t/linux/kernel/git/torvalds/linux.git/commit/?id=083ae308280d13d187512b9babe3454342a7987e)
toward that end has been merged as well.
The fix has not made it to the stable kernels yet [...].
--
Cheers, Grossman's Law: "In time of crisis, people do not rise to
Rick Moen the oc
well...
> seriously?
The Internet famously contains people who, um, think different. Have a
look at this gentleman's Twitter stream, for context.
https://twitter.com/cvaillance
--
Cheers,"Why struggle to open a door between us,
Rick Moen
Quoting E Frank Ball III (fra...@efball.com):
Last fall there was a debian 64-bit / nginx rootkit going around,
now I've been hit with what sounds similar but on 32-bit wheezy.
I hope you're aware that -- at least in the standard usage of the word
'rootkit' -- a rootkit doesn't 'go around',
://www.links.org/?p=327
http://www.links.org/?p=328
--
Cheers, Actually, time flies hate a banana.
Rick Moen-- Micah Joel
r...@linuxmafia.com
McQ! (4x80)
--
To UNSUBSCRIBE, email to debian-security-requ
Quoting Volker Birk (v...@pibit.ch):
Really?
How do you detect, if maintainer's patches contain backdoors? If I would
want to attack Debian, I would try to become the maintainer of one of
the most harmless, most used packages. And believe me, you wouldn't see
at the first glance, that this
Quoting Laurentiu Pancescu (lpance...@googlemail.com):
I was wondering if we're not losing perspective of what is realistic
in a certain situation, especially for people without previous
experience in handling such attacks and whose job is not necessarily
a full-time system administrator.
1.
Quoting Naja Melan (najame...@gmail.com):
Some weeks ago I decided to have a look at debian and quite soon ran into
questions and problems considering the security of debian. I would like to
share some of those questions, remarks in this mail in the hope of
stimulating a discussion[...]
It
Quoting john (lists.j...@gmail.com):
I see that there is another null pointer dereference flaw being talked about.
http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/
It looks like we can take step in Debian 5.0 to mitigate this threat by
setting
echvm.mmap_min_addr = 4096
Quoting Mark (m...@freedomisnothingtofear.com):
Have a look at anything that uses OTR:
[m...@resolve ~]% apt-cache search Off-The-Record
irssi-plugin-otr - Off-the-Record Messaging Plugin for Irssi
libotr2 - Off-the-Record Messaging library
libotr2-bin - toolkit for Off-the-Record
.)
--
Cheers, Notice: The value of your Hofstadter's Constant
Rick Moen(the average amount of time you spend each month
r...@linuxmafia.com thinking about Hofstadter's Constant) has just
McQ! (4x80) been adjusted upwards
time -- on this
subject: http://www.linux.com/articles/42031
--
Cheers, Crypto lets someone say Hi! I absolutely definitely have
Rick Moena name somewhat like the name of a large familiar
r...@linuxmafia.com organization, and I'd like to steal your data! and lots
McQ
Quoting Vincent Deffontaines ([EMAIL PROTECTED]):
And the Linux kernel (Netfilter) implements NAT source port randomization
since 2.6.21, which can make it a conveninent way to protect your natted
hosts without any patching.
See http://software.inl.fr/trac/wiki/contribs/RandomSkype for
Quoting Vincent Deffontaines ([EMAIL PROTECTED]):
No I confirm NAT source port randomization was included in 2.6.21 as far
as Netfilter NAT is concerned.
Commit is :
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=41f4689a7c8cd76b77864461b3c58fde8f322b2c
The
Quoting Hideki Yamane ([EMAIL PROTECTED]):
I want to know that, too.
Should ALL systems (servers or desktops/laptops) need to be installed
and configure bind9 (or something) package, or need to wait for update?
My own preference is, indeed, to have one of the following as a local
recursive
Quoting Stephen Vaughan ([EMAIL PROTECTED]):
Does anyone know if TinyDNS is vulnerable to the dns cache poisoning
exploit?
The Kaminsky-publicised attack method applies _only_ to caching
recursive-resolver nameservers: tinydns is an authoritative-only DNS
daemon, not a recursive resolver.
