On Mon, Sep 06, 2004 at 07:19:01PM -0400, Mark Jeftovic wrote:
I'm not sure the people behind this concept (SPF, RMX, et al) ever
intended it to be the FUSSP, but a lot of the ensuing enthusiasm
built it up to that.
Consider that the people behind SPF made this statement (upon
introducing
[ Two replies in one. Last point has operational content. ]
On Wed, Sep 08, 2004 at 01:52:59PM +0100, [EMAIL PROTECTED] wrote:
I see that 56trf5.com is a real domain. Does this mean that
the domain name registries and DNS are now being polluted
with piles of garbage entries in the same way
On Thu, Oct 28, 2004 at 10:30:43AM -0700, Randy Bush wrote:
I have been looking around, but haven't found it yet.. Is there a text list
of who owns what netblock worldwide? ISP/Location/Contact. I am not looking
for anything searchable, but rather, a large, up to date list that I can
On Mon, Nov 29, 2004 at 02:14:01PM +, Fergie (Paul Ferguson) wrote:
Techdirt has an article this morning that discusses how
Lycos Europe is encouraging their users to run a screensaver
that constantly pings servers suspected to be used by
spammers and also suggests that In other words,
On Mon, Nov 29, 2004 at 10:54:03AM -0600, Jerry Pasker wrote:
The big difference between Lycos Europe, and a script kiddie with
zombies is that Lycos is mature enough to use restraint and not knock
down websites with brute force.
I have no idea whether they're mature enough. They're most
The site has already been hacked/defaced, per full-disclosure. I can't
personally verify or refute this because I can't reach it.
---Rsk
On Thu, Dec 02, 2004 at 04:18:52PM -0500, Hannigan, Martin wrote:
Can you direct me toward a singluar entity of 1MM bots controlled by
a single master?
Nobody can, except the single master who's in control of same, and
whoever that is -- if there is -- is unlikely to voluntarily share
that
On Thu, Dec 09, 2004 at 03:52:38AM +0200, Gadi Evron wrote:
After a much too long introduction here comes my questions: is this
deliberate? I can understand that Chad has bigger things to worry about
than 24 domains getting on yet another spam list, but why Canada makes
nearly half a million
On Thu, Dec 09, 2004 at 04:59:33PM +, Alex Bligh wrote:
They clearly don't already have this information, or they wouldn't
be
a) offering to pay people for it
b) continue to be trying to obtain it by data mining.
Sure, some of them quite clearly don't. And so they're buying it
from
On Fri, Dec 10, 2004 at 02:43:21PM +, Simon Waters wrote:
The most obvious is none of the three UK ISPs I have ready access to can
connect to port 25 on relay.verizon.net. (MX for all the verizon.net email
addresses). We can ping it (I'm sure it isn't singular?), but we have no more
I don't want to turn this into a domain policy discussion, but
here are a few comments (in some semblance of order) which relate
to the operational aspects.
1. Anyone controlling an operational resource (such as a domain) can't
be anonymous. This _in no way_ prevents anyone from doing things
Reply (*long* reply) being sent off-list. If anyone else wants to
see it, rattle my cage.
---Rsk
I'm going to try to keep this short, hence it's incomplete/choppy. Maybe
we should take it to off-list mail with those interested.
On Sat, Dec 11, 2004 at 10:06:10PM -0700, Janet Sullivan wrote:
Great! So, if you are a vulnerable minority, don't use the internet.
I said precisely the
On Thu, Jan 13, 2005 at 12:26:47PM +0100, Stephane Bortzmeyer wrote:
4) all domains with invalid whois data MUST be deactivated (not
confiscated, just temporarily removed from the root dbs) immediately
and their owners contacted.
