On 2002-12-03, Adam McKenna [EMAIL PROTECTED] wrote:
Please enlighten me, anyway: Why is bouncing the full body of the
mail you received from a person who claims to be Adam back to Adam a
good idea?
This is an implementation issue, not a philosophical issue.
This is correct. The system
On Wed, Dec 04, 2002 at 09:22:35AM +0100, Andreas Fuchs wrote:
On 2002-12-03, Adam McKenna [EMAIL PROTECTED] wrote:
Please enlighten me, anyway: Why is bouncing the full body of the
mail you received from a person who claims to be Adam back to Adam a
good idea?
This is an
On Wed, Dec 04, 2002 at 12:48:14AM +, Darren Salt wrote:
see if you still don't have a problem. Or try giving the server a local (to
it) address after MAIL FROM: the server should complain unless you're on a
network which it considers to be local.
Tried that with both qmail and postfix,
On Tue, Dec 03, 2002 at 03:12:37PM -0800, Adam McKenna wrote:
But to be sure you're not getting any false positives, you cruise through
your spam mailbox every now and then, right?
I generally try to (although I know one site that receives so much SPAM
that this is simply not feasible).
On Thu, Dec 05, 2002 at 09:20:47AM +1100, Brian May wrote:
On Wed, Dec 04, 2002 at 12:48:14AM +, Darren Salt wrote:
see if you still don't have a problem. Or try giving the server a local (to
it) address after MAIL FROM: the server should complain unless you're on a
network which it
On Thu, Dec 05, 2002 at 09:20:47AM +1100, Brian May wrote:
On Wed, Dec 04, 2002 at 12:48:14AM +, Darren Salt wrote:
see if you still don't have a problem. Or try giving the server a local (to
it) address after MAIL FROM: the server should complain unless you're on a
network which it
On Wed, Dec 04, 2002 at 11:57:05PM +0100, Oliver Kurth wrote:
MAIL FROM: [EMAIL PROTECTED]
RCPT TO: [EMAIL PROTECTED]
Would this work? Or would you need to be authenticated first?
(ie. I thought we were discussing checking purely based on
the MAIL FROM address, not checking for relaying).
--
On Thu, Dec 05, 2002 at 10:09:31AM +1100, Brian May wrote:
On Wed, Dec 04, 2002 at 11:57:05PM +0100, Oliver Kurth wrote:
MAIL FROM: [EMAIL PROTECTED]
RCPT TO: [EMAIL PROTECTED]
Would this work? Or would you need to be authenticated first?
$ telnet mx0.gmx.net 25
Trying 213.165.64.100...
Brian May [EMAIL PROTECTED] wrote:
On Tue, Dec 03, 2002 at 10:22:32AM +1300, Corrin Lakeland wrote:
Personally I think bayesian based spam filters are a godsend. They're a bit
naive in places such as being unigram or bigram based, but that'll probably
get fixed in version two. And already
On Mon, Dec 02, 2002 at 04:58:48PM +0100, Russell Coker wrote:
Also there's the issue of two people having such filters trying to
communicate with each other.
This, of course, is taken care of, see the documentation if you are
interested.
NB You can't just white-list an address when you send
On Mon, Dec 02, 2002 at 05:31:11PM +0100, Russell Coker wrote:
On Mon, 2 Dec 2002 17:18, Stephen Zander wrote:
The above is based on the false premise that those who send spam are
incapable of sending it with (forged) real email addresses. They
already have lots of them to choose from.
On Mon, Dec 02, 2002 at 06:50:14PM +, Matthew Garrett wrote:
In order to avoid this, spammers merely have to use a forged from
address that will generate an automatic response. There's no shortage of
those. [EMAIL PROTECTED] springs to mind, and I have no doubt that
there are many others.
On Mon, Dec 02, 2002 at 11:01:15AM -0500, H. S. Teoh wrote:
On Mon, Dec 02, 2002 at 04:39:30PM +0100, Jan Niehusmann wrote:
Time will tell. I fear that some day, the only way to use email
productively is to block all email with invalid sender adresses. And
I don't know a way do valdiate a
In chiark.mail.debian.devel, you wrote:
Autoresponders, bouncers, and other mail handling programs use the
envelope sender address, not an address found in any header of the mail.
