Good point - lots of ways around that though, and I think in many cases the
reason they did that was to prevent spammers from using their netowrk to
broadcast - right? If a mechanism like this is adopted as a spam killer,
then their capture of all port 25 traffic is not required...
Personally
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Sam
Varshavchik
And for seconds... I will still have a problem when my first header is
AUTHENTICATED.
If I send mail to myself, my ONLY received header looks like:
Received: from a1200 ([24.83.X.X])
Good idea, but is it really that simple? I would only want to do this for
the top Received header - if I test all headers a spoofed auth header can
bypass spamassassin. Is there a way to make the pattern match only the first
Received and then check it for AUTH?
I realize by adding the example.com
--On Dienstag, 6. Januar 2004 20:13 -0800 Roger B.A. Klorese
[EMAIL PROTECTED] wrote:
Julian Mehnle wrote:
I don't see the problem. http://spf.pobox.com/objections.html#forwarding
handles it, I think.
But it's just wrong.
If I am connected to my Earthlink DSL at home and want to send
Roger B.A. Klorese writes:
Sam Varshavchik wrote:
Yes, they can. SMTP's twin sister, the mail submission protocol, uses
port 587, which will be unaffected by Earthlink's stupid firewall.
Perhaps. But why assume it won't be blocked?
Why assume that it will be?
Mitch (WebCob) wrote:
Good idea, but is it really that simple?
Yeah, why not?
I would only want to do this for
the top Received header - if I test all headers a spoofed auth header can
bypass spamassassin.
If you're really that paranoid about it, you can probably flesh this out:
i=1
foreach
Roger B.A. Klorese [EMAIL PROTECTED] wrote:
Julian Mehnle wrote:
And why has nobody else yet implemented YASAF?
Before they write it and build its infrastructure?
Perhaps you'd like to tell me why you're not driving the 2033 Porsche.
I only gave a somewhat sarcastic answer to Malcolm's
The reason I did not reply to your earlier comment regarding the
variability of the authdaemon socket location is because it probably has
to be fully user specifiable.
Yeah, which is why I put it into a variable, so it would only need to be
changed in one place.
But I'd suggest that if you
Roger B.A. Klorese [EMAIL PROTECTED] wrote:
Sam Varshavchik wrote:
Yes, they can. SMTP's twin sister, the mail submission protocol, uses
port 587, which will be unaffected by Earthlink's stupid firewall.
Perhaps. But why assume it won't be blocked? I'd expect them to block
it in a New
Also, what are you using for the -u option for spamc? I've tried
LOGNAME and USER but these aren't always set properly (eg. when running
maildrop via fetchmail).
ok, weird. I was importing $LOGNAME, and it seems that it didn't need
to be imported. However, I've had to resort to the
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of Julian Mehnle
Well, well. Some Internet Service Providers or Internet
Access Providers (e.g. Earthlink or some hotels) provide
crippled Internet access by blocking random IP ports. So
what? That's neither SPF's nor
Hello Everyone,
I've been looking at an issue with the couriermlm and feel like I've
hit a dead end. Any and all direction in this matter would be appricated
greatly.
One of our clients created a mailing list under couriermlm. While can
subscribe and unsubscribe normally you cannot access the
-Original Message-
From: Julian Mehnle
Sent: Wednesday, January 07, 2004 10:47 AM
Roger B.A. Klorese [EMAIL PROTECTED] wrote:
Julian Mehnle wrote:
And why has nobody else yet implemented YASAF?
Before they write it and build its infrastructure?
Perhaps you'd like to
Roland wrote:
After installing the most recent courier on a Debian Sarge
clients trying STARTTLS were rejected with with this message:
courieresmtpd: courieresmtpd: STARTTLS failed: Unexpected SSL connection
shutdown.
...
How to debug the issue with SSLv3 (and maybe TLS1) ?
Have you verified that
Roger B.A. Klorese [EMAIL PROTECTED] wrote:
Julian Mehnle wrote:
Well, well. Some Internet Service Providers or Internet
Access Providers (e.g. Earthlink or some hotels) provide
crippled Internet access by blocking random IP ports. So
what? That's neither SPF's nor YASAF's fault.
Malcolm Weir [EMAIL PROTECTED] wrote:
So why do you, and others, seem so upset with a proposal that
*is*, in at least some regards, more secure and more useful (to large
ISPs)?
I'm getting upset because I think that YASAF is vast overkill for the sender address
forgery, while some people
I'm having the same problem, RH 7.3 courier 0.42.3.
