Re: Bystander shot by a spam filter.
How do you find if you are on the list? And who has the list? Can they be sued? Thanks, Duncan (Dhu) Campbell On Sat, 28 Dec 2002 08:45:23 -0500 Harry Tabak [EMAIL PROTECTED] wrote: [This is a resend. Ironically, the orignal was blocked by FreeBSD's spam filter, I've had to send this from another account] I am not sure which list is best for this issue, hence the cross posting. I believe spam and anti-spam measures are security issues -- the 'Availability' part of C-I-A. I apologize if I am wrong. A FreeBSD ported package is contributing to an internet service availability problem that has me stumped. I believe that an unknowable quantity of other internet denizens are also affected. I'm a long time fan of FreeBSD -- I run it on my small mail server and I've recommended it for many applications. I even bought a CD once. I write this missive with great reluctance. I've worked with a lot of strange software over the years, But this is a new first -- Software that slanders! Software that publicly called me a spammer!!! And not to my face, but to business associate. And then took action. I recently discovered, and quite by accident, that a FreeBSD ported package -- spambnc (aka Spambouncer or SB) -- was blocking mail from me to an unknown number of businesses and individuals on the internet. I'll probably never have to correspond with most of these people, but I'm a freelancer -- this may have already cost me a job. [Dear reader, don't be surprised if you or your clients are also blocked. I strongly suggest that you check it out.] Anti-spam products have a valuable place in the security arsenal. But, IMHO, this product is dangerous because it includes filters and rules that are overreaching, and inaccurate. Bad firewall rules and bad anti-spam rules may be OK for an individual site. However, spambnc's bad advice is being mass marketed through the good offices of FreeBSD, and it is putting potholes in the net for the rest of us. Until it is fixed, and proven harmless, FreeBSD should stop distributing this product. Basically, the default built-in policies for blocking mail aren't fully described, and there is no mechanism to universally correct the inevitable mistakes in a timely manner. Users (people who install this product) are mislead about the probably of filtering the wrong mail. I am sure that the software was developed with the very best intentions, but in its zeal to block lots and lots of spam, SB is hurting good people. The SB rule blocking my mail host has nothing to do with me. Even though, it can use dynamic anti-spam DNS services, SB hard codes its rules for filtering bad domains by name and by IP address. My nemisis is buried in a 1476 line file, sb-blockdomains.rc, which installs by default, and is not documented outside the code. Along with others, it blocks the entire 66.45.0.0/17 space because spammers might live there. This is sort of like a corporate mail room throwing away all NJ postmarked mail because of the bulk mail distribution centers in Secaucus. My mail host address gets a clean bill of health from every anti-spam site that I can find, such as SPEWS. I've checked at least 30 of them. My tiny x/29 block is sub-allocated from my DSL provider's x/23 block. The DSL provider's block is a sub-allocation from Inflow.com's 66.45.0.0/17 block. Spambouncer doesn't like Inflow. While they have a right to their opinions, they don't have a right to publicly tar me because of my neighbors. If I read sb-blockdomains # comments correctly, it is policy to not only block known spammers, but to ALSO block entire networks based on their handling of spam complaints. This is like as a business receptionist checking callerID and then ignoring incoming calls from Verizon subscribers because Verizon tolerates (and probably invented) telemarketing. I have written to both the Spambouncer contact address [EMAIL PROTECTED] and the FreeBSD maintainer, but without a response. Possibly they are on holiday, or spambouncer is eating my mail. Perhaps I'm just too impatient. I have also contacted my ISP's support. They don't know how to help me. They vouch for Inflow. They don't recommend it, but for a fee, my service could be switched to a different PVC, and I'd get an address from a different carrier. But of course, the new address could be black-listed on a whim. Regardless, I assume that these are reasonable people, and that they will oil the squeaky wheel as soon as it is convenient. But how will I ever know that EVERY copy of spambouncer has been fixed? What about other innocent ISP subscribers who are also black-listed? Harry Tabak QUAD TELECOM, INC. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-security in the body of the message msg13491/pgp0.pgp
Re: Bystander shot by a spam filter.