I doubt that any abuse@ address replies to a bounce message. This is no
problem.
I find your faith in mail
on Sun, Dec 01, 2002 at 07:19:47PM +0100, Gerrit Pape ([EMAIL PROTECTED]) wrote:
On Sun, Dec 01, 2002 at 02:35:28PM +0100, Russell Coker wrote:
The people who run such stupid filters misunderstand the way the
Internet works.
Maybe you should do a short research on the user of this mail
Today, Stephen Zander [EMAIL PROTECTED] wrote:
Jan == Jan Niehusmann [EMAIL PROTECTED] writes:
Jan Time will tell. I fear that some day, the only way to use
Jan email productively is to block all email with invalid sender
Jan adresses. And I don't know a way do valdiate a (not yet
On Mon, Dec 02, 2002 at 11:49:09PM +0100, Andreas Fuchs wrote:
Right. I just thought up a scheme to exploit this, based on the fake
source-IP address approach you find in descriptions of ping-floods.
Wow, you're pretty smart. Nobody has thought of this before, especially not
the authors of
On Tue, Dec 03, 2002 at 08:56:10AM -0800, Adam McKenna wrote:
On Mon, Dec 02, 2002 at 11:49:09PM +0100, Andreas Fuchs wrote:
Thus, my conclusion: These things are evil. Don't use them or somebody
might use them against you, eventually.
This sounds vaguely like religion -- you haven't even
On Tue, Dec 03, 2002 at 05:13:42PM +, Colin Watson wrote:
On Tue, Dec 03, 2002 at 08:56:10AM -0800, Adam McKenna wrote:
On Mon, Dec 02, 2002 at 11:49:09PM +0100, Andreas Fuchs wrote:
Thus, my conclusion: These things are evil. Don't use them or somebody
might use them against you,
On Tue, Dec 03, 2002 at 09:26:34AM -0800, Adam McKenna wrote:
It's easy to be effective if you don't care about false positives.
Yes, and unless you consider people who either:
1) are too lazy to confirm
2) have a philosophical objection to confirming
false positives, then there are no false
On Tue, Dec 03, 2002 at 09:26:34AM -0800, Adam McKenna wrote:
On Tue, Dec 03, 2002 at 05:13:42PM +, Colin Watson wrote:
/dev/null is the most effective filtering solution at present, and these
days happens to be equivalent to these filters when applied to mail from
me.
It's easy to
On Wed, Dec 04, 2002 at 03:40:53AM +1000, Anthony Towns wrote:
On Tue, Dec 03, 2002 at 09:26:34AM -0800, Adam McKenna wrote:
It's easy to be effective if you don't care about false positives.
Yes, and unless you consider people who either:
1) are too lazy to confirm
2) have a
On Tue, Dec 03, 2002 at 11:09:02AM +0100, Gerrit Pape wrote:
Autoresponders, bouncers, and other mail handling programs use the
envelope sender address, not an address found in any header of the mail.
I doubt that any abuse@ address replies to a bounce message. This is no
problem.
Practical
On Tue, Dec 03, 2002 at 09:55:34AM -0800, Adam McKenna wrote:
BTW, anyone who e-mails you and then asks you to confirm your reply is
either using broken software, or doesn't have their outgoing mail
headers set up properly.
So people who e-mail [EMAIL PROTECTED] and then ask for
confirmation
On Tue, Dec 03, 2002 at 06:16:48PM +, Colin Watson wrote:
On Tue, Dec 03, 2002 at 09:55:34AM -0800, Adam McKenna wrote:
BTW, anyone who e-mails you and then asks you to confirm your reply is
either using broken software, or doesn't have their outgoing mail
headers set up properly.
So
On Tue, 3 Dec 2002 18:55, Adam McKenna wrote:
As a side note, I am pretty amused by the people in this thread who say
don't use these systems, they're antisocial, and then follow that up with
I'm going to blacklist anyone who uses these systems.. I guess their
definition of antisocial is
In chiark.mail.debian.devel, you wrote:
Autoresponders, bouncers, and other mail handling programs use the
envelope sender address, not an address found in any header of the mail.
