qmail Digest 2 Feb 1999 11:00:29 -0000 Issue 539
Topics (messages 21200 through 21338):
Performance
21200 by: Dave Sill <[EMAIL PROTECTED]>
21202 by: Mark Delany <[EMAIL PROTECTED]>
21208 by: Dirk Vleugels <[EMAIL PROTECTED]>
21211 by: David Villeger <[EMAIL PROTECTED]>
21304 by: Russ Allbery <[EMAIL PROTECTED]>
Inserting notice of re-direction
21201 by: "Joaquim Homrighausen" <[EMAIL PROTECTED]>
21204 by: Sam <[EMAIL PROTECTED]>
21213 by: Mate Wierdl <[EMAIL PROTECTED]>
Re-write domain information in outgoing mail
21203 by: Robin Bowes <[EMAIL PROTECTED]>
21227 by: "Len Budney" <[EMAIL PROTECTED]>
21228 by: "Len Budney" <[EMAIL PROTECTED]>
21241 by: Robin Bowes <[EMAIL PROTECTED]>
21246 by: "Len Budney" <[EMAIL PROTECTED]>
21285 by: [EMAIL PROTECTED] (Mirko Zeibig)
21292 by: [EMAIL PROTECTED]
21332 by: "Gary Joyce" <[EMAIL PROTECTED]>
Email addresses with .'s in
21205 by: Peter van Dijk <[EMAIL PROTECTED]>
21206 by: Russell Nelson <[EMAIL PROTECTED]>
21209 by: Peter van Dijk <[EMAIL PROTECTED]>
21225 by: John R Levine <[EMAIL PROTECTED]>
21242 by: "Timothy L. Mayo" <[EMAIL PROTECTED]>
Mangling From: headers by recipient domain
21207 by: Keith Burdis <[EMAIL PROTECTED]>
Three solutions for spam
21210 by: [EMAIL PROTECTED]
21212 by: [EMAIL PROTECTED]
21220 by: "Len Budney" <[EMAIL PROTECTED]>
21222 by: Dave Sill <[EMAIL PROTECTED]>
21224 by: "Paul J. Schinder" <[EMAIL PROTECTED]>
21226 by: Stefaan A Eeckels <[EMAIL PROTECTED]>
21234 by: Russell Nelson <[EMAIL PROTECTED]>
21235 by: Dave Sill <[EMAIL PROTECTED]>
21237 by: Russell Nelson <[EMAIL PROTECTED]>
21239 by: Mike Holling <[EMAIL PROTECTED]>
21244 by: Dave Sill <[EMAIL PROTECTED]>
21247 by: Russell Nelson <[EMAIL PROTECTED]>
21249 by: Peter van Dijk <[EMAIL PROTECTED]>
21250 by: Russell Nelson <[EMAIL PROTECTED]>
21251 by: Mike Holling <[EMAIL PROTECTED]>
21253 by: Tim Pierce <[EMAIL PROTECTED]>
21254 by: Vince Vielhaber <[EMAIL PROTECTED]>
21255 by: Russell Nelson <[EMAIL PROTECTED]>
21256 by: "Sam" <[EMAIL PROTECTED]>
21257 by: Paul Schinder <[EMAIL PROTECTED]>
21258 by: Russell Nelson <[EMAIL PROTECTED]>
21260 by: Tim Pierce <[EMAIL PROTECTED]>
21261 by: "Racer X" <[EMAIL PROTECTED]>
21262 by: "Racer X" <[EMAIL PROTECTED]>
21263 by: "Racer X" <[EMAIL PROTECTED]>
21264 by: Dave Sill <[EMAIL PROTECTED]>
21265 by: Mike Meyer <[EMAIL PROTECTED]>
21266 by: Russell Nelson <[EMAIL PROTECTED]>
21267 by: Dave Sill <[EMAIL PROTECTED]>
21268 by: "Racer X" <[EMAIL PROTECTED]>
21269 by: "Racer X" <[EMAIL PROTECTED]>
21270 by: [EMAIL PROTECTED]
21271 by: "Len Budney" <[EMAIL PROTECTED]>
21273 by: [EMAIL PROTECTED]
21274 by: Charles Cazabon <[EMAIL PROTECTED]>
21275 by: Vince Vielhaber <[EMAIL PROTECTED]>
21276 by: "Sam" <[EMAIL PROTECTED]>
21277 by: Vince Vielhaber <[EMAIL PROTECTED]>
21278 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
21280 by: [EMAIL PROTECTED]
21282 by: "Racer X" <[EMAIL PROTECTED]>
21283 by: "Joe Garcia" <[EMAIL PROTECTED]>
21288 by: Mike Meyer <[EMAIL PROTECTED]>
21289 by: Mike Meyer <[EMAIL PROTECTED]>
21291 by: Mike Meyer <[EMAIL PROTECTED]>
21294 by: Peter van Dijk <[EMAIL PROTECTED]>
21298 by: [EMAIL PROTECTED]
21300 by: Mike Meyer <[EMAIL PROTECTED]>
21301 by: [EMAIL PROTECTED]
21303 by: Mike Holling <[EMAIL PROTECTED]>
21305 by: "Sam" <[EMAIL PROTECTED]>
21307 by: Tim Pierce <[EMAIL PROTECTED]>
21312 by: Russ Allbery <[EMAIL PROTECTED]>
21313 by: Mike Holling <[EMAIL PROTECTED]>
21314 by: Russ Allbery <[EMAIL PROTECTED]>
21315 by: "Adam D. McKenna" <[EMAIL PROTECTED]>
21317 by: "Paul J. Schinder" <[EMAIL PROTECTED]>
21319 by: "Paul J. Schinder" <[EMAIL PROTECTED]>
21320 by: [EMAIL PROTECTED]
21324 by: "Racer X" <[EMAIL PROTECTED]>
21326 by: Rick Myers <[EMAIL PROTECTED]>
21327 by: Russ Allbery <[EMAIL PROTECTED]>
21330 by: "Paul J. Schinder" <[EMAIL PROTECTED]>
21337 by: Peter van Dijk <[EMAIL PROTECTED]>
Any benchmarks?
21214 by: Balazs Nagy <[EMAIL PROTECTED]>
virtualdomains troubles...
21215 by: Matt Garrett <[EMAIL PROTECTED]>
21219 by: Chris Johnson <[EMAIL PROTECTED]>
off-topic, MUA to mail system files
21216 by: "Eric Dahnke" <[EMAIL PROTECTED]>
21217 by: Russell Nelson <[EMAIL PROTECTED]>
21218 by: Mate Wierdl <[EMAIL PROTECTED]>
21240 by: Scott Schwartz <[EMAIL PROTECTED]>
21316 by: Russ Allbery <[EMAIL PROTECTED]>
21318 by: Mate Wierdl <[EMAIL PROTECTED]>
21325 by: Russ Allbery <[EMAIL PROTECTED]>
when does a message get split
21221 by: "Mark Carpenter" <[EMAIL PROTECTED]>
21233 by: Peter van Dijk <[EMAIL PROTECTED]>
three questions on var-qmail
21223 by: Mate Wierdl <[EMAIL PROTECTED]>
Date Stamp
21229 by: Ramesh Vadlapatla <[EMAIL PROTECTED]>
21230 by: Ramesh Vadlapatla <[EMAIL PROTECTED]>
21231 by: Sam <[EMAIL PROTECTED]>
qmail-pop3d question.
21232 by: les <[EMAIL PROTECTED]>
21236 by: [EMAIL PROTECTED] (Image - Odinn Sorensen)
21334 by: les <[EMAIL PROTECTED]>
Possible Anti-spam solution (was Re: Example of the anti-fax effect)
21238 by: Michael Graff <[EMAIL PROTECTED]>
21243 by: Scott Schwartz <[EMAIL PROTECTED]>
21252 by: Russell Nelson <[EMAIL PROTECTED]>
qmtp
21245 by: Michael Graff <[EMAIL PROTECTED]>
21248 by: Michael Graff <[EMAIL PROTECTED]>
21284 by: Greg Hudson <[EMAIL PROTECTED]>
qmail binaries for Lignux
21259 by: Mate Wierdl <[EMAIL PROTECTED]>
Q re qmail / cyrus imapd and Sent folder on server
21272 by: "Heinz Wittenbecher" <[EMAIL PROTECTED]>
21281 by: "Sam" <[EMAIL PROTECTED]>
Postage for email
21279 by: "Len Budney" <[EMAIL PROTECTED]>
Web Mail server with Qmail
21286 by: "Lucas do R. B. Brasilino da Silva" <[EMAIL PROTECTED]>
21287 by: John Gonzalez/netMDC admin <[EMAIL PROTECTED]>
21290 by: [EMAIL PROTECTED]
trouble opening local
21293 by: Jake Jellinek <[EMAIL PROTECTED]>
21295 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
21296 by: Harald Hanche-Olsen <[EMAIL PROTECTED]>
21297 by: Keith Burdis <[EMAIL PROTECTED]>
21299 by: Jake Jellinek <[EMAIL PROTECTED]>
Setup question
21302 by: "Robert J. Curci" <[EMAIL PROTECTED]>
21321 by: "Sam" <[EMAIL PROTECTED]>
21323 by: "Robert J. Curci" <[EMAIL PROTECTED]>
Q: where to patch qmail to dup a copy of outgoing mail ( to a pipe or fixed user )
21306 by: "Heinz Wittenbecher" <[EMAIL PROTECTED]>
21311 by: Mate Wierdl <[EMAIL PROTECTED]>
21328 by: "Heinz Wittenbecher" <[EMAIL PROTECTED]>
Digest for qmail mailing list?
21308 by: "Michael Slade" <[EMAIL PROTECTED]>
<None>
21309 by: "Jenson, Kenneth M." <[EMAIL PROTECTED]>
More than 2 queues ?
21310 by: Mail Account for root <[EMAIL PROTECTED]>
21336 by: Peter van Dijk <[EMAIL PROTECTED]>
I don't trust 'em.
21322 by: Russell Nelson <[EMAIL PROTECTED]>
21329 by: Russ Allbery <[EMAIL PROTECTED]>
21331 by: Russell Nelson <[EMAIL PROTECTED]>
21335 by: Peter van Dijk <[EMAIL PROTECTED]>
Virtual domains + Username length
21333 by: [EMAIL PROTECTED]
debbugs and qmail
21338 by: Yusuf Goolamabbas <[EMAIL PROTECTED]>
Administrivia:
To subscribe to the digest, e-mail:
[EMAIL PROTECTED]
To unsubscribe from the digest, e-mail:
[EMAIL PROTECTED]
To post to the list, e-mail:
[EMAIL PROTECTED]
----------------------------------------------------------------------
Mark Delany <[EMAIL PROTECTED]> wrote:
>
>Certainly you want to make sure you have sufficient memory. What did vmstat
>tell you about your paging?
Specifically, what's the scan rate (the "sr" column)? According to
Solaris wizard Casper Dik, "The only reliable measurement of memory
shortage is the scan rate."
Memtool, available from http://playground.sun.com/pub/memtool, will
help you see where/how your memory is being used.
-Dave
At 08:35 AM 2/1/99 -0500, Dave Sill wrote:
>Mark Delany <[EMAIL PROTECTED]> wrote:
>>
>>Certainly you want to make sure you have sufficient memory. What did vmstat
>>tell you about your paging?
>
>Specifically, what's the scan rate (the "sr" column)? According to
>Solaris wizard Casper Dik, "The only reliable measurement of memory
>shortage is the scan rate."
I'm certainly comfortable bowing to Casper's knowledge. He is a boon to
Solaris users to be sure (and a boon to Sun for that matter).
I tend to look at paging simplistically in most cases. If you're paging out,
then you're running short of memory, but one hopes that these:
> Memtool, available from http://playground.sun.com/pub/memtool, will
> help you see where/how your memory is being used.
offer a more sophisticated analysis.
In all cases, the answer to the original question remains the same. Do some
measurements and monitoring to determine which resource(s) are stretched. A
guess could easily be wrong and there is nothing worse than spending money
on an upgrade only to find it makes no difference.
Regards.
Quoting Mark Delany ([EMAIL PROTECTED]):
> At 08:35 AM 2/1/99 -0500, Dave Sill wrote:
> >Mark Delany <[EMAIL PROTECTED]> wrote:
> >>
> >>Certainly you want to make sure you have sufficient memory. What did vmstat
> >>tell you about your paging?
> >
> >Specifically, what's the scan rate (the "sr" column)? According to
> >Solaris wizard Casper Dik, "The only reliable measurement of memory
> >shortage is the scan rate."
>
> I'm certainly comfortable bowing to Casper's knowledge. He is a boon to
> Solaris users to be sure (and a boon to Sun for that matter).
>
> I tend to look at paging simplistically in most cases. If you're paging out,
> then you're running short of memory, but one hopes that these:
Normal IO is using the page in/out mechanism. The SR rate is indeed the
only indicator for memory shortage.
Dirk
--
[EMAIL PROTECTED] http://www.de.uu.net
Tools & Standards UUnet Deutschland GmbH
Tel. +49 231 972 00 Emil-Figge-Strasse 80
Fax. +49 231 972 1180 44227 Dortmund, Germany
At 09:08 AM 2/1/99 -0000, Lorens Kockum wrote:
>On the qmail list [EMAIL PROTECTED] wrote:
>>David Villeger writes:
>> > The disks seem OK. Memory is certainely an issue. Each
>> > qmail-remote eats 1.5 megs (virtual mem, 1 megs resident) and there
>> > is only 128 megs on the machines.
>>
>>Wow. That's a lot.
>
>David, you did compile these on your machines, didn't you?
>
>Make sure the binaries are stripped.
Yes I did compile them on the machines, and yes they are stripped.
David.
______________________________________
David Villeger
(212) 972 2030 x34
http://www.CheetahMail.com
The Internet Email Publishing Solution
Mark Delany <[EMAIL PROTECTED]> writes:
> I tend to look at paging simplistically in most cases. If you're paging
> out, then you're running short of memory, but one hopes that these:
On most SysV machines, free physical memory not being used by running
processes is used as a disk cache, causing disk accesses to show up as
paging since portions of that cache are freed and reallocated.
There was an excellent tutorial at the last LISA about this as well,
although it was pretty Solaris-specific.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
I have a few virtual domains set-up, using qmail 1.03.
What I would like to do is to insert a line of text at the top of the
message body that says something like:
Note: Message originally sent to "JoHo McGweedo" <[EMAIL PROTECTED]>
What/where would be the best place to put this, if it's at all possible?
I realize that this information can be obtained via the header, but many users
(myself included) aren't reading mail with all headers enabled at all times.
-+-
Joaquim Homrighausen * [EMAIL PROTECTED] * 2:201/330@fidonet
Definite Solutions * Stockholm, Sweden
Phone: +46 8 6505087 * Fax: +46 8 4410010 * http://www.defsol.se
-+-
On Mon, 1 Feb 1999, Joaquim Homrighausen wrote:
> What I would like to do is to insert a line of text at the top of the
> message body that says something like:
>
> Note: Message originally sent to "JoHo McGweedo" <[EMAIL PROTECTED]>
>
> What/where would be the best place to put this, if it's at all possible?
Given the fact that an arbitrary E-mail message can be:
1) An HTML message.
2) An RFC2045 (MIME) multipart message.
Just shoving arbitrary text at the beginning of the message contents
simply is not going to work, all the time.
I once wrote a quick gizmo which inserts arbitrary text at the beginning
of an arbitrary E-mail message. It took nearly 700 lines of C code to
complete.
>From the .qmail file handling the virtualdomain, run a sed script that
would insert the line you want after the first empty line in the
message. Then pipe the result to forward.
Another possibility is this (would be more robust than the previous
one):
Separate the header and the body of the message using 822header (from
the mess822 package) and awk, say. Prepend the body with and empty
line and the line you want to insert, and cat now the new body and the
old header, and pipe the output to foward.
Mate
Hi,
I am hoping someone can help me with the following situation.
I have qmail-1.03 running on a RedHat 5.2 box (nice RPMS Matt!) on my
internal network at home. I use the domain "home.internal" on the
internal network.
I also have an account with an ISP that gives me a domain
"dsch.freeserve.co.uk", ie I can use any mail address
@dsch.freeserve.co.uk.
I intend pull all incoming mail from the Freeserve mail server (using
pop3) and feed it into qmail to be delivered locally
("dsch.freeserve.co.uk" in locals and/or rcpthosts ?).
In order that I have valid return mail addresses, I'd like to re-write
the domain in all outgoing mail from my home network so
"[EMAIL PROTECTED]" and "[EMAIL PROTECTED]" become
"[EMAIL PROTECTED]".
I would imagine that this is fairly trivial but I can't work out how to
do it. Any suggestions?
Thanks,
R.
--
Two rules to success in life:
1. Don't tell people everything you know.
-- Sassan Tat
Robin Bowes <[EMAIL PROTECTED]> wrote:
> In order that I have valid return mail addresses, I'd like to
> re-write the domain in all outgoing mail from my home network so
> "[EMAIL PROTECTED]" and "[EMAIL PROTECTED]" become
> "[EMAIL PROTECTED]".
I do the same thing, for the same reason. There are two solutions--one
very specific, the other somewhat tricky.
1. In your shell startup scripts, set the environment variables
QMAILSUSER and QMAILSHOST. See qmail-inject(8) for details.
This is somewhat fragile in that users can turn off those
variables and undo your efforts on their behalf.