On Jan 7, 2004, at 12:03 PM, Adam C. Greenfield wrote:
Hello Everyone,
I've been looking at an issue with the couriermlm and feel like I've
hit a dead end. Any and all direction in this matter would be
appricated
greatly.
One of our
Malcolm Weir wrote:
So why do you, and others, seem so upset with a proposal that *is*, in at
least some regards, more secure and more useful (to large ISPs)?
Who's upset? I'm afraid I started this by asking how the damn thing
works, and all that seems clear is that no one really knows. All
-Original Message-
From: Julian Mehnle
Sent: Wednesday, January 07, 2004 1:41 PM
Malcolm Weir [EMAIL PROTECTED] wrote:
So why do you, and others, seem so upset with a proposal
that *is*, in
at least some regards, more secure and more useful (to large ISPs)?
I'm getting upset
Sorry, if I call you Braindeath, but one which respond with
one line and attach a useless fullquote of 13 kBytes...
The next time please cut down the response...
Greetings
Michelle
Am 2004-01-07 13:50:01, schrieb Matthew Wilson:
I'm having the same problem, RH 7.3 courier 0.42.3.
On Jan 7,
Julian Mehnle writes:
Roger B.A. Klorese [EMAIL PROTECTED] wrote:
Sam Varshavchik wrote:
Yes, they can. SMTP's twin sister, the mail submission protocol, uses
port 587, which will be unaffected by Earthlink's stupid firewall.
Perhaps. But why assume it won't be blocked? I'd expect them to
While we're all ranting (SPF vs. YASAF, etc.)... has anyone seen an open
source equivalent of this system:
All messages from unknown senders are bounced. The bounce contains a link to
a robot-unfriendly prove you are a human with a real email address page
that consists of one of those enter the
Julian Mehnle writes:
I never demanded that Yahoo should adopt SPF instead of YASAF. It sure is
Yahoo's right to deploy for themselves whatever fits *them* best. What I
don't like is the outlook of 800lb Yahoo trying to impose whatever fits
*them* best onto the world.
Yahoo cannot impose
When you add yourself to a mailing list, how do you tell the system not to bounce the
subscription confirmation message?
What is your definition of a sender?
--
Bill Michell
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mitch
Malcolm Weir [EMAIL PROTECTED] wrote:
Julian Mehnle wrote:
while some people think it
should be generally adopted *instead* of rivaling schemes
like SPF due to Yahoo's 800lb Gorilla factor.
And you know that... How?
Fact is that 'YASAF' does more. So how do you know that people
Gordon Messmer writes:
Mitch (WebCob) wrote:
Good idea, but is it really that simple?
Yeah, why not?
I would only want to do this for
the top Received header - if I test all headers a spoofed auth header can
bypass spamassassin.
If you're really that paranoid about it, you can probably flesh
Roland writes:
After installing the most recent courier on a Debian Sarge
clients trying STARTTLS were rejected with with this message:
courieresmtpd: courieresmtpd: STARTTLS failed: Unexpected SSL connection
shutdown.
This is not a rejection message. This is a diagnostic message, which is
Bill Michell [EMAIL PROTECTED] wrote:
When you add yourself to a mailing list, how do you tell the
system not to bounce the subscription confirmation message?
What is your definition of a sender?
Mails with Precedence: (list|bulk|junk) should never be replied to automatically.
If the
Mails with Precedence: (list|bulk|junk) should never be
replied to automatically. If the mailing list software
inserts the right header, there won't be a problem except
that the user of the challenge/response system won't see the
subscription confirmation message unless he has
All messages from unknown senders are bounced. The bounce contains a
link to
a robot-unfriendly prove you are a human with a real email address
page
that consists of one of those enter the letters you see in this
picture
forms. Doing that validates the sender as a real person, not a
spammer,
Interesting question - I think they would have to pre-whitelist the mailing list
address in order to subscibe successfully - it wasn't my system though - a commercial
offering I saw which I thought had some unique advantages - this TDMA that Julian
mentions might work similarly...
I just tried
Hi,
any pointers how to configure smtp auth with Courier? I just need to know
what man page to read to get started...
Cheers,
Caro
_
Tired of slow downloads? Compare online deals from your local high-speed
providers now.
Roger B.A. Klorese [EMAIL PROTECTED] wrote:
Mails with Precedence: (list|bulk|junk) should never be
replied to automatically. If the mailing list software
inserts the right header, there won't be a problem except
that the user of the challenge/response system won't see the
subscription
Never seen that one before - excellent - will read up on it.