Seems to me that this is an invitation to government regulation -- interfering with the mail is a criminal offense for good reason. Dhu On 28 Dec 2002 15:46:10 -0500 Shawn Duffy [EMAIL PROTECTED] wrote: The lists are usually kept on the websites of whatever particular organizations are doing it... they are quite a few... As far as suing them, I would venture to say no... If you dont want someone to be able to connect to your mail server that is certainly within your right to do... and if other people want to agree with you, well then, what can you do... although I am sure someone somewhere will probably sue over it and win... shawn On Sat, 2002-12-28 at 15:32, Duncan Patton a Campbell wrote: How do you find if you are on the list? And who has the list? Can they be sued? Thanks, Duncan (Dhu) Campbell On Sat, 28 Dec 2002 08:45:23 -0500 Harry Tabak [EMAIL PROTECTED] wrote: [This is a resend. Ironically, the orignal was blocked by FreeBSD's spam filter, I've had to send this from another account] I am not sure which list is best for this issue, hence the cross posting. I believe spam and anti-spam measures are security issues -- the 'Availability' part of C-I-A. I apologize if I am wrong. A FreeBSD ported package is contributing to an internet service availability problem that has me stumped. I believe that an unknowable quantity of other internet denizens are also affected. I'm a long time fan of FreeBSD -- I run it on my small mail server and I've recommended it for many applications. I even bought a CD once. I write this missive with great reluctance. I've worked with a lot of strange software over the years, But this is a new first -- Software that slanders! Software that publicly called me a spammer!!! And not to my face, but to business associate. And then took action. I recently discovered, and quite by accident, that a FreeBSD ported package -- spambnc (aka Spambouncer or SB) -- was blocking mail from me to an unknown number of businesses and individuals on the internet. I'll probably never have to correspond with most of these people, but I'm a freelancer -- this may have already cost me a job. [Dear reader, don't be surprised if you or your clients are also blocked. I strongly suggest that you check it out.] Anti-spam products have a valuable place in the security arsenal. But, IMHO, this product is dangerous because it includes filters and rules that are overreaching, and inaccurate. Bad firewall rules and bad anti-spam rules may be OK for an individual site. However, spambnc's bad advice is being mass marketed through the good offices of FreeBSD, and it is putting potholes in the net for the rest of us. Until it is fixed, and proven harmless, FreeBSD should stop distributing this product. Basically, the default built-in policies for blocking mail aren't fully described, and there is no mechanism to universally correct the inevitable mistakes in a timely manner. Users (people who install this product) are mislead about the probably of filtering the wrong mail. I am sure that the software was developed with the very best intentions, but in its zeal to block lots and lots of spam, SB is hurting good people. The SB rule blocking my mail host has nothing to do with me. Even though, it can use dynamic anti-spam DNS services, SB hard codes its rules for filtering bad domains by name and by IP address. My nemisis is buried in a 1476 line file, sb-blockdomains.rc, which installs by default, and is not documented outside the code. Along with others, it blocks the entire 66.45.0.0/17 space because spammers might live there. This is sort of like a corporate mail room throwing away all NJ postmarked mail because of the bulk mail distribution centers in Secaucus. My mail host address gets a clean bill of health from every anti-spam site that I can find, such as SPEWS. I've checked at least 30 of them. My tiny x/29 block is sub-allocated from my DSL provider's x/23 block. The DSL provider's block is a sub-allocation from Inflow.com's 66.45.0.0/17 block. Spambouncer doesn't like Inflow. While they have a right to their opinions, they don't have a right to publicly tar me because of my neighbors. If I read sb-blockdomains # comments correctly, it is policy to not only block known spammers, but to ALSO block entire networks based on their handling of spam complaints. This is like as a business receptionist checking callerID and then ignoring incoming calls from Verizon subscribers because Verizon tolerates (and probably invented) telemarketing. I have written to both the Spambouncer contact address [EMAIL PROTECTED] and the FreeBSD maintainer, but without a response. Possibly they are on holiday, or spambouncer is eating
Re: Bystander shot by a spam filter.
On Sat, 28 Dec 2002 14:11:50 -0800 (PST) Rick Hamell [EMAIL PROTECTED] wrote: Seems to me that this is an invitation to government regulation -- interfering with the mail is a criminal offense for good reason. Email is not regulated by the government. Rick Yup. This is currently the case. But lets say we have some real business to conduct. And lets say I send you some mail, and your SP blocks it 'cause someone used the DIP I'm on to spam some months ago. So then, our business gets fucked up. I think we'd have a real good case for suing the ass offa the SP(s) who contracted with us to supply the mail services. And if such a situation were to ensue, there would be a real good chance of uninvited government regulation. Bet on it. Dhu msg13505/pgp0.pgp Description: PGP signature
Re: Bystander shot by a spam filter.