2. If you use serialmail for outgoing mail, fiddle with the
envelope sender at that time. Do this by adding a line to
/var/qmail/control/virtualdomains which says:
:alias-rewrite
Next, put the following in ~alias/.qmail-rewrite-default, all on
a single line:
|qmail-local alias /var/qmail/alias
alias-outgoing-$EXT "-" outgoing-$EXT
$HOST [EMAIL PROTECTED] ./Outgoing/
Finally, create the maildir ~alias/Outgoing, and touch the empty
file ~alias/.qmail-outgoing-default. When you run serialmail,
the prefix to snip off will be "alias-outgoing-rewrite-".
The latter solution is odd, but it's the simplest way I know of to
fiddle with envelopes, without doing something silly with "preline"
and "sed". Any simpler solution would be appreciated!
Len.
--
84. When your Superiours talk to any Body hearken not neither Speak
nor Laugh.
-- George Washington, "Rules of Civility & Decent Behaviour"
"Len Budney" <[EMAIL PROTECTED]> wrote:
> 1. In your shell startup scripts, set the environment variables
> QMAILSUSER and QMAILSHOST. See qmail-inject(8) for details.
>
> This is somewhat fragile in that users can turn off those
> variables and undo your efforts on their behalf.
Forget to mention: it is also incomplete. Some MUA's like Netscape
insist on making an SMTP connection, which bypasses qmail-inject.
the virtualdomains trick also picks up those emails.
Len.
--
28. If any one come to Speak to you while you are Sitting Stand up
tho he be your Inferiour, and when you Present Seats let it be to every
one according to his Degree.
-- George Washington, "Rules of Civility & Decent Behaviour"
Hi Len,
Thanks for the reply.
Len Budney wrote:
>
> Robin Bowes <[EMAIL PROTECTED]> wrote:
> > In order that I have valid return mail addresses, I'd like to
> > re-write the domain in all outgoing mail from my home network so
> > "[EMAIL PROTECTED]" and "[EMAIL PROTECTED]" become
> > "[EMAIL PROTECTED]".
>
> I do the same thing, for the same reason. There are two solutions--one
> very specific, the other somewhat tricky.
>
> 1. In your shell startup scripts, set the environment variables
> QMAILSUSER and QMAILSHOST. See qmail-inject(8) for details.
>
> This is somewhat fragile in that users can turn off those
> variables and undo your efforts on their behalf.
Also, all my users (well, me and the girlfriend!) are not shell users -
well, I am but I use various MUAs on my MT box to process mail. So,
this method wouldn't work.
>
> 2. If you use serialmail for outgoing mail, fiddle with the
> envelope sender at that time. Do this by adding a line to
> /var/qmail/control/virtualdomains which says:
>
> :alias-rewrite
>
> Next, put the following in ~alias/.qmail-rewrite-default, all on
> a single line:
>
> |qmail-local alias /var/qmail/alias
> alias-outgoing-$EXT "-" outgoing-$EXT
> $HOST [EMAIL PROTECTED] ./Outgoing/
>
> Finally, create the maildir ~alias/Outgoing, and touch the empty
> file ~alias/.qmail-outgoing-default. When you run serialmail,
> the prefix to snip off will be "alias-outgoing-rewrite-".
>
> The latter solution is odd, but it's the simplest way I know of to
> fiddle with envelopes, without doing something silly with "preline"
> and "sed". Any simpler solution would be appreciated!
I have seen this method described elsewhere but I don't (currently) use
serialmail; I was intending to relay all mail immediately, ie as it is
received.
I'm pretty sure that something in the mess822 package would help me here
but I can't for the life of me workout where to pull the mail out of the
system to do the re-write and where to inject it back in!
Perhaps someone more versed in the use of this package would care to
enlighten me? (Please!)
Thanks again,
R.
PS. I presume from you reply address that you automatically process
your mailing list traffic. If you do this my gating into a newsgroup
drop me a line since that's the next job on my list!
--
Two rules to success in life:
1. Don't tell people everything you know.
-- Sassan Tat
Robin Bowes <[EMAIL PROTECTED]> wrote:
> I have seen this method described elsewhere but I don't (currently) use
> serialmail; I was intending to relay all mail immediately, ie as it is
> received.
>
> I'm pretty sure that something in the mess822 package would help me here
> but I can't for the life of me workout where to pull the mail out of the
> system to do the re-write and where to inject it back in!
In that case, I believe you need a two-part solution. For direct
invocation of qmail-inject (by itself or via the "sendmail" wrapper),
you need to set QMAILSUSER and QMAILSHOST.
For other clients, which use SMTP directly, you can adapt the solution
of FAQ 5.5.
Len.
--
14. Turn not your Back to others especially in Speaking, Jog not the
Table or Desk on which Another reads or writes, lean not upon any one.
-- George Washington, "Rules of Civility & Decent Behaviour"
On Mon, 01 Feb 1999 19:46:19 +0000, Robin Bowes <[EMAIL PROTECTED]> wrote:
>PS. I presume from you reply address that you automatically process
>your mailing list traffic. If you do this my gating into a newsgroup
>drop me a line since that's the next job on my list!
Hello Robin,
to make things easier subscribe to this group with a different name
([EMAIL PROTECTED]).
Then "maildirmake ~/local.qmail"
and point to this by "echo ./local.qmail/ > ~/.qmail-qmail"
Now all messages from this group go into local.qmail.
With inn:
- su news -c ctlinnd newgroup local.qmail m
- make sure to exclude local.qmail from your newsfeeds
- insert "local.qmail:[EMAIL PROTECTED]" into your moderators file
Create a script like this:
#!/bin/sh
npath="$HOME/$1/new"
cpath="$HOME/$1/cur"
echo $npath
[ ! -d $npath ] && {
echo "Kein Pfad gegeben oder kein maildir"
exit 1
}
mpath="$HOME/$1"
fcount=$mpath/count
fbatch=$mpath/batch
ffail=$mpath/batch.fail
find $npath/* > $fbatch 2>/dev/null
rpost localhost -M -d -b $fbatch -f \$\$o=/tmp/tmp$$ ~/$1.filter \$\$i
/tmp/tmp$
$
[ -f $ffail ] && {
mv $(cat $ffail) $cpath/
rm $fbatch
}
rm $npath/*
Now you need a filter which will eliminate "Delivered-To" statements etc.
local.qmail.filter:
#!/bin/bash
INFILE=$1
OUTFILE=$2
[ -f ${INFILE} ] && {
echo "Newsgroups: local.qmail"; \
echo "Approved: [EMAIL PROTECTED]"; \
cat ${INFILE} | \
## Make formail ... ONE line
formail -c -k -X From: -X To: -X Date: -X References: -X Message-ID:
-X
Mime-Version: -X Content-Type: -X Reply-To: -X Subject: -X CC: -X BCC: -X
Organi
zation:
} > ${OUTFILE}
Make sure to chmod +x mrpost local.qmail.filter.
When your ~/local.qmail/new/ directory is full with mail execute:
~/mrpost local.qmail
and the messages will be posted to local.qmail
Regards
Mirko
PS: What you need: qmail ;-), inn-1.7.2, suck/rpost and formail.
--
mailto:[EMAIL PROTECTED] myhome_aka_~:http://sites.inka.de/picard
RedHat=~/rh52_isdn.html teles16.3c=~/teles163c/teles163c_contents.html
life's a http://www.uni-karlsruhe.de/~etcetera
>In order that I have valid return mail addresses, I'd like to re-write
>the domain in all outgoing mail from my home network so
>"[EMAIL PROTECTED]" and "[EMAIL PROTECTED]" become
>"[EMAIL PROTECTED]".
In addition to what others have mentioned, I discovered that using
Emacs to send email doesn't obey QMAILSHOST and such, because, apparently
to work around some (old?) sendmail bug, Emacs calls sendmail with
the `-f USER' option. (If you've installed qmail, /usr/lib/sendmail
is a link to qmail's version of that mail injector -- I assume it
ends up calling qmail-inject.)
I didn't know offhand how to change Emacs' behavior (don't see the
elisp code on my system, probably on a CD-ROM somewhere).
What I did instead was put this script into /usr/sbin/sendmail instead
of the link that was there, and made /usr/lib/sendmail a symbolic link
to /usr/sbin/sendmail:
--------
#!/bin/bash
if [ x$2 = x-f ]
then
/var/qmail/bin/sendmail $1 $4 $5 $6 $7 $8 $9
else
/var/qmail/bin/sendmail $*
fi
exit $?
--------
After "chmod 755 /usr/bin/sendmail", sending email from within Emacs
works fine -- the envelope sender address ("Return-Path:") is set
according to QMAILSHOST, QMAILSUSER, whatever.
This was important for me because my ISP's SMTP rejects email sent
from an unrecognized host with "451 Domain must resolve".
tq vm, (burley)
> -----Original Message-----
> From: Robin Bowes [mailto:[EMAIL PROTECTED]]
> Sent: Monday, February 01, 1999 1:46 PM
> To: Len Budney
> Cc: [EMAIL PROTECTED]
> Subject: Re: Re-write domain information in outgoing mail
>
>
> Hi Len,
>
> Thanks for the reply.
>
> Len Budney wrote:
> >
> > Robin Bowes <[EMAIL PROTECTED]> wrote:
> > > In order that I have valid return mail addresses, I'd like to
> > > re-write the domain in all outgoing mail from my home network so
> > > "[EMAIL PROTECTED]" and "[EMAIL PROTECTED]" become
> > > "[EMAIL PROTECTED]".
> >
> > I do the same thing, for the same reason. There are two solutions--one
> > very specific, the other somewhat tricky.
> >
> > 1. In your shell startup scripts, set the environment variables
> > QMAILSUSER and QMAILSHOST. See qmail-inject(8) for details.
> >
> > This is somewhat fragile in that users can turn off those
> > variables and undo your efforts on their behalf.
>
> Also, all my users (well, me and the girlfriend!) are not shell users -
> well, I am but I use various MUAs on my MT box to process mail. So,
> this method wouldn't work.
>
<snip>
I have a similar setup with qmail on a linux server and a 192.168.x.x domain
using WinNT clients and reaching the ISP via a dialup. I use an unegistered
domain for the local network but in the MUAs have a valid email account,
with the ISP, set for email address and reply address. Since qmail basically
is relaying, any outbound mail goes out with the headers addressed by the
MUAs.
I created a virtualdomain(s) (to handle any bounces) pointing to the local
account(s). And in each users $HOME/.bash_profile I have QMAILSUSER,
QMAILSHOST, and QMAILINJECT=f set for any mail sent via a shell or X
session. For local mail we don't care what domain shows up since we know
each others username.
We use fetchmail for retreval from ISP(s) and pipe it to qmail-inject for
local delivery. The whole setup works quite smoothly. Since there are
actually four seperate registerd ISP email accounts it's slighty more
complicated but since your using network clients the idea is the same. The
only problem we had was that qmail doesn't use hosts so I had to install
BIND.
Hope this helps.
Regards, Gary Joyce
On Mon, Feb 01, 1999 at 10:33:42AM +0100, Harald Hanche-Olsen wrote:
> - Peter van Dijk <[EMAIL PROTECTED]>:
>
> | On Sun, Jan 31, 1999 at 06:51:36PM -0000, Russell Nelson wrote:
> | >
> | > It's a security measure, to keep people from sending mail to
> | > user-../../etc/passwd (e.g.). Qmail-local used to replace slashes
> | > with colons, until it was seen that slashes were useful to allow
> | > subdirectories, so now the dots are replaced with colons.
> |
> | I understand the security part (feeling stupid today after
> | reconfigging one win95 machine just over 15 times. I never knew that
> | I could actually feel stress...).
> |
> | But where would you use directories in that? Creating .qmail-bla/duh
> | and mailing to peter-bla/duh doesn't really do the job.
>
> No, but at the time Russell is talking about, dots were *not*
> replaced. There are only three reasonable ways to foil the /../
> attack, and those are (1) replace slashes by something else, (2)
> replace dots by something else, and (3) recognize the substring /../
> and either replace it by something else or bounce the mail.
> Personally, I think I would prefer (3) because it confuses users less,
> but OTOH (1) and (2) are simpler to implement, whick makes it less
> likely for a security bug to creep in.
All agreed, but I still don't understand Russell saying 'slashes were useful to allow
subdirectories'.
> | Hmm.. too little caffeine here.
>
> I hope you know the remedy for that.
Yep. 2, actually :)
Greetz, Peter.
--
.| Peter van Dijk
.| [EMAIL PROTECTED]
Peter van Dijk writes:
> All agreed, but I still don't understand Russell saying 'slashes
> were useful to allow subdirectories'.
Simply that I could arrange things so that, if you sent mail to
nelson-foo/bar, it's delivery would be controlled by a file called
~nelson/.qmail-foo/bar, which is to say that there is a directory
called .qmail-foo in ~nelson, and it has a dot-qmail(5) file in it
called bar.
You could then try delivering to nelson-foo/../Mailbox (in an attempt
to stuff mail into my Mailbox), but qmail would go looking for
~nelson/.qmail-foo/::/Mailbox, which might or might not (!) exist.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
On Mon, Feb 01, 1999 at 03:20:06PM -0000, Russell Nelson wrote:
> Peter van Dijk writes:
> > All agreed, but I still don't understand Russell saying 'slashes
> > were useful to allow subdirectories'.
>
> Simply that I could arrange things so that, if you sent mail to
> nelson-foo/bar, it's delivery would be controlled by a file called
> ~nelson/.qmail-foo/bar, which is to say that there is a directory
> called .qmail-foo in ~nelson, and it has a dot-qmail(5) file in it
> called bar.
That's what I thought it would do :) But I tried that yesterday. Didn't work.
It does work this time.. Damn.. I WAS stupid this weekend.
> You could then try delivering to nelson-foo/../Mailbox (in an attempt
> to stuff mail into my Mailbox), but qmail would go looking for
> ~nelson/.qmail-foo/::/Mailbox, which might or might not (!) exist.
Hmm.. nice for catching hackers :)
Now that I know this.. I think this feature could be (ab)used for managing virtual
domains in some way...
I like this feature!
Greetz, Peter.
--
.| Peter van Dijk
.| [EMAIL PROTECTED]
> All agreed, but I still don't understand Russell saying 'slashes
> were useful to allow subdirectories'.
Slashes in individual user names are indeed not very useful, but they
can be quite handy for virtual domains. You might put a line in
control/virtualdomains like this:
blather.com:virtual-blather/m-
so that the mail for [EMAIL PROTECTED] is controlled by
~virtual/.qmail-blather/m-fred, putting each domain's qmail files in a
separate subdirectory.
--
John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 387 6869
[EMAIL PROTECTED], Village Trustee and Sewer Commissioner, http://iecc.com/johnl,
Member, Provisional board, Coalition Against Unsolicited Commercial E-mail
To keep our virtualdomains organized so that several admins can figure out
what is going on:
/var/qmail/control/virtualdomains:
mayod.nb.net:alias-virtuals/net/nb/mayod/q
This scheme works very well for me and the other admins can pick up what
is going on very quickly.
Tim Mayo
On Mon, 1 Feb 1999, Peter van Dijk wrote:
> On Mon, Feb 01, 1999 at 10:33:42AM +0100, Harald Hanche-Olsen wrote:
> > - Peter van Dijk <[EMAIL PROTECTED]>:
> >
> > | On Sun, Jan 31, 1999 at 06:51:36PM -0000, Russell Nelson wrote:
> > | >
> > | > It's a security measure, to keep people from sending mail to
> > | > user-../../etc/passwd (e.g.). Qmail-local used to replace slashes
> > | > with colons, until it was seen that slashes were useful to allow
> > | > subdirectories, so now the dots are replaced with colons.
> > |
> > | I understand the security part (feeling stupid today after
> > | reconfigging one win95 machine just over 15 times. I never knew that
> > | I could actually feel stress...).
> > |
> > | But where would you use directories in that? Creating .qmail-bla/duh
> > | and mailing to peter-bla/duh doesn't really do the job.
> >
> > No, but at the time Russell is talking about, dots were *not*
> > replaced. There are only three reasonable ways to foil the /../
> > attack, and those are (1) replace slashes by something else, (2)
> > replace dots by something else, and (3) recognize the substring /../
> > and either replace it by something else or bounce the mail.
> > Personally, I think I would prefer (3) because it confuses users less,
> > but OTOH (1) and (2) are simpler to implement, whick makes it less
> > likely for a security bug to creep in.
>
> All agreed, but I still don't understand Russell saying 'slashes were useful to allow
> subdirectories'.
>
> > | Hmm.. too little caffeine here.
> >
> > I hope you know the remedy for that.
>
> Yep. 2, actually :)
>
> Greetz, Peter.
> --
> .| Peter van Dijk
> .| [EMAIL PROTECTED]
>
---------------------------------
Timothy L. Mayo mailto:[EMAIL PROTECTED]
Senior Systems Manager
localconnect(sm)
http://www.localconnect.net/
The National Business Network Inc. http://www.nb.net/
One Monroeville Center, Suite 850
Monroeville, PA 15146
(412) 810-8888 Phone
(412) 810-8886 Fax
On Sun 1999-01-31 (20:11), Mate Wierdl wrote:
>
> | newinject
>
> in ~alias/.qmail-company-domain, putting the rewriting rules in
> control/rewrite.
>
> Typo: it is `|new-inject'. In any case, I think the problem somehow
> is that if he just does what you suggest, the message would again be
> sent to companydomain, that is back to the local machine (since the
> companydomain virtualdomain points there).
Indeed. You are quite correct. As I said I've never used it before ;-)
> The message the qmail server gets is just simply relayed to
> relay.ourdomain and now he wants to rewrite the From: header.
The main problem with his original proposal is that the relay host may be
down, so the mail needs to be queued somehow before being sent. Perhaps it
would be best to store it in a maildir one the rewriting has been done, and
then try the delivery from there. Something like:
virtualdomains:
companydomain:alias-companydomain
~alias/.outgoing-filter:
DEFAULT="./outgoing/"
~alias/.qmail-companydomain-default:
| preline -d -f swap_from | maildrop .outgoing-filter
# maildirmake ~alias/outgoing
And then run something like sdeliver (http://rucus.ru.ac.za/keith/qmail/)
to deliver the mail from the maildir.