Because there is no data protection on many databases
On Thu, Feb 03, 2005 at 11:42:55AM +, [EMAIL PROTECTED] wrote:
CNET reports
http://news.com.com/Zombie+trick+expected+to+send+spam+sky-high/2100-7349_3-5560664.html?tag=cd.top
that botnets are now routing their mail traffic through the local
ISP's mail servers rather than trying their
On Thu, Feb 03, 2005 at 09:21:19PM +0200, Petri Helenius wrote:
Nils Ketelsen wrote:
Only thing that puzzles me is, why it took spammers so long to go in
this direction.
It didn't. It took the media long to notice.
Pete's correct. And there's another reason: spammers have long
since
It gets worse:
Database giant gives access to fake firms
http://www.msnbc.msn.com/id/6969799/
---Rsk
On Mon, Feb 14, 2005 at 11:38:10PM -0500, Jon Lewis wrote:
But does anyone really know how big WorldCon is/was?
chuckle Well, by one metric, they're #1:
RankISP Number of currently-listed spam issues
--- ---
On Tue, Feb 15, 2005 at 06:56:54PM +, Christopher L. Morrow wrote:
we aim to please? or was there some hidden meaning to your email/troll?
1. I didn't realize that accurately reporting the facts was now considered
a troll. Fascinating.
2. Nope, there's no hidden meaning -- unless you're
On Thu, Feb 24, 2005 at 02:53:14PM -0500, Mark Radabaugh wrote:
Now here I would disagree. These are specific requests by
individuals to forward mail to from one of their own accounts to
another one of their own accounts.
But a request to forward mail is not a request to facilitate
abuse by
On Fri, Feb 25, 2005 at 01:34:21AM -0600, Robert Bonomi wrote:
Because the recipient *expressly* requested that all mail which would reach
my inbox on your system be sent to me at AOL (or any other somewhere else).
I have three somewhat-overlapping responses to that -- and I'll try to
stay
[ This discussion should be moved to Spam-L. ]
On Mon, Feb 28, 2005 at 10:35:53AM +, [EMAIL PROTECTED] wrote:
You misunderstand me. I believe *LESS* red tape will mean
better service. Today, an email operator has to deal with
numerous blacklisting and spam-hunting groups, many of which
On Tue, Mar 01, 2005 at 09:17:48AM -0500, Hannigan, Martin wrote:
I don't know that this is the case, I suspect it's
resource management. If the database is getting
slaughtered by applications on uncontrolled auto pilot,
it's unusable for the rest of us.
Understood.
So why not make it easy
On Tue, Mar 15, 2005 at 11:21:35AM -0800, Randy Bush wrote:
o could this be used as a dos and then become extortion?
Unlikely. Blocklists are used by choice, and blocklists which
either aren't effective or don't have sane policies don't get
chosen often. (See BLARS, which even blars was
On Tue, Mar 15, 2005 at 05:44:41PM -0500, Paul G wrote:
unfortunately, that *still* didn't stop people from using it, which
translated into an unresolvable headache for me as a sp.
Then gripe at the people who chose to use it: it was *their*
decision, and if it was a poor one, then they are
On Tue, Mar 22, 2005 at 10:24:37AM -0800, Andreas Ott wrote:
http://money.cnn.com/2005/03/22/technology/ibm_spam/
If this write-up is accurate, then this is incredibly stupid
in multiple ways and on multiple levels. I *hope* that this
is just a misperception based on poor writing and that
On Tue, Mar 22, 2005 at 03:49:44PM -0700, pashdown wrote:
In the end the bill itself doesn't have a big impact on this ISP's business.
We have used Dansguardian for many years now along with URLblacklist.com for
our customers that request filtering. The fact that its lists and software
are
If FairUCE can't verify sender identity, then it goes into
challenge-response mode, sending a challenge email to the sender,
Let me rephrase that more accurately:
...spamming everyone who has been so unfortunate as to
have their address forged into a mail message...
On Thu, May 19, 2005 at 05:24:41PM -0700, Crist Clark wrote:
It appears VerizonWireless.com has some rather aggressive mail filters.
