-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mar 26, 2008, at 12:12 AM, Dale Newfield wrote:
This is an open source project. You are welcome to use it as is or
modify it to your liking. (I believe--someone confirm, please) you
even
have the right to distribute your modified version.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mar 26, 2008, at 3:02 PM, Jo Rhett wrote:
You're missing the point. I'm an Abuse Admin. This isn't my
problem, nor
is it my bidding. If you run Mailman, this is *YOUR* problem.
Ah, Abuse is down the hall. This is Getting Hit On The Head
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mar 28, 2008, at 8:09 AM, Ian Eiloart wrote:
How To Do Autoreplies Without The World Hating You
http://wiki.exim.org/EximAutoReply
UK Joint Academic Network provides network connectivity and services
for UK
HE institutions, here's their
--On 29 March 2008 13:31:47 +0900 Stephen J. Turnbull
[EMAIL PROTECTED] wrote:
Thank you, Ian!
Oh, one more link:
From JANET again:
Spam Bounces Considered Harmful
http://www.ja.net/services/csirt/threats/bounce.html
Their advice is plain: Reject, Don't Bounce
The standards provide for a
Jo Rhett writes:
The standards expoused by the leading anti-spam groups are what we
are talking about.
URLs to (some of) these standards, s'il vous plait. RFCs (including
BCPs) or Internet-drafts preferred, of course, but web pages of
similar quality, intended as BCPs, would do. No
--On 28 March 2008 17:27:05 +0900 Stephen J. Turnbull
[EMAIL PROTECTED] wrote:
Jo Rhett writes:
The standards expoused by the leading anti-spam groups are what we
are talking about.
URLs to (some of) these standards, s'il vous plait. RFCs (including
BCPs) or Internet-drafts
Thank you, Ian!
A couple comments:
Ian Eiloart writes:
A talk given at a UK Unix User Group meeting. Look for the 5th abstract on
this page:
http://www.ukuug.org/events/winter2005/programme.shtml
Actually, it's the 6th abstract, I think.
--On 26 March 2008 12:14:58 -0700 Jo Rhett [EMAIL PROTECTED] wrote:
--On 24 March 2008 18:07:29 -0700 Jo Rhett [EMAIL PROTECTED]
Sorry, as stated your proposal sounds either naive or insane. No
insult intended.
On Wed, March 26, 2008 3:07 am, Ian Eiloart wrote:
Please, think harder
--On 26 March 2008 12:02:50 -0700 Jo Rhett [EMAIL PROTECTED] wrote:
You're missing the point. I'm an Abuse Admin. This isn't my problem, nor
is it my bidding. If you run Mailman, this is *YOUR* problem.
Ah, now I see what's going on. His usual abuse sink is malfunctioning, so
he's
Cristóbal Palmer wrote:
So far I see documentation and some good scripts for fixing problems
on existing systems coming out of this conversation.
As per my original statement, that would be great.
Please let's make
improving that documentation and making 2.2 and 3.0 good by your
standards a
Joshua 'jag' Ginsberg wrote:
For what it's worth, you've stated your problem with impeccable clarity.
What you haven't done with the same aplomb is acknowledge and respond to
the equally legitimate concerns of the developer community here.
I have tried to. I've even wasted time responding to
On Wednesday, March 26, 2008 8:18 PM -0400 CristóbalPalmer
[EMAIL PROTECTED] wrote:
Jo, would you please be willing to take the lead in improving this
wiki page:
http://wiki.list.org/display/SEC/Controlling+spam
since it looks rather stubbish?
Agreed. I grabbed text from Jo's original
Jo Rhett writes:
What is your problem?
But that's the whole point. I don't have a problem, although you have
made me aware that I may have one in the future. Still, it's not
pressing. So I want 2.1.10 released ASAP, which means as is, and I
can wait for 2.1.11. I also honestly believe
--On 24 March 2008 18:07:29 -0700 Jo Rhett [EMAIL PROTECTED] wrote:
Sorry, as stated your proposal sounds either naive or insane. No
insult intended.