Hopefully this suggestion works :)
- Keith
> Mate
--
Keith Burdis - MSc (Com Sci) - Rhodes University, South Africa
Email : [EMAIL PROTECTED]
WWW : http://www.rucus.ru.ac.za/~keith/
IRC : Panthras JAPH
"Any technology sufficiently advanced is indistinguishable from a perl script"
Standard disclaimer.
---
Speaking of open relay blocking, is the appropriate way to use both
RBL and ORBS to invoke rblsmtpd twice? As in
/usr/local/bin/tcpserver-qmail -pR -c50 -u70 -g70 \
-x/etc/tcp.smtp.cdb \
0 smtp /usr/bin/rblsmtpd -r relays.orbs.org -b /usr/bin/rblsmtpd \
-b /var/qmail/bin/qmail-smtpd 2>&1 | /var/qmail/bin/splogger smtpd 3
(I put ORBS first on the guess that it would block more connects).
Has anybody been paying attention enough to know whether the RBL is
essentially a subset of ORBS? Given the rules and procedures for each
as I understand them, it seems entirely possible. That would be my
other easy approach -- don't use both, just use ORBS.
--
David Dyer-Bennet [EMAIL PROTECTED]
http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon
http://ouroboros.demesne.com/ The Ouroboros Bookworms
Join the 20th century before it's too late!
Len Budney <[EMAIL PROTECTED]> writes on 27 January 1999 at
11:59:00 -0500
> Jeff Hayward <[EMAIL PROTECTED]> wrote:
> > On Wed, 27 Jan 1999, Len Budney wrote:
> >
> > True, but even factually-based prejudice, when based on _correlation_
> > rather than _causation_, is mighty risky business.
> >
> > It isn't prejudice, it is prevention.
>
> Prejudice is defined, in part, as "a leaning toward one side of a
> question from other considerations than those belonging to it".
>
> Modems neither cause nor result from spam--modems and spam merely
> correlate.
It's an unusual step for a dial-up user to make direct SMTP
connections from his system. Examining why they occur, there seem to
be 3 cases:
1. Misconfiguration. They really should be going through their ISP's
mailserver.
2. Spamming -- they're doing something they don't want to be visible
to their ISP.
3. Playing -- situations like home Linux boxes where people want to
make the connections direct because they can.
There may be other reasons I've missed, as well.
Note that in cases 1 and 3, where there is no evil intent, a simple
reconfiguration, to go through their ISP for mail sending, will
resolve the problem.
So it doesn't seem that unreasonable to me to block SMTP from dialup
pools. The legitemate users appear to have perfectly reasonable
options, and it stops one way of injecting spam.
--
David Dyer-Bennet [EMAIL PROTECTED]
http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon
http://ouroboros.demesne.com/ The Ouroboros Bookworms
Join the 20th century before it's too late!
[EMAIL PROTECTED] wrote:
> Len Budney <[EMAIL PROTECTED]> wrote:
> > Modems neither cause nor result from spam--modems and spam merely
> > correlate.
>
> It's an unusual step for a dial-up user to make direct SMTP
> connections from his system. Examining why they occur, there seem
> to be 3 cases:
Thanks for a nice, cogent analysis. You did miss one sub-case, though,
which may generally be a minor issue.
> 2. Spamming -- they're doing something they don't want to be
> visible to their ISP.
The subcase is:
2. (b) Privacy/paranoia -- they're doing something _legitimate_ that
they don't want visible to their provider.
Before I got a static IP at work, I needed to use my employer's server
to send mail. My employer had a stated policy reserving the right to
intercept and read mail sent through the company server. They had no
policy forbidding the use of SMTP without their server, and they had
no policy against personal email on company time.
Hence, to protect my privacy, I chose to send personal mail from my
own Linux laptop, circumventing their server.
Yes, I know--that's security through obscurity. I also used PGP, when
applicable. However, it was a matter of principle with me to at least
circumvent their stated intention to violate my privacy at will.
Hence, this is also a subtype of:
> 3. Playing -- situations like home Linux boxes where people want to
> make the connections direct because they can.
[snip]
> So it doesn't seem that unreasonable to me to block SMTP from dialup
> pools. The legitemate users appear to have perfectly reasonable
> options, and it stops one way of injecting spam.
It is your right, if you are an ISP. It will make many of us Linux
users sad, because you have forbidden our "playing". It's rather a
pity, in my opinion.
Len.
--
20. The Gestures of the Body must be Suited to the discourse you are upon.
-- George Washington, "Rules of Civility & Decent Behaviour"
[EMAIL PROTECTED] wrote:
>
>It's an unusual step for a dial-up user to make direct SMTP
>connections from his system. Examining why they occur, there seem to
>be 3 cases:
>
>1. Misconfiguration. They really should be going through their ISP's
> mailserver.
>
>2. Spamming -- they're doing something they don't want to be visible
> to their ISP.
>
>3. Playing -- situations like home Linux boxes where people want to
> make the connections direct because they can.
4. Home networks.
I've got three PC's connected to a 3Com LAN modem: two Winblows boxes
and a Linux box. Rather than having the scattered MUA's talk to the
ISP's servers for POP and SMTP service, I'd like them to talk to my
local server. That way they can send and receive mail even when the
modem isn't connected or the ISP is down--an all-too-common
occurrence.
>So it doesn't seem that unreasonable to me to block SMTP from dialup
>pools. The legitemate users appear to have perfectly reasonable
>options, and it stops one way of injecting spam.
I disagree. Yes, I could configure my server to pass everything off to
the ISP's mail hub, but, frankly, I can do a better job of it than
they can. And switching to a more competant ISP is not an
option. Where I live, there's only one ISP that's reachable via a
local call.
Stopping spam is a worthy goal, but one must seriously consider the
costs associated. Preventing competent people from doing reasonable
things is not an acceptable cost.
-Dave
On Mon, Feb 01, 1999 at 09:43:17AM -0600, [EMAIL PROTECTED] wrote:
}
} Speaking of open relay blocking, is the appropriate way to use both
} RBL and ORBS to invoke rblsmtpd twice? As in
}
} /usr/local/bin/tcpserver-qmail -pR -c50 -u70 -g70 \
} -x/etc/tcp.smtp.cdb \
} 0 smtp /usr/bin/rblsmtpd -r relays.orbs.org -b /usr/bin/rblsmtpd \
} -b /var/qmail/bin/qmail-smtpd 2>&1 | /var/qmail/bin/splogger smtpd 3
}
} (I put ORBS first on the guess that it would block more connects).
Yes, it is. It's documented that way somewhere, in fact.
}
} Has anybody been paying attention enough to know whether the RBL is
} essentially a subset of ORBS? Given the rules and procedures for each
} as I understand them, it seems entirely possible. That would be my
} other easy approach -- don't use both, just use ORBS.
No, as I understand it, they use different criteria. MAPS is more a
"these are proven, documented spammers" while ORBS blocks open relays,
and so is proactive. I use both (just as above), and there are sites
that MAPS catches that ORBS don't and vice versa. If you're using
ORBS, you may want to keep an eye on your logs. There are many work
related sites that I have to let through the ORBS block, so others may
be in there that are important to you.
} --
} David Dyer-Bennet [EMAIL PROTECTED]
} http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon
} http://ouroboros.demesne.com/ The Ouroboros Bookworms
} Join the 20th century before it's too late!
--
--------
Paul J. Schinder
NASA Goddard Space Flight Center
[EMAIL PROTECTED]
On 01-Feb-99 Dave Sill wrote:
> I disagree. Yes, I could configure my server to pass everything off to
> the ISP's mail hub, but, frankly, I can do a better job of it than
> they can. And switching to a more competant ISP is not an
> option. Where I live, there's only one ISP that's reachable via a
> local call.
>
> Stopping spam is a worthy goal, but one must seriously consider the
> costs associated. Preventing competent people from doing reasonable
> things is not an acceptable cost.
I wholeheartedly concur. Dave's setup is similar to mine, with
the exception that mine's not a home network, but a small
office network. We're communications people, and advise
customers on such things as qmail. I'm running our setup to
simulate what we configure at (better connected) customer
sites, but we cannot afford a permanently connected host.
FYI, it would cost us something like US$650/month to have a leased
line to our ISP, and ISDN would be even more expensive
(US$40/day for line costs alone). That's not counting the
ISP's invoice...
What I do have is a domain (ecc.lu), and an MX record in
my ISP's DNS. But I connect using a single, dynamic,
dial-up IP address, because that's the only way to get
an affordable connection.
And no, I can't move to the USA 'cause they don't want to
give me a green card ;-)
Stefaan
--
PGP key available from PGP key servers (http://www.pgp.net/pgpnet/)
___________________________________________________________________
Perfection is reached, not when there is no longer anything to add,
but when there is no longer anything to take away. -- Saint-Exupéry
Dave Sill writes:
> [EMAIL PROTECTED] wrote:
> >So it doesn't seem that unreasonable to me to block SMTP from dialup
> >pools. The legitemate users appear to have perfectly reasonable
> >options, and it stops one way of injecting spam.
>
> I disagree. Yes, I could configure my server to pass everything off to
> the ISP's mail hub, but, frankly, I can do a better job of it than
> they can. And switching to a more competant ISP is not an
> option. Where I live, there's only one ISP that's reachable via a
> local call.
>
> Stopping spam is a worthy goal, but one must seriously consider the
> costs associated. Preventing competent people from doing reasonable
> things is not an acceptable cost.
Too late, Dave. You're trying to solve the wrong problem. People are
already blocking dialups, more and more every day. Your problem is
now to find a non-dialup SMTP client to relay your mail, which isn't
your ISP's. Obviously it's a necessary service -- why not start
providing it?
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Russell Nelson <[EMAIL PROTECTED]> wrote:
>
>Too late, Dave. You're trying to solve the wrong problem.
No, I'm trying to solve *my* problem, not the world's problems.
>People are already blocking dialups, more and more every day.
When my mail to people behind such blocks bounces, I'll resend it
through my ISP's mailhub with an explanation of why it was delayed.
>Your problem is now to find a non-dialup SMTP client to relay your
>mail, which isn't your ISP's.
My problem is that I've gotten caught in the anti-spam crossfire. My
problem is that anti-spam zealots have overreacted, or wrongly
reacted.
>Obviously it's a necessary service -- why not start providing it?
Lack of connectivity, and I'm not convinced it's a good idea. I'd have
to keep a constant vigil for spammers, lest I find my entire service
blacklisted. And then there's the authentication problem.
-Dave
Dave Sill writes:
> My problem is that I've gotten caught in the anti-spam crossfire. My
> problem is that anti-spam zealots have overreacted, or wrongly
> reacted.
If you try to solve the wrong problem, you just make it that much
harder on yourself.
> >Obviously it's a necessary service -- why not start providing it?
>
> Lack of connectivity,
Then why are you trying to send mail directly from a dialup???????????
You're making no sense, Dave.
> and I'm not convinced it's a good idea. I'd have to keep a constant
> vigil for spammers, lest I find my entire service blacklisted. And
> then there's the authentication problem.
So wrap the service (QMTP?) in an authentication protocol.
Authentication ensures that you only provide service to the people
with whom you have contracted. And the contract ensures that the
people behave responsibly.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
> 3. Playing -- situations like home Linux boxes where people want to
> make the connections direct because they can.
>
> There may be other reasons I've missed, as well.
I have a permanent link to the Internet. However, I don't control the
reverse lookup of my IP address, which is something that will probably be
considered a "dialup pool IP" by some anti-spam zealot. I receive several
hundred messages a day to this IP, delivered directly to my Unix
workstation. My machine also sends outgoing mail directly via SMTP, and
is certainly more reliable than whatever SMTP servers my ISP has. I
wouldn't consider that "playing".
Seems like the only folks who think it's OK to ban SMTP from dialups are
those who don't need to use such a setup themselves. Are you going to
consider ADSL/cablemodem IP pools "dialups" as well? In that case you are
going to block mail from lots of small business/SOHO LANs running their
own mail servers...
- Mike
Russell Nelson <[EMAIL PROTECTED]> wrote:
>
>Then why are you trying to send mail directly from a dialup???????????
>You're making no sense, Dave.
Why not? I'm not running mailing lists, just personal e-mail for a
family of five.
>So wrap the service (QMTP?) in an authentication protocol.
And convince Netscape and Qualcomm and ... to support it in their
MUA's?
>Authentication ensures that you only provide service to the people
>with whom you have contracted.
Hey, I thought *I* was the Master of the Obvious. :-)
>And the contract ensures that the people behave responsibly.
No, it gives you recourse when they don't. The difference means that
the service will require lots of babysitting.
-Dave
Mike Holling writes:
> Seems like the only folks who think it's OK to ban SMTP from dialups are
> those who don't need to use such a setup themselves.
If you want a reliable email system, you won't send mail from a
dialup. Why are we having this discussion?
> Are you going to consider ADSL/cablemodem IP pools "dialups" as
> well?
No. Unlike dialup spammers, they don't have the option of calling a
different ISP.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
On Mon, Feb 01, 1999 at 08:01:16PM -0000, Russell Nelson wrote:
> Mike Holling writes:
> > Seems like the only folks who think it's OK to ban SMTP from dialups are
> > those who don't need to use such a setup themselves.
>
> If you want a reliable email system, you won't send mail from a
> dialup. Why are we having this discussion?
Err.. I wouldn't want to relay thru my ISP's mailhost, no matter how competent these
people are (they are, most of 'm contributed to the kernel, one of 'm wrote minicom),
because they're running sendmail. I have a static IP and control my reverse now (but
I'm still dialup), but I expect to be able to send out mail from a dynamic IP just as
easily.
I don't know why we're having this discussion.
> > Are you going to consider ADSL/cablemodem IP pools "dialups" as
> > well?
>
> No. Unlike dialup spammers, they don't have the option of calling a
> different ISP.
Lots of dialup users don't have that option either, we already saw that.
Greetz, Peter.
--
.| Peter van Dijk
.| [EMAIL PROTECTED]
Dave Sill writes:
> Russell Nelson <[EMAIL PROTECTED]> wrote:
> >
> >Then why are you trying to send mail directly from a dialup???????????
> >You're making no sense, Dave.
>
> Why not? I'm not running mailing lists, just personal e-mail for a
> family of five.
An essential part of every complaint about dialup blocking has been
from people who have hosts with their own email queue. They don't see
the necessity of using someone else's queue when their own works
perfectly fine (or would, modulo dialup blocking). Given their
willingness to run an SMTP client from a part-time host, all that they
really need is a way to thrust mail through a host which isn't a
dialup. An SMTP proxy. It could be authenticated by running an
authentication daemon.
Remember: everybody who complains is clueful. You can ask them to do
things which would be unreasonable for lusers.
> >And the contract ensures that the people behave responsibly.
>
> No, it gives you recourse when they don't. The difference means that
> the service will require lots of babysitting.
No, you set the resource sufficiently high so that rational people do
not invoke it. Given that you can then pick the pockets of the
irrational people AND cut their service off, I don't see a problem
here. Do you?
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
> > Are you going to consider ADSL/cablemodem IP pools "dialups" as
> > well?
>
> No. Unlike dialup spammers, they don't have the option of calling a
> different ISP.
But how long will this be true? In a few years, xDSL services will be
more standardized, and folks will own their own DSL modems and switch
providers at will - just like they do now with analog modems. I already
have the choice of 5 or 6 different ISPs to use for ADSL, retaining the
same DSL "dialtone" from the telco in each case. I've already seen spam
coming from cablemodems and DSL links as well. I doubt the distinction
between "analog dialup" and "cablemodem/DSL" will stick around for very
long, and it's a short step from "I'm going to ban dialups" to "I'm going
to ban any IP assigned to ISP end-users".
- Mike
On Mon, Feb 01, 1999 at 12:03:01PM -0500, Len Budney wrote:
> [EMAIL PROTECTED] wrote:
> > So it doesn't seem that unreasonable to me to block SMTP from dialup
> > pools. The legitemate users appear to have perfectly reasonable
> > options, and it stops one way of injecting spam.
>
> It is your right, if you are an ISP. It will make many of us Linux
> users sad, because you have forbidden our "playing". It's rather a
> pity, in my opinion.
You get no argument from me there. It's indeed a pity. But that
doesn't make it any less necessary.
--
Regards,
Tim Pierce
RootsWeb Genealogical Data Cooperative
system obfuscator and hack-of-all-trades
On 01-Feb-99 Dave Sill wrote:
> Russell Nelson <[EMAIL PROTECTED]> wrote:
>
>>And the contract ensures that the people behave responsibly.
>
> No, it gives you recourse when they don't. The difference means that
> the service will require lots of babysitting.
Or a deposit.
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Searchable Campground Listings http://www.camping-usa.com
"There is no outfit less entitled to lecture me about bloat
than the federal government" -- Tony Snow
==========================================================================
Peter van Dijk writes:
> I don't know why we're having this discussion.
Because you're unhappy that people filter dialups. Get used to it.
You can't stop them, and the evidence shows that it stops some spam,
so you can't persuade them. All you can do is find a non-dialup host
to proxy your SMTP connection through.
> > No. Unlike dialup spammers, they don't have the option of calling a
> > different ISP.
>
> Lots of dialup users don't have that option either, we already saw that.
But apparently dialup spammers *do*, because they *do*.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Russell Nelson writes:
> Mike Holling writes:
> > Seems like the only folks who think it's OK to ban SMTP from dialups are
> > those who don't need to use such a setup themselves.