Verizon is hopelessly clueless when it comes to mail system operations
and mail filters -- as evidenced by their ongoing decision to deliberately
provide
On Tue, May 31, 2005 at 04:46:01PM -, John Levine wrote:
VZW recently confirmed that their mail system is separate from VZ's,
and whatever mistakes they may make, they're not VZ's.
Okay, fine -- and a look at DNS seems to back this up (unless I'm
missing something). And I've no desire to
On Fri, Jun 17, 2005 at 11:48:58AM -0400, Ben Hubbard wrote:
You seem to repeatedly describe a solution that becomes so big that it (at
least substantially) replaces 25/SMTP. That's what I don't think will
work, or is needed.
Please let me borrow Ben's point and expand on it.
Spam as it's
On Wed, Jun 22, 2005 at 06:39:07PM -0700, william(at)elan.net wrote:
P.S. It would really be great if IETF remained true to its origin
and goals did did technical reviews and selected proposals based on
the technical capabilities and not on what large company is exerting
pressure on them
[late followup, sorry]
On Thu, Jun 23, 2005 at 05:42:17AM -0700, Dave Crocker wrote:
The real fight is to find ANY techniques that have long-term, global
benefit in reducing spam.
We've already got them -- we've always had them. What we lack is
the guts to *use* them.
As we've seen over
On Mon, Jul 11, 2005 at 02:22:07PM +, Fergie (Paul Ferguson) wrote:
Yahoo and Cisco Monday plan to announce they will submit
their e-mail authentication specification, DomainKeys
Identified Mail (DKIM), to the IETF to be considered as
an industry standard.
None of these have the
On Tue, Aug 09, 2005 at 04:11:45PM +0100, [EMAIL PROTECTED] wrote:
There really is no such thing as closed source.
I've been saying this for years, and I'm sure you and I aren't the only ones.
Corrallaries:
A. If open publication of the full source code of XYZ would render
it insecure, then
[late followup]
On Sat, Aug 13, 2005 at 07:32:20PM +0100, Dave Howe wrote:
Rich Kulawiec wrote:
More bluntly: the closed-source, faith-based approach to security
doesn't cut it. The attacks we're confronting are being launched
(in many cases) by people who *already have the source code
On Wed, Sep 07, 2005 at 03:10:12PM +0100, [EMAIL PROTECTED] wrote:
Every company has to obey the laws of the jurisdictions
in which they do business, and for international
companies, that list of jurisdictions can be very,
very long.
Obeying the (local) law is, in most cases, very
Two comments.
soapbox
First, it's everyone's responsibility to do what's necessary
to prevent their operation from being an abuse source, vector,
or support service. That includes registrars, web hosts, DNS
providers, email services, consumer ISPs, webmail services,
corporations, end-users --
On Sun, Dec 04, 2005 at 09:58:20AM -0500, Todd Vierling wrote:
If it is on by default, it is a bug, and not operator error.
(In the case of the Barracuda) there are at least two such switches:
one for spam, one for viruses. Note that when both are set to off that
the box still occasionally
On Sun, Dec 04, 2005 at 03:18:29PM -0800, Steve Sobol wrote:
Blocking based on rDNS simply because it implies that a certain piece of
equipment is at that address is... not advisable.
Agreed. Those blocks aren't in place because there's a certain piece
of equipment at those addresses
On Sun, Dec 04, 2005 at 09:27:58PM -0600, Church, Chuck wrote:
What about all the viruses out there that don't forge addresses?
Three responses.
First, these are pretty much a minority nowadays: so unless someone
wants to code AV responses on a case-by-case basis, the best default
is don't
On Fri, Dec 09, 2005 at 09:03:10AM -0800, Douglas Otis wrote:
There is a solution you can implement now that gets rid of these tens of
thousands of virus and abuse laden DSNs you see every day before the
data phase.
BATV is not a solution.
It's a band-aid.
It fails to address the underlying
On Wed, Dec 07, 2005 at 02:15:00PM -0800, Douglas Otis wrote:
When auth fails, one knows *right then* c/o an SMTP reject. No bounce
is necessary.
