
> it's okay."
In Word 97, under tools/options/general, there's a checkbox "macro
virus protection", which is checked by default. This prevents
automatic running of macros when you open a document -- EXCEPT when
the document comes from a trusted source, which includes any document
you had to specify a password to open.
> In other words, to be blunt, this isn't a Windows problem. This is a user
> stupidity problem. The *only* effective long-term solution to these sorts
> of problems is to bludgeon people about the head with the idea that they
> should NEVER, EVER, *EVER* run *ANYTHING* that they get via e-mail, *even
> if it's from someone that they know*, without explicit confirmation of
> what it is and what it does, and that all of their programs need to be
> configured the same way. And that as annoying as warning boxes might be,
> they're there for a *reason*, and if they can't stand them, the answer is
> to disable all macros always, not turn them on.
If document macros ran in a limited environment analagous to the Java
sandbox, things would be a lot safer. Software-based protection isn't
the most solid approach, but as its refined and tuned it gets pretty
good, and it offers significant protection for this sort of application.
--
David Dyer-Bennet [EMAIL PROTECTED]
http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon
http://ouroboros.demesne.com/ The Ouroboros Bookworms
Join the 20th century before it's too late!
ddb <[EMAIL PROTECTED]> writes:
> Russ Allbery <[EMAIL PROTECTED]> writes:
>> I'd like to back this up, and point out here that too much Microsoft
>> bashing on this one is misplaced. This particular attack is not
>> Microsoft-specific in any way other than having happened to be written
>> against a widely used Microsoft applciation; the property that it needs
>> to be effective is a document viewer with an embedded macro language in
>> which macros are executed by default.
> Yes, but...who except Microsoft markets such an application?
No one that I know of, since Microsoft doesn't execute macros by default.
The user has to set it up that way. (Except for the case of secure
documents, which although a justifiable design decision I'd still consider
a mistake.) If you mean the more general case of who markets an
application that has an embedded macro language whose macros can run when
a document is opened, Richard Stallman would be another person. :)
> This prevents automatic running of macros when you open a document --
> EXCEPT when the document comes from a trusted source, which includes any
> document you had to specify a password to open.
Yup. Interesting post to BUGTRAQ about that (except with Excel).
> If document macros ran in a limited environment analagous to the Java
> sandbox, things would be a lot safer.
Has *Java* even gotten their sandbox right? Sure, I agree with you, but
again I don't think this is a problem specific to Microsoft. Users are
demanding all their software works together to make it easier to use, and
users don't want to understand how the application works in order to use
it. (I suppose *some* of that is Microsoft's fault for creating huge and
bloated applications, but the same thing happens in Unix.)
Hence the demand for macros to do things for them. Hence the unchecking
of security checkboxes so that they don't have to think about where they
got a document from. Hence the fact that the word processor can control
their mail program in the first place (because heaven forbid they have to
understand the difference between a word processor and an e-mail program;
it should just all work together so that they don't have to think about
it).
Microsoft is a seriously broken company that's done a lot of evil in the
world, but this specific problem I place square at the feet of the
prevelant attitude of "don't try to make me understand what I'm doing,
just make it work."
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
>>> bashing on this one is misplaced. This particular attack is not
>>> Microsoft-specific in any way other than having happened to be written
>> If document macros ran in a limited environment analagous to the Java
>> sandbox, things would be a lot safer.
>
>Has *Java* even gotten their sandbox right? Sure, I agree with you, but
>Microsoft is a seriously broken company that's done a lot of evil in the
>world, but this specific problem I place square at the feet of the
>prevelant attitude of "don't try to make me understand what I'm doing,
>just make it work."
That and a "code first, secure later" mentality when designing software
that's uses by literally millions of naive users. I'll bet the designer of
macros in Word never thought about the internet as a mechanism for
connecting malicious external parties with naive internal users. (Well I
hope they didn't think of it. Knowing it and proceding nonetheless is far
worse of course).
Obqmail: That you start with security as a fundamental goal has to put you
in a lot better stead than worrying about it after you ship functionality.
Particularly relevant to Melissa is the content leakage it causes by
sending the infected document (which could be highly confidential or
embarrassing) to the 50 recipients (or is that 60 with papa?).
It's interesting to note the information leaks in qmail in light of this.
There are not many and they are pretty well constrained to providing traces
for local administrators rather than information to the wider internet.
Examples?
1. uid (but not username!) in Received:
2. qid & qp on 250 ok (they largely provide traffic analysis-type info)
3. IP addresses and reverse names (possibly from a split DNS) in Received:
lines
Not too bad. Are there others that cannot be stopped with the standard
qmail? One could argue that there should be a ~alias/.qmail-default
installed as a default.
I don't know of any fundamental content leak capability that's not user
initiated. Anyone?
Regards.
On Tue, 30 Mar 1999, Mark Delany wrote:
Examples?
1. uid (but not username!) in Received:
2. qid & qp on 250 ok (they largely provide traffic analysis-type info)
3. IP addresses and reverse names (possibly from a split DNS) in Received:
lines
Delivered-To: headers.
-- Jeff
Mark Delany writes:
>
> Not too bad. Are there others that cannot be stopped with the standard
> qmail? One could argue that there should be a ~alias/.qmail-default
> installed as a default.
>
Just out of curiosity, what should be in ~/.qmail-default?
Thanks,
John
--
John Conover, 631 Lamont Ct., Campbell, CA., 95008, USA.
VOX 408.370.2688, FAX 408.379.9602
[EMAIL PROTECTED], http://www2.inow.com/~conover/john.html
At 10:28 AM Tuesday 3/30/99, Jeff Hayward wrote:
>On Tue, 30 Mar 1999, Mark Delany wrote:
>
> Examples?
>
> 1. uid (but not username!) in Received:
> 2. qid & qp on 250 ok (they largely provide traffic analysis-type info)
> 3. IP addresses and reverse names (possibly from a split DNS) in Received:
> lines
>
>Delivered-To: headers.
Good point, but external parties don't get to see those unless there's a
bounce. I was going to add that allowing bounces is a possible leakage -
perhaps I should say that now :>
Regards.
On Tue, 30 Mar 1999, Mark Delany wrote:
>Delivered-To: headers.
Good point, but external parties don't get to see those unless there's a
bounce. I was going to add that allowing bounces is a possible leakage -
perhaps I should say that now :>
The main thing, IMO, that D-T: reveals is the structure of any
virtual domains, to any recipient of a message sent to a VD. This
includes messages forwarded, bounces, mailing list messages, etc.
Bounces are a rather interesting source of information. When you
add in the DSN ESMTP extensions, the DSN stuff gives quite a bit of
info to anyone seeing it.
-- Jeff
At 04:33 PM Tuesday 3/30/99, John Conover wrote:
>Mark Delany writes:
>>
>> Not too bad. Are there others that cannot be stopped with the standard
>> qmail? One could argue that there should be a ~alias/.qmail-default
>> installed as a default.
>>
>
>Just out of curiosity, what should be in ~/.qmail-default?
Something that stops a bounce that informs people about addresses that are
invalid (and thus by inference) addresses which may be valid. It's a pretty
paranoid point I confess.
Regards.
Mark Delany writes:
> At 04:33 PM Tuesday 3/30/99, John Conover wrote:
> >Mark Delany writes:
> >>
> >> Not too bad. Are there others that cannot be stopped with the standard
> >> qmail? One could argue that there should be a ~alias/.qmail-default
> >> installed as a default.
> >>
> >
> >Just out of curiosity, what should be in ~/.qmail-default?
>
> Something that stops a bounce that informs people about addresses that are
> invalid (and thus by inference) addresses which may be valid. It's a pretty
> paranoid point I confess.
>
>
Actually, Mark, I am not so sure it is paranoid. They may be after your
account names, anyhow.
What should be in ~alias/.qmail-default to do that?
John
--
John Conover, 631 Lamont Ct., Campbell, CA., 95008, USA.
VOX 408.370.2688, FAX 408.379.9602
[EMAIL PROTECTED], http://www2.inow.com/~conover/john.html
John Conover <[EMAIL PROTECTED]> writes:
> What should be in ~alias/.qmail-default to do that?
If you want to just not send out bounce messages for non-existent
addresses, # will do. (I wouldn't recommend this for any large site, for
obvious reasons.)
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
>> >> qmail? One could argue that there should be a ~alias/.qmail-default
>> >> installed as a default.
>> >>
>> >
>> >Just out of curiosity, what should be in ~/.qmail-default?