>
> If you want a reliable email system, you won't send mail from a
> dialup. Why are we having this discussion?
He's not sending E-mail from a dialup, but from a fixed circuit that's
allocated from the same pool used for traditional dialups.
His real problem is having a stupid ISP that won't properly set up reverse
DNS for him.
On Mon, Feb 01, 1999 at 12:11:28PM -0800, Mike Holling wrote:
} > > Are you going to consider ADSL/cablemodem IP pools "dialups" as
} > > well?
} >
} > No. Unlike dialup spammers, they don't have the option of calling a
} > different ISP.
}
} But how long will this be true? In a few years, xDSL services will be
} more standardized, and folks will own their own DSL modems and switch
} providers at will - just like they do now with analog modems. I already
} have the choice of 5 or 6 different ISPs to use for ADSL, retaining the
} same DSL "dialtone" from the telco in each case. I've already seen spam
} coming from cablemodems and DSL links as well. I doubt the distinction
} between "analog dialup" and "cablemodem/DSL" will stick around for very
} long, and it's a short step from "I'm going to ban dialups" to "I'm going
} to ban any IP assigned to ISP end-users".
It may come to that. If DSL IP banks become a significant, easily
blockable source of mostly spam, then of course they will be blocked.
So? Why is this supposed to be a problem for me if I block them?
Personally, I think it will be more of a problem for me if I don't.
}
} - Mike
}
}
--
--------
Paul J. Schinder
NASA Goddard Space Flight Center
[EMAIL PROTECTED]
Mike Holling writes:
> I doubt the distinction between "analog dialup" and
> "cablemodem/DSL" will stick around for very long, and it's a short
> step from "I'm going to ban dialups" to "I'm going to ban any IP
> assigned to ISP end-users".
It's "I'm going to ban any IP assigned to anonymous end-users", and
what's the problem with that? Why should all IP addresses be treated
with equal weight?
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
On Mon, Feb 01, 1999 at 12:11:36PM -0500, Dave Sill wrote:
> Stopping spam is a worthy goal, but one must seriously consider the
> costs associated.
Not just "worthy." For anyone running a large mail site it is
*necessary*. What may be a minor annoyance to you represents a
potential DOS attack to me.
The costs associated with *not* blocking mail from large dialup pools
are for me far greater than the costs of blocking occasional real mail
from home-network Linux users on WorldNet.
Note also that, as Sam observed, if your ISP will set up your reverse
DNS for you in a way that distinguishes it from a random dialup user,
then you're home free. You're safe as long as your network doesn't
look like "DYNAMIC-IP-192-168-666-666.BOZO-ISP.NET". Hell, I work
from home and dial in to a regular old 33.6Kbps modem at my ISP. But
since they've set up my PTR records at my request, I don't lose mail
from dialup blackhole lists. Problem solved.
--
Regards,
Tim Pierce
RootsWeb Genealogical Data Cooperative
system obfuscator and hack-of-all-trades
>I have a permanent link to the Internet. However, I don't control the
>reverse lookup of my IP address, which is something that will probably
be
>considered a "dialup pool IP" by some anti-spam zealot. I receive
several
>hundred messages a day to this IP, delivered directly to my Unix
>workstation. My machine also sends outgoing mail directly via SMTP, and
>is certainly more reliable than whatever SMTP servers my ISP has. I
>wouldn't consider that "playing".
Find another ISP. I have no sympathy for you. You are choosing to stay
with an ISP who is providing you with less service than you want (by not
providing a reverse lookup). Choose with your dollars.
>Seems like the only folks who think it's OK to ban SMTP from dialups are
>those who don't need to use such a setup themselves. Are you going to
>consider ADSL/cablemodem IP pools "dialups" as well? In that case you
are
>going to block mail from lots of small business/SOHO LANs running their
>own mail servers...
DSL connections are (at least in our case) more or less "nailed up."
Just like our T1 customers, we aren't worried about these people spamming
through our network, and we allow them direct outside access. They have
a financial incentive not to spam since it would void their contractual
agreements.
Dialup customers have no such incentive and no such contracts (nothing as
practically enforcable anwyay). In fact, they have an incentive to abuse
our service during the free trial period. The free trial period is
unfortunately something we have to offer to remain competitive, so we
have to restrict outbound mail for it.
If there were a real need for people to send outbound email directly to
their recipients, I'm sure we would offer such a service, and I'm sure
we'd have a contract restricting use appropriately. The simple fact is
that there is no such need, beyond people wanting to "play" with their
mail setup. Oddly enough, these people who "play" whine that they can
handle mail better than their ISP. This seems to be a contradiction in
terms, and of course ignores the fact that we don't make our money
selling services to people who want to "play" on the Internet.
shag
>> No, it gives you recourse when they don't. The difference means that
>> the service will require lots of babysitting.
>
>Or a deposit.
Requiring a deposit would probably prevent a good bit of spam.
Unfortunately market conditions make it impossible to do so and compete
with other ISPs who choose not to require a deposit.
shag
>His real problem is having a stupid ISP that won't properly set up
reverse
>DNS for him.
Actually, his real problem is that he continues to patronize an ISP who
doesn't provide him with adequate services. The ISP is not at fault
here.
shag
"Racer X" <[EMAIL PROTECTED]> wrote:
>
>Actually, his real problem is that he continues to patronize an ISP who
>doesn't provide him with adequate services. The ISP is not at fault
>here.
ISP's don't grow on trees, at least outside of U.S. metropolitan
areas.
It's easy for you to say "use a different ISP", but not so easy for
some of us to take that advice. Care to cover my long distance charges
so I can switch?
-Dave
On Mon, 1 Feb 1999, Racer X wrote:
> >I have a permanent link to the Internet. However, I don't control the
> >reverse lookup of my IP address, which is something that will probably
> be
> Find another ISP. I have no sympathy for you. You are choosing to stay
> with an ISP who is providing you with less service than you want (by not
> providing a reverse lookup). Choose with your dollars.
You know, that's *exactly* what I tell subscribers to mail lists who
are on ISPs who use ORBS. Seems I had an open relay that was
forwarding through me, and I got blocked by ORBS (or dorkslayers, or
whatever) because of that.
> mail setup. Oddly enough, these people who "play" whine that they can
> handle mail better than their ISP. This seems to be a contradiction in
> terms
Actually, it isn't - it's a simple matter of more immediate
response. If my mail server has a problem, I fix it. If my ISPs mail
server has a problem, I have to call their support number, and they
then call a tech to fix the problem. I respect my ISP, but I can fix a
problem faster than they can get someone to look into one.
<mike
Dave Sill writes:
> It's easy for you to say "use a different ISP", but not so easy for
> some of us to take that advice. Care to cover my long distance charges
> so I can switch?
He means "use a different ISP's SMTP relay." Yes, this means making
arrangement. Did you expect that stopping spam would be free? Dan's
proposed solution involves *paying* to send email.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
"Racer X" <[EMAIL PROTECTED]> wrote:
>
>Find another ISP.
Not an option.
>If there were a real need for people to send outbound email directly to
>their recipients, I'm sure we would offer such a service, and I'm sure
>we'd have a contract restricting use appropriately. The simple fact is
>that there is no such need, beyond people wanting to "play" with their
>mail setup.
No, the simple fact is that there is *little* need for such a
service. Most people are happy to use their ISP's mailhub. The vast
majority don't even realize they have the option of running their
own, or the tradeoffs involved.
>Oddly enough, these people who "play" whine that they can
>handle mail better than their ISP. This seems to be a contradiction in
>terms, and of course ignores the fact that we don't make our money
>selling services to people who want to "play" on the Internet.
We've touched a sore spot, eh? Sorry, but, yes, I can provide better
mail service for my family on my own server than my ISP can on their
server. I can implement policies that suit us; the ISP has thousands
of customers and has to implement policies that suit them and their
customers. And my server can be up and accessible to my "users" even
when the ISP's is down, or the network is down. I'll freely admit that
I'm an exceptional user, since I do for living the same kinds of
things ISP's do. They've had all kinds of trouble with their news
server. I've given them advice, which they've ignored...only to see
them implement it months later.
-Dave
>ISP's don't grow on trees, at least outside of U.S. metropolitan
>areas.
>
>It's easy for you to say "use a different ISP", but not so easy for
>some of us to take that advice. Care to cover my long distance charges
>so I can switch?
Given that I don't know exactly where you live, I can't really argue that
there is an ISP in your local calling area, so I'll assume that you've
done your homework and there really isn't one.
With that in mind, you have the following options:
1) Call your telco and ask them if they have any calling plans available
that will make some other ISP a flat-rate call. In some places this is
called a "Metro" calling plan or something along those lines. I know
that NYNEX/Bell Atlantic used to offer a plan in Massachusetts that made
the whole state a local call for around $55/month. Obviously other
states will be different. I'm pointing out this option because a lot of
people - a LOT of people - haven't even bothered to call their telco and
ask about such a plan.
2) Move to an area where you have cheaper access.
3) Get access through your employer or have them subsidize it for you.
4) Start your own ISP.
Again, I really can't sympathize. If there is only one ISP in your area
then there's simply no demand for network access in that area. No one
forced you to live where you live. If you think there is additional
demand that's not being fulfilled, start your own ISP and run it however
you like.
shag
>We've touched a sore spot, eh? Sorry, but, yes, I can provide better
>mail service for my family on my own server than my ISP can on their
>server. I can implement policies that suit us; the ISP has thousands
>of customers and has to implement policies that suit them and their
>customers. And my server can be up and accessible to my "users" even
>when the ISP's is down, or the network is down. I'll freely admit that
>I'm an exceptional user, since I do for living the same kinds of
>things ISP's do. They've had all kinds of trouble with their news
>server. I've given them advice, which they've ignored...only to see
>them implement it months later.
I have no problem with exceptional users. As a matter of fact, I would
be more than happy to have a customer call me up and offer me an extra
$10 a month for relaying services, to be governed by a contractual
agreement. My legal department would want to look it over I'm sure, but
from a tech/marketing standpoint it's fine with me.
My problem is that not a single person who feels they need this service
is willing to pay for it (or at least, has not expressed that willingness
here). As Russell said, if you want to be an exceptional user and get
exceptional services you should expect to pay some additional fees.
Since no one has offered to pay me anything more for this additional
service, I see no need for it.
shag
Dave Sill <[EMAIL PROTECTED]> writes on 1 February 1999 at 12:11:36 -0500
> [EMAIL PROTECTED] wrote:
> >
> >It's an unusual step for a dial-up user to make direct SMTP
> >connections from his system. Examining why they occur, there seem to
> >be 3 cases:
> >
> >1. Misconfiguration. They really should be going through their ISP's
> > mailserver.
> >
> >2. Spamming -- they're doing something they don't want to be visible
> > to their ISP.
> >
> >3. Playing -- situations like home Linux boxes where people want to
> > make the connections direct because they can.
>
> 4. Home networks.
>
> I've got three PC's connected to a 3Com LAN modem: two Winblows boxes
> and a Linux box. Rather than having the scattered MUA's talk to the
> ISP's servers for POP and SMTP service, I'd like them to talk to my
> local server. That way they can send and receive mail even when the
> modem isn't connected or the ISP is down--an all-too-common
> occurrence.
I guess I just don't think of running networks on a dialup these
days. I had to expand to a second small (8-port) hub at home, but
they're all on static ips, so they don't look like anybody's dialup
pool.
> >So it doesn't seem that unreasonable to me to block SMTP from dialup
> >pools. The legitemate users appear to have perfectly reasonable
> >options, and it stops one way of injecting spam.
>
> I disagree. Yes, I could configure my server to pass everything off to
> the ISP's mail hub, but, frankly, I can do a better job of it than
> they can. And switching to a more competant ISP is not an
> option. Where I live, there's only one ISP that's reachable via a
> local call.
Really? How much better? AND -- how many people are affected?
> Stopping spam is a worthy goal, but one must seriously consider the
> costs associated. Preventing competent people from doing reasonable
> things is not an acceptable cost.
I think there's a fair range of opinion available as to just what's
reasonable. It's not really that cut-and-dried.
--
David Dyer-Bennet [EMAIL PROTECTED]
http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon
http://ouroboros.demesne.com/ The Ouroboros Bookworms
Join the 20th century before it's too late!
Russell Nelson <[EMAIL PROTECTED]> wrote:
> He means "use a different ISP's SMTP relay." Yes, this means making
> arrangement. Did you expect that stopping spam would be free? Dan's
> proposed solution involves *paying* to send email.
I think Dan's mistake is right here:
A long-term solution is to insist on prepayment for unauthorized
resource use. The tricky technical problem is to make the
prepayment enforcement mechanism cheaper than the expected cost of
the attacks. ^^^^^^^
Perhaps it's a mistake to worry about the cost of enforcement, so long
as the cost of attacks is prohibitive. With filthy spammers corrupting
the virtue of _our_ internet, we should consider this a wartime
situation.
I for one would be glad to pay at least .37 US dollars per email, if
it helps to reduce spam. This, then, is my proposal:
1. Pass US laws and international treaties replacing SMTP with an
authenticating protocal. Through threat of fines and
imprisonment, force adoption of the new protocol by a sufficient
majority of providers. This will render SMTP impractical for
widespread use, just as dialup-blocking threatens to render
direct delivery infeasible.
By explicitly outlawing SMTP, we can be fairly sure that a
substitue protocal will not be adopted; to do so would require
some sort of consensus. Even implementing SMTP on port 965 is not
a great risk--too many people would prefer port 923, or 817.
2. Impose penalties of fine and imprisonment on anyone who directly
misuses the new authenticating protocal. Aim the penalties at
ISP's and relay hosts; we already observe that they will be much
more draconic at enforcement than any democratic government
would dare.
3. Empower local/federal governments to issue authentication tokens
for the new protocal; these "email stamps" should cost at least
10% more than snail postage purchased from the same authority.
Voila! Spammers will observe that postage is cheaper than an "email
token", and spam will be a thing of the past.
Len.
--
16. Do not Puff up the Cheeks, Loll not out the tongue rub the Hands,
or beard, thrust out the lips, or bite them or keep the Lips too open
or too Close.
-- George Washington, "Rules of Civility & Decent Behaviour"
Dave Sill <[EMAIL PROTECTED]> writes on 1 February 1999 at 13:59:11 -0500
> Russell Nelson <[EMAIL PROTECTED]> wrote:
> >
> >Too late, Dave. You're trying to solve the wrong problem.
>
> No, I'm trying to solve *my* problem, not the world's problems.
>
> >People are already blocking dialups, more and more every day.
>
> When my mail to people behind such blocks bounces, I'll resend it
> through my ISP's mailhub with an explanation of why it was delayed.
>
> >Your problem is now to find a non-dialup SMTP client to relay your
> >mail, which isn't your ISP's.
>
> My problem is that I've gotten caught in the anti-spam crossfire. My
> problem is that anti-spam zealots have overreacted, or wrongly
> reacted.
Maybe, but I'm nowhere near convinced it's wrong or overly broad.
You, yourself, probably really can run your own MTA better than your
ISP -- sounds like you have a bad one. I believe this is vanishingly
rare today, and will become even rarer over the next few years. Since
I believe that, I don't see the cost of forcing you to go through your
ISPs mailserver to be very big. Even if you can do it better -- HOW
MUCH better?
But it's certainly true that you're the one caught in the pinch.
If dialups are ignored, any attempt to block spam by IP of origin is
hopeless. That's the one loophole we can't close.
--
David Dyer-Bennet [EMAIL PROTECTED]
http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon
http://ouroboros.demesne.com/ The Ouroboros Bookworms
Join the 20th century before it's too late!
Len Budney <[EMAIL PROTECTED]> wrote:
>
> I for one would be glad to pay at least .37 US dollars per email, if
> it helps to reduce spam. This, then, is my proposal:
Out of curiosity, who would pay for (for example) the qmail mailing list?
USD$0.37 * subscribers * messages/day would not be cheap.
And there are bigger mailing lists out there.
> 2. Impose penalties of fine and imprisonment on anyone who directly
> misuses the new authenticating protocal. Aim the penalties at
> ISP's and relay hosts; we already observe that they will be much
> more draconic at enforcement than any democratic government
> would dare.
Punish ISPs because one of their users happens to break the law? How quickly
do you want the ISPs to go out of business because they can't afford/obtain
insurance against the acts of their users?
I'm sorry, but these do not seem like practical steps in my book.
Charles
--
----------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
Any opinions expressed are just that -- my opinions.
----------------------------------------------------
On 01-Feb-99 Racer X wrote:
>>> No, it gives you recourse when they don't. The difference means that
>>> the service will require lots of babysitting.
>>
>>Or a deposit.
>
> Requiring a deposit would probably prevent a good bit of spam.
> Unfortunately market conditions make it impossible to do so and compete
> with other ISPs who choose not to require a deposit.
There are a growing number doing this already. Some don't and charge
a hefty "cleanup fee" to the luser's credit card (don't know the details
if anyone's tried to dispute the charge).
One day it may very well get down to Dan's idea of prepayment for mail.
I've tried something similar with telemarketers, asking them for a PO
number prior to listening to their spiel stops them in their tracks!
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Searchable Campground Listings http://www.camping-usa.com
"There is no outfit less entitled to lecture me about bloat
than the federal government" -- Tony Snow
==========================================================================
Dave Sill writes:
> "Racer X" <[EMAIL PROTECTED]> wrote:
> >
> >Actually, his real problem is that he continues to patronize an ISP who
> >doesn't provide him with adequate services. The ISP is not at fault
> >here.
>
> ISP's don't grow on trees, at least outside of U.S. metropolitan
> areas.
Well, that sucks then.
> It's easy for you to say "use a different ISP", but not so easy for
> some of us to take that advice. Care to cover my long distance charges
> so I can switch?