The law would have to consider intention of the sender: Virii are (generally) not intended by the sender, except for the original author. If I didn't intend to send the virus, there is no constraint on you scanning and chopping it. As for porn, if you are a minor, then by sending it to you I have probably committed a criminal offense, regardless of the vehicle employed. Dhu On Sat, 28 Dec 2002 16:41:46 -0500 (EST) Chris Orr [EMAIL PROTECTED] wrote: So theoretically scanning email attatchments for viruses is illeagal too? and the same goes for filtering out porn? -chris On Sat, 28 Dec 2002, Duncan Patton a Campbell wrote: Seems to me that this is an invitation to government regulation -- interfering with the mail is a criminal offense for good reason. Dhu On 28 Dec 2002 15:46:10 -0500 Shawn Duffy [EMAIL PROTECTED] wrote: The lists are usually kept on the websites of whatever particular organizations are doing it... they are quite a few... As far as suing them, I would venture to say no... If you dont want someone to be able to connect to your mail server that is certainly within your right to do... and if other people want to agree with you, well then, what can you do... although I am sure someone somewhere will probably sue over it and win... shawn On Sat, 2002-12-28 at 15:32, Duncan Patton a Campbell wrote: How do you find if you are on the list? And who has the list? Can they be sued? Thanks, Duncan (Dhu) Campbell On Sat, 28 Dec 2002 08:45:23 -0500 Harry Tabak [EMAIL PROTECTED] wrote: [This is a resend. Ironically, the orignal was blocked by FreeBSD's spam filter, I've had to send this from another account] I am not sure which list is best for this issue, hence the cross posting. I believe spam and anti-spam measures are security issues -- the 'Availability' part of C-I-A. I apologize if I am wrong. A FreeBSD ported package is contributing to an internet service availability problem that has me stumped. I believe that an unknowable quantity of other internet denizens are also affected. I'm a long time fan of FreeBSD -- I run it on my small mail server and I've recommended it for many applications. I even bought a CD once. I write this missive with great reluctance. I've worked with a lot of strange software over the years, But this is a new first -- Software that slanders! Software that publicly called me a spammer!!! And not to my face, but to business associate. And then took action. I recently discovered, and quite by accident, that a FreeBSD ported package -- spambnc (aka Spambouncer or SB) -- was blocking mail from me to an unknown number of businesses and individuals on the internet. I'll probably never have to correspond with most of these people, but I'm a freelancer -- this may have already cost me a job. [Dear reader, don't be surprised if you or your clients are also blocked. I strongly suggest that you check it out.] Anti-spam products have a valuable place in the security arsenal. But, IMHO, this product is dangerous because it includes filters and rules that are overreaching, and inaccurate. Bad firewall rules and bad anti-spam rules may be OK for an individual site. However, spambnc's bad advice is being mass marketed through the good offices of FreeBSD, and it is putting potholes in the net for the rest of us. Until it is fixed, and proven harmless, FreeBSD should stop distributing this product. Basically, the default built-in policies for blocking mail aren't fully described, and there is no mechanism to universally correct the inevitable mistakes in a timely manner. Users (people who install this product) are mislead about the probably of filtering the wrong mail. I am sure that the software was developed with the very best intentions, but in its zeal to block lots and lots of spam, SB is hurting good people. The SB rule blocking my mail host has nothing to do with me. Even though, it can use dynamic anti-spam DNS services, SB hard codes its rules for filtering bad domains by name and by IP address. My nemisis is buried in a 1476 line file, sb-blockdomains.rc, which installs by default, and is not documented outside the code. Along with others, it blocks the entire 66.45.0.0/17 space because spammers might live there. This is sort of like a corporate mail room throwing away all NJ postmarked mail because of the bulk mail distribution centers in Secaucus. My mail host address gets a clean bill of health from every anti-spam site that I can find, such as SPEWS. I've checked at least 30 of them. My tiny x/29 block is sub-allocated from my DSL provider's x/23
Re: Bystander shot by a spam filter.