This assumes all messages are rejected within the SMTP session.
Yes, exactly and the point several of us have been making is that
this is (a)
I agree with nearly all of your analysis, but want to add
a few small points of my own.
On Sun, Dec 11, 2005 at 04:53:03AM -0600, Micheal Patterson wrote:
Can BATV correct this? Possibly.
After reading further and thinking about it: I believe the
answer isn't possibly, but almost certainly
On Thu, May 04, 2006 at 08:21:04PM -0400, Martin Hannigan wrote:
The killer here is that they asked a lot of people a year ago whether this
was a good idea and everyone said no.
Agreed.
It's just the latest in the series of fiascos that we've seen when
people try to respond to abuse with
On Wed, Aug 09, 2006 at 03:42:32PM -0600, Allan Poindexter wrote:
Far more damage has been done to the functionality of email by antispam
kookery than has ever been done by spammers.
That is not even good enough to be wrong.
---Rsk, with apologies to Enrico Fermi
On Wed, Aug 09, 2006 at 10:29:52PM -0500, Robert J. Hantson wrote:
So with all this talk of Blacklists... does anyone have any suggestions
that would be helpful to curb the onslaught of email, without being an
adminidictator?
Yes. First, run a quality MTA -- that *requires* an open-source
On Thu, Oct 26, 2006 at 12:14:43AM -0400, [EMAIL PROTECTED] wrote:
On 26 Oct 2006, Paul Vixie wrote:
i wonder if that's due to the spam they've been sending out?
Paul, this isn't nanae. Let's not sling accusations like that wildly.
There's nothing wild about it -- Paul is one of the most
On Fri, Dec 08, 2006 at 07:50:57AM -0500, David Hester wrote:
CNN recently reported that 90% of all email on the internet is spam.
http://www.cnn.com/2006/WORLD/europe/11/27/uk.spam.reut/index.html
CNN is behind the times. We passed 90% junk (spam, viruses, bogus virus
warnings, worms,
On Wed, Jan 03, 2007 at 05:44:28PM +1300, Mark Foster wrote:
So why the big deal?
Because it's very rude -- like top-posting, or full-quoting, or sending
email marked up with HTML. Because it's an unprovoked threat. Because
it's an attempt to unilaterally shove an unenforceable contract down
On Wed, Jan 31, 2007 at 07:04:37PM -0800, Matthew Kaufman wrote:
(As an example, consider what happens *to you*
if a hospital stops getting emailed results back from their outside
laboratory service because their email firewall is checking your
server, and someone dies as a result of the
We've told people for years that when they choose to use a DNSBL or
RHSBL that they need to (a) subscribe to the relevant mailing list,
if it has one and/or (b) periodically revisit the relevant web site,
if it has one, so that they can keep themselves informed about any
changes in its status or
On Wed, Feb 07, 2007 at 06:25:41PM -0800, Mike Lyon wrote:
Their gateway is blocking mail from my host. Of course, there is no
clueful contact info on their webpage...
I know you asked for off-list, but since this (mail to Verizon
refused) is a recurring problem, I'm sending this on-list as
On Sat, Feb 10, 2007 at 10:02:45AM -0500, Mark Jeftovic wrote:
Is there an RBL for mail servers run by brain dead postmasters that
insist on running anti-viral software that sends out less-than-useless
virus alerts, virus in your email, banned attachment spewage to
the
My two (and a half) cents.
1. Systems that need a firewall, antivirus and antispyware software added
on to survive for more than a few minutes SHOULD NOT BE CONNECTED TO THE
INTERNET IN THE FIRST PLACE.
They're simply not good enough.
It's like bringing a knife to a gunfight. (nod to Mr.
I really don't want to get into an OS debate here, but this does
have major operational impact, so I will anyway but will be as
brief as possible. Please see second (whitespace-separated) section
for some sample hijacked system statistics which may or may not
reflect overall network population.