There's an old proverb, that goes something like this:
"Life stinks."
I think it was even a movie, once (a rather bad one, as I recall). You
have no civil or any kind of a right to high quality Internet access, and
if the only thing that's available to you is some substandard setup like
that, well, you'll just have to wait until your choices improve.
On 01-Feb-99 Mike Meyer wrote:
> Actually, it isn't - it's a simple matter of more immediate
> response. If my mail server has a problem, I fix it. If my ISPs mail
> server has a problem, I have to call their support number, and they
> then call a tech to fix the problem. I respect my ISP, but I can fix a
> problem faster than they can get someone to look into one.
And if you're out of town for a couple of weeks? I'd be willing to bet
your ISP could get to their problems quicker than you if you're gone. The
attraction to the ISP doing it is that there's a better chance of getting
someone on the phone to fix something.
Vince.
--
==========================================================================
Vince Vielhaber -- KA8CSH email: [EMAIL PROTECTED] flame-mail: /dev/null
# include <std/disclaimers.h> TEAM-OS2
Online Searchable Campground Listings http://www.camping-usa.com
"There is no outfit less entitled to lecture me about bloat
than the federal government" -- Tony Snow
==========================================================================
From: Paul Schinder <[EMAIL PROTECTED]>
:It may come to that. If DSL IP banks become a significant, easily
:blockable source of mostly spam, then of course they will be blocked.
:So? Why is this supposed to be a problem for me if I block them?
:Personally, I think it will be more of a problem for me if I don't.
I doubt that will happen, a DSL line is a significant investment, which is
paid for in advance, and installed at a real address, as opposed to a dialup
line, which can be paid for with a (ripped off) credit card, made active the
same day, and is nearly anonymous.
:Paul J. Schinder
--Adam
Russell Nelson wrote:
> Dave Sill writes:
,,,
> > I disagree. Yes, I could configure my server to pass everything off to
> > the ISP's mail hub, but, frankly, I can do a better job of it than
> > they can. And switching to a more competant ISP is not an
> > option. Where I live, there's only one ISP that's reachable via a
> > local call.
...
> Too late, Dave. You're trying to solve the wrong problem. People are
> already blocking dialups, more and more every day. Your problem is
> now to find a non-dialup SMTP client to relay your mail, which isn't
> your ISP's. Obviously it's a necessary service -- why not start
> providing it?
Sounds like an opportunity for someone to jump in and offer up an SMTP
end point service. Since port 25 won't be reachable, options include
using another port (can qmail be configured to send and receive on any
arbitrary port?) or tunnelling. How would it be secured? Would qmail
handle it securely? If by IP address, can qmail make sure the IP is
not spoofed? Personally I like the idea of tunnels since that gives a
number of other options, too.
--
Phil Howard | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
phil | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
at | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
ipal | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
dot | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
net | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
>There are a growing number doing this already. Some don't and charge
>a hefty "cleanup fee" to the luser's credit card (don't know the details
>if anyone's tried to dispute the charge).
Legally I don't know how valid this is. I suspect that it would be
trivial to have this waived as "dispute with merchant." This can
adversely affect the merchant's ability to use transaction clearing
services (it's hard enough to get a merchant account in the first place),
so it's not really a workable solution.
Also, asking for a credit card up front for a "free trial" tends to scare
customers. And, of course, this doesn't cover people who pay by check or
invoice every month.
Sad but true.
>One day it may very well get down to Dan's idea of prepayment for mail.
>I've tried something similar with telemarketers, asking them for a PO
>number prior to listening to their spiel stops them in their tracks!
I'd really like to see a specification for this, something concrete and
reasonably simple to install. I'd also be interested to know if anyone's
thought of setting up email peering points, analogous to the NAPs in
major cities. These peering points could have their own rules, and could
use a new protocol without affecting the Internet as a whole.
shag
Dude, I don't normally chime in on flame wars, especially one's that have no
place being on a qmail mailing list, but if they are that bad, get some
capital investment and put them out of buisness. I started an ISP years
ago, and it bombed miserably, mainly because at the time I was the only one
who had some clue what was going on in our company, and I tons more know how
than before. Sounds like you could put them out of buisness in no time.
Incidentally, blocking dialup IP's is a BAD idea, the best way to stop SPAM
relay is to do tarpitting. Here is a very simple and comical interaction
between a spammer using a dialup and any relay out there:
Server: Hi I am an SMTP server
Client: How ya doing my name is spam
Server: ok spam go ahead and send whatever you want through me
Client: ok here comes message 1
Server: ok
Client: Message 2
Server: ok.....
Many messages later
Server thinking to itself: Hmmm...It is very odd that this client should be
sending this many copies of one mail to all these different people, I am at
a hundred already, let's start puting in a 5 second pause between accepting
them.
Client: message 100
Server: Oh wait hold on a sec *twiddle*...3...2...1... Ok I am ready
Client: Message 101
Server: Oh wait hold on a sec....
Server thinking to itself: MUHAHAHA if this guy is a real spammer and has
100,000 emails like a typical spammer it should take him 5.78125 days
MUHAHAHA!!!
Hey it's a monday! >:)
Joe
> -----Original Message-----
> From: Sam [mailto:[EMAIL PROTECTED]]
> Sent: Monday, February 01, 1999 4:45 PM
> Cc: [EMAIL PROTECTED]
> Subject: Re: Three solutions for spam
>
>
> Dave Sill writes:
>
> > "Racer X" <[EMAIL PROTECTED]> wrote:
> > >
> > >Actually, his real problem is that he continues to patronize an ISP who
> > >doesn't provide him with adequate services. The ISP is not at fault
> > >here.
> >
> > ISP's don't grow on trees, at least outside of U.S. metropolitan
> > areas.
>
> Well, that sucks then.
>
> > It's easy for you to say "use a different ISP", but not so easy for
> > some of us to take that advice. Care to cover my long distance charges
> > so I can switch?
>
> There's an old proverb, that goes something like this:
>
> "Life stinks."
>
> I think it was even a movie, once (a rather bad one, as I recall). You
> have no civil or any kind of a right to high quality Internet access, and
> if the only thing that's available to you is some substandard setup like
> that, well, you'll just have to wait until your choices improve.
>
On Mon, 1 Feb 1999, Vince Vielhaber wrote:
> On 01-Feb-99 Mike Meyer wrote:
> > Actually, it isn't - it's a simple matter of more immediate
> > response. If my mail server has a problem, I fix it. If my ISPs mail
> > server has a problem, I have to call their support number, and they
> > then call a tech to fix the problem. I respect my ISP, but I can fix a
> > problem faster than they can get someone to look into one.
>
> And if you're out of town for a couple of weeks? I'd be willing to bet
> your ISP could get to their problems quicker than you if you're gone. The
> attraction to the ISP doing it is that there's a better chance of getting
> someone on the phone to fix something.
True - but that's why my ISP is listed as an MX for my systems. They
have a timeout longer than any vacation I've taken in the last decade.
If I'm going to be gone for a very long time, I make - and sometimes
pay for - other arrangements, ranging from a house sitter who can do
some admin work, to paying my ISP to set up virtual domains to cover
the ones on my server.
After all, I sometimes cover for my ISP when their technical people
are unavailable - it's only fair that I get them to cover for me.
<mike
On Mon, 1 Feb 1999 [EMAIL PROTECTED] wrote:
> Sounds like an opportunity for someone to jump in and offer up an SMTP
> end point service. Since port 25 won't be reachable, options include
> using another port (can qmail be configured to send and receive on any
> arbitrary port?) or tunnelling. How would it be secured? Would qmail
> handle it securely? If by IP address, can qmail make sure the IP is
> not spoofed? Personally I like the idea of tunnels since that gives a
> number of other options, too.
Do you really think there's a service for this? If so, I'd be willing
to offer it. I can see how to do this using ssh now. That takes care
of security, authentication, and ISP blocking the port (blocking port
22 would take *some nerve*).
I could actually offer this service if someone can convince me it'd be
worth my time/effort to set up. Drop me a note if you're interested...
<mike
> On Mon, 1 Feb 1999 [EMAIL PROTECTED] wrote:
> > Sounds like an opportunity for someone to jump in and offer up an SMTP
> > end point service. Since port 25 won't be reachable, options include
> > using another port (can qmail be configured to send and receive on any
> > arbitrary port?) or tunnelling. How would it be secured? Would qmail
> > handle it securely? If by IP address, can qmail make sure the IP is
> > not spoofed? Personally I like the idea of tunnels since that gives a
> > number of other options, too.
>
> Do you really think there's a service for this? If so, I'd be willing
Ack. Make that "Do you really think there's a MARKET for this?" If so, I'd ...
<mike
On Mon, Feb 01, 1999 at 03:34:51PM -0600, [EMAIL PROTECTED] wrote:
> Dave Sill <[EMAIL PROTECTED]> writes on 1 February 1999 at 13:59:11 -0500
> > Russell Nelson <[EMAIL PROTECTED]> wrote:
> > >
> > >Too late, Dave. You're trying to solve the wrong problem.
> >
> > No, I'm trying to solve *my* problem, not the world's problems.
> >
> > >People are already blocking dialups, more and more every day.
> >
> > When my mail to people behind such blocks bounces, I'll resend it
> > through my ISP's mailhub with an explanation of why it was delayed.
> >
> > >Your problem is now to find a non-dialup SMTP client to relay your
> > >mail, which isn't your ISP's.
> >
> > My problem is that I've gotten caught in the anti-spam crossfire. My
> > problem is that anti-spam zealots have overreacted, or wrongly
> > reacted.
>
> Maybe, but I'm nowhere near convinced it's wrong or overly broad.
> You, yourself, probably really can run your own MTA better than your
> ISP -- sounds like you have a bad one. I believe this is vanishingly
> rare today, and will become even rarer over the next few years. Since
> I believe that, I don't see the cost of forcing you to go through your
> ISPs mailserver to be very big. Even if you can do it better -- HOW
> MUCH better?
Here in The Netherlands, of the 2 biggest ISPs (both about 300.000 dialup customers),
one (worldonline.nl) CONSTANTLY fucks up their e-mail. They offer different services
under different domain names (tip.nl and open.net), and every once in a while it
starts to bounce mail for these domains for a day or two.
The other biggest ISP is responsible for some bounce messages in my inbox.. quota
exceeded on [EMAIL PROTECTED]
It's not going to vanish. These two ISPs are growing, and growing hard. Technically,
they suck. But who is gonna tell (and convince!) all those innocent customers?
Greetz, Peter.
--
.| Peter van Dijk
.| [EMAIL PROTECTED]
Dave Sill wrote:
> ISP's don't grow on trees, at least outside of U.S. metropolitan
> areas.
>
> It's easy for you to say "use a different ISP", but not so easy for
> some of us to take that advice. Care to cover my long distance charges
> so I can switch?
Sounds like a fresh opportunity to grow one, to me.
--
Phil Howard | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
phil | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
at | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
ipal | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
dot | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
net | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
On Mon, 1 Feb 1999 [EMAIL PROTECTED] wrote:
> There may be. I'd not use SSH myself since it isn't free for commercial use.
> I'd have to buy the server copy of SSH to be able to offer it as a service
> that you pay for.
True - I'd forgotten that aspect of it.
> OTOH, there is vppp which is a tunnel that does PPP over TCP with some lite
> authentication. That may be adequate where SSH is probably overkill.
Depends on what you want. What's the authentication for vppp? If it's
just passwords in the clear, I'd rather not use it. I've got sshd set
up already - I've turned off anything that connect to my machine with
clear-text passwords, as we have password sniffing. Given that I've
got sshd installed, and no ppp set up at all, guess which is easer for
me. If the cost for sshd commercial use was sufficiently high, there
are freeware ssh clients for windows. It might be possible to work
that into a freeware ssh server as well.
If you're worried about privacy, using ssh means your email is
encrypted through to my server.
> And don't forget that while many people are shutting out spammers from dialup
> ports at the server end, some (including we) are blocking SMTP on the dialup
> itself (except to local servers). We've had several cases of hit-and-run
> spammers in the past, but none since that filtering was put in place.
Not a problem. The connection you'd see is identical to an ssh login
connection; there's no way for you (as an ISP) to tell whether the
client is tunneling X, NNTP, STMP, or whatever through it.
Which brings something to mind - there's been some talk of replacing
SMTP with something that includes authentication. I hope that anyone
doing this looks into encrypting the email end-to-end at the protocol
level. It might be that the existing UMA/UMA encryption technologies
are cleaner than anything you can do at the protocol level, but it
bears looking into.
<mike
Mike Meyer wrote:
> On Mon, 1 Feb 1999 [EMAIL PROTECTED] wrote:
> > Sounds like an opportunity for someone to jump in and offer up an SMTP
> > end point service. Since port 25 won't be reachable, options include
> > using another port (can qmail be configured to send and receive on any
> > arbitrary port?) or tunnelling. How would it be secured? Would qmail
> > handle it securely? If by IP address, can qmail make sure the IP is
> > not spoofed? Personally I like the idea of tunnels since that gives a
> > number of other options, too.
>
> Do you really think there's a service for this? If so, I'd be willing
> to offer it. I can see how to do this using ssh now. That takes care
> of security, authentication, and ISP blocking the port (blocking port
> 22 would take *some nerve*).
There may be. I'd not use SSH myself since it isn't free for commercial use.
I'd have to buy the server copy of SSH to be able to offer it as a service
that you pay for.
OTOH, there is vppp which is a tunnel that does PPP over TCP with some lite
authentication. That may be adequate where SSH is probably overkill.
And don't forget that while many people are shutting out spammers from dialup
ports at the server end, some (including we) are blocking SMTP on the dialup
itself (except to local servers). We've had several cases of hit-and-run
spammers in the past, but none since that filtering was put in place.
--
Phil Howard | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
phil | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
at | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
ipal | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
dot | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
net | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
> Find another ISP. I have no sympathy for you. You are choosing to stay
> with an ISP who is providing you with less service than you want (by not
> providing a reverse lookup). Choose with your dollars.
I haven't asked for a reverse lookup, I haven't needed to worry about it.
I have a static IP address which happens to be chosen by my provider, and
fits the "pattern" of a dialup. It resolves fine both ways. My ISP
allows me to send and receive packets on any ports I want, and has
reasonably good connectivity. That's what's important.
> DSL connections are (at least in our case) more or less "nailed up."
> Just like our T1 customers, we aren't worried about these people spamming
> through our network, and we allow them direct outside access. They have
> a financial incentive not to spam since it would void their contractual
> agreements.
That may be true today. However, the push is to make DSL more
standardized. A year or two from now, it's likely that you'll buy an
off-the-shelf DSL modem and get DSL service from your telco, allowing you
to switch ISPs almost as easily as you can switch ISPs with analog dialups
today.
> If there were a real need for people to send outbound email directly to
> their recipients, I'm sure we would offer such a service, and I'm sure
> we'd have a contract restricting use appropriately. The simple fact is
> that there is no such need, beyond people wanting to "play" with their
> mail setup. Oddly enough, these people who "play" whine that they can
> handle mail better than their ISP. This seems to be a contradiction in
> terms, and of course ignores the fact that we don't make our money
> selling services to people who want to "play" on the Internet.
Actually, I make a living as a part-time administrator/consultant for
various ISPs (among other things). Setting up and fixing mail servers is
part of what I do. My consulting company and another web design firm
share a LAN and a high-speed link. I'm working on moving the web
company's email in-house because their ISP (which is separate from the
provider providing us access) is not as reliable as what I can provide
them locally. My connectivity provider gives me several static IP
addresses and routes my packets, that's all I really want from them. I
have no desire or reason to use their servers at all.
I believe there will soon be a large number of SOHO/home LANs coming
online via DSL or cablemodem links. If you assume that everyone at the
far end of the wire is just a "whiner" who wants to "play" on the
Internet, your ISP is probably going to be missing out on a rather large
market. Or are you one of those misguided folks who somehow believes that
a "business" vs. "home" DSL/cablemodem setup should be a separate product
that costs significantly more?
- Mike
[EMAIL PROTECTED] writes:
> There may be. I'd not use SSH myself since it isn't free for commercial use.
> I'd have to buy the server copy of SSH to be able to offer it as a service
> that you pay for.
The licensing for version 1 of ssh is quite liberal.
On Mon, Feb 01, 1999 at 04:59:48PM -0800, Mike Holling wrote:
> > Find another ISP. I have no sympathy for you. You are choosing to stay
> > with an ISP who is providing you with less service than you want (by not
> > providing a reverse lookup). Choose with your dollars.
>
> I haven't asked for a reverse lookup, I haven't needed to worry about it.
It looks like you need it now.
--
Regards,
Tim Pierce
RootsWeb Genealogical Data Cooperative
system obfuscator and hack-of-all-trades
Paul Schinder <[EMAIL PROTECTED]> writes:
> It may come to that. If DSL IP banks become a significant, easily
> blockable source of mostly spam, then of course they will be blocked.
> So? Why is this supposed to be a problem for me if I block them?
Because it's possible there will reach a point where the number of hoops
the person using DSL would have to jump through to successfully get mail
to you will exceed their patience, at which point they'll just say "screw
it" and stop communicating with you.
I'll point out that this mailing list is being run off what is arguably an
IP address provided to an end-user by an ISP. (At least possibly; I'm not
aware of whatever arrangements Dan has with his university. But here at
Stanford, I'd put faculty machines into that category.)
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
> > It may come to that. If DSL IP banks become a significant, easily
> > blockable source of mostly spam, then of course they will be blocked.
> > So? Why is this supposed to be a problem for me if I block them?
>
> Because it's possible there will reach a point where the number of hoops
> the person using DSL would have to jump through to successfully get mail
> to you will exceed their patience, at which point they'll just say "screw
> it" and stop communicating with you.