Thanks!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Julian
Mehnle
Sent: Wednesday, January 07, 2004 4:03 PM
To: Courier Users
Subject: [courier-users] RE: Alternative concepts to SPF vs. YASAF
Phillip Hutchings [EMAIL PROTECTED] wrote:
The real aim of Yahoo!s system is not to authenticate the server
though, it's to authenticate the email as being from a valid user. I
can see this catching on in corporations, as it'll add a layer of
knowledge to the receiver.
Isn't authenticating
Ok - thanks - that works better for a number of reasons - (I'll post the
running verison once I play with it) - by making sure I am testing the first
header, I don't need to care about example.com (which is good, cause then I
can put the rule in my maildroprc where I call spamassassin from.
When
It's configured by default.
Setting up the client is a matter of client docs... in outlook and outlook
express it's under the account properties enable authentication for
outgoing mail or something like that.
m/
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf
Carolyn Longfoot wrote:
any pointers how to configure smtp auth with Courier? I just need to
know what man page to read to get started...
Make sure courier-smtpauth is installed, if you built the rpms. Edit
etc/courier/esmtpd and enter values for AUTHMODULES and ESMTPAUTH.
Mitch (WebCob) wrote:
I just tried it out - the TDMA (www.tdma.net) replies with a message
(pasted below for reference). This is exactly the sort of thing I was
thinking of - haven't looked at how easy it is to integrate with
courier, but I imagine it wouldn't be hard
It's not. Be sure not to
-Original Message-
From: Julian Mehnle
Sent: Wednesday, January 07, 2004 3:53 PM
Malcolm Weir [EMAIL PROTECTED] wrote:
Julian Mehnle wrote:
while some people think it
should be generally adopted *instead* of rivaling schemes
like SPF
due to Yahoo's 800lb Gorilla
Mitch (WebCob) wrote:
It's configured by default.
That's been said before, but I don't think it's true. On a default
install, AUTHMODULES and ESMTPAUTH are both set to .
And on that subject, if you install courier and courier-smtpauth for the
first time, smtpauth's post script will fail.
Hi,
We are experiencing some very strange behavior on our system running
courier.
Our mail server has gotten slower and slower over time. We noticed
that courier is the culprit.
Apparently, it is spinning in an endless loop trying to access queue
files that don't exist.
It appears as if
Gordon Messmer writes:
And on that subject, if you install courier and courier-smtpauth for the
first time, smtpauth's post script will fail. courier should be a
PreReq for courier-smtpauth.
But it is.
pgp0.pgp
Description: PGP signature
On 8/01/2004, at 1:33 PM, Julian Mehnle wrote:
Phillip Hutchings [EMAIL PROTECTED] wrote:
The real aim of Yahoo!s system is not to authenticate the server
though, it's to authenticate the email as being from a valid user. I
can see this catching on in corporations, as it'll add a layer of
Sam Varshavchik wrote:
Gordon Messmer writes:
And on that subject, if you install courier and courier-smtpauth for
the first time, smtpauth's post script will fail. courier should be a
PreReq for courier-smtpauth.
But it is.
Right now smtpauth Requires courier. It should PreReq courier.
Phillip Hutchings wrote:
All the system will do, as far as the basic details show, is stop forged
return addresses, same as SPF, but with the added bonus that you can set
up a roaming client to self sign messages if needed.
I don't think there's any evidence that this is true. Specifically in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris Petersen [EMAIL PROTECTED] wrote
| Also, what are you using for the -u option for spamc? I've tried
| LOGNAME and USER but these aren't always set properly (eg. when running
| maildrop via fetchmail).
authdaemond requires the username to be the
Noah Silverman wrote:
Apparently, it is spinning in an endless loop trying to access queue
files that don't exist.
If you ever restored the queue from a backup, or copied files from
outside the queue into it, you'll need to remove those files.
We found the problem!!
It appears as if there is a bug in courier that one of the developers
will have to fix.
We have the archive directory option turned on the the courierd
config file.
The files in the msgq directory are supposed to be hard links to the
control files in the msgs
Hi,
Sorry to bother you, but I believe our team has found a significant bug
in courier.
We noticed that courier was taking up more and more system resources
and slowing down our mail server.
Upon further analysis, we found that courier was constantly looking for
files in the MSGS directory
Noah Silverman writes:
The files in the msgq directory are supposed to be hard links to the
control files in the msgs directory. For some reason, they were being
hard linked to the files in the archive directory instead.
I suspect that the problem only occurs when a message bounces. If you
This logic is taken care of already when using courierd for delivery,
using $USER. You will have to experiment with other MTA's.
My problem is not the AuthCourier stuff, but rather that I'm getting
spamc -u requires an argument type error messages in my maillog.
These happen SOMETIMES if I
52 matches
Mail list logo