On Mon, Feb 19, 2007 at 02:04:13PM +, Simon Waters wrote:
I simply don't believe the higher figures bandied about in the discussion for
compromised hosts. Certainly Microsoft's malware team report a high level of
trojans around, but they include things like the Jar files downloaded onto
On Wed, Feb 21, 2007 at 12:31:30AM -0500, Sean Donelan wrote:
Counting IP addresses tends to greatly overestimate and underestimate
the problem of compromised machines.
It tends to overestimate the problem in networks with large dynamic
pools of IP addresses as a few compromised machines
On Thu, Mar 15, 2007 at 07:41:58PM -0700, S. Ryan wrote:
However, while it's not really above me to do the same, he could
have removed the email address so spammers aren't adding to that guys
list of problems.
Anti-spam strategies based on concealment and/or obfuscation of addresses
are no
On Sat, Apr 07, 2007 at 02:31:25PM -0500, Frank Bulk wrote:
I understand your frustration and appreciate your efforts to contact the
sources of abuse, but why indiscriminately block a larger range of IPs than
what is necessary?
1. There's nothing indiscriminate about it.
I often block
On Sat, Apr 07, 2007 at 09:50:34PM +, Fergie wrote:
I would have to respectfully disagree with you. When network
operators do due diligence and SWIP their sub-allocations, they
(the sub-allocations) should be authoritative in regards to things
like RBLs.
After thinking it over: I
On Sat, Apr 07, 2007 at 04:20:59PM -0500, Frank Bulk wrote:
Define network operator: the AS holder for that space or the operator of
that smaller-than-slash-24 sub-block? If the problem consistently comes
from /29 why not just leave the block in and be done with it?
Because
On Tue, Apr 10, 2007 at 07:44:59AM -0500, Frank Bulk wrote:
Comcast is known to emit lots of abuse -- are you blocking all their
networks today?
All? No. But I shouldn't find it necessary to block ANY, and wouldn't,
if Comcast wasn't so appallingly negligent.
( I'm blocking huge swaths of
On Wed, Apr 11, 2007 at 03:44:01PM -0400, Warren Kumari wrote:
The same thing happens with things like abuse -- it is easy to deal
with abuse on a small scale. It is somewhat harder on a medium scale
and harder still on a large scale -- the progression from small to
medium to large is
On Sat, Apr 07, 2007 at 05:12:19PM -0500, Frank Bulk wrote:
If they're properly SWIPed why punish the ISP for networks they don't even
punish?
Since when is it punishment to refuse to extend a privilege that's been
repeatedly and systematically abused? (You have of course, absolutely
no right
On Wed, Nov 21, 2007 at 06:51:42AM +, Paul Ferguson wrote:
Sure, it's an unfortunate limitation, but I hardly think it's
an issue to hand-wave about and say oh, well.
Suggestions?
There are numerous techniques available for addressing this problem.
Which one(s) to use depends on the
On Tue, Nov 27, 2007 at 09:38:40AM -0500, Sean Donelan wrote:
Some people have compared unwanted Internet traffic to water pollution, and
proposed that ISPs should be required to be like water utilities and
be responsible for keeping the Internet water crystal clear and pure.
Yes -- well,
On Fri, Jan 18, 2008 at 09:43:35AM -0800, Mike Lyon wrote:
Could someone who reads (or is suppose to read...) empty the mailbox
over at [EMAIL PROTECTED]
It would appear that little has changed:
The following addresses had delivery problems:
[EMAIL PROTECTED]
Permanent Failure:
On Wed, Mar 19, 2008 at 12:05:19PM -0700, ann kok wrote:
Some DSL clients, some are working fine.
(browsing...ping ...)
Some DSL clients have this problem
they can't browse the sites.
they can ssh the host but couldn't run the command in
the shell prompt
ping packet are working fine (no
On Thu, Apr 10, 2008 at 06:32:53PM +0900, Randy Bush wrote:
for a measurement experiment, i would like O(100k) *headers* from spam
from europe and a similar sample from the states.