>>
>> Something that stops a bounce that informs people about addresses that are
>> invalid (and thus by inference) addresses which may be valid. It's a pretty
>> paranoid point I confess.
>>
>>
>
>Actually, Mark, I am not so sure it is paranoid. They may be after your
>account names, anyhow.
>
>What should be in ~alias/.qmail-default to do that?
Try point (1) of "man dot-qmail"
Regards.
Anand Buddhdev writes:
> On Tue, Mar 30, 1999 at 10:34:25AM +0300, Georgi Kupenov wrote:
>
> To ban a certain host from connecting to you, put the following at the
> top of the tcp.smtp rules file and rebuild it with tcprules:
>
> [ip.address.of.bad.host]:deny
That causes problems, though. Microsoft, in their infinite wisdom (we
wouldn't have Melissa without Microsoft products to propogate it --
Unix-only houses have been blissfully ignorant) causes some version of
their mailer to retry upon failure to get a prompt. Denial of service
attacker, as designed. By a major US corporation.
Better to run rblsmtpd (the RBL is a good thing in any case) and set
RBLSMTPD.
[ip.address.of.bad.host]:allow,RBLSMTPD=/-You are banned from sending mail here/
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Russell Nelson writes:
> Anand Buddhdev writes:
> > On Tue, Mar 30, 1999 at 10:34:25AM +0300, Georgi Kupenov wrote:
> >
> > To ban a certain host from connecting to you, put the following at the
> > top of the tcp.smtp rules file and rebuild it with tcprules:
> >
> > [ip.address.of.bad.host]:deny
>
> That causes problems, though. Microsoft, in their infinite wisdom (we
> wouldn't have Melissa without Microsoft products to propogate it --
> Unix-only houses have been blissfully ignorant) causes some version of
> their mailer to retry upon failure to get a prompt. Denial of service
> attacker, as designed. By a major US corporation.
No problem. Router firewall.
--
Sam
On Tue, 30 Mar 1999 17:25:55 GMT, Sam wrote:
>No problem. Router firewall.
Or if you don't control an upstream router, use the firewall code in
your OS (at least for linux).
-Sincerely, Fred
(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)
Is there anyone interested in a mailq like program for qmail? One which
lists the contents of the outgoing message queues.
I wrote one over the weekend and should have a version out by today.
If there is any interest, I'd like comments/patches on it. For now,
I'll just distribute it by just mailing it out to those who request it.
Metalab is a potential home for it, unless there are other suggestions.
--
William Burrow -- New Brunswick, Canada
Asking for good driving is like asking for good government. -- Unknown
I thought there was qmail-qstat and qmail-qread?
> ----------
> From: William Burrow[SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, March 30, 1999 4:57 PM
> To: [EMAIL PROTECTED]
> Subject: mailq
>
> Is there anyone interested in a mailq like program for qmail? One which
> lists the contents of the outgoing message queues.
>
> I wrote one over the weekend and should have a version out by today.
> If there is any interest, I'd like comments/patches on it. For now,
> I'll just distribute it by just mailing it out to those who request it.
>
> Metalab is a potential home for it, unless there are other suggestions.
>
> --
> William Burrow -- New Brunswick, Canada
> Asking for good driving is like asking for good government. -- Unknown
>
William Burrow <[EMAIL PROTECTED]> writes:
> Is there anyone interested in a mailq like program for qmail? One which
> lists the contents of the outgoing message queues.
Maintenance Procedures qmail-qread(8)
NAME
qmail-qread - list outgoing messages and recipients
SYNOPSIS
qmail-qread
DESCRIPTION
qmail-qread scans the outgoing queue of messages. For each
message it prints various human-readable information,
including the date the message entered the queue, the number
of bytes in the message, the message sender, and all the
recipients still under consideration.
qmail-qread must be run either as root or with user id
qmails and group id qmail.
SEE ALSO
qmail-qstat(8), qmail-send(8)
--
Lars Balker Rasmussen, Software Engineer, Mjolner Informatics ApS
[EMAIL PROTECTED]
On Tue, Mar 30, 1999 at 05:05:33PM +0200, Lars Balker Rasmussen wrote:
> William Burrow <[EMAIL PROTECTED]> writes:
> > Is there anyone interested in a mailq like program for qmail? One which
> > lists the contents of the outgoing message queues.
>
> Maintenance Procedures qmail-qread(8)
>
> NAME
> qmail-qread - list outgoing messages and recipients
Didn't see it. Was an interesting exercise.
--
William Burrow -- New Brunswick, Canada
Asking for good driving is like asking for good government. -- Unknown
On 30 Mar 1999, Russell Nelson wrote:
> Matt Simerson writes:
> >
> > I just installed the qmail-popbull patches on a qmail 1.03 install and am
> > getting duplicate messags, one for every time a user checks their email.
> > I checked into it and the .timestamp file for their account isn't updting.
> > I have since worked around the problems like this "rm `ls
> > /usr/home/*/.timestamp`.
>
> I'd rather you fixed the problem rather than working around it.
Me too! But last night (my first time using it) when a half dozen
I-check-my-email-every-minute users called to inform me they were getting
lots of copies of the same message I had to do something. I did determine
that the .timestamp file is not having getting it's
> I'm
> curious what the matter could be. It's working here for me.
I don't doubt that it's working for you, but there's something different
between us. I'll do whatever you need to help out but I'm not a
programmer. Well, I used to write in basic and know some Perl and
Applescript but that would hardly entitle me to even amatuer programmer
status.
As I read the popbull patch, it appears that this is where you check the
date on the the .timestamp file:
+ if (stat(".timestamp", &st) == -1) ts_date = 0;
+ else ts_date = st.st_mtime;
+ fd = open_trunc(".timestamp");
+ close (fd);
Now, for some reason or another, it's not actually modifying the date when
I check my mail via a POP session. I thought maybe it could be because the
$HOME directories are NFS mounted so I enabled pop3d on the NFS server and
tried it there but I get the same result.
Here's my config:
BSDI 4.0.1
Qmail 1.3 with rbl-diffs and popbull-diffs.
rblsmtpd 0.70
ucspi-tcp 0.80
I invoke qmail with the following commands:
exec env - PATH="/var/qmail/bin:$PATH" \
qmail-start ./Maildir/ splogger qmail
/usr/local/bin/tcpserver -x/etc/tcp.smtp.cdb -uXXXX -gXXX 0 smtp \
/usr/local/bin/rblsmtpd -b -t2 -r dul.maps.vix.com \
/usr/local/bin/rblsmtpd -b -t2 /var/qmail/bin/qmail-smtpd &
/usr/local/bin/tcpserver 0 pop3 /var/qmail/bin/qmail-popup \
dns.michweb.net /bin/checkpassword /var/qmail/bin/qmail-popbull
/var/spool/bulletins /var/qmail/bin/qmail-pop3d Maildir &
TIA,
Matt
``````````````````````````````````````````````````````````````````
Matt Simerson http://users.michweb.net/~matt
MichWeb Inc. - President http://www.michweb.net
The Art Farm - Technical Wizard http://www.theartfarm.com
Better to dare Mighty Things and fail, than to live in __o
a gray twilight where there is neither victory or _-\<,_
defeat. -- attributed to Theodore Roosevelt ......(_)/ (_)
``````````````````````````````````````````````````````````````````
>> > I just installed the qmail-popbull patches on a qmail 1.03 install and am
>> > getting duplicate messags, one for every time a user checks their email.
> + if (stat(".timestamp", &st) == -1) ts_date = 0;
> + else ts_date = st.st_mtime;
> + fd = open_trunc(".timestamp");
>Now, for some reason or another, it's not actually modifying the date when
>I check my mail via a POP session. I thought maybe it could be because the
>$HOME directories are NFS mounted
That's what I was about to say, attribute caching across NFS.
>so I enabled pop3d on the NFS server and tried it there but I get the same
result.
If you are *sure* that the modification time of .timestamp isn't changing
when you run the pop server (with the popbull patch of course) on the same
system as the .timestamp file system then I'd say it's either an OS bug or a
particularly interesing mount option with BSDI.
I guess it's possible that the semantics of mtime are such that it doesn't
get updated unless something is actually written to the file...
Hmm. According to Solaris, mtime changes when you issue one of:
creat(), mknod(), pipe(), utime(), and write(2).
Does the patch write anything into .timestamp? Should it?
Regards.
Mark Delany writes:
> Hmm. According to Solaris, mtime changes when you issue one of:
>
> creat(), mknod(), pipe(), utime(), and write(2).