>
> I'll point out that this mailing list is being run off what is arguably an
> IP address provided to an end-user by an ISP. (At least possibly; I'm not
> aware of whatever arrangements Dan has with his university. But here at
> Stanford, I'd put faculty machines into that category.)
Exactly. The implicit assumption being promoted here is that an ISP's
mail server is somehow more "legitimate" than an arbitrary mailserver on
the Internet. As Russ has just demonstrated, there is quite a bit of
legitimate mail transacted on non-ISP servers.
- Mike
Len Budney <[EMAIL PROTECTED]> writes:
> I for one would be glad to pay at least .37 US dollars per email, if
> it helps to reduce spam.
I wouldn't. Nor will I.
Period.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
From: Russ Allbery <[EMAIL PROTECTED]>
:Paul Schinder <[EMAIL PROTECTED]> writes:
:I'll point out that this mailing list is being run off what is arguably an
:IP address provided to an end-user by an ISP. (At least possibly; I'm not
:aware of whatever arrangements Dan has with his university. But here at
:Stanford, I'd put faculty machines into that category.)
That may be so, but if it's Dan's machine, then he is accountable for every
piece of mail that leaves it. It's a little harder to make someone
accountable for 128.3cust.da.uu.net (etc)
:Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
--Adam
On Mon, Feb 01, 1999 at 07:24:21PM -0800, Russ Allbery wrote:
} Paul Schinder <[EMAIL PROTECTED]> writes:
}
} > It may come to that. If DSL IP banks become a significant, easily
} > blockable source of mostly spam, then of course they will be blocked.
} > So? Why is this supposed to be a problem for me if I block them?
}
} Because it's possible there will reach a point where the number of hoops
} the person using DSL would have to jump through to successfully get mail
} to you will exceed their patience, at which point they'll just say "screw
} it" and stop communicating with you.
Yes, Russ, but if I care, then I'll arrange things so that they can
send mail. If I don't care, then it doesn't matter. One less thing
in my mailboxes.
}
} I'll point out that this mailing list is being run off what is arguably an
} IP address provided to an end-user by an ISP. (At least possibly; I'm not
} aware of whatever arrangements Dan has with his university. But here at
} Stanford, I'd put faculty machines into that category.)
Clearly different. Dial-up's are usually too much trouble for an ISP
track who was using what when. You know who's responsible for a
university faculty machine. (I'm aware of the student problem; my
wife is a university faculty member.) The number of spams I get that
I can identify as from university faculty machines is zero. I get
them on occasion from open University relays that are identifiable as
mail relay machines. If DSL lines are accountable, then they won't
be major sources of spam unless the ISP that controls them
deliberately allows spam.
The whole point of people on the other side of this is that I should
make decisions on my end based on their desires. That's not the way
the game works.
}
} --
} Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
(About to send this from a machine using qmail on a dialup.. with a
fixed IP.)
--
Paul Schinder
[EMAIL PROTECTED]
On Mon, Feb 01, 1999 at 07:24:21PM -0800, Russ Allbery wrote:
} Paul Schinder <[EMAIL PROTECTED]> writes:
} > It may come to that. If DSL IP banks become a significant, easily
} > blockable source of mostly spam, then of course they will be blocked.
} > So? Why is this supposed to be a problem for me if I block them?
}
} Because it's possible there will reach a point where the number of hoops
} the person using DSL would have to jump through to successfully get mail
} to you will exceed their patience, at which point they'll just say "screw
} it" and stop communicating with you.
Yes, Russ, but if I care, then I'll arrange things so that they can
send mail. If I don't care, then it doesn't matter. One less thing
in my mailboxes.
}
} I'll point out that this mailing list is being run off what is arguably an
} IP address provided to an end-user by an ISP. (At least possibly; I'm not
} aware of whatever arrangements Dan has with his university. But here at
} Stanford, I'd put faculty machines into that category.)
Clearly different. Dial-up's are usually too much trouble for an ISP
track who was using what when. You know who's responsible for a
university faculty machine. (I'm aware of the student problem; my
wife is a university faculty member.) The number of spams I get that
I can identify as from university faculty machines is zero. I get
them on occasion from open University relays that are identifiable as
mail relay machines. If DSL lines are accountable, then they won't
be major sources of spam unless the ISP that controls them
deliberately allows spam.
The whole point of people on the other side of this is that I should
make decisions on my end based on their desires. That's not the way
the game works.
}
} --
} Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
(About to send this from a machine using qmail on a dialup.. with a
fixed IP.)
--
Paul J. Schinder
NASA Goddard Space Flight Center
[EMAIL PROTECTED]
On Mon, Feb 01, 1999 at 04:28:04PM -0500, Len Budney wrote:
>
> I for one would be glad to pay at least .37 US dollars per email, if
> it helps to reduce spam. This, then, is my proposal:
>
I'd like to chime in and say that I too would be glad for Len
to pay $US .37 per email.
--
John White
[EMAIL PROTECTED]
PGP Public Key: http://www.triceratops.com/john/public-key.pgp
>Clearly different. Dial-up's are usually too much trouble for an ISP
>track who was using what when. You know who's responsible for a
>university faculty machine. (I'm aware of the student problem; my
>wife is a university faculty member.) The number of spams I get that
>I can identify as from university faculty machines is zero. I get
>them on occasion from open University relays that are identifiable as
>mail relay machines. If DSL lines are accountable, then they won't
>be major sources of spam unless the ISP that controls them
>deliberately allows spam.
I want to comment on this and make sure everyone is aware of WHY it's
hard to track who's doing what on dialup.
It is certainly not too difficult to track when a user signs on.
Obviously they have to authenticate somehow and you can tell when they do
that. Usually you can tell when they log off too. Assuming you're using
Radius, this is all a no-brainer. It's also pretty trivial to log what
IP address they were given, how long they were on for, how many bytes
they transferred, which particular modem port they used, what speed they
were connected at, why they disconnected, caller ID information, etc.
Some of this is dependent on your network hardware, but things like the
address and connect time are pretty common. (*)
This seems like a lot of information but in reality it's useless for
tracking a spammer. If the spammer connects directly out to an open
relay, there's nothing you can do short of sniffing his traffic. The
victim may send you a log file saying who connected and at what time, but
those logs can't be reasonably assured to be authentic. If it comes down
to someone on the outside purporting to have logs catching someone
spamming, and my user says they didn't do it, I have to take the side of
the user.
On the other hand, when the dialup user is forced to go through my mail
server, a number of countermeasures become possible. Most spammers are
too dumb (or desperate) to slow down their mail, so a simple "uptime"
check every 5 minutes, coupled with a pager alert, checks most problems
before they can really start. The logs are authentic; I trust my own
servers, and I have my routers and dialup servers set up so that spoofing
IP addresses would be next to impossible. I can also go into the queue
and remove spam that hasn't gone out yet.
So as an spam deterrent this is pretty effective. I wouldn't mind
putting all this up on the web page for people to see (although I don't
know whether they'd look). Something like "we WILL catch you in a hurry,
and we WILL delete any spam that's in our queue, and we WILL have logs if
we choose to file a claim for damages (which we can do under California
law)."
shag
(*) I would like to point out that although we don't use any of this
information in anything other than an aggregate format to track capacity
requirements, and we never release it to outside sources, your ISP may
not have the same policies.
I told myself I wouldn't reply to this thread...
On Feb 01, 1999 at 19:28:07 -0800, Mike Holling twiddled the keys to say:
> Exactly. The implicit assumption being promoted here is that an ISP's
> mail server is somehow more "legitimate" than an arbitrary mailserver on
> the Internet. As Russ has just demonstrated, there is quite a bit of
> legitimate mail transacted on non-ISP servers.
Righto.. I've been running mailing lists here for a couple years. In the
last few days I've been blocked by RBL (no, my box is closed) as well as
that one that blocks for running my own mail server *not* via my ISP's
server. (Sorry, I don't remember the acronym for that one.)
My mail is not legitimate?
The folks on my lists are quite happy to receive the posts they
subscribed to. The problem seems to be the offhand ways providers are
filtering their mail. Did they ask their customers? Apparently not, from
all the bounces I'm seeing.
Rick Myers [EMAIL PROTECTED]
----------------------------------------------------
The Feynman Problem 1) Write down the problem.
Solving Algorithm 2) Think real hard.
3) Write down the answer.
Paul J Schinder <[EMAIL PROTECTED]> writes:
> Clearly different. Dial-up's are usually too much trouble for an ISP
> track who was using what when. You know who's responsible for a
> university faculty machine.
Heh. Heh heh. Um... "in theory" is the phrase that comes to mind.
> (I'm aware of the student problem; my wife is a university faculty
> member.) The number of spams I get that I can identify as from
> university faculty machines is zero.
Sure. But the problem was being cast in terms of "IP address provided by
ISP to end user." The point that I'm trying to make is that a better
casting of the problem is in terms of "IP addresses provided without any
clear means of accountability." ISPs are currently forced into providing
trial-period accounts for competition reasons, and those clearly fall into
that category.
I think that "dialups" is the *wrong* statement of the problem. There
exist plenty of dialup pools that are not a spam risk. For example,
consider a large company that has a dialup pool available to contractors
who for whatever reason need direct external connectivity (there *are*
companies that do this; I have worked for one in the past). In order to
have access to it, you have to be employed by the company. This is not a
spam risk. Yet it's a dialup pool.
The right place to be looking here is "do the people managing this range
of IP addresses have sufficient safeguards in place to make spamming not a
problem" not "oh, it looks like a dialup, nuke it." To take another
example, nearly all dialup pools *outside* the United States may have
sufficient safeguards in place. I don't know. But the economics there
are different than they are here.
To take a third example, if you're actually preventing any spam by
blocking Stanford's dialup pool (yes, we run our own), I'd dearly like to
know about it. Feel free to mail me off-list if you've seen anything like
that, provide timestamps, and I'll take it up with our abuse folks and can
provide a much more effective solution to those problems than blocking our
dialups would ever provide.
> I get them on occasion from open University relays that are identifiable
> as mail relay machines.
Yes. Universities have a major relay problem. I'm not excluding us on
that either, although we're *trying* (operative word) to be proactive
about it. Having lots of Unix boxes directly on the Internet is very nice
for some things but causes lots of headaches for others, particularly when
most Unix vendors are still complete idiots about their default MTA
configuration.
> The whole point of people on the other side of this is that I should
> make decisions on my end based on their desires. That's not the way the
> game works.
No, my point is that I like communicating with other people. This is the
whole reason why I use the Internet. But there is a level beyond which I
am unwilling to go to communicate with someone. I by and large will not
waste my time undoing spam-blocked addresses, for example. So I tend to
jump into conversations where it seems to me like people are heading down
paths that may result in they and I no longer being able to communicate
with each other.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
At 8:45 PM -0800 2/1/99, Russ Allbery wrote:
} Paul J Schinder <[EMAIL PROTECTED]> writes:
}
} Heh. Heh heh. Um... "in theory" is the phrase that comes to mind.
:-)
}
} Sure. But the problem was being cast in terms of "IP address provided by
} ISP to end user." The point that I'm trying to make is that a better
} casting of the problem is in terms of "IP addresses provided without any
} clear means of accountability." ISPs are currently forced into providing
} trial-period accounts for competition reasons, and those clearly fall into
} that category.
}
} I think that "dialups" is the *wrong* statement of the problem. There
} exist plenty of dialup pools that are not a spam risk. For example,
} consider a large company that has a dialup pool available to contractors
} who for whatever reason need direct external connectivity (there *are*
} companies that do this; I have worked for one in the past). In order to
} have access to it, you have to be employed by the company. This is not a
} spam risk. Yet it's a dialup pool.
Yes, there is a dialup pool at Goddard that is unlikely to spew spam
anyone's way any time soon. Maybe "dialup" is the wrong word, but it is a
convenient shorthand for the "xxx-xxx-xxx-xxx.dialup.location.isp" kinds of
addresses that I get assigned every time I use my Earthlink account, or the
notorious dfw netcom addresses. Those are the type that I see abused from
here. (With a .gov address, even though I use it on Usenet, I get
relatively little spam.) If you have a better word than "dialups", please
use it.
}
} The right place to be looking here is "do the people managing this range
} of IP addresses have sufficient safeguards in place to make spamming not a
} problem" not "oh, it looks like a dialup, nuke it." To take another
} example, nearly all dialup pools *outside* the United States may have
} sufficient safeguards in place. I don't know. But the economics there
} are different than they are here.
In practice it seems that many American ISP's have little control over the
use of their dialup banks. Overseas abuse that I see from here seems to be
more limited to relay rape.
}
} To take a third example, if you're actually preventing any spam by
} blocking Stanford's dialup pool (yes, we run our own), I'd dearly like to
} know about it. Feel free to mail me off-list if you've seen anything like
} that, provide timestamps, and I'll take it up with our abuse folks and can
} provide a much more effective solution to those problems than blocking our
} dialups would ever provide.
Not that I know of. As I said at the beginning of this thread, I don't use
DUL, but I do block the dialup ranges I get spammed from. That usually
means a do a little whois/DNS digging and some grepping of recent mail logs
to see if anyone on this end is actually receiving legitimate mail from
anyone sending direct from dialups. The answer so far has always been no,
so I have no qualms blocking out dialup banks at the tcpserver level.
I recognize the hazard of countermeasures, though. I do use ORBS. I was
amused when JPL's main servers first got listed. I was even more amused
when Goddard's main servers got listed. In both cases, of course, I had to
let those machines through the block. I try to grep my logs daily to trap
such problems.
}
} > The whole point of people on the other side of this is that I should
} > make decisions on my end based on their desires. That's not the way the
} > game works.
}
} No, my point is that I like communicating with other people. This is the
} whole reason why I use the Internet. But there is a level beyond which I
} am unwilling to go to communicate with someone. I by and large will not
} waste my time undoing spam-blocked addresses, for example. So I tend to
} jump into conversations where it seems to me like people are heading down
} paths that may result in they and I no longer being able to communicate
} with each other.
I have the same feeling regarding spam-blocked addresses, and always leave
my addresses in the clear. But I also like to get through the day without
seeing stupid advertisements in my in-box. So I take the countermeasures I
deem reasonable to minimize that. Blocking dialup banks that I've been
spammed from is one of those measures.
}
} --
} Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
---
Paul J. Schinder
NASA Goddard Space Flight Center
Code 693, Greenbelt, MD 20771
[EMAIL PROTECTED]
On Mon, Feb 01, 1999 at 10:32:58PM -0500, Adam D. McKenna wrote:
> From: Russ Allbery <[EMAIL PROTECTED]>
> :Paul Schinder <[EMAIL PROTECTED]> writes:
> :I'll point out that this mailing list is being run off what is arguably an
> :IP address provided to an end-user by an ISP. (At least possibly; I'm not
> :aware of whatever arrangements Dan has with his university. But here at
> :Stanford, I'd put faculty machines into that category.)
>
> That may be so, but if it's Dan's machine, then he is accountable for every
> piece of mail that leaves it. It's a little harder to make someone
> accountable for 128.3cust.da.uu.net (etc)
Hmm.. I think I nuked that guy once, after receiving spam :)
Greetz, Peter.
--
.| Peter van Dijk
.| [EMAIL PROTECTED]
Hiyas,
Is there anyone who did benchmarks with MTAs? I cannot convince people who
know only sendmail or exim ;-)
Regards: Balazs
--
#!/usr/bin/perl -export-a-crypto-system-sig -http://dcs.ex.ac.uk/~aba/rsa
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
I seem to be having a bit of trouble getting qmail to recognize e-amil sent to
my virtual domains. Here is what I've done so far...
1. Install Qmail 1.03 from binary rpm.
2. create popuser account/group
in /etc/passwd> popuser:x:888:888:POP E-Mail User:/var/qmail:/bin/true
in /etc/group> popuser:x:888:
3. created popboxes hierarchy, /var/qmail/popboxes/domain-com/users, all
owned by popuser, in group popuser, all chmoded 0755.
4. created Maildirs in each e-mail account using maildirmk, chmoded 0755.
5. created .qmail files in each e-mail account containing "./Maildir/",
chmoded 0744.
6. created vitrual domains in ~control/virtualdomains
domain.com:domain-com
etc...
7. added domain.com to ~control/rcpthosts
8. added e-mail accounts to ~users/assign
=domain-com-user:popuser:888:888:/var/qmail/popboxes/domain-com/user:::
I don't want any email going to [EMAIL PROTECTED], so there's no need
to create an email user +domain-com:popuser..., right?
I can email to an account with "[EMAIL PROTECTED]" but not with
"[EMAIL PROTECTED]" which is the point of the whole exercise. This is with the MX
set to mail.domain.com and mail being an alias to the canonical name
me.domain.com.
When everything's working right, I'll just change the alias from
oldmail.domain.com to me.domain.com. There a problem with my DNS usage?
The POP3 system is working perfectly, and I have /etc/tcprules.d/qmail-smtpd
set up to allow my customers to mail out and everyone else to mail in, but not
allow others to relay through me.
I am having trouble getting mailer-daemon, postmaster, and root to be properly
delivered to my maintenance account, [EMAIL PROTECTED] I have the ~alias/.qmail
files set up to deliver to ./operator/Maildir/ and in ~alias I have a symbolic
link of operator -> /home/me, chmoded 0755 and I can receive mail as
[EMAIL PROTECTED] just fine, but mail to [EMAIL PROTECTED] fails with a
"Temporary error on maildir delivery (#4.3.0)".
my control files are like as follows:
defaultdomain:
domain.com
defaulthost: <- any ideas as to how to have the default host change for each
domain.com <- virtual domain?
locals:
localhost
me.domain.com
domain.com
domain.net
me:
me.domain.com
plusdomain: <- exactly what is this control file used for again?
domain.com
domain.net
rcpthosts:
localhost
me.domain.com
domain.com
domain.net
virtualdomains:
domain.com:domain-com
domain.net:domain-net
I'll be adding several other virtual domains once the system is up and
running, i.e. domain.net, etc.