Request for clarification: do you mean spam originating at IP addresses
believed to be in Europe or spam received
On Thu, Apr 10, 2008 at 01:30:06PM -0400, Barry Shein wrote:
Is it just us or are there general problems with sending email to
yahoo in the past few weeks?
It's not you. Lots of people are seeing this, as Yahoo's mail servers
are apparently too busy sending ever-increasing quantities of spam
On Thu, Apr 10, 2008 at 05:51:23PM -0700, chuck goolsbee wrote:
Thanks for the update Jared. I can understand your request to not be used
as a proxy, but it exposes the reason why Yahoo is thought to be clueless:
They are completely opaque.
They can not exist in this community without
On Thu, Apr 10, 2008 at 11:58:05PM -0400, Rob Szarka wrote:
I report dozens of spams from my personal account alone every day and never
receive anything other than automated messages claiming to have dealt with
the same abuse that continues around the clock or, worse, bogus/clueless
claims
On Sat, Apr 12, 2008 at 09:36:43AM -0700, Matthew Petach wrote:
*heh* And yet just last year, Yahoo was loudly dennounced for
keeping logs that allowed the Chinese government to imprison
political dissidents. Talk about damned if you do, damned if don't...
But those are very different kinds
On Sun, Apr 13, 2008 at 12:58:59AM -0500, Ross wrote:
On Thu, Apr 10, 2008 at 8:54 PM, Rich Kulawiec [EMAIL PROTECTED] wrote:
I heartily second this. Yahoo (and Hotmail) (and Comcast and Verizon)
mail system personnel should be actively participating here, on mailop,
on spam-l, etc
On Sun, Apr 13, 2008 at 08:04:12PM -0400, Barry Shein wrote:
A number of things that are true, including:
I say the core problem in spam are the botnets capable of delivering
on the order of 100 billion msgs/day.
But I say the core problem is deeper. Spam is merely a symptom of an
On Sun, Apr 13, 2008 at 03:55:13PM -0500, Ross wrote:
Again I disagree with the principle that this list should be used for
mail operation issues but maybe I'm just in the wrong here.
I don't think you're getting what I'm saying, although perhaps I'm
not saying it very well.
What I'm saying
On Mon, Apr 14, 2008 at 01:41:50PM +, Edward B. DREGER wrote:
When one accepts an email[*], one wishes for some sort of _a priori_
information regarding message trustworthiness. DKIM can vouch for
message authenticity, but not trust.
At the moment, this problem can't be solved on an
I largely concur with the points that Paul's making, and would
like to augment them with these:
- Automation is far less important than clue. Attempting to compensate
for lack of a sufficient number of sufficiently-intelligent, experienced,
diligent staff with automation is a known-losing
On Tue, Apr 15, 2008 at 02:01:26PM +0100, [EMAIL PROTECTED] wrote:
- Automation is far less important than clue. Attempting to
compensate for lack of a sufficient number of sufficiently-
intelligent, experienced, diligent staff with automation is
a known-losing strategy, as anyone who
On Tue, Apr 15, 2008 at 11:22:59AM -0400, William Herrin wrote:
There's a novel idea. Require incoming senior staff at an email
company to work a month at the abuse desk before they can assume the
duties for which they were hired.
My hunch says that's a non-starter. It also doesn't keep
On Tue, Apr 15, 2008 at 08:49:39PM -0400, Martin Hannigan wrote:
Abuse desk is a $0 revenue operation. Is it not obvious what the issue is?
Two points, the first of which is addressed to this and the second
of which is more of a recommended attitude.
1. There is no doubt that many operations
On Wed, Apr 16, 2008 at 11:07:42AM +0100, [EMAIL PROTECTED] wrote:
If people had succeeded in cleaning up the abuse problems in 1995
when the human touch was still feasible, we would not have the
situation that we have today. Automation is the only way to address
the flood of abuse email, the
83 matches
Mail list logo