>
> Does the patch write anything into .timestamp? Should it?
No and absent a kernel bug, no:
creat is equivalent to open with flags equal to
O_CREAT|O_WRONLY|O_TRUNC.
int open_trunc(fn) char *fn;
{ return open(fn,O_WRONLY | O_NDELAY | O_TRUNC | O_CREAT,0644); }
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
At 04:33 PM Tuesday 3/30/99, Russell Nelson wrote:
>Mark Delany writes:
> > Hmm. According to Solaris, mtime changes when you issue one of:
> >
> > creat(), mknod(), pipe(), utime(), and write(2).
> >
> > Does the patch write anything into .timestamp? Should it?
>
>No and absent a kernel bug, no:
>
> creat is equivalent to open with flags equal to
> O_CREAT|O_WRONLY|O_TRUNC.
Yes. My manpage says that too. I wonder whether mtime only applies if the
file doesn't exist though?
Regards.
Hi. I was doing some maintenance on our server running qmail and
noticed when i did "qmail-qread", there were over 4000 messages in the
queue all looked like this except for the odd one:
26 Mar 1999 11:30:00 GMT #8947 425 <[EMAIL PROTECTED]>
local [EMAIL PROTECTED]
Since this server is only running moderated mailing lists, I was curious
as to who/what is sending these messages.
Any ideas ?
Also if they are not important, how do i clean these messages out of the
queue ?
How can i view what is in those messages ?
Thanks in advance.
td
Tony D'Andrade <[EMAIL PROTECTED]> writes:
> Hi. I was doing some maintenance on our server running qmail and noticed
> when i did "qmail-qread", there were over 4000 messages in the queue all
> looked like this except for the odd one:
> 26 Mar 1999 11:30:00 GMT #8947 425 <[EMAIL PROTECTED]>
> local [EMAIL PROTECTED]
> Since this server is only running moderated mailing lists, I was curious
> as to who/what is sending these messages.
Probably cron. qmail-inject uses that envelope sender under some
circumstances when mail is sent fron cron; I'm not entirely sure why it
happens (although I'm sure it's documented somewhere and someone will
follow up with the full explanation), but it's generally harmless. My
guess is it's the combination of mail being sent from root and the lack of
any meaningful environment (such as USER or LOGNAME) being set.
> Also if they are not important, how do i clean these messages out of the
> queue ?
Fix whatever's preventing delivery of mail to root.
> How can i view what is in those messages ?
Fixing root's mailbox is the simplest way. You could also go into
/var/qmail/queue/mess and read them.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Russ Allbery writes:
> Tony D'Andrade <[EMAIL PROTECTED]> writes:
> > 26 Mar 1999 11:30:00 GMT #8947 425 <[EMAIL PROTECTED]>
> > local [EMAIL PROTECTED]
> > How can i view what is in those messages ?
>
> Fixing root's mailbox is the simplest way. You could also go into
> /var/qmail/queue/mess and read them.
Yup. In this case, ``less /var/qmail/queue/mess/*/8947'' would work great.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Russ Allbery writes:
> Tony D'Andrade <[EMAIL PROTECTED]> writes:
>
> > Hi. I was doing some maintenance on our server running qmail and noticed
> > when i did "qmail-qread", there were over 4000 messages in the queue all
> > looked like this except for the odd one:
>
> > 26 Mar 1999 11:30:00 GMT #8947 425 <[EMAIL PROTECTED]>
> > local [EMAIL PROTECTED]
>
> > Since this server is only running moderated mailing lists, I was curious
> > as to who/what is sending these messages.
>
> Probably cron. qmail-inject uses that envelope sender under some
> circumstances when mail is sent fron cron; I'm not entirely sure why it
> happens (although I'm sure it's documented somewhere and someone will
qmail-inject sets the envelope sender to anonymous if it is set via any of
the environment variables.
It seems that qmail-inject doesn't want to to a getpwuid to find out the
running userid. So, unless it can manage to find a user name via some
other means, anonymous will be used.
--
Sam
-- From ComputerWorld.
Mitnick strikes plea
The famed hacker will receive up to 46 months in prison
-- vs. the 35 years he had been facing -- and cannot use
PCs or cell phones for three years after his release.
http://www.computerworld.com/home/news.nsf/CWFlash/9903291mitnick
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Campground Directory http://www.camping-usa.com
Online Giftshop Superstore http://www.cloudninegifts.com
==========================================================================
>Mitnick strikes plea
>
>The famed hacker will receive up to 46 months in prison
>-- vs. the 35 years he had been facing -- and cannot use
>PCs or cell phones for three years after his release.
This made me laugh out loud. Because, if he really wanted access to
PCs and cell phones, wouldn't he have asked to *stay* in prison? :)
tq vm, (burley)
From: <[EMAIL PROTECTED]>
: >Mitnick strikes plea
: >
: >The famed hacker will receive up to 46 months in prison
: >-- vs. the 35 years he had been facing -- and cannot use
: >PCs or cell phones for three years after his release.
:
: This made me laugh out loud. Because, if he really wanted access to
: PCs and cell phones, wouldn't he have asked to *stay* in prison? :)
I'm not sure what they think he could do with a cell phone that he couldn't
do with a regular phone?
--Adam
"Adam D. McKenna" wrote:
>
> From: <[EMAIL PROTECTED]>
>
> : >Mitnick strikes plea
> : >
> : >The famed hacker will receive up to 46 months in prison
> : >-- vs. the 35 years he had been facing -- and cannot use
> : >PCs or cell phones for three years after his release.
> :
> : This made me laugh out loud. Because, if he really wanted access to
> : PCs and cell phones, wouldn't he have asked to *stay* in prison? :)
>
> I'm not sure what they think he could do with a cell phone that he couldn't
> do with a regular phone?
>
> --Adam
Isnt this the same guy that was "jailed" without being charged?
morgan
On Tue, 30 Mar 1999 12:27:26 -0500, Adam D. McKenna wrote:
>I'm not sure what they think he could do with a cell phone that he couldn't
>do with a regular phone?
Cell phones have 64-bit encryption computers that use 56 bit keys in
them ;-)
-Sincerely, Fred
(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)
On Tue, 30 Mar 1999, Adam D. McKenna wrote:
-| : This made me laugh out loud. Because, if he really wanted access to
-| : PCs and cell phones, wouldn't he have asked to *stay* in prison? :)
-|
-| I'm not sure what they think he could do with a cell phone that he couldn't
-| do with a regular phone?
It probably has to do with the fact that he faced charges of cellular
fraud, but NOT fraud with POTS based lines?
_ __ _____ __ _________
______________ /_______ ___ ____ /______ John Gonzalez/Net.Tech
__ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC!
_ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052
/_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com
[---------------------------------------------[system info]-----------]
1:05pm up 53 days, 19:45, 3 users, load average: 0.09, 0.08, 0.06
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, 30 Mar 1999, blip wrote:
> > : >The famed hacker will receive up to 46 months in prison
> > : >-- vs. the 35 years he had been facing -- and cannot use
> > : >PCs or cell phones for three years after his release.
> > :
> > : This made me laugh out loud. Because, if he really wanted access to
> > : PCs and cell phones, wouldn't he have asked to *stay* in prison? :)
> >
> > I'm not sure what they think he could do with a cell phone that he couldn't
> > do with a regular phone?
>
> Isnt this the same guy that was "jailed" without being charged?
On the contrary. Mitnick was charged when he was jailed following
his arrest in mid-February 1995. Most consternation in the "hacker"
community comes from his being held for so long without trial. Of course,
the delays were primarily at the behest of Mitnick's defense team.
I'm rather fortunate to count among my friends those who have
served the Mitnick defense team in a technical capacity. (They analyzed
and summarized several gigabytes of data which the government provided as
evidence in the case.)
All told, Mitnick will serve another 8 months and then be freed on
parole. Stipulations of the plea also entail that he not personally
benefit from the incidents which lead up to his arrest (e.g., no big "book
deal" for personal gain), and that he make restitution to the adversely
affected parties.
- -Jay
( ______
)) .-- "There's always time for a good cup of coffee." --. >===<--.