Quoting Richard Hartmann ([EMAIL PROTECTED]):
http://www.unicom.com/pw/reply-to-harmful.html vs
http://www.metasystema.net/essays/reply-to.mhtml
...was obsoleted by RFCs 2822 and 2369: Munging lost.
http://linuxmafia.com/~rick/faq/index.php?page=netiquette#replyto
--
To UNSUBSCRIBE, email
Quoting Hubert Chathi ([EMAIL PROTECTED]):
I'm really more concerned about the fact that it's orphaned. And it
appears to be unmaintained upstream (last release in 2001, and
upstream moved it from the releases directory to the old-releases
directory).
Point taken. I assume you are
Quoting Wolfgang Jeltsch ([EMAIL PROTECTED]):
Am Mittwoch, 9. Juli 2008 20:51 schrieb Noah Meyerhans:
I suggest that you install bind9,
How do I tell bind9 what DNS servers to ask? Is this also done by
resolv.conf? If yes, named would ask itself if 127.0.0.1 is the first entry.
Quoting Hubert Chathi ([EMAIL PROTECTED]):
Hmm... libnss-lwres is orphaned (#475089), and is uninstallable on sid.
I'll bet the version of the missing dependency package (liblwres30) in
lenny would suffice.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble?
Quoting Josip Rodin ([EMAIL PROTECTED]):
Why is this phrased in a way that it prefers BIND as a recursive resolver,
when that same software was *only just* patched to be acceptable for the
same purpose?
Although I'm not much of a BIND9 fan -- it remains RAM-hogging, slow,
overfeatured, and
/{issue|issue.net} to make the system
claim to be a Super Nintendo, just for laughs.
--
Cheers, Entia non sunt multiplicanta praeter necessitatem.
Rick Moen -- William of Ockham (attr.)
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL
Quoting Yves-Alexis Perez ([EMAIL PROTECTED]):
But CC-BY-NC is not considered
DFSG-free so it may be an issue (see
http://people.debian.org/~evan/ccsummary.html)
It is considered DFSG-non-free by some number of (not identified) members
of the public mailing list debian-legal, as summarised by
= syslog
display_errors = Off
--
Cheers, I have /usr/sbin/coffee mounted from /dev/mug right now,
Rick Moen and you can't have it. Oh no, I just tried to seek past
[EMAIL PROTECTED] end-of-beverage. *sigh* -- Graham Reed, in The Monastery
--
To UNSUBSCRIBE, email
Quoting Javier Fernandez-Sanguino ([EMAIL PROTECTED]):
Even better: /usr/share/doc/php5-common/examples/php.ini-paranoid
(it includes some more functions in that definition)
Excellent. Amended to:
disable_functions = dl, phpinfo, system, mail, include, shell_exec, exec,
escapeshellarg,
Quoting Raphael Geissert ([EMAIL PROTECTED]):
include()? I don't want to imagine how many scripts will break.
Good catch. (It was very late in my time zone. I need to review that
list.)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
Quoting Luis Mondesi ([EMAIL PROTECTED]):
It's time to tell PHP (via php.ini) not to allow any of those
functions that allow executing stuff from the system (system,
passthru, whatever).
Amen to that. Good starting point:
disable_functions = system, exec, passthru, popen, escapeshellcmd,
Quoting Michelle Konzack ([EMAIL PROTECTED]):
How can this happen?
I was never hacked since 1999-03...
One way:
Break-in without Remote Exploit on http://linuxmafia.com/kb/Security
(***cough*** shells.sourceforge.net ***cough***)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
it right:
http://linuxgazette.net/issue98/moen.html
--
Cheers,English is essentially a text parser's way of getting
Rick Moen faster processors built.
[EMAIL PROTECTED]-- John M. Ford, http://ccil.org/~cowan/essential.html
--
To UNSUBSCRIBE, email to [EMAIL
Quoting Russ Allbery ([EMAIL PROTECTED]):
Yup. IDS systems are wonderful. But they do require discipline.
Indeed. I'd still like to see a trial project, to see _if_ a default IDS
setup (Samhain, AIDE, or Prelude-IDS) can be made to be generally useful.
(Yeah, I know: Sooner if you help.)
cause of
networking problems.
--
Cheers, English is essentially Plattdeutsch as spoken
Rick Moenby a Frisian pretending to be French.
[EMAIL PROTECTED] -- Andreas Johansson, http://ccil.org/~cowan/essential.html
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED
misrecollection.
--
Cheers,
Rick Moen Anger makes dull men witty, but it keeps them poor.
[EMAIL PROTECTED] -- Elizabeth Tudor
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
Quoting aliban ([EMAIL PROTECTED]):
MS Blaster infected many million system within seconds...