Anyone care to write man pages for each control file? To call the existing
documentation for them paltry would be generous.
--
Matt Garrett, Network Engineer
Superior Open Systems
[EMAIL PROTECTED]
On Mon, Feb 01, 1999 at 11:22:28AM +0000, Matt Garrett wrote:
> I seem to be having a bit of trouble getting qmail to recognize e-amil sent to
> my virtual domains. Here is what I've done so far...
[snip]
> 6. created vitrual domains in ~control/virtualdomains
> domain.com:domain-com
> etc...
[snip]
> locals:
> localhost
> me.domain.com
> domain.com
> domain.net
If you want a domain to be treated as virtual, you can't have it in locals.
You should *never* have a particular domain name in both control/locals and
control/virtualdomains.
Chris
Hello,
How do you folks mail system files (say logs for example)?
I can do it from the shell with
mail user -s Subject
~r/tmp/filename
.
But I can't get it to work from a script. I can't figure out how to give
it the EOF. I've tried everything in the mail man pages, but no luck.
TIA - eric
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
Eric Dahnke writes:
> How do you folks mail system files (say logs for example)?
> mail user -s Subject
> ~r/tmp/filename
/var/qmail/bin/mailsubj "Subject" user </tmp/filename
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
use mailsubj as
mailsubj foo bar < file.you.want.to.mail
See man page for mailsubj.
Mate
"Eric Dahnke" <[EMAIL PROTECTED]> writes:
| How do you folks mail system files (say logs for example)?
There's a book called "The Unix Programming Environment", by Kernighan
and Pike, which is an excellent introduction to the ideas behind Unix.
It's really good for answers to questions like that.
Mate Wierdl <[EMAIL PROTECTED]> writes:
> use mailsubj as
> mailsubj foo bar < file.you.want.to.mail
> See man page for mailsubj.
I'd recommend also reading mailsubj, since it's just a shell script. You
can then keep using it, knowing that you know what it's doing and you
could do it yourself if you want.
FWIW, the most portable solution across a variety of MTAs is probably to
open a pipe to "/usr/lib/sendmail -t -oi -oem" and feed it the entire mail
message including headers, putting the recipient addresses in the header.
There are more efficient ways using the native programs with most MTAs,
including qmail, but pretty much everyone has to be sendmail-compatible so
that works most everywhere. (With the caveat that you may need to change
/usr/lib to /usr/sbin on some platforms.)
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
FWIW, the most portable solution across a variety of MTAs is probably to
open a pipe to "/usr/lib/sendmail -t -oi -oem" and feed it the entire mail
message including headers, putting the recipient addresses in the header.
Now of course, all these sendmail options are clearly documented in
the qmail man pages....
Mate
Mate Wierdl <[EMAIL PROTECTED]> writes:
> FWIW, the most portable solution across a variety of MTAs is probably
> to open a pipe to "/usr/lib/sendmail -t -oi -oem" and feed it the
> entire mail message including headers, putting the recipient
> addresses in the header.
> Now of course, all these sendmail options are clearly documented in
> the qmail man pages....
My understanding is that except for -t they don't do anything with qmail's
emulation (although I may be wrong on -oi, which says don't terminate the
mail message when one sees a single period). They're documented in a
sendmail man page, though.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
> At 22:40 28/01/99 -0600, Mate Wierdl wrote:
> >With all the talk about passing mail through serialline: When does a
> >message with multiple recipients get split?
>
> By qmail-send. It makes the decision to split a multi-recipient mail into
> individual deliveries.
How does qmail-send make the decission to split or not to split?
Does it always split it? It looks like all mail goes through qmail-
send at some point.
On Mon, Feb 01, 1999 at 12:10:51PM +0000, Mark Carpenter wrote:
> > At 22:40 28/01/99 -0600, Mate Wierdl wrote:
> > >With all the talk about passing mail through serialline: When does a
> > >message with multiple recipients get split?
> >
> > By qmail-send. It makes the decision to split a multi-recipient mail into
> > individual deliveries.
>
> How does qmail-send make the decission to split or not to split?
It doesn't decide. It always splits.
> Does it always split it? It looks like all mail goes through qmail-
> send at some point.
qmail-send picks up mail from queue/todo and puts it in the local or remote queue, to
be delivered by qmail-remote or qmail-local at some (near) time.
Greetz, Peter.
--
.| Peter van Dijk
.| [EMAIL PROTECTED]
As I am putting on the finishing touches on a var-qmail package, the
following occured to me:
1) In BIN.Makefile, I see:
# showing the positions of each byte in the following ten ints:
# uida, uidd, uidl, uido, uidp, uidq, uidr, uids, gidq, gidn.
Are not these supposed to be auto_uida, auto_uidd ?
2) If a Makefile is supposed to be put in a var-qmail package, then it
is also needed that the box doing the installation has make
installed. On the other hand, I thought one of the purposes of a
binary package is to be able to install qmail on machines which have
no productions environment whatsoever.
What if I replace the Makefile with a shellscript?
3) Describing the compilation environment in BIN.README, is it enough
if I disclose the gcc and glibc version, or I should list all the
shared libraries used?
Thx
Mate
Hello!,
How do I correct the date stamp when a mail is sent so that it represents
a dd-Mon-YYYY format rather than the one shown below
At 02:21 AM 2/1/99
Your help is very much appreciated.
Thank you,
Ramesh
Please ignore this message.
It probably is the MUA which is causing this time stamp and not qmail.
Ramesh
On Mon, 1 Feb 1999, Ramesh Vadlapatla wrote:
> Hello!,
>
> How do I correct the date stamp when a mail is sent so that it represents
> a dd-Mon-YYYY format rather than the one shown below
>
> At 02:21 AM 2/1/99
>
> Your help is very much appreciated.
>
> Thank you,
> Ramesh
>
>
On Mon, 1 Feb 1999, Ramesh Vadlapatla wrote:
> Hello!,
>
> How do I correct the date stamp when a mail is sent so that it represents
> a dd-Mon-YYYY format rather than the one shown below
>
> At 02:21 AM 2/1/99
Read the documentation for your mail software.
I have noticed that if I send myself an Email there appears to be at
least a 5 minute delay after the message arrives in $HOME/Maildir/new
before qmail-pop3d will tell me it is there.
Is this normal behaviour?
Is it possible for me to get qmail-pop3d to see it as soon as it
arrives?
For further info:-
I start qmail-pop3d using tcpserver as indicated in the FAQ.
As well as waiting for Netscape to see the message in $HOME/Maildir/new
by asking it to "Get Mail" repeatedly I have also telnet'ed to port 110
on my qmail-pop3d server and manually done
USER les
PASS pwd
STAT or LIST which both report no files when the message is sitting in
$HOME/Maildir/new.
Thanks.
Mon 01 Feb 1999 18:17, les <[EMAIL PROTECTED]> wrote:
> I have noticed that if I send myself an Email there appears to be at
> least a 5 minute delay after the message arrives in $HOME/Maildir/new
> before qmail-pop3d will tell me it is there.
> Is this normal behaviour?
No.
> Is it possible for me to get qmail-pop3d to see it as soon as it
> arrives?
A possible clue: In maildir.c, the maildir scanner ignores files dated in
the future. I don't know the reasoning behind this, and I'm sorely tempted
to remove this check myself.
Can anyone shed some light on why it ignores files from the future?
--
Med venlig hilsen / Best Regards
Odinn Sørensen (System analyse og programmering) / Image Scandinavia A/S
Peter Bangs Vej 26, 2000 Frederiksberg, Denmark
Tlf. (+45) 38 14 70 00 - Fax (+45) 38 14 70 07
Image - Odinn Sorensen wrote:
> Mon 01 Feb 1999 18:17, les <[EMAIL PROTECTED]> wrote:
>
> > I have noticed that if I send myself an Email there appears to be at
> > least a 5 minute delay after the message arrives in $HOME/Maildir/new
> > before qmail-pop3d will tell me it is there.
> > Is this normal behaviour?
>
> No.
>
> > Is it possible for me to get qmail-pop3d to see it as soon as it
> > arrives?
>
> A possible clue: In maildir.c, the maildir scanner ignores files dated in
> the future. I don't know the reasoning behind this, and I'm sorely tempted
> to remove this check myself.
>
>
Well this could be the problem. A check on the time on the machine running
qmail-pop3d shows that it is 7 minutes BEHIND the machine with the NFS export
for the $HOME directories.
I will get the machines back in synch and make sure that the problem goes
away.
Paul Gregg <[EMAIL PROTECTED]> writes:
> So, Why wouldn't this work?
Because you're using a technical solution to fix a social problem.
The spammers will just find another way around the system.
So far, flame.org has rejected just under 1000 messages due to being
on the RBL, 40 due to being on the DUL (dialup list, run by the RBL
people) and 203 due to header based regular expression filtering.
That's about 31% of all spam that hits my box.
The problem is, the rules sets need to be constantly updated. It is
right to say that rule based filtering will fail, but laws help. For
instance, in California, it is not illegal to send spam to another
californian, but if it doesnt have "Subject: ADV:" in the front, it
is. And I can charge $50/message. And I've used that as a way to
scare the shit out of would-be repeat offenders.
--Michael
Michael Graff <[EMAIL PROTECTED]> writes:
| For instance, in California, it is not illegal to send spam to another
| californian, but if it doesnt have "Subject: ADV:" in the front, it
| is.
Couldn't someone have asked those lawmakers to require the "adv"
prefix on the envelope sender??? Sigh.
Michael Graff writes:
> So far, flame.org has rejected just under 1000 messages due to being
> on the RBL, 40 due to being on the DUL (dialup list, run by the RBL
> people) and 203 due to header based regular expression filtering.
The DUL and the RBL have NOTHING (vehemently so) to do with each
other.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Greg Hudson <[EMAIL PROTECTED]> writes:
> (Incidentally, the way to use SRV as a protocol switch here
> would be to do a single SRV query for _mail._tcp.domain and use the
> port number in the returned records to decide which protocol to use.
> But that's still an extra DNS lookup for every current mail
> receiver.)
Why not make it be qmtp.tcp.domain, and use the port as the port to
connect to for qmtp?
--Michael
"D. J. Bernstein" <[EMAIL PROTECTED]> writes:
> The point of QMTP is to save time.
The point of standards is to use them.
> Checking for QMTP via some new DNS resource record would produce a quite
> noticeable slowdown for mailing-list machines. In contrast, checking for
> QMTP in MX records takes a negligible amount of time.
If the initial qmtp lookup works, you win. You'll have to do an MX
anyway in your magic token method. So far, one lookup. If you have
to fall back to smtp you do another lookup.
Any large mailing list server should run a named. It'll build up a
cache.
> Furthermore, as a practical matter, it's a lot easier to put a magic
> number into an MX record than to set up a new type of resource record
> that the DNS server doesn't even know about.
Even M$ has said they're going to start using SRV records for service
location, from what I have heard. If they can get it through their
thick dullwitted heads...
--Michael
> Why not make it be qmtp.tcp.domain, and use the port as the port to
> connect to for qmtp?
First, because the standardized form of the SRV lookup will have
underscores in front of the service name and protocol name. So it
would be _qmtp._tcp.domain.
Second, because that wouldn't qualify as "using SRV as a protocol
switch," at least not in an efficient way. If there are N different
protocols for transferring mail then you'd have to do N different DNS
lookups. If you have a generic mail lookup then you can use the
well-known port numbers to switch between N different protocols with
only one lookup.
Of course, by using well-known ports to identify protocols you lose
the flexibility of running a QMTP or SMTP server on a non-well-known
port and being able to point people at it. But MX never gave you that
flexibility anyway, so I don't expect people to consider it important.
This is, of course, all academic in the current context. If we were
an IETF working group working on mail protocols, we could debate
whether to have a single SRV record or one SRV record for each
protocol and it would actually matter (if we had decided to use SRV
lookups for mail transfer at all). But this is just the qmail list
and Dan hasn't stated any intention to consider using SRV lookups in
qmail.
I made a binary package for Lignux; it is the ..i386.tar.gz file in
ftp://moni.msci.memphis.edu/pub/qmail/var-qmail
There is also a var-qmail-create.tar file, which was used to make the
binary distribution.
There are READMEs in each tarball.
There is one difference between this var-qmail package and the one
described on Dan's webpage: the package does not include fastforward,
and defaultdelivery is ./Mailbox.
I plan to make a var-qmail-big package which would do what Dan
describes on his webpage.
Let me know of any (possibly legal) problems.
Mate
I'm still striving for mail client independence. What this means is that all
mail for everyone will remain on the server and ideally I'd like the user to
be able to use an imap client of his/her choosing from a PC of his/her
choosing, i.e. a PC at work, PC from home, HPC from wherever.
Some imap clients do store Sent mail on the server, but some still insist on
keeping it local. I know that qmail can log all incoming and outgoing mail
but that's a little overkill. What I'd like to do is filter a copy of a
users outgoing mail to the users Sent mailbox on the server. I.e. a constant
Bcc.
Unfortunately I can't rely on the user to do a Bcc manually just like I
can't rely on them to backup their PC notwithstanding the from what PC is
the mail being read.
This seems to be the last missing link for "my" perfect mail setup which
basically means to read the mail from wherever with whatever imap client
without fear of loosing replies or wondering at the office: did I reply from
home.
Thanks in advance for any suggestions you may have.
Is it perhaps possible to pipe the qmail msg-log to procmail or some
equivilant?
Heinz
Heinz Wittenbecher writes:
> I'm still striving for mail client independence. What this means is that all
> mail for everyone will remain on the server and ideally I'd like the user to
> be able to use an imap client of his/her choosing from a PC of his/her
> choosing, i.e. a PC at work, PC from home, HPC from wherever.
>
> Some imap clients do store Sent mail on the server, but some still insist on
> keeping it local. I know that qmail can log all incoming and outgoing mail
> but that's a little overkill. What I'd like to do is filter a copy of a
> users outgoing mail to the users Sent mailbox on the server. I.e. a constant
> Bcc.
There's a web CGI server for maildir mailboxes that's currently in sort of
alpha-test mode. It's not an IMAP server, the only way you can use it
would be via a browser. The only reason I'm mentioning is because it puts
outgoing mail into the Sent folder automatically.
You can find out more about it at
http://www.geocities.com/SiliconValley/Peaks/5799/sqwebmail/; I should
mention that I'll have the next release out soon, so you may want to wait a
couple of days.
Also, be advised that it's still work in progress, so things like ease of
installation and maintenance may not be there for everyone.
(my last post in this thread)
Charles Cazabon <[EMAIL PROTECTED]> wrote:
> Punish ISPs because one of their users happens to break the law?
> How quickly do you want the ISPs to go out of business because they
> can't afford/obtain insurance against the acts of their users?
Not to worry. The ISP will gladly clamp down on misuse of any kind:
they will block "AMTP" packets at their firewall, and verify the
"stamps" on any email they relay; they will immediately terminate
customers who are reported for "spamming" by _anyone_, without any
sort of "due process"; and they will either block all outgoing
connections to nonstandard ports, or they will "sniff" packets for
text which resembles email (and terminate without proof or warning).
These measures will not especially harm the ISP, since any
inconvenience to users will be blamed on "regulations". Furthermore,
only a small minority will actually comprehend the situation. Most
users will accept the additional charges on their credit cards as the
cost of life on the infobahn.
Technical ability, final authority, and lack of the restraints binding
(constitutional) government are an intoxicating mix. Never fear:
techie-totalitarianism will be fed, not harmed, by such threats from
government.
Len.
--
40. Strive not with your Superiers in argument, but always Submit your
Judgment to others with Modesty.
-- George Washington, "Rules of Civility & Decent Behaviour"
Hi All!
I work for a english school here in Recife, Brazil, and I
setted up a Qmail server that is woking fine (Thanks Dan!!).
Most of our students have emails accounts at free email servers
like yahoo, hotmail and zipmail (brazilian one).
I'd like to provide the same service to these students. Is there
some Web based Mail server that works with Qmail ??
In time: At the same machine is running apache (thanks apache group! :) ).
Thanks a lot in advance
bests regards
Lucas Brasilino
This brings me to a good point. I've been running qdpop on a machine here
at work for customers that have broken mail to check in emergency
situations. However, the qdpop "program" seems to suck up MAJOR resources
while it's in use. Has anyone else experienced this behaviour, or is it
just me?
On Mon, 1 Feb 1999, Lucas do R. B. Brasilino da Silva wrote:
-| Hi All!
-|
-| I work for a english school here in Recife, Brazil, and I
-| setted up a Qmail server that is woking fine (Thanks Dan!!).
-| Most of our students have emails accounts at free email servers
-| like yahoo, hotmail and zipmail (brazilian one).
-| I'd like to provide the same service to these students. Is there
-| some Web based Mail server that works with Qmail ??
-| In time: At the same machine is running apache (thanks apache group! :) ).
-|
-| Thanks a lot in advance
-|
-| bests regards
-|
-| Lucas Brasilino
-|
-|
-|
_ __ _____ __ _________
______________ /_______ ___ ____ /______ John Gonzalez/Net.Tech
__ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC!
_ / / / `__/ /_ / / / / / / /_/ / / /__ (505)437-7600/fax-437-3052
/_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com
[---------------------------------------------[system info]-----------]
3:35pm up 113 days, 19:14, 3 users, load average: 0.00, 0.06, 0.10
On Mon, Feb 01, 1999 at 07:37:44PM -0200, Lucas do R. B. Brasilino da Silva wrote:
> Hi All!