C|~~| (>-- Jay D. Dyson -- [EMAIL PROTECTED] --<) | = |-'
`--' `-- As a matter of fact, I *am* a rocket scientist. --' `-----'
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBNwEp3c2OVDpaKXD9AQEG4gQAp/DOmeAuVddAFyxosBZJt+M2HwOoQ5LV
rQum++p44rNLFtYf22WQ+ix1SnaMA6QGlPjJyCXCWfY9dehhOoT+AhpU4Ld8zpcT
R/mmn/QyYnMJ198IRk7TKdwQkNRTeWWCTf2eByBKwyNNIRg9z2NcNCsoc2eIF/Rq
FCxKOtd8/o0=
=URrA
-----END PGP SIGNATURE-----
>I'm not sure what they think he could do with a cell phone that he couldn't
>do with a regular phone?
Be harder to trace? Have the connection arbitrarily degrade, even
disconnect? Start some cancer cells going in his brain (a criminal
mind is a terrible thing to waste)? Look really cool making and
taking calls in public places? Have an excuse for why he drove his
SUV head-on into that poor family of six in the Yugo?
tq vm, (burley)
Here's my latest dilema.
Lets say I have have 2 domains.
qmailowns.com
sendmailblows.com
qmailowns.com is my primary mail server, or my server that is running qmail
and holding all the mail for pick up (the domain that's in the me control
file).
I add a virtual domains, sendmailblows.com, this has about 15 emails going
to different physical accounts on qmailowns.com.
So lets say we email [EMAIL PROTECTED] and we want the mail to be
received by account robert on the qmailowns.com machine. We also have jimmy
who has the email addy of [EMAIL PROTECTED] with the local account
of jimmy on the same qmailowns.com machine. What lines do I put in the
virtualdomains control file to allow both seperate people to receive email
from these virtual addresses?
Do I use the ~alias dir for this or am I just new, and not really reading
the man pages and FAQ?
Thanks again.
PS. I've gone through the mailing list archive a hundred times and got A LOT
of mis-infomation, so this is why I'm mailing the list in hope that someone
will guide me :)
Reid Sutherland
Network Administrator
ISYS Technology Inc.
http://www.isys.ca
Fingerprint: 1683 001F A573 B6DF A074 0C96 DBE0 A070 28BE EEA5
At 10:59 AM Tuesday 3/30/99, Reid Sutherland wrote:
>Here's my latest dilema.
>
>Lets say I have have 2 domains.
>
>qmailowns.com
>sendmailblows.com
>So lets say we email [EMAIL PROTECTED] and we want the mail to be
>received by account robert on the qmailowns.com machine. We also have jimmy
>who has the email addy of [EMAIL PROTECTED] with the local account
>of jimmy on the same qmailowns.com machine. What lines do I put in the
>virtualdomains control file to allow both seperate people to receive email
>from these virtual addresses?
>
>Do I use the ~alias dir for this or am I just new, and not really reading
>the man pages and FAQ?
Only you can tell us that for sure, but the FAQ does cover this issue.
>PS. I've gone through the mailing list archive a hundred times and got A LOT
>of mis-infomation,
Really? Virtual domain questions seem to come up the most often - I'm
surprised that the type of people who answer get it wrong "A LOT" as you put
it.
Tell me what happens if you have:
sendmailblows.com:alias-sendmailblows
in /var/qmail/control/virtualdomains
and:
&[EMAIL PROTECTED]
in the file ~alias/.qmail-sendmailblows-jimster
Also, tell me what you have to change to make this do exactly what you want?
Regards.
"Reid Sutherland" <[EMAIL PROTECTED]> writes:
> So lets say we email [EMAIL PROTECTED] and we want the mail to be
> received by account robert on the qmailowns.com machine. We also have jimmy
> who has the email addy of [EMAIL PROTECTED] with the local account
> of jimmy on the same qmailowns.com machine. What lines do I put in the
> virtualdomains control file to allow both seperate people to receive email
> from these virtual addresses?
Set up the virtual domain as per
ftp://koobera.math.uic.edu/www/qmail/faq/incominghost.html#virtual
but instead of bob use a special user, say alias2.
In ~alias2 let .qmail-jimster contain [EMAIL PROTECTED] and
.qmail-bobby contain [EMAIL PROTECTED]
--
Lars Balker Rasmussen, Software Engineer, Mjolner Informatics ApS
[EMAIL PROTECTED]
Ahh that does work fine.
But what about the users/assign method? How can I use that with multiple
accounts?
Reid Sutherland
Network Administrator
ISYS Technology Inc.
http://www.isys.ca
Fingerprint: 1683 001F A573 B6DF A074 0C96 DBE0 A070 28BE EEA5
-----Original Message-----
From: Mark Delany <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Tuesday, March 30, 1999 11:21 AM
Subject: Re: Virtualdomains and multiple users per domain
>At 10:59 AM Tuesday 3/30/99, Reid Sutherland wrote:
>>Here's my latest dilema.
>>
>>Lets say I have have 2 domains.
>>
>>qmailowns.com
>>sendmailblows.com
>
>>So lets say we email [EMAIL PROTECTED] and we want the mail to be
>>received by account robert on the qmailowns.com machine. We also have
jimmy
>>who has the email addy of [EMAIL PROTECTED] with the local account
>>of jimmy on the same qmailowns.com machine. What lines do I put in the
>>virtualdomains control file to allow both seperate people to receive email
>>from these virtual addresses?
>>
>>Do I use the ~alias dir for this or am I just new, and not really reading
>>the man pages and FAQ?
>
>Only you can tell us that for sure, but the FAQ does cover this issue.
>
>>PS. I've gone through the mailing list archive a hundred times and got A
LOT
>>of mis-infomation,
>
>Really? Virtual domain questions seem to come up the most often - I'm
>surprised that the type of people who answer get it wrong "A LOT" as you
put
>it.
>
>Tell me what happens if you have:
>
>sendmailblows.com:alias-sendmailblows
>in /var/qmail/control/virtualdomains
>
>and:
>
>&[EMAIL PROTECTED]
>in the file ~alias/.qmail-sendmailblows-jimster
>
>
>Also, tell me what you have to change to make this do exactly what you
want?
>
>
>Regards.
>
Hi!
It's me again with the virtualdomain dot-qmail/fastforward problems.
virtualdomains:
netdata.nu: netdata
~/netdata/.qmail-niklas:
&niklas
but qmail just delivers all mail for [EMAIL PROTECTED] and @netdta.nu to
localuser netdata, I want it to go to localuser niklas.
Wheres the catch?
Can I take care of all this with fastforward, how?
- - Niklas
At 06:25 PM Tuesday 3/30/99, Niklas Alberth wrote:
>Hi!
>
>It's me again with the virtualdomain dot-qmail/fastforward problems.
>
>virtualdomains:
>netdata.nu: netdata
>
>~/netdata/.qmail-niklas:
>&niklas
>
>but qmail just delivers all mail for [EMAIL PROTECTED] and @netdta.nu to
>localuser netdata,
Gosh. It's doing exactly what you asked it to do.
Tell me. What is:
virtualdomains:
netdata.nu: netdata
precisely telling qmail to do?
And I mean precisely.
> I want it to go to localuser niklas.
Sure. That's easy.
>Wheres the catch?
It is really really really worth understanding precisely what a
virtualdomain entry does. It's not hard and life will be much much easier
once you do. Unless of course you want to continue to believe that mail
delivery is handled by whimsical elves - that only people on this list
understand.
>Can I take care of all this with fastforward, how?
Yes. But you'd probably need to learn how it works too if you want to be
able to manage aliases properly and reliably. Life's a bitch huh?
Regards.
>Tell me. What is:
>
>virtualdomains:
>netdata.nu: netdata
>
>precisely telling qmail to do?
>
>And I mean precisely.
Deliver all mail for the domain ' netdata.nu' (notice the space) to the
localuser netdata.
So there was an extra space, i figured it out, got fastforward to work to
and life is way easier now.
But way is it working at all with the extra space?
Maybe you could have pointed the space out for me?
Guess that have something todo with that mail about virtual domans you
answered earlier.
Unless of course you want to continue to believe that mail
>delivery is handled by whimsical elves - that only people on this list
>understand.
I tought it was Santa Claus that did all mail handling, everywhere.
- - Niklas
>Maybe you could have pointed the space out for me?
>Guess that have something todo with that mail about virtual domans you
>answered earlier.
Correct. It's a "fish" thing. I can't carve like Jesus so you need to know
how to drive a rod.
Regards.
Hi
I am using qmail on a Linux box. We have several domains that we host.
For e.g. our domains are
paragon-software.com
corbanews.com
camros.com
We have two hosts
1. drudge.paragon-software.com : open to public
2. grub.paragon-software.com: behind the firewall
The MX records of ALL our domains point to drudge. My question,
1. I want all incoming emails of drudge to be REDIRECTED to grub. grub
will figure out who is an unknown user etc. I just want everything
that comes to drudge (incoming) to go to grub.