Relying on the vulnerable MSDE embedded SQL database engine being
embedded into a large number of consumer software products, and
irresponsibly left bound to all network ports, not just loopback.
Quoting kevin bailey ([EMAIL PROTECTED]):
} 21/tcp open ftp
Off. Security hole if passwords are sent, they aren't encrypted.
Even in deployments where the only login supported is anonymous? ;-
P.S.: http://linuxmafia.com/faq/Network_Other/ftp-justification.html
--
To UNSUBSCRIBE,
, on the backup target host.)
Details:
SSH Public-key Process on http://linuxmafia.com/kb/Security/
--
Cheers,
Rick Moen Anger makes dull men witty, but it keeps them poor.
[EMAIL PROTECTED] -- Elizabeth Tudor
--
To UNSUBSCRIBE
every
oyster -- and that fugu from a reputable restaurant can still kill you.
(I hope you don't mind if I publish our correspondence in Linux Gazette,
http://linuxgazette.net/ .)
--
Cheers,
Rick Moen Anger makes dull men witty, but it keeps them poor.
[EMAIL PROTECTED
Quoting Geoff Crompton ([EMAIL PROTECTED]):
The most recent vulnerability that I was aware of in Awstats can still
work even in static mode. http://www.securityfocus.com/bid/14525. The
referrer in the log file is not sanity checked.
Hmm. I note: It should be noted this vulnerability is only
be Ramen, a January 2001 worm that attacks an
rpc.statd bug fixed in summer 2000, plus attacking input validation
bugs in wu-ftpd v. 2.6 and earlier and LPRng versions earlier than Aug.
2000.
--
Cheers,
Rick Moen Support your local medical examiner: Die strangely
Quoting George P Boutwell ([EMAIL PROTECTED]):
The Security Debian How-To mentions Tripwire. Looking at AIDE and
Tripwire in the debian packages repositories it's hard to tell the
difference. I'm sure they both do the job, anyone with experience
with both these packages can describe some of
Quoting Radu Spineanu ([EMAIL PROTECTED]):
Has anyone heard of an implementation, or at least a whitepaper related
to creating some kind of secure zone where i can keep these keys ?
Mine is called a PalmPilot with Keyring (3DES password store) installed,
where I'm careful about what I install
Quoting Edward Faulkner ([EMAIL PROTECTED]):
I do the same thing with my passwords, but that doesn't quite answer
the question. Radu wants a place to keep GPG keys safe - not just
their passwords.
Yes, good point.
I don't have a good answer to Radu's situation other than don't use the
Quoting Harald Krammer ([EMAIL PROTECTED]):
I saw in Debian the package kernel-patch-grsecurity2. My questions is,
is this patch always up-to date or is it necessary to track all security
issue for grsecurity without DSA messages ?
You can check here:
Quoting [EMAIL PROTECTED] ([EMAIL PROTECTED]):
I like using non-modular kernels to prevent LKMs
http://www.phrack.org/phrack/58/p58-0x07
In this paper, we will discuss way of abusing the Linux kernel
(syscalls mostly) without help of module support or System.map at all,
so that we assume
a better MUA, running on a
better OS.
Quite.
--
Cheers, Hardware: The part you kick.
Rick MoenSoftware: The part you boot.
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe
Quoting Florian Weimer ([EMAIL PROTECTED]):
mutt and Gnus are, in typical configurations. Most distributions
kindly add all these helpful mailcap entries.
Perhaps you need assistance comprehending the word specific (used
twice in my question)? I await with interest your achieving that
Quoting David Mandelberg ([EMAIL PROTECTED]):
Do you mean to say that opening message.txt\t\t\t.desktop which
happens to be a freedesktop.org compliant launcher for the program rm
-rf $HOME is safe because it's designed for people running one of the
F/OSS products GNOME or KDE on a F/OSS OS?
Quoting David Mandelberg ([EMAIL PROTECTED]):
Attached.
Save to your GNOME/KDE desktop (like many newbies do) and double click
the new icon. .desktop files (currently) don't need the x bit set to
work, so no chmod'ing is necessary.
I'm sorry, but the question was:
Please advise this
someone can file an ITP for it, as package mutt-fod
(for Friends of Darwin). ;-
--
Cheers, Hardware: The part you kick.
Rick MoenSoftware: The part you boot.