No. The automated systems to filtre spam and virii better be *really* careful about what they block. If you block or subvert discrete communications between humans then you are asking for real trouble. That's all. Dhu On 28 Dec 2002 17:00:54 -0500 Shawn Duffy [EMAIL PROTECTED] wrote: So we should let the govt open all unopened mail to make sure nothing is illegal in it? and then leave it up to them to determine if it was intentional? please... On Sat, 2002-12-28 at 16:51, Duncan Patton a Campbell wrote: The law would have to consider intention of the sender: Virii are (generally) not intended by the sender, except for the original author. If I didn't intend to send the virus, there is no constraint on you scanning and chopping it. As for porn, if you are a minor, then by sending it to you I have probably committed a criminal offense, regardless of the vehicle employed. Dhu On Sat, 28 Dec 2002 16:41:46 -0500 (EST) Chris Orr [EMAIL PROTECTED] wrote: So theoretically scanning email attatchments for viruses is illeagal too? and the same goes for filtering out porn? -chris On Sat, 28 Dec 2002, Duncan Patton a Campbell wrote: Seems to me that this is an invitation to government regulation -- interfering with the mail is a criminal offense for good reason. Dhu On 28 Dec 2002 15:46:10 -0500 Shawn Duffy [EMAIL PROTECTED] wrote: The lists are usually kept on the websites of whatever particular organizations are doing it... they are quite a few... As far as suing them, I would venture to say no... If you dont want someone to be able to connect to your mail server that is certainly within your right to do... and if other people want to agree with you, well then, what can you do... although I am sure someone somewhere will probably sue over it and win... shawn On Sat, 2002-12-28 at 15:32, Duncan Patton a Campbell wrote: How do you find if you are on the list? And who has the list? Can they be sued? Thanks, Duncan (Dhu) Campbell On Sat, 28 Dec 2002 08:45:23 -0500 Harry Tabak [EMAIL PROTECTED] wrote: [This is a resend. Ironically, the orignal was blocked by FreeBSD's spam filter, I've had to send this from another account] I am not sure which list is best for this issue, hence the cross posting. I believe spam and anti-spam measures are security issues -- the 'Availability' part of C-I-A. I apologize if I am wrong. A FreeBSD ported package is contributing to an internet service availability problem that has me stumped. I believe that an unknowable quantity of other internet denizens are also affected. I'm a long time fan of FreeBSD -- I run it on my small mail server and I've recommended it for many applications. I even bought a CD once. I write this missive with great reluctance. I've worked with a lot of strange software over the years, But this is a new first -- Software that slanders! Software that publicly called me a spammer!!! And not to my face, but to business associate. And then took action. I recently discovered, and quite by accident, that a FreeBSD ported package -- spambnc (aka Spambouncer or SB) -- was blocking mail from me to an unknown number of businesses and individuals on the internet. I'll probably never have to correspond with most of these people, but I'm a freelancer -- this may have already cost me a job. [Dear reader, don't be surprised if you or your clients are also blocked. I strongly suggest that you check it out.] Anti-spam products have a valuable place in the security arsenal. But, IMHO, this product is dangerous because it includes filters and rules that are overreaching, and inaccurate. Bad firewall rules and bad anti-spam rules may be OK for an individual site. However, spambnc's bad advice is being mass marketed through the good offices of FreeBSD, and it is putting potholes in the net for the rest of us. Until it is fixed, and proven harmless, FreeBSD should stop distributing this product. Basically, the default built-in policies for blocking mail aren't fully described, and there is no mechanism to universally correct the inevitable mistakes in a timely manner. Users (people who install this product) are mislead about the probably of filtering the wrong mail. I am sure that the software was developed with the very best intentions, but in its zeal to block lots and lots of spam, SB is hurting good people. The SB rule blocking my mail host has nothing to do with me. Even though, it can use dynamic anti-spam DNS services, SB hard codes its
Dynamic Rules with IPFW
Date: Tue, 16 Jul 2002 22:09:09 -0600 Message-Id: [EMAIL PROTECTED] X-Mailer: Open WebMail 1.70 20020712 X-OriginatingIP: 127.0.0.1 (campbell) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 I use no check-states, just keep-state, and only for DNS, soo, ${fwcmd} add pass tcp from any to ${myip} 443 setup ${fwcmd} add pass tcp from any to ${myip} 25 setup ${fwcmd} add pass tcp from any to ${myip} 22 setup ${fwcmd} add pass tcp from any to ${myip} 80 setup ${fwcmd} add pass esp from any to any This passess https, smtp, ssh and http.Seems to stay up. Do you need to deny established links for some reason? Duncan Patton a Campbell is Duibh ;-) you wrote: I use Dynamic rulesets with IPFW: ipfw add check-state ipfw add deny tcp from any to any established ipfw add allow tcp from my-net to any setup keep-state But I also have services I need anyone on the net to get to, without me making a connection first from my-net . I allow such services with: allow tcp from any to my-net 25,80,443 setup in via xl0 keep-state This works fine for 25,80, and 443. However, when I apply the same rule for SSH, and login to my box remotely, about 10 minutes later, the connection just dies, and it dies with every connection. Removing the keep-state option for ssh effec tively closes 22 obviously. Would check-state be a better option here? Michael To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message