In sendmail I had the the following,
# who gets all local email traffic ($R has precedence for unqualified names)
DHgrub.paragon-software.com
How do I achieve this? I read the FAQ but did not find this particular
scenario.
regards,
--
-----
B.G. Mahesh | http://www.paragon-software.com/
Senior Software Engineer | mailto:[EMAIL PROTECTED]
Paragon Software, Inc. | comp.object.moderated FAQ Maintainer
>I am using qmail on a Linux box. We have several domains that we host.
>For e.g. our domains are
>
>paragon-software.com
>corbanews.com
>camros.com
>
>We have two hosts
>
>1. drudge.paragon-software.com : open to public
>2. grub.paragon-software.com: behind the firewall
>
>The MX records of ALL our domains point to drudge. My question,
>
>1. I want all incoming emails of drudge to be REDIRECTED to grub. grub
>How do I achieve this? I read the FAQ but did not find this particular
>scenario.
Probably worth a read of the qmail-remote man page. Particularly the section
on smtproutes.
Regards.
On Tue, 30 Mar 1999, B.G. Mahesh wrote:
> 1. I want all incoming emails of drudge to be REDIRECTED to grub. grub
> will figure out who is an unknown user etc. I just want everything
> that comes to drudge (incoming) to go to grub.
>
> In sendmail I had the the following,
>
> # who gets all local email traffic ($R has precedence for unqualified names)
> DHgrub.paragon-software.com
>
> How do I achieve this? I read the FAQ but did not find this particular
> scenario.
FAQ 4.1 is the key (but not in so many words).
In virtualdomains on drudge (and, I believe, corresponding entry in
rcpthosts):
paragon-software.com:alias-paragon
In smtproutes on Drudge:
paragon-software.com:grub.paragon-software.com
In /var/qmail/alias/.qmail-paragon-default:
|forward "$[EMAIL PROTECTED]"
Note, 4.1 uses "$LOCAL" instead of "$DEFAULT", but it doesn't work in this
case (virtualdomains rewriting or something?)
I *think* this'll do what you want. I'm extrapolating from my setup,
which is a little weird in that it rewrites scansoft.com to xis.xerox.com
and then forwards it off to a Xerox mail relay.
--
gowen -- Greg Owen -- [EMAIL PROTECTED] -- [EMAIL PROTECTED]
Please note my new [EMAIL PROTECTED] address which will
become my default address in March, and which works now.
Text written by Russ Allbery at 06:34 AM 3/30/99 -0800:
>
>as root. Windows just doesn't have a user other than root.
Exactly! I came to Linux after a long while in the DOS/Windows world,
starting from about DOS 5.0. (I used to be able to optimize DOS' memory
usage well enough that MemMaker, when it finally came out, couldn't beat my
performance. Although I'll admit it could do it faster.)
Then I started dealing with Linux (and, by extension, Unix). At first, of
course, I saw all the things that were different -- "Aack, the file path
separators are backwards!" and "Why is there no drive letter?" and so on.
But then I started to see the things that were the same (although sometimes
with different names). Daemons? TSRs with a cooler name. Shell scripts?
Batch files. And so on.
Eventually, I realized that DOS is essentially a single-user Unix, and a
lot of things clicked into place. The only user is root. File permissions
suddenly become -rwx rather than -rwxrwxrwx, because there *are* not groups
or "other" users. And r means nothing -- you're root; you can read anything
if you want to. And x is automatically set if the extension is .bat, .com
or .exe, so that one can go away. The lack of the w permission becomes the
read-only flag. Tada!
At that point, I felt rather silly about my earlier nervousness over
working at a root prompt. I have *much* more experience working at a root
prompt than someone with decades of Unix experience who only shells to root
once in a long while -- I used to work as root every day on a system that
used backslashes as path separators. :)
Anyway, I'm glad to discover someone else who sees it that way.
>Don't fool yourself that it can't happen to you simply by virtue of
>running a different operating system. The only way it can't happen to you
>is if you always *think* before running random programs on stuff you get
>via untrusted channels.
And again, this is the same thing I've tried to impress on my users. (By
which I mean the Win95 users at my office, not the Linux users.) Sure, I've
made sure everyone's virus scanners are updated, but I've spent a bit more
time trying to educate them about when they should or shouldn't
double-click on an attachment -- or open any other MS Office file that
comes in through any other channel.
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
hyperspace /hi:'per-spays/ /n./
A memory location that is **far** away from where the program counter
should be pointing, especially a place that is inaccessible because
it is not even mapped in by the virtual-memory system. "Another core
dump --- looks like the program jumped off to hyperspace somehow."...
The variant `east hyperspace' is recorded among CMU and Bliss hackers.
Please _do_ Cc: me.
I've been seeing a lot of unexplainable "CNAME lookup failed temporarily"
on messages destined for aol.com. Messages would build up in the queue and
then, just as mysteriously, all succeed as soon as I noticed them. Today,
finally, I got a trace of a qmail-remote having trouble.
It looks like the 512-byte DNS reply limit is being hit, but only when the
answer is coming from my local named's cache. If this is true, there should
be lots of other people having the same problem. So... are you? Or is
everyone using the big-DNS-reply patches?
Here's a bit of the trace.
execve("/var/qmail/bin/qmail-remote", ["qmail-remote", "aol.com",
"**CENSORED**@cqc.com", "**CENSORED**@aol.com"], [/* 1 var */]) = 0
[...]
open("/etc/resolv.conf", O_RDONLY) = 3
[...]
read(3, "search cqc.com \nnameserver 127.0.0.1\n", 4096) = 37
read(3, "", 4096) = 0
[...]
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
connect(3, {sin_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")},
16) = 0
send(3, "t\326\1\0\0\1\0\0\0\0\0\0\3aol\3com\0\0\377\0\1", 25, 0) = 25
select(4, [3], NULL, NULL, {5, 0}) = 1 (in [3], left {5, 0})
recvfrom(3,
"t\326\203\200\0\1\0\33\0\0\0\0\3aol\3com\0\0\377\0\1\300\f\0\2\0\1\0\2p\33\0\f\6DNS-01\2NS\300\f\300\f\0\2\0\1\0\2p\33\0\t\6DNS-02\300,\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\30\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\33\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\34\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\35\300\f\0\1\0\1\0\0\5|\0\4\315\274\222\t\300\f\0\1\0\1\0\0\5|\0\4\315\274\222\n\300\f\0\1\0\1\0\0\5|\0\4\315\274\222\22\300\f\0\1\0\1\0\0\5|\0\4\315\274\222\23\300\f\0\1\0\1\0\0\5|\0\4\315\274\222\24\300\f\0\1\0\1\0\0\5|\0\4\315\274\222\25\300\f\0\1\0\1\0\0\5|\0\4\315\274\222\26\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\7\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\10\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\t\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\n\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\v\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\f\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\r\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\31\300\f\0\17\0\1\0\0\6\300\0\n\0\17\2zb\2mx\300\f\300\f\0\17\0\1\0\0\6\300\0\7\0\17\2zc\301\207\300\f\0\17\0\1\0\0\6\300\0\7\0\17\2zd\301\207\300\f\0\17\0\1\0\0\6\300\0\7\0\17\2ya\301\207\300\f\0\17\0\1\0\0\6\300\0\7\0\17\2yb\301\207\300\f\0\17\0\1\0\0\6\300\0\7\0\17\2yc\301\207",