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL
there was this error messages:
Incorrect MD5 checksums: 6
Which ones? And on what basis is it saying they're incorrect? You
don't say.
--
Cheers, There are 10 kinds of people in the world, those who
Rick Moen know ternary, those who don't, and those who are now
[EMAIL PROTECTED
, The Viking's Reminder:
Rick Moen Pillage first, _then_ burn.
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
from one's
/etc/hosts file, with the result that an avalanche of local socket
requests clobber the system's ARP cache.
So, don't rush to the conclusion that your system is under attack, just
because you see that error. You might be shooting at your own feet.
--
Cheers,
Rick
Quoting Jan Minar ([EMAIL PROTECTED]):
Unfortunately, scp requires a shell access
http://www.sublimation.org/scponly/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
. The results
Rick Moen blacked out 1400 homes and, of course, one raccoon.
[EMAIL PROTECTED] -- Steel City News
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
us might say: We laugh,
Rick Moen monkeyboys -- Linux IS the mainstream UNIX now!
[EMAIL PROTECTED] MuaHaHaHa! but that would be rude. -- Jim Dennis
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Quoting Richard A Nelson ([EMAIL PROTECTED]):
[Snip MVS mainframe priesthood standing in way of OpenSSH installation.]
I typically use cygwin on *MY* laptop, but when away from that -
I try not to install random software on other's boxen
The usual remedy is to pull down putty.exe (tiny) and
Quoting James Renken ([EMAIL PROTECTED]):
Agreed - but some of my customers, even after I've pointed out the risks,
just don't want to go through the trouble of changing from their preferred
Telnet programs.
ObNivenAndPournelle: Think of it as evolution in action.
--
Cheers,
Rick Moen
Quoting Florian Weimer ([EMAIL PROTECTED]):
* Henrique de Moraes Holschuh:
Why non-free? The code is available under a DFSG-free copyright
license.
The one I have here isn't, but if you have one that is entirely DFSG-free,
that's much better.
An older version is available from:
Quoting Florian Weimer ([EMAIL PROTECTED]):
I once worked on an OpenPGP implementation vulnerability matrix, but
this topic isn't very interesting anymore. For me at least, there's
just GnuPG.
Just out of curiosity, are there now, or have there been in the past,
any _other_ implementations
member of the Hyphenation Society, a grassroots-based,
Rick Moen not-for-profit, locally-owned-and-operated, cooperatively-managed,
[EMAIL PROTECTED] modern-American-English-usage-improvement association.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble
... that smug ex-
Rick Moen pression You're one of those condescending Unix users!
[EMAIL PROTECTED] Here's a nickel, kid. Get yourself a real computer.
-- Dilbert
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
with
some PGP 2.x users) are all I'm aware of. PGPi, unlike GnuPG, _does_
include IDEA code by default.
--
Cheers,There are only 10 types of people in this world --
Rick Moen those who understand binary arithmetic and those who don't.
[EMAIL PROTECTED]
--
To UNSUBSCRIBE
) the same sort of precautions? After all, a PDF is basically just
a PS file, so I imagine the same sorts of attack are possible.
A run through the manpage was unenlightening.
(Ah, I see Kevin has the same concern.)
--
Cheers,
Rick MoenThis space for rant.
[EMAIL
works for that sysadmin's local system. Caveat
user.
--
Cheers, Transported to a surreal landscape, a young girl kills the first
Rick Moen woman she meets, and then teams up with three complete strangers
[EMAIL PROTECTED] to kill again. -- Rick Polito's That TV Guy column
, with maybe 10%
stable and 10% Something Else Entirely. (I applaud your enthusiasm, and
don't mean to denigrate what you're using. I'm just trying to describe
it accurately.)
--
Cheers, Founding member of the Hyphenation Society, a grassroots-based,
Rick Moen not-for-profit, locally-owned
Quoting Russell Coker ([EMAIL PROTECTED]):
Some of the anti-spam people are very enthusiastic about their work. I
wouldn't be surprised if someone writes a bot to deal with CR systems.
A bot to detect C-R queries and add them to the refused-mail ACL list
would be most useful. ;-
--
To
Quoting Russell Coker ([EMAIL PROTECTED]):
Some of the anti-spam people are very enthusiastic about their work. I
wouldn't be surprised if someone writes a bot to deal with CR systems.
A bot to detect C-R queries and add them to the refused-mail ACL list
would be most useful. ;-
Quoting Michael Stone ([EMAIL PROTECTED]):
You're talking about SPF. That's a concept, not an implementation.