I doubt that any abuse@ address replies to a bounce message. This is no
problem.
Having received one of the things
On Tue, Dec 03, 2002 at 11:09:02AM +0100, Gerrit Pape wrote:
Autoresponders, bouncers, and other mail handling programs use the
envelope sender address, not an address found in any header of the mail.
I doubt that any abuse@ address replies to a bounce message. This is no
problem.
You seem
Today, Adam McKenna [EMAIL PROTECTED] wrote:
On Mon, Dec 02, 2002 at 11:49:09PM +0100, Andreas Fuchs wrote:
Right. I just thought up a scheme to exploit this, based on the fake
source-IP address approach you find in descriptions of ping-floods.
Wow, you're pretty smart. Nobody has thought
On Wed, Dec 04, 2002 at 09:47:05AM +1100, Brian May wrote:
On Tue, Dec 03, 2002 at 11:09:02AM +0100, Gerrit Pape wrote:
Autoresponders, bouncers, and other mail handling programs use the
envelope sender address, not an address found in any header of the mail.
I doubt that any abuse@ address
On Tue, Dec 03, 2002 at 09:55:34AM -0800, Adam McKenna wrote:
The key issue here is that the mail isn't blocked. It's simply held in
another place until confirmed. It doesn't become a false positive until it
is deleted without being read.
It depends how you define the SPAM checking process.
On Wed, Dec 04, 2002 at 09:58:28AM +1100, Brian May wrote:
On Tue, Dec 03, 2002 at 09:55:34AM -0800, Adam McKenna wrote:
The key issue here is that the mail isn't blocked. It's simply held in
another place until confirmed. It doesn't become a false positive until
it
is deleted without
On Tue, Dec 03, 2002 at 11:52:38PM +0100, Andreas Fuchs wrote:
Today, Adam McKenna [EMAIL PROTECTED] wrote:
On Mon, Dec 02, 2002 at 11:49:09PM +0100, Andreas Fuchs wrote:
Right. I just thought up a scheme to exploit this, based on the fake
source-IP address approach you find in descriptions
I demand that Adam McKenna may or may not have written...
On Wed, Dec 04, 2002 at 09:47:05AM +1100, Brian May wrote:
On Tue, Dec 03, 2002 at 11:09:02AM +0100, Gerrit Pape wrote:
Autoresponders, bouncers, and other mail handling programs use the
envelope sender address, not an address found in
On Sun, Dec 01, 2002 at 08:43:06PM +0100, Russell Coker wrote:
When you have a very small number of people doing something totally contrary
to what everyone else on the Internet is doing, and expecting that everyone
else should go out of their way to accomodate them, then you don't need to do
On Mon, Dec 02, 2002 at 04:39:30PM +0100, Jan Niehusmann wrote:
[snip]
Time will tell. I fear that some day, the only way to use email
productively is to block all email with invalid sender adresses. And I
don't know a way do valdiate a (not yet known) address but to try it
and send a reply.
On Mon, 2 Dec 2002 16:39, Jan Niehusmann wrote:
It is not suitable for individual email addresses.
Time will tell. I fear that some day, the only way to use email
productively is to block all email with invalid sender adresses. And I
don't know a way do valdiate a (not yet known) address but
On Mon, Dec 02, 2002 at 04:58:48PM +0100, Russell Coker wrote:
On Mon, 2 Dec 2002 16:39, Jan Niehusmann wrote:
Time will tell. I fear that some day, the only way to use email
productively is to block all email with invalid sender adresses. And I
If an auto-responder can handle such
Jan == Jan Niehusmann [EMAIL PROTECTED] writes:
Jan Time will tell. I fear that some day, the only way to use
Jan email productively is to block all email with invalid sender
Jan adresses. And I don't know a way do valdiate a (not yet
Jan known) address but to try it and send a
On Mon, Dec 02, 2002 at 08:18:46AM -0800, Stephen Zander wrote:
The above is based on the false premise that those who send spam are
incapable of sending it with (forged) real email addresses. They
already have lots of them to choose from.