512, 0, {sin_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")},
[16]) = 491
close(3) = 0
socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3
connect(3, {sin_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("127.0.0.1")},
16) = 0
writev(3, [{"\0\31", 2}, {"t\326\1\0\0\1\0\0\0\0\0\0\3aol\3com\0\0\377\0\1", 25}], 2)
= 27
read(3, "\4\275", 2) = 2
read(3,
"t\326\201\200\0\1\0\35\0\2\0)\3aol\3com\0\0\377\0\1\300\f\0\2\0\1\0\2p\33\0\f\6DNS-01\2NS\300\f\300\f\0\2\0\1\0\2p\33\0\t\6DNS-02\300,\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\30\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\33\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\34\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\35\300\f\0\1\0\1\0\0\5|\0\4\315\274\222\t\300\f\0\1\0\1\0\0\5|\0\4\315\274\222\n\300\f\0\1\0\1\0\0\5|\0\4\315\274\222\22\300\f\0\1\0\1\0\0\5|\0\4\315\274\222\23\300\f\0\1\0\1\0\0\5|\0\4\315\274\222\24\300\f\0\1\0\1\0\0\5|\0\4\315\274\222\25\300\f\0\1\0\1\0\0\5|\0\4\315\274\222\26\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\7\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\10\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\t\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\n\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\v\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\f\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\r\300\f\0\1\0\1\0\0\5|\0\4\230\243\322\31\300\f\0\17\0\1\0\0\6\300\0\n\0\17\2zb\2mx\300\f\300\f\0\17\0\1\0\0\6\300\0\7\0\17\2zc\301\207\300\f\0\17\0\1\0\0\6\300\0\7\0\17\2zd\301\207\300\f\0\17\0\1\0\0\6\300\0\7\0\17\2ya\301\207\300\f\0\17\0\1\0\0\6\300\0\7\0\17\2yb\301\207\300\f\0\17\0\1\0\0\6\300\0\7\0\17\2yc\301\207\300\f\0\17\0\1\0\0\6\300\0\7\0\17\2yd\301\207\300\f",
512) = 512
read(3,
"\0\17\0\1\0\0\6\300\0\7\0\17\2za\301\207\300\f\0\2\0\1\0\2p\33\0\2\300%\300\f\0\2\0\1\0\2p\33\0\2\300=\300%\0\1\0\1\0\0\f{\0\4\230\243\3104\300%\0\1\0\1\0\0\f{\0\4\306Q\21\350\300=\0\1\0\1\0\2p\33\0\4\315\274\235\350\301\204\0\1\0\1\0\0\6\300\0\4\306Q\20%\301\204\0\1\0\1\0\0\6\300\0\4\306Q\20!\301\204\0\1\0\1\0\0\6\300\0\4\306Q\20\"\301\204\0\1\0\1\0\0\6\300\0\4\306Q\20#\301\204\0\1\0\1\0\0\6\300\0\4\306Q\20$\301\232\0\1\0\1\0\0\6\300\0\4\306Q\20D\301\232\0\1\0\1\0\0\6\300\0\4\306Q\20C\301\232\0\1\0\1\0\0\6\300\0\4\306Q\20B\301\232\0\1\0\1\0\0\6\300\0\4\306Q\20A\301\232\0\1\0\1\0\0\6\300\0\4\306Q\20E\301\255\0\1\0\1\0\0\6\300\0\4\306Q\20d\301\255\0\1\0\1\0\0\6\300\0\4\306Q\20e\301\255\0\1\0\1\0\0\6\300\0\4\306Q\20a\301\255\0\1\0\1\0\0\6\300\0\4\306Q\20b\301\255\0\1\0\1\0\0\6\300\0\4\306Q\20c\301\300\0\1\0\1\0\0\6\300\0\4\315\274\234\3\301\300\0\1\0\1\0\0\6\300\0\4\315\274\234\4\301\300\0\1\0\1\0\0\6\300\0\4\315\274\234\5\301\300\0\1\0\1\0\0\6\300\0\4\315\274\234\1\301\300\0\1\0\1\0\0\6\300\0\4\315\274\234\2\301\323\0\1\0\1\0\0\6\300\0\4\315\274\234d\301\323\0\1\0\1\0\0\6\300\0\4\315\274\234a\301\323\0\1\0\1\0\0\6\300\0\4\315\274\234b\301\323\0\1\0\1\0\0\6\300\0\4\315\274\234c\301\346\0\1\0\1\0\0\6\300\0\4\315\274\234\204\301\346\0\1\0\1\0\0\6\300\0\4\315\274\234\205\301\346\0",
512) = 512
read(3,
"\1\0\1\0\0\6\300\0\4\315\274\234\201\301\346\0\1\0\1\0\0\6\300\0\4\315\274\234\202\301\346\0\1\0\1\0\0\6\300\0\4\315\274\234\203\301\371\0\1\0\1\0\0\6\300\0\4\315\274\234\241\301\371\0\1\0\1\0\0\6\300\0\4\315\274\234\242\301\371\0\1\0\1\0\0\6\300\0\4\315\274\234\243\301\371\0\1\0\1\0\0\6\300\0\4\315\274\234\244\302\f\0\1\0\1\0\0\6\300\0\4\306Q\20\2\302\f\0\1\0\1\0\0\6\300\0\4\306Q\20\3\302\f\0\1\0\1\0\0\6\300\0\4\306Q\20\4\302\f\0\1\0\1\0\0\6\300\0\4\306Q\20\5\302\f\0\1\0\1\0\0\6\300\0\4\306Q\20\1",
189) = 189
close(3) = 0
write(1, "ZCNAME lookup failed temporarily. (#4.4.3)\n\0", 44) = 44
_exit(0) = ?
--
Alan Curry
[EMAIL PROTECTED] writes:
| It looks like the 512-byte DNS reply limit is being hit, but only when the
| answer is coming from my local named's cache. If this is true, there should
| be lots of other people having the same problem. So... are you? Or is
| everyone using the big-DNS-reply patches?
*Of course* we're using the patch. The RFC dictated DNS reply size is
64K bytes, not 512.
From: Scott Schwartz <[EMAIL PROTECTED]>
: [EMAIL PROTECTED] writes:
: | It looks like the 512-byte DNS reply limit is being hit, but only when
the
: | answer is coming from my local named's cache. If this is true, there
should
: | be lots of other people having the same problem. So... are you? Or is
: | everyone using the big-DNS-reply patches?
:
: *Of course* we're using the patch. The RFC dictated DNS reply size is
: 64K bytes, not 512.
There are two different patches. Which one are you using?
--Adam
"Adam D. McKenna" <[EMAIL PROTECTED]> writes:
| There are two different patches. Which one are you using?
Good point. I use the one that replaces "512" with "65536"
in line 24 of dns.c
From: Scott Schwartz <[EMAIL PROTECTED]>
: "Adam D. McKenna" <[EMAIL PROTECTED]> writes:
: | There are two different patches. Which one are you using?
:
: Good point. I use the one that replaces "512" with "65536"
: in line 24 of dns.c
from http://www.qmail.org/top.html:
Chuck Foster has a patch which works on both qmail's dns.c and tcpserver's
dns.c which make them work with oversize DNS packets.
(http://www.qmail.org/big-dns-patch)
Christopher K. Davis has a similar patch that he thinks is better.
(http://www.ckdhr.com/ckd/qmail-103.patch)
I recently used the second patch and it worked fine for AOL.
--Adam
Dear Group,
I had a customer call me up concerned about eliminating spam. How would I
exclude emails containing AOL.COM or the word SEX from being delivered
altogether?
Regards,
Julian L.C. Brown
Internet Technology Consultant
Interware Systems Inc.
mailto:[EMAIL PROTECTED]
http://www.interwaresystems.com
Hi. This is the qmail-send program at crynwr.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<[EMAIL PROTECTED]>:
#Sorry, your message mentioned the phrase "AOL.COM" or the word "SEX".
#This message cannot be delivered because we use the following filter
#in our default delivery instructions:
|bouncesaying "`cat .qmail`" egrep -i 'aol\.com|sex'
./Mailbox
--- Below this line is a copy of the message.
Return-Path: <[EMAIL PROTECTED]>
Received: (qmail 4101 invoked by uid 501); 30 Mar 1999 19:24:09 -0000
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
From: "Julian L.C. Brown" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: questions questions questions
Date: Tue, 30 Mar 1999 14:05:09 -0500
Dear Group,
I had a customer call me up concerned about eliminating spam. How would I
exclude emails containing AOL.COM or the word SEX from being delivered
altogether?
Regards,
Julian L.C. Brown
Internet Technology Consultant
Interware Systems Inc.
mailto:[EMAIL PROTECTED]
http://www.interwaresystems.com
On 30 Mar 1999 [EMAIL PROTECTED] wrote:
>
> Hi. This is the qmail-send program at crynwr.com.
> I'm afraid I wasn't able to deliver your message to the following addresses.
> This is a permanent error; I've given up. Sorry it didn't work out.
>
> <[EMAIL PROTECTED]>:
> #Sorry, your message mentioned the phrase "AOL.COM" or the word "SEX".
> #This message cannot be delivered because we use the following filter
> #in our default delivery instructions:
> |bouncesaying "`cat .qmail`" egrep -i 'aol\.com|sex'
> ./Mailbox
Smart ass. :-)
I was thinking the same thing but wasn't sure how to say "I couldn't get
your email because you use the word sex."