Implementation details have already been posted.
Effective use of SPF requires widespread adoption. Until/unless
widespread adoption happens the promises of SPF are vaporware.
Quoting Michael Stone ([EMAIL PROTECTED]):
You're talking about SPF. That's a concept, not an implementation.
Implementation details have already been posted.
Effective use of SPF requires widespread adoption. Until/unless
widespread adoption happens the promises of SPF are vaporware.
Quoting Phillip Hofmeister ([EMAIL PROTECTED]):
While I am sure finding out whose is bigger is exciting to you. I
feel comfortable in speaking for the rest of the list when I say this
thread has become WAY OT.
I'm surprised that an allegation that SPF -- highly relevant to SMTP
security --
Quoting Michael Stone ([EMAIL PROTECTED]):
Well, it is vaporware. Until it's used by a noticable percentage of
hosts, it's irrelevant.
(1) Where I come from, the term vapourware means software touted far
in advance of its availability. As noted, such is most emphatically not
the case, here.
Quoting Michael Stone ([EMAIL PROTECTED]):
yeah, aol's pleased as punch about it. they also don't have much
interest in customers sending email with @aol from off their own system
unless they use an obnoxious webmail client. same goes for hotmail.
anyone with users who isn't aol and whose
Quoting Michael Stone ([EMAIL PROTECTED]):
There's a line between advocacy and zealotry.
Still stuck in name-calling mode? Pity.
It's fine for a home user to implement it quickly but it's not so easy
for a lot of large organizations that currently allow people to send
mail from offsite
Quoting Michael Stone ([EMAIL PROTECTED]):
What name calling? There's a difference.
snort Cute.
Ah, well.
You're assuming unrestricted outbound connections. Might even be true in
your environment.
It's true that there will be interim problems with corporate firewalls
(etc.) closing off
Quoting Michael Stone ([EMAIL PROTECTED]):
No, I'm not.
You _weren't_ ignoring the point I just made and changing the subject?
Then, some villain apparently snuck into your MTA and substituted
different text that did, for the original message you tried to send.
You should sue! ;-
I'm
Quoting Bernd Eckenfels ([EMAIL PROTECTED]):
If you relay mail from your customers, you have to deliver them their
bounces if they spam.
Well, that's the trick, isn't it? If they're sending spam (either
deliberately or -- much more likely of late -- because customer hosts have
been
Quoting Phillip Hofmeister ([EMAIL PROTECTED]):
While I am sure finding out whose is bigger is exciting to you. I
feel comfortable in speaking for the rest of the list when I say this
thread has become WAY OT.
I'm surprised that an allegation that SPF -- highly relevant to SMTP
security --
Quoting Michael Stone ([EMAIL PROTECTED]):
Well, it is vaporware. Until it's used by a noticable percentage of
hosts, it's irrelevant.
(1) Where I come from, the term vapourware means software touted far
in advance of its availability. As noted, such is most emphatically not
the case, here.
Quoting Michael Stone ([EMAIL PROTECTED]):
yeah, aol's pleased as punch about it. they also don't have much
interest in customers sending email with @aol from off their own system
unless they use an obnoxious webmail client. same goes for hotmail.
anyone with users who isn't aol and whose
Quoting Michael Stone ([EMAIL PROTECTED]):
There's a line between advocacy and zealotry.
Still stuck in name-calling mode? Pity.
It's fine for a home user to implement it quickly but it's not so easy
for a lot of large organizations that currently allow people to send
mail from offsite
Quoting Michael Stone ([EMAIL PROTECTED]):
What name calling? There's a difference.
snort Cute.
Ah, well.
You're assuming unrestricted outbound connections. Might even be true in
your environment.
It's true that there will be interim problems with corporate firewalls
(etc.) closing off
Quoting Michael Stone ([EMAIL PROTECTED]):
No, I'm not.
You _weren't_ ignoring the point I just made and changing the subject?
Then, some villain apparently snuck into your MTA and substituted
different text that did, for the original message you tried to send.
You should sue! ;-
I'm
Quoting s. keeling ([EMAIL PROTECTED]):
However, I _would_ like to STOP it from being delivered at all, as
defined by simple rules like those above. As far as I can tell, this
must be done in the SMTP negotiation phase.
Mostly.