Please, think harder about what you write to the list. If you left an
insult in there that you were aware of, then you *are* intentionally
Jo Rhett wrote:
I don't care what is done. Do something that makes it better.
On Tue, March 25, 2008 9:12 pm, Dale Newfield wrote:
This is an open source project. You are welcome to use it as is or
modify it to your liking. (I believe--someone confirm, please) you even
have the right to
On Wed, March 26, 2008 3:05 am, Stephen J. Turnbull wrote:
I'm not in a position to volunteer. It doesn't really sound like
anyone else is, either. Have you thought about providing compensation to
get this done?
I'm here out of good will, trying to avoid the banning of Mailman from
dozens of
--On 24 March 2008 18:07:29 -0700 Jo Rhett [EMAIL PROTECTED]
Sorry, as stated your proposal sounds either naive or insane. No
insult intended.
On Wed, March 26, 2008 3:07 am, Ian Eiloart wrote:
Please, think harder about what you write to the list. If you left an
insult in there that you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Seeing as those running this are
volunteers I see no reason they should jump to do your bidding. Seeing
your attitude I see no reason they should want to.
You're missing the point. I'm an Abuse Admin. This isn't my problem, nor
is it my
On Wed, Mar 26, 2008 at 12:14:58PM -0700, Jo Rhett wrote:
So I'm here, wasting my time, trying to get this solved so that just maybe
we won't be forced to all migrate to web forums. Which would suck.
Yes, that would suck. I encourage you to please continue engaging this
list and the
Jo Rhett writes:
I'm here out of good will,
I believe you, but your posting style provides zero evidence for it.
trying to avoid the banning of Mailman from dozens of large ISPs.
This kind of response just makes me think I'm wasting my time.
Well, yes, that's what we've been saying. The
Jo Rhett writes:
On Mar 4, 2008, at 9:27 PM, Stephen J. Turnbull wrote:
You see, as Jo Rhett points out (apparently without understanding), it
will have *no noticable effect* in the short run because *the proposed
change won't affect existing Mailman installations*, not even those
On Mar 24, 2008, at 11:21 PM, Stephen J. Turnbull wrote:
Pure bluster. You have no data about floods of new installations,
We turn up X customers a week. We see X customers a week running
into problems and getting blacklisted for backscatter. This is the
flood I am trying to solve.
What
Jo Rhett wrote:
I don't care what is done. Do something that makes it better.
This is an open source project. You are welcome to use it as is or
modify it to your liking. (I believe--someone confirm, please) you even
have the right to distribute your modified version. You're welcome to
On Mar 4, 2008, at 9:27 PM, Stephen J. Turnbull wrote:
You see, as Jo Rhett points out (apparently without understanding), it
will have *no noticable effect* in the short run because *the proposed
change won't affect existing Mailman installations*, not even those
that upgrade to 2.1.10.
I
On Mar 5, 2008, at 3:05 PM, Barry Warsaw wrote:
through? Let's say you hold it, and a list admin approves it, saying
hey this guy looks legit. Let's say you do this 5 times across 3
different lists. I'm probably not a spammer, right? So maybe now I
can post to all your lists without being
Thank you, Kenneth. This at least gives us something to point people
to.
FYI: .h4 Discard or hold messages ...
On Mar 7, 2008, at 2:58 PM, Kenneth Porter wrote:
Initial text here:
http://wiki.list.org/display/SEC/Controlling+spam
I grabbed some text from Jo Rhett's initial post in this
--On 10 March 2008 10:46:39 -0700 Kenneth Porter [EMAIL PROTECTED]
wrote:
--On Monday, March 10, 2008 10:19 AM + Ian Eiloart
[EMAIL PROTECTED] wrote:
Yep, it would be the easiest way to integrate acceptance testing with
Exim. It's common for sites to put Exim installations in front
--On 6 March 2008 13:02:01 -0500 Barry Warsaw [EMAIL PROTECTED] wrote:
The ideal thing would be if Mailman had an LMTP interface to accept
postings, and could make decisions about accepting mail after RCTP TO.