This is a horrible kind of filtering. If I happen to be warning you of
something about aol.com or if I'm from Essex then I can't send you
email. Of course you can match on word-only matches by using -w in gnu
egrep (or egrep -i '(^|[^-a-z0-9])(aol\.com|sex)([^-a-z0-9]|$)' for
non-gnu egrep) but that's still too general.
It seems to me that blocking mail from known bad (or risky) hosts is a
much better way to block spam.
Cheers,
Vern
--
\ \ / __| _ \ \ | Vern Hart
\ \ / _| / . | [EMAIL PROTECTED]
\_/ ___|_|_\_|\_|
Has anyone written some perl script or other, that would do the
equivalent of sendmail's revalias ( -- I believe, as I've never used
sendmail) ?
What I want to do is rewrite all authorized mail that passes through my
relay to "canonicalize" addresses in headers.
Anyway, I'm on a perl script to do that right now, I'll post it if
there's interest.
On a related note, has anyone written perl code to read (maybe write)
a cdb ?
Florent
On Tue, Mar 30, 1999 at 08:23:09PM -0000, Efg� wrote:
> On a related note, has anyone written perl code to read (maybe write)
> a cdb ?
CDB_File-0.7 (available at a CPAN near you), courtesy of Tim Goodwin is your
friend. Sorry, no link handy.
--
Jos Backus _/ _/_/_/ "Reliability means never
_/ _/ _/ having to say you're sorry."
_/ _/_/_/ -- D. J. Bernstein
_/ _/ _/ _/
[EMAIL PROTECTED] _/_/ _/_/_/ use Std::Disclaimer;
On Tue, Mar 30, 1999 at 08:23:09PM -0000, Efg� wrote:
> On a related note, has anyone written perl code to read (maybe write)
> a cdb ?
It's easy to write something that puts the data into the right format and pipes
into cdbmake (which comes with the cdb package).
>From the cdbmake man page:
A record is encoded for cdbmake as +klen,dlen:key->data
followed by a newline. Here klen is the number of bytes
in key and dlen is the number of bytes in data. The end
of data is indicated by an extra newline. For example:
+3,5:one->Hello
+3,7:two->Goodbye
key and data may contain any characters, including colons,
dashes, newlines, and nulls.
In your perl script, just open a pipe to cdbmake and write your data in the
above format.
I haven't tried to do any cdb reading with perl, but it's easy enough with C by
linking with libcdb.a and using cdb_seek and cdb_bread.
Chris
"Efg�" wrote:
> Has anyone written some perl script or other, that would do the
> equivalent of sendmail's revalias ( -- I believe, as I've never used
> sendmail) ?
>
> What I want to do is rewrite all authorized mail that passes through my
> relay to "canonicalize" addresses in headers.
>
> Anyway, I'm on a perl script to do that right now, I'll post it if
> there's interest.
>
> On a related note, has anyone written perl code to read (maybe write)
> a cdb ?
>
> Florent
Look into CDB_File on CPAN... here's the link to it...
www.perl.com/CPAN/modules/by-category/07_Database_Interfaces/CDB_File/
The following error occurred on a Solaris 5.7 machine running Qmail 1.03:
Here is the original To: line (slightly modified to protect the guilty.)
To: "Someone Else" <Someone B. Else [[EMAIL PROTECTED]]>
And here is the error I get:
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED]]
>Sent: Monday, March 29, 1999 9:03 PM
>To: [EMAIL PROTECTED]
>Subject: failure notice
>
>
>Hi. This is the qmail-send program at mydomain.com.
>I'm afraid I wasn't able to deliver your message to the following addresses.
>This is a permanent error; I've given up. Sorry it didn't work out.
>
><Someone B. Else [[EMAIL PROTECTED]]>:
>Sorry, I couldn't find any host named otherdomain.com]. (#5.1.2)
>
>--- Below this line is a copy of the message.
Of course, this was also present:
>X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0
Is this an error on my configuration, qmail, or do I get to blame M$?
-Dave
Text written by David B. Peterson at 02:44 PM 3/30/99 -0800:
>
>Here is the original To: line (slightly modified to protect the guilty.)
>To: "Someone Else" <Someone B. Else [[EMAIL PROTECTED]]>
>
>And here is the error I get:
>
>><Someone B. Else [[EMAIL PROTECTED]]>:
>>Sorry, I couldn't find any host named otherdomain.com]. (#5.1.2)
It's trying to find a host named otherdomain.com], which of course doesn't
exist. Taking out the ] at the end will make it work.
I think what you want to do is send:
To: "Someone B. Else" <[EMAIL PROTECTED]>
>Is this an error on my configuration, qmail, or do I get to blame M$?
Sorry, it ain't Microsoft's fault this time. :)
-----------------------------------------------------------------
Kai MacTane
System Administrator
Online Partners.com, Inc.
-----------------------------------------------------------------
>From the Jargon File: (v4.0.0, 25 Jul 1996)
say /vt./
1. To type to a terminal. "To list a directory verbosely, you have
to say ls -l." Tends to imply a newline-terminated command (a
`sentence'). 2. A computer may also be said to `say' things to you,
even if it doesn't have a speech synthesizer, by displaying them on
a terminal in response to your commands. Hackers find it odd that
this usage confuses mundanes.
On Tue, Mar 30, 1999 at 02:44:15PM -0800,
"David B. Peterson" <[EMAIL PROTECTED]> wrote:
>
> The following error occurred on a Solaris 5.7 machine running Qmail 1.03:
>
>
> Here is the original To: line (slightly modified to protect the guilty.)
> To: "Someone Else" <Someone B. Else [[EMAIL PROTECTED]]>
That isn't a valid To: header. It would normally look like:
To: "Someone Else" <[EMAIL PROTECTED]>
On Tue, 30 Mar 1999, David B. Peterson wrote:
> The following error occurred on a Solaris 5.7 machine running Qmail 1.03:
>
> Here is the original To: line (slightly modified to protect the guilty.)
> To: "Someone Else" <Someone B. Else [[EMAIL PROTECTED]]>
...
> ><Someone B. Else [[EMAIL PROTECTED]]>:
> >Sorry, I couldn't find any host named otherdomain.com]. (#5.1.2)
Illegal syntax. It is trying to lookup the machine "otherdomain.com]"
because the square brackets are being used incorrectly.
As I read that syntax, it would probably try to deliver to the mailbox
"Someone B. Else [sbe" if it could somehow figure out who to talk to,
which would also cause failure.
From rfc822:
There are three types of brackets which must occur in matched
pairs, and which may NOT be nested:
o Colon/semi-colon (":" and ";") are used in address
specifications to indicate that the included list of
addresses are to be treated as a group.
o Angle brackets ("<" and ">") are generally used to
indicate the presence of a one machine-usable refer-
ence (e.g., delimiting mailboxes), possibly including
source-routing to the machine.
o Square brackets ("[" and "]") are used to indicate the
presence of a domain-literal, which the appropriate
name-domain is to use directly, bypassing normal
name-resolution mechanisms.
--
gowen -- Greg Owen -- [EMAIL PROTECTED] -- [EMAIL PROTECTED]
Please note my new [EMAIL PROTECTED] address which will
become my default address in March, and which works now.
David B. Peterson wrote/schrieb/scribsit:
>>From: [EMAIL PROTECTED]
>>[mailto:[EMAIL PROTECTED]]
^ ^
>><Someone B. Else [[EMAIL PROTECTED]]>:
^ ^
Notice something? Outlook screwed it.
Stefan
On Tue, 30 Mar 1999 14:44:15 -0800, David B. Peterson wrote:
>Here is the original To: line (slightly modified to protect the guilty.)
>To: "Someone Else" <Someone B. Else [[EMAIL PROTECTED]]>
MTAs don't care about To: (unless they've been messed with). qmail
cares about the envelope sender.
"Someone B. Else [[EMAIL PROTECTED]]" is not a valid envelope sender
at the SMTP level. qmail looks up the host part "otherdomain.com]" and
fails. You could argue it should check the syntax, but that would be
code added only to change the wording of an error message.
>Of course, this was also present:
>>X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0
I think the user put in something strange and the MUA did its usual
thing without checking the result. This would happen with several
non-MS MUAs as well.
-Sincerely, Fred
(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)
hello...
I am having a problem with qmail when I send email through pop on my
server...
the mail sits in the que, and doesn't go out, because the server logs..