But if they send the spam with a forged email
On Mon, 2 Dec 2002 17:18, Stephen Zander wrote:
Jan == Jan Niehusmann [EMAIL PROTECTED] writes:
Jan Time will tell. I fear that some day, the only way to use
Jan email productively is to block all email with invalid sender
Jan adresses. And I don't know a way do valdiate a (not
In chiark.mail.debian.devel, you wrote:
On Mon, Dec 02, 2002 at 08:18:46AM -0800, Stephen Zander wrote:
The above is based on the false premise that those who send spam are
incapable of sending it with (forged) real email addresses. They
already have lots of them to choose from.
But if they
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 03 Dec 2002 05:12, Jan Niehusmann wrote:
You are missing the point: That scheme doesn't directly block spam, it
only assures that a mail has a valid Reply-To:-address. Which may (or
may not) stop spam. Time will tell.
But if we can work
On Tue, Dec 03, 2002 at 10:22:32AM +1300, Corrin Lakeland wrote:
Personally I think bayesian based spam filters are a godsend. They're a bit
naive in places such as being unigram or bigram based, but that'll probably
get fixed in version two. And already they are still amazingly good.
Are
On Tue, 2002-12-03 at 09:53, Brian May wrote:
On Tue, Dec 03, 2002 at 10:22:32AM +1300, Corrin Lakeland wrote:
Personally I think bayesian based spam filters are a godsend. They're a
bit
naive in places such as being unigram or bigram based, but that'll probably
get fixed in version
Brian May wrote:
On Tue, Dec 03, 2002 at 10:22:32AM +1300, Corrin Lakeland wrote:
Personally I think bayesian based spam filters are a godsend. They're a
bit
naive in places such as being unigram or bigram based, but that'll probably
get fixed in version two. And already they are
On Tue, Dec 03, 2002 at 09:53:56AM +1100, Brian May wrote:
On Tue, Dec 03, 2002 at 10:22:32AM +1300, Corrin Lakeland wrote:
Personally I think bayesian based spam filters are a godsend. They're a
bit
naive in places such as being unigram or bigram based, but that'll probably
get fixed
On Saturday 30 November 2002 16:48, Russell Coker wrote:
[snipped rant and threats]
... if such messages continue.
You misunderstood the way such things work, you only have to confirm once
that you intended to send a message. Of course, people should add automated
systems like the BTS to their
On Sat, 30 Nov 2002 22:42, Ulrich Eckhardt wrote:
On Saturday 30 November 2002 16:48, Russell Coker wrote:
[snipped rant and threats]
... if such messages continue.
You misunderstood the way such things work, you only have to confirm once
that you intended to send a message. Of course,
On Sat, Nov 30, 2002 at 10:42:41PM +0100, Ulrich Eckhardt wrote:
You misunderstood the way such things work, you only have to confirm once
that you intended to send a message.
Still too much. If someone initiates a communication, they should make
sure they can get the reply.
Of course, people
On Sun, Dec 01, 2002 at 02:35:28PM +0100, Russell Coker wrote:
The people who run such stupid filters misunderstand the way the
Internet works.
Maybe you should do a short research on the user of this mail handling
program before saying such.
If you have to send an extra confirmation message
On Sun, 1 Dec 2002 19:19, Gerrit Pape wrote:
On Sun, Dec 01, 2002 at 02:35:28PM +0100, Russell Coker wrote:
The people who run such stupid filters misunderstand the way the
Internet works.
Maybe you should do a short research on the user of this mail handling
program before saying such.
On Sun, Dec 01, 2002 at 07:19:47PM +0100, Gerrit Pape wrote:
On Sun, Dec 01, 2002 at 02:35:28PM +0100, Russell Coker wrote:
The people who run such stupid filters misunderstand the way the
Internet works.
Maybe you should do a short research on the user of this mail handling
program
Gerrit Pape [EMAIL PROTECTED] writes:
On Sun, Dec 01, 2002 at 02:35:28PM +0100, Russell Coker wrote:
The people who run such stupid filters misunderstand the way the
Internet works.
Maybe you should do a short research on the user of this mail handling
program before saying such.
Some
I believe that it is inappropriate to use such an email system that does this
when sending messages to the BTS.
Also anyone who wants to use such a system when posting to a popular mailing
list (such as debian-devel) should first put in place a white-list of people
who regularly post to the
55 matches
Mail list logo