What's it going to cost my ISP to implement this? Is it
port 25 outbound will reduce spam abuse.
http://spf.pobox.com/srs.html
http://www.linuxjournal.com/article.php?sid=7328
(Tell your ISP: Adapt or die. ;- )
--
Cheers, find / -user your -name base -print | xargs chown us:us
Rick Moen
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email
! Delicious, thanks.
--
Cheers,
Rick Moen Age, baro, fac ut gaudeam.
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
or MDA -- so the opportunity is lost.
--
Cheers,
Rick MoenBu^so^stopu min per kulero.
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
is the third day
Rick Moen of the rest of your life.
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Quoting Michael Stone ([EMAIL PROTECTED]):
Yeah, big difference. If the spam is going through a relay, the relay
will send the same bounce and the same person will get the bounce
message.
Oh, oh! jumps up and down
Gee, I guess that relay should have rejected the spam instead of relaying
Quoting Michael Stone ([EMAIL PROTECTED]):
I'm sure the guy who got joe jobbed is happy that you can point out the
source of his misforture. Must be real comforting and all.
Was there a particular part of the immediately preceding reference to
SPF that you didn't get, or was it the concept as
Quoting Blu ([EMAIL PROTECTED]):
If my relay server (not open, but relay for customers) has no means to
verify recipients, what to do when the destination server rejects that
mail already accepted by my server?. Bounce.
(Implicit assumption that you have no option but to accept forged-sender
Quoting Michael Stone ([EMAIL PROTECTED]):
On Thu, Jun 03, 2004 at 04:24:35PM -0700, Rick Moen wrote:
One can pretend that the matter's open for debate, but that would be a
waste of time: It's happening.
Sure it is. How do you manage to sleep, fixing all the email systems in
the world
Quoting Michael Stone ([EMAIL PROTECTED]):
On Thu, Jun 03, 2004 at 05:32:17PM -0700, Rick Moen wrote:
Was there a particular part of the immediately preceding reference to
SPF that you didn't get, or was it the concept as a whole?
I get the concept of vaporware. Seen a lot of it over
Quoting s. keeling ([EMAIL PROTECTED]):
However, I _would_ like to STOP it from being delivered at all, as
defined by simple rules like those above. As far as I can tell, this
must be done in the SMTP negotiation phase.
Mostly.
What's it going to cost my ISP to implement this? Is it
port 25 outbound will reduce spam abuse.
http://spf.pobox.com/srs.html
http://www.linuxjournal.com/article.php?sid=7328
(Tell your ISP: Adapt or die. ;- )
--
Cheers, find / -user your -name base -print | xargs chown us:us
Rick Moen
[EMAIL PROTECTED]
! Delicious, thanks.
--
Cheers,
Rick Moen Age, baro, fac ut gaudeam.
[EMAIL PROTECTED]
or MDA -- so the opportunity is lost.
--
Cheers,
Rick MoenBu^so^stopu min per kulero.
[EMAIL PROTECTED]
is the third day
Rick Moen of the rest of your life.
[EMAIL PROTECTED]
Quoting Michael Stone ([EMAIL PROTECTED]):
Yeah, big difference. If the spam is going through a relay, the relay
will send the same bounce and the same person will get the bounce
message.
Oh, oh! jumps up and down
Gee, I guess that relay should have rejected the spam instead of relaying
Quoting Blu ([EMAIL PROTECTED]):
Are you suggesting then, that we should not relay mail at all?, not even
to/from our customers?
I'm quite non-plussed at this question, since it seems to suggest that you
weren't following the thread.
Earlier, I mentioned (to summarise and review) that I take
Quoting Michael Stone ([EMAIL PROTECTED]):
I'm sure the guy who got joe jobbed is happy that you can point out the
source of his misforture. Must be real comforting and all.
Was there a particular part of the immediately preceding reference to
SPF that you didn't get, or was it the concept as
Quoting Blu ([EMAIL PROTECTED]):
If my relay server (not open, but relay for customers) has no means to
verify recipients, what to do when the destination server rejects that
mail already accepted by my server?. Bounce.
(Implicit assumption that you have no option but to accept forged-sender
Quoting Michael Stone ([EMAIL PROTECTED]):
On Thu, Jun 03, 2004 at 04:24:35PM -0700, Rick Moen wrote:
One can pretend that the matter's open for debate, but that would be a
waste of time: It's happening.
Sure it is. How do you manage to sleep, fixing all the email systems in
the world
1 - 100 of 234 matches
Mail list logo