Mar 30 18:33:57 lan qmail-smtpd: 922847637.576748 14661: DENYMAIL:
Filter.TO:_451_-exec_procmail_failed_-_try_again_later. relay
client.stephenson.cc [192.168.1.3] FROM <[EMAIL PROTECTED]>
yet the host can send to any address it wants in the domain as long is
it's a real user, and not an alias.. (can also relay outside useing the
open-smtp patch)
so it works fine... but where is it checking for the userid?
I have also installed the "qmail-smtpd which calls procmail recipes to
filter spam" installed but the problem is only in sending through pop...
email send to the system from remote gets process fine with the aliases..
you just can't send to the aliases through pop through this server it's
thought of as a relay..
can anyone direct my to what I need to do to change this? and why it does
it?
----------------------------------------------------------------
|[EMAIL PROTECTED] http://www.stephenson.cc |
----------------------------------------------------------------
| My pgp key is available it http://www.stephenson.cc/grant/pgp|
| #grantstomb | *The Stephensons* |bbs.stephenson.cc |
| IRC DarkTombNET | Shell Account/BBS | Fax(408)364-9632 |
| stephenson.cc 6669| #stephenson undernet | |
----------------------------------------------------------------
Grant Stephenson writes:
> hello...
> I am having a problem with qmail when I send email through pop on my
> server...
> the mail sits in the que, and doesn't go out, because the server logs..
>
> Mar 30 18:33:57 lan qmail-smtpd: 922847637.576748 14661: DENYMAIL:
> Filter.TO:_451_-exec_procmail_failed_-_try_again_later. relay
> client.stephenson.cc [192.168.1.3] FROM <[EMAIL PROTECTED]>
>
> yet the host can send to any address it wants in the domain as long is
> it's a real user, and not an alias.. (can also relay outside useing the
> open-smtp patch)
> so it works fine... but where is it checking for the userid?
> I have also installed the "qmail-smtpd which calls procmail recipes to
> filter spam" installed but the problem is only in sending through pop...
> email send to the system from remote gets process fine with the aliases..
> you just can't send to the aliases through pop through this server it's
> thought of as a relay..
Define what you 'through pop'.
--
Sam
Hi all,
I just installed qmail onto my system following the instructions
to the tee but when I tried following the directions in the TEST.recieve
file(telneting to port 25 on my machine) I get nothing
this is what I get:
[root@manageserv /etc]# telnet 0 25
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
I should get a response from the server with a 220 response but I'm not
I checked and rechecked my inetd.conf and the line that I am using is
smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env
/var/qmail/bin/qmail-smtpd
with everything on one line..
What am I doing wrong..can anyone help me with this problem? I've used
qmail on a few of my other servers and the installation has been
smooth..I don't know what I am doing wrong here.
Or let me ask..can I have qmail-smptd be running all the time instead of
calling it from inetd.conf?
Sincerely,
Brent Clements
VP. of Operations
Stargazer Enterprises, Inc.
Brent Clements wrote:
> Hi all,
> I just installed qmail onto my system following the instructions
> to the tee but when I tried following the directions in the TEST.recieve
> file(telneting to port 25 on my machine) I get nothing
>
> this is what I get:
>
> [root@manageserv /etc]# telnet 0 25
> Trying 0.0.0.0...
> Connected to 0.
> Escape character is '^]'.
>
> I should get a response from the server with a 220 response but I'm not
>
> I checked and rechecked my inetd.conf and the line that I am using is
>
> smtp stream tcp nowait qmaild /var/qmail/bin/tcp-env
> /var/qmail/bin/qmail-smtpd
>
> with everything on one line..
>
> What am I doing wrong..can anyone help me with this problem? I've used
> qmail on a few of my other servers and the installation has been
> smooth..I don't know what I am doing wrong here.
>
> Or let me ask..can I have qmail-smptd be running all the time instead of
> calling it from inetd.conf?
>
> Sincerely,
> Brent Clements
> VP. of Operations
> Stargazer Enterprises, Inc.
Uhh.. it's kinda late and i'm sleepy so this might not sound sane... but
maybe you should try:
telnet 127.0.0.1 25 or telnet <your ip address> 25
You can run qmail-smtpd from tcpserver... I would prefer running it under
tcpserver instead of inetd....
You can get tcpserver from the koobera.math.uic.edu ftp server.. it's under
/pub/software/ucspi-tcp-0.84.tar.gz
Brent Clements writes:
> Hi all,
> I just installed qmail onto my system following the instructions
> to the tee but when I tried following the directions in the TEST.recieve
> file(telneting to port 25 on my machine) I get nothing
>
> this is what I get:
>
> [root@manageserv /etc]# telnet 0 25
Try telnet 127.0.0.1 25 instead.
--
Sam
Hello,
I wondered if it is possible to bind on a machine with 2
Networkinterfaces to diffrent
qmails with 2 different configurations.
For Example I have a Linux firewall and bind a forwording only qmail on
the
externel Interface. All the mails should be forworded to an e-mail
virusscanner
on a different machine and this machine sends the scaned e-mails back to
the qmail system on the internal Interface who stores or delivers
this mails.
Or is there a better soliution of this kind of setup?
cu Uwe
--
"One World, One Web, One Program" - Microsoft Promotional Ad
"Ein Volk, Ein Reich, Ein Fuehrer" - Adolf H.
Telefon: +49.8031/3 89 59-0
Telefax: +49.8031/3 89 59-19
WWW: http://www.connect-gmbh.de
Uwe Wuerdinger wrote:
> Hello,
> I wondered if it is possible to bind on a machine with 2
> Networkinterfaces to diffrent
> qmails with 2 different configurations.
>
> For Example I have a Linux firewall and bind a forwording only qmail on
> the
> externel Interface. All the mails should be forworded to an e-mail
> virusscanner
> on a different machine and this machine sends the scaned e-mails back to
> the qmail system on the internal Interface who stores or delivers
> this mails.
>
> Or is there a better soliution of this kind of setup?
>
> cu Uwe
> --
> "One World, One Web, One Program" - Microsoft Promotional Ad
> "Ein Volk, Ein Reich, Ein Fuehrer" - Adolf H.
>
> Telefon: +49.8031/3 89 59-0
> Telefax: +49.8031/3 89 59-19
> WWW: http://www.connect-gmbh.de
Why not run the virus scanner on the same box? Forwarding to another box
and then sending back is 3 times the work... you could set up qmail to scan
the message on delivery. Also.. what happens to messages if a virus is
found? Is there a bounce generated or is the message sent to /dev/null?
If you look through the mail archives there was a thread about this same
thing not too long ago...
Uwe Wuerdinger writes:
> Hello,
> I wondered if it is possible to bind on a machine with 2
> Networkinterfaces to diffrent
> qmails with 2 different configurations.
Yes. It's a no-brainer. Compile and install Qmail. Then, chance the
Qmail userids' home directory in your password file, then compile and
install a second instance of Qmail.
Then run two instances of tcpserver, each one bound to one of the two
network interfaces.
--
Sam
Uwe Wuerdinger wrote/schrieb/scribsit:
> I wondered if it is possible to bind on a machine with 2
> Networkinterfaces to diffrent
> qmails with 2 different configurations.
Compile two qmail instances into /var/qmail1 and /var/qmail2 resp.
by editing conf-home.
Then start two tcpservers for qmail-smtpd, each bound to one
interface and have one invoke /var/qmail1/bin/qmail-smtpd and the other
one /var/qmail2/bin/qmail-smtpd.
Stefan
On Tue, Mar 30, 1999 at 12:21:27AM -0700, Scott D. Yelich wrote:
> ps: I should post my qmail worm.
Hmm if you're serious, do post it :)
Greetz, Peter.
--
.| Peter van Dijk | <mo|VERWEG> stoned worden of coden
.| [EMAIL PROTECTED] | <mo|VERWEG> dat is de levensvraag
| <mo|VERWEG> coden of stoned worden
| <mo|VERWEG> stonend worden En coden
| <mo|VERWEG> hmm
| <mo|VERWEG> dan maar stoned worden en slashdot lezen:)
Hi folks,
For QMAIL 1.03, I tried to do restrictions
with BADRCPTTO file in
/var/qmail/control, but it didn't work.
Acording to
http://qmail-docs.surfdirect.com.au/docs/qmail-1.03-man/man5/qmail-control.html
it should work.
I checked the docs, included in the installation package
of QMAIL and the mans and didn't find anything about it.
Any ideas?
--
---------------------------------------------
| Georgi Kupenov, | |
| tel.: +359-2-9630641| ProLink Ltd. |
| +359-2-9630651| |
---------------------------------------------