>
> I work for a english school here in Recife, Brazil, and I
> setted up a Qmail server that is woking fine (Thanks Dan!!).
> Most of our students have emails accounts at free email servers
> like yahoo, hotmail and zipmail (brazilian one).
> I'd like to provide the same service to these students. Is there
> some Web based Mail server that works with Qmail ??
> In time: At the same machine is running apache (thanks apache group! :) ).
>
> Thanks a lot in advance
>
> bests regards
>
> Lucas Brasilino
>
If you are using Maildir's for all your users, there is an excellent
one being developed called SqWebMail. It reads/writes directly to
the users Maildir files. Very fast.
We have a demo system setup if you want to take a look at the
raw installation.
http://webmail.inter7.com
user: webmailer
pass: webmailer
email me directly if you want the code.
Ken Jones
[EMAIL PROTECTED]
http://www.inter7.com/
Inter7 Internet Technologies, Inc.
Hi,
I get loads of messages in my qmail log like this:
917908634.888123 warning: trouble opening local/0/361859; will try again later
917908638.898115 warning: trouble opening local/22/361858; will try again later
Can anyone shed any light or point me in the right direction as to
what this means? (other than I haven't set something up properly!). I
haven't noticed any outgoing or incoming mail failures, but I presume
something isn't working as it should!
Thanks in advance for any help on this one.
(oh and apologies in advance if this is an obvious problem that I
should have read about somewhere already! I did try a web search
honest.)
Best regards,
Jake
- Jake Jellinek <[EMAIL PROTECTED]>:
| I get loads of messages in my qmail log like this:
|
| 917908634.888123 warning: trouble opening local/0/361859; will try again later
Try Russell's qmail-lint at <URL:http://www.qmail.org/qmail-lint-0.51>.
Let us know if it doesn't point out the problem for you; Russell will
probably want to know.
- Harald
- Harald Hanche-Olsen <[EMAIL PROTECTED]>:
| - Jake Jellinek <[EMAIL PROTECTED]>:
|
| | I get loads of messages in my qmail log like this:
| |
| | 917908634.888123 warning: trouble opening local/0/361859; will try again later
|
| Try Russell's qmail-lint at <URL:http://www.qmail.org/qmail-lint-0.51>.
Um, sorry, <URL:http://www.qmail.org/qmail-qsanity-0.51> is what I
meant to say.
- Harald
On Mon 1999-02-01 (22:44), Jake Jellinek wrote:
> Hi,
>
> I get loads of messages in my qmail log like this:
>
> 917908634.888123 warning: trouble opening local/0/361859; will try again later
> 917908638.898115 warning: trouble opening local/22/361858; will try again later
>
> Can anyone shed any light or point me in the right direction as to
> what this means? (other than I haven't set something up properly!). I
> haven't noticed any outgoing or incoming mail failures, but I presume
> something isn't working as it should!
>
> Thanks in advance for any help on this one.
>
> (oh and apologies in advance if this is an obvious problem that I
> should have read about somewhere already! I did try a web search
> honest.)
Try typing:
make setup check
from your qmail source directory. I've found that this sorts out a lot of
these problems.
- Keith
> Best regards,
> Jake
--
Keith Burdis - MSc (Com Sci) - Rhodes University, South Africa
Email : [EMAIL PROTECTED]
WWW : http://www.rucus.ru.ac.za/~keith/
IRC : Panthras JAPH
"Any technology sufficiently advanced is indistinguishable from a perl script"
Standard disclaimer.
---
Hi thanks for everyones help so far,
I'm not sure if I've progressed or not.
I tried:
make setup check and it just did this:
> make setup check
./install
./instcheck
>
I also tried running qmail-qsanity as suggested elsewhere and that
produced no output at all, just returned to the prompt. No idea what
if anything that did.
Oh well, watching the log file to see if things are better...
Monday, 01 February 1999, you wrote:
> On Mon 1999-02-01 (22:44), Jake Jellinek wrote:
>> Hi,
>>
>> I get loads of messages in my qmail log like this:
>>
>> 917908634.888123 warning: trouble opening local/0/361859; will try again later
>> 917908638.898115 warning: trouble opening local/22/361858; will try again later
>>
>> Can anyone shed any light or point me in the right direction as to
>> what this means? (other than I haven't set something up properly!). I
>> haven't noticed any outgoing or incoming mail failures, but I presume
>> something isn't working as it should!
>>
>> Thanks in advance for any help on this one.
>>
>> (oh and apologies in advance if this is an obvious problem that I
>> should have read about somewhere already! I did try a web search
>> honest.)
> Try typing:
> make setup check
> from your qmail source directory. I've found that this sorts out a lot of
> these problems.
> - Keith
>> Best regards,
>> Jake
> --
> Keith Burdis - MSc (Com Sci) - Rhodes University, South Africa
> Email : [EMAIL PROTECTED]
> WWW : http://www.rucus.ru.ac.za/~keith/
> IRC : Panthras JAPH
> "Any technology sufficiently advanced is indistinguishable from a perl script"
> Standard disclaimer.
> ---
Hello all. Tnx for reading. I have a LAN with a Proxy Server
servicing it.
I want the qmail server to use the proxy to get the mail.
I've setup Redhat
5.2 on a machine and installed qmail. We have a
registered domain at our
ISP with a shared mailbox. Can I do this with
qmail? Would I need
fetchmail? I didn't seem to have much
difficulty compiling qmail. Although
as installed, I can't telnet to
either smtp or pop3 ports. I get a
connected statement but no
prompts.
Any ideas would be greatly
appreciated.
Robert J. Curci writes:
> Hello all. Tnx for reading. I have a LAN with a Proxy Server servicing it.
> I want the qmail server to use the proxy to get the mail. I've setup Redhat
> 5.2 on a machine and installed qmail. We have a registered domain at our
> ISP with a shared mailbox. Can I do this with qmail? Would I need
> fetchmail? I didn't seem to have much difficulty compiling qmail. Although
> as installed, I can't telnet to either smtp or pop3 ports. I get a
> connected statement but no prompts.
Well, that's definitely broken. So you'll have to figure out why you are
not getting smtp or pop3 prompts. One possibility is that the identd or
reverse DNS query on your source IP address is hanging. Try doing an
nslokoup on your source IP address from the Qmail server machine.
As far getting incoming mail goes, what you have to do depends exactly on
how your connectivity is set up, whether it's permanent connectivity, or
dialup connectivity. The best advice for you is to talk to your ISP and
ask them how they would suggest that you download your mail given how you
are connecting to them.
Oh, and P.S. - turn off HTML in your E-mail client.
-----Original Message-----
From: Mate Wierdl <[EMAIL PROTECTED]>
To: Robert J. Curci <[EMAIL PROTECTED]>
Date: Monday, February 01, 1999 10:18 PM
Subject: Re: Setup question
> Although
> as installed, I can't telnet to either smtp or pop3 ports. I get a
> connected statement but no prompts.
>
>What command starts qmail-{smtpd,pop3d}? Do you have these daemons
>running?
>
qmail has 4 daemons running. The qmail-smtpd.init file loads at bootup.
>What is a shared mailbox on the ISP?
>
all email addressed to *@domain.com gets put in the same mailbox. I
retrieve it using pop3. I would like to use Linux for this. I am currently
using win95 and Artisoft Xtramail.
>You realize there are qmail rpms out there?
>
> ftp://moni.msci.memphis.edu/pub/qmail
>
>Mate
These are the ones I installed.
Bob
Looks like I might have to try myself to implement this feature but I'd
appreciate some wisdom/advice from the more knowledgable about qmail.
The ojective is to make a copy on the qmail server for all mail that a user
sends.
Using procmail to currently filter, sort and seperate inbound mail I'd like
to use procmail or similar for the outbound.
My thought is to dup a copy (like a bcc) of all outgoing mail to a fixed
"user" and then use procmail to put it into each users Sent folder based on
the "From".
I don't have thousands of users so performance is not an issue and neither
is having to do procmailrc manually for all users.
Looking at the qmail "big picture" it seems that all mail goes through
qmail-send. Is that the right module to tap into for the "dup"?
All clients use smtp to send their email, would qmail-smtp be the better
place?
Or?
Any leads greatly appreciated. Of course if this "wheel" has already been
invented or if there is some other way to do it I could save a little hair
(of which there is not much to spare).
TIA - Heinz
Have you seen FAQ 8.2? Or you just want to have copies of a single
user's mail?
Mate
Yup, seen it and using it on one server but what I want is to keep a copy
for each user in his/her own Sent mailbox that they can readily refer
to/access.
If I could pipe the log or pipe to a user instead of the logfile it would
work but I don't think one can do that. Am I wrong (hopefully).
Heinz
>
>Have you seen FAQ 8.2? Or you just want to have copies of a single
>user's mail?
>
>Mate
>
>
Anyone else prefer a digest for the qmail mailing list?
The traffic (at least to me) now seems to warrant it.
Michael Slade
UNSUB
I know, asked that before, but here I go again:
I was wondering - did anyone ever look into the creation of a third (or even
more) delivery queues for qmail? Here is what I have in mind:
local - for local addresses, aliases etc.
remote - anything outside the local (mail) domain, subnet, whatever ...
lan - any host inside the local (mail) domain, subnet, whatever ...
...
It should be pretty straight forward in qmail-queue.c, and basically a
modified copy of qmail-remote.c (plus a few setup changes). And to expand
on that theme - maybe even something like a priority scheme?
--______ __ ---------------------------------------------------------
' / '/ ) Thomas Bullinger
/ /--< This is the mail account for [EMAIL PROTECTED]
(_/ /___/ http://www.btoy1.rochester.ny.us
On Mon, Feb 01, 1999 at 10:17:54PM -0500, Mail Account for root wrote:
> I know, asked that before, but here I go again:
>
> I was wondering - did anyone ever look into the creation of a third (or even
> more) delivery queues for qmail? Here is what I have in mind:
>
> local - for local addresses, aliases etc.
> remote - anything outside the local (mail) domain, subnet, whatever ...
> lan - any host inside the local (mail) domain, subnet, whatever ...
> ...
>
> It should be pretty straight forward in qmail-queue.c, and basically a
> modified copy of qmail-remote.c (plus a few setup changes). And to expand
> on that theme - maybe even something like a priority scheme?
I think qmail-2.0 is actually moving towards one (1) queue. Let's just hope it has
per host (per net?) concurrency.
Greetz, Peter.
--
.| Peter van Dijk
.| [EMAIL PROTECTED]
Mike Holling writes:
> Exactly. The implicit assumption being promoted here is that an ISP's
> mail server is somehow more "legitimate" than an arbitrary mailserver on
> the Internet. As Russ has just demonstrated, there is quite a bit of
> legitimate mail transacted on non-ISP servers.
Why should I trust J. Random SMTP client to be non-abusive? You're
trying to convince me that I should trust *all* SMTP clients equally.
You're going to fail at that, because some have PROVEN themselves not
worth of trust. I have the evidence of my own eyes -- the spam in my
mailbox.
How does one develop trust? Through credentials -- a chunk of
information that says that you are who you say you are. How do the
credentials become believable? Because of the reputation of the
issuing institution.
Machines with static IP addresses have a credential -- the
correspondance between name and number. Muncher.math.uic.edu has
proven itself trustworthy. How do I know it is muncher? By it's IP
address, and by the reverse DNS record that identifies it as muncher.
Could someone forge muncher's identity? Yes, by DNS spoofing. That
is too much work for spammers, however.
Unfortunately for the legitimate users, dialup users have proven
themselves untrustworthy, because they are at the moment of connection
anonymous. How can they generate the necessary trust? Well, for one,
by having a DNS record which identifies them as trustworthy. Their
ISP can issue them a address from a pool which is trusted, once they
have proven their trust. Or vice-versa, a new or trial user would be
given an address in a pool which is not trusted.
Another way they could be trusted is by going through a proxy. This
proxy runs on a host with a credential, and allows access only to
trusted SMTP clients.
I'm sure that there are other methods for developing trust. One thing
is for sure: you can't trust random SMTP clients. This is not your
father's ARPANet, where all hosts were by definition trusted.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Russell Nelson <[EMAIL PROTECTED]> writes:
> Unfortunately for the legitimate users, dialup users have proven
> themselves untrustworthy, because they are at the moment of connection
> anonymous. How can they generate the necessary trust? Well, for one,
> by having a DNS record which identifies them as trustworthy. Their ISP
> can issue them a address from a pool which is trusted, once they have
> proven their trust. Or vice-versa, a new or trial user would be given
> an address in a pool which is not trusted.
There's a problem with this method of going at things. The problem is
that people really don't have a clear idea of which pools at an ISP are
trusted and which aren't, so they just block everything that looks like a
dialup to them. The result is that there is absolutely no incentive for
an ISP to go to the work of setting up two separate pools, since the
people blocking spam would just block them both anyway.
What I'd like people to do is think. The response I seem to get a lot is
"it's too much work to think and track and figure out how ISPs are doing
things, so I'll just not think, since it works 99% of the time anyway."
And you know, I really can't argue with that. Except to say that there's
a limit to how far I'm personally willing to go in "fighting spam" and if
the time comes that people want me to jump through more hoops than I'm
willing to get mail delivered to them, I just won't. And then I suppose
I'll find out whether those people will miss my contributions to the
Internet more than I'll miss theirs.
And with that, I'll stop responding to this thread, as I'm sure this is
annoying lots of people by now.
--
Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
Russ Allbery writes:
> Russ Nelson <[EMAIL PROTECTED]> writes:
>
> > Unfortunately for the legitimate users, dialup users have proven
> > themselves untrustworthy, because they are at the moment of connection
> > anonymous. How can they generate the necessary trust? Well, for one,
> > by having a DNS record which identifies them as trustworthy. Their ISP
> > can issue them a address from a pool which is trusted, once they have
> > proven their trust. Or vice-versa, a new or trial user would be given
> > an address in a pool which is not trusted.
>
> There's a problem with this method of going at things. The problem is
> that people really don't have a clear idea of which pools at an ISP are
> trusted and which aren't, so they just block everything that looks like a
> dialup to them. The result is that there is absolutely no incentive for
> an ISP to go to the work of setting up two separate pools, since the
> people blocking spam would just block them both anyway.
That's why the ISP names the one pool .dialup.isp.com, and the other
.trusted.isp.com. Then we can use qmail-smtpd modified by my
BOUNCEMAIL patch found in http://www.qmail.org/rbl, *or* Dan's
rblsmtpd as-is. Use tcpserver modified by Chuck Foster's patch to
lookup names, and add
.dialup.isp.com:allow,BOUNCEMAIL="521 I do not accept mail from dialups"
or
.dialup.isp.com:allow,RBLSMTPD="-I do not accept mail from dialups"
Note: it's insecure to use Chuck's patch to *allow* services by name.
It's perfectly fine to use it to *deny* services, though. Who would
bother breaking security to deny themselves service?? Auto-DOS attack. :)
"Stop me before I stop myself again!"
The other thing the ISP can do is add their untrusted dialups to the
DUL.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
On Tue, Feb 02, 1999 at 04:15:53AM -0000, Russell Nelson wrote:
> Mike Holling writes:
> > Exactly. The implicit assumption being promoted here is that an ISP's
> > mail server is somehow more "legitimate" than an arbitrary mailserver on
> > the Internet. As Russ has just demonstrated, there is quite a bit of
> > legitimate mail transacted on non-ISP servers.
>
> Machines with static IP addresses have a credential -- the
> correspondance between name and number. Muncher.math.uic.edu has
> proven itself trustworthy. How do I know it is muncher? By it's IP
> address, and by the reverse DNS record that identifies it as muncher.
> Could someone forge muncher's identity? Yes, by DNS spoofing. That
> is too much work for spammers, however.
If it works, they might learn....
Greetz, Peter.
--
.| Peter van Dijk
.| [EMAIL PROTECTED]
Hi,
recently we setup a qmail-server with virtual domains. We use Bruce Guenter's
checkvpw for pop3 on these boxes. Now, here's the problem. When creating a
mailbox under a virtual domain with <8chars and no caps, everything works
great. We can both receive and check mail.
Now I wanted to create an account like this: MWormgoor
I can login to the account using pop just fine. However, qmail-send will not
deliver mail to this address for some reason, as shown down below.
The .qmail-MWormgoor file is fine and points to the Maildir. The Maildir
exists like all the other users. Now, what is causing this? BTW, we're
using Bruce Guenter's rpm for qmail. Does this have anything to do with
using caps in the name, or is it the length of the username?
Kind regards,
Mark Wormgoor
----- Forwarded message from [EMAIL PROTECTED] -----
Hi. This is the qmail-send program at ns1.domain.net.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<[EMAIL PROTECTED]>:
Sorry, no mailbox here by that name. (#5.1.1)
--- Below this line is a copy of the message.
Return-Path: <[EMAIL PROTECTED]>
Received: (qmail 28851 invoked from network); 1 Feb 1999 17:56:17 -0000
Received: from localhost ([EMAIL PROTECTED])
by localhost with SMTP; 1 Feb 1999 17:56:17 -0000
test voor een mailtje, zal wel niet werken...
----- End forwarded message -----
Hi, I came across the Debian bug tracking system today
http://www.chiark.greenend.org.uk/~ian/debbugs/
In the README file, it is mentioned as
If the local MTA is qmail you _must_ install a different MTA somewhere
(eg in a subdirectory) and tell the bug system to use that;
qmail has broken command-line parsing in its /usr/lib/sendmail
emulation.
Has anybody used this package and can elaborate on what the author
refers to as broken command-line parsing
--
Yusuf Goolamabbas
[EMAIL PROTECTED]