MM3 will have LMTP, perhaps as the preferred way to get messages into the
--On Monday, March 10, 2008 10:19 AM + Ian Eiloart [EMAIL PROTECTED]
wrote:
Yep, it would be the easiest way to integrate acceptance testing with
Exim. It's common for sites to put Exim installations in front of
Exchange servers (for security reasons), and do SMTP call forwards to
test
Kenneth Porter wrote:
Another approach is to dump the valid users list periodically using a
Windows-based LDAP app and then copy that to the OSS front end MTA for
validation. Check the MIMEDefang list archives for howto.
A bit off topic, but why not run the LDAP app on the OSS system? Or
On Wednesday, March 05, 2008 5:54 PM -0500 Barry Warsaw [EMAIL PROTECTED]
wrote:
Mark's the release manager for 2.1, but FWIW I completely agree with
Stephen about this. What I would suggest though is that this
information be put in a prominent place on the wiki. We have a
security space
--On 5 March 2008 18:08:39 -0500 Barry Warsaw [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mar 5, 2008, at 5:33 AM, Ian Eiloart wrote:
The one reason that I'm looking for an alternative to Mailman is the
lack
of adequate integration with MTAs, which means
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mar 6, 2008, at 12:30 PM, Ian Eiloart wrote:
That's probably the most desirable option from the point of view of
efficiency, but I'd need to be querying a database remotely.
Preferably one with several replicas. Would LDAP be an option?
--On 4 March 2008 17:08:52 -0800 Jo Rhett [EMAIL PROTECTED] wrote:
If the former, then you must object to DSNs
from MTAs as well. If the latter, that is planned to be addressed in
Mailman 2.2.
Of course we object to DSNs from MTAs. No shipping mailserver
currently sends DSNs to accepted
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mar 5, 2008, at 12:27 AM, Stephen J. Turnbull wrote:
Cristóbal Palmer writes:
Even without the original message text a response is a problem.
I agree -- the addresses are too easy to compute and do end up in
lists that are sold -- and would
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mar 4, 2008, at 8:13 PM, Cristóbal Palmer wrote:
On Tue, Mar 04, 2008 at 03:28:22PM -0800, Mark Sapiro wrote:
The Defaults.py setting for DEFAULT_GENERIC_NONMEMBER_ACTION has been
Hold from the beginning.
We've recently set this to 3
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mar 5, 2008, at 5:33 AM, Ian Eiloart wrote:
The one reason that I'm looking for an alternative to Mailman is the
lack
of adequate integration with MTAs, which means that there is no
sensible
thing that I can do with suspected spam. What I
On Mar 4, 2008, at 3:28 PM, Mark Sapiro wrote:
1. Don't create backscatter aliases for subscribe/unsubscribe/etc by
default. Nearly everyone uses web based signup.
Do you have data to back up this assertion?
Sure. I used to work for an ISP with 1400 lists and ~4 million
subscribers across
On Tue, Mar 04, 2008 at 03:28:22PM -0800, Mark Sapiro wrote:
The Defaults.py setting for DEFAULT_GENERIC_NONMEMBER_ACTION has been
Hold from the beginning.
We've recently set this to 3 (Discard) for new lists. Please explain
the argument for keeping the default as Hold for the long term. I
Cristóbal Palmer writes:
Even without the original message text a response is a problem.
I agree -- the addresses are too easy to compute and do end up in
lists that are sold -- and would support consideration of changing the
defaults as proposed.
But not for 2.1.10. Changing 2.1.10 is dumb
On Wed, Mar 05, 2008 at 02:27:06PM +0900, Stephen J. Turnbull wrote:
So the right thing to do is to get 2.1.10 out the door as is, and get
started on 2.2.
Agreed. I like the README.backscatter proposal, too. Such a document
would (ideally) help us and other admins who want to take action *now*
41 matches
Mail list logo