Re: hiding e-mail adresses needed badly
[This may get duplicated if my outgoing work e-mail gets fixed] On 2003-Oct-16 11:29:36 -0700, Terry Lambert <[EMAIL PROTECTED]> wrote: >Earthlink often sucks in terms of customer service. If they would >just designate a couple of common markers as "known SPAM", the >problem would have gone away There's a fine line between 'blocking a couple of common markers' and arbitrarily blocking domains, IP addresses and all mails containing specific words - which some large ISPs do. What's needed is a filter system that allows users to control what they receive - not one where the ISP gets to decide what is/isn't delivered. When W32.Swen first hit, I was getting "mailbox near quota" messages if I didn't empty my home mailbox for about 8 hours. I asked my ISP when they would be implementing something to let me control what was delivered into my mailbox and eventually managed to get a "we're looking into the problem" response. I started running fetchmail as a work-around (which stops the quota DOS but does nothing to help my download bandwidth). AFAIK, they still haven't done anything. And Australia's biggest ISP (Telstra BigPond) is currently getting unfavourable mentions in Parliament and the media because it's e-mail system can't cope - users are claiming e-mails are being delayed a week or more, or just aren't arriving. >people forced to use Earthlink ("forced", because no matter where >I go, Earthlink buys up my damn ISP -- no one talks about *that* >monocoluture being a threat). Mumble years ago, I heard a talk on this phenomenom. They problem boils down to ISP interconnect agreements - they generally wind up meaning the small ISP has to pay the big ISP (or Internet wholesaler) whatever the big ISP asks because their customers need to exchange packets with IP addresses "owned" by the big ISP and the big ISP doesn't have as much incentive to route packets to the smaller ISP. This is a positive feedback loop with the bigger ISP absorbing all the smaller ones. >This is an inherent flaw in a store-with-quota+pickup-transiently >model, which is what any POP3/IMAP4 forces their users into, and >that means *any* ISP, even ones that give you full time connections, >when they refuse to let you run your own mail server, either by >explicitly disallowing it, or by not providing you a static IP. Optus Internet (my home ISP) state that they block incoming traffic to TCP/25 to prevent them being being black-listed for allowing people to run promiscuous SMTP relays. This is probably at least partly true. > A non-quotaed maildrop would fix it. How do you stop the weenies never deleting e-mail so their mailboxes grow indefinitely? A better solution would be a soft-quota'd maildrop. As long as you get to it every few days you don't get DOS'd but if you never delete your mail you get bitten. Of course, from an ISP perspective, there's the problem of several thousand mailboxes each receiving several hundred 200KB mails each day - that's an awful lot of maildrop disk space to have to find in a hurry. >Can you imagine if someone wrote one of these things to *actively* >target an ISP with a stupid network topology like Earthlink? Do you know of any ISPs that do a better job of upstream filtering? > You >could drive the company out of business by chasing all their >subscribers away by denying them the ability to receive communications >from almost anyone else on the Internet. I'm really surprised these >idiots are unwilling to do anything about saving their business model >from extinction. The problem is that it doesn't really hurt the ISP - they (typically) charge for downlink usage, so they're making more money by not blocking SPAM. The customers have to put up with it because they know the competing ISPs aren't any better. "Death of USENET predicted ... Film at 11" can probably be updated. Peter ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: hiding e-mail adresses needed badly
Max Laier wrote: > Wednesday, October 15, 2003, 1:29:21 PM, you wrote: > AC> Due to increased activity of SPAM harvesters what are our plans to hide > AC> our addresses from public WWW? I mean all browseable mailing lists, > AC> FreeBSD site, CVS via WWW, PRs, ports and docs. > > OT: mail/procmail mail/relaydb mail/spamd mail/bmf ... etc. pp. > http://www.benzedrine.cx/relaydb.html > > So would you please stop whining and configure your procmail okay. > What you suggest is "Security Through Obscurity", which does not work! Cluebat: Neither does your solution, without having a static IP address and your own SMTP server with a full time broadband connection. -- Terry ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: hiding e-mail adresses needed badly
Steve O'Hara-Smith wrote: > Peter Schultz <[EMAIL PROTECTED]> wrote: > > However, since that fateful > > e-mail I have been viciously attacked by spammers posing as Microsoft > > security updaters. These spams include attachments making them all > > around 150KB in size. Maybe others of you have seen them? > > Certainly have - they're not spammers it's a worm, called Swen. > It targets an amazing variety of things, including every email address > it can get hold of. One of my accounts gets about a hundred a day of > these *still*. If you get infected it filters your inbox and removes > attempts to reinfect you so that you don't see it at all. But you still get to pay to download them. I got so pissed off, I wrote a program to proactively delete them out of my mailbox at intervals, without downloading them. Earthlink often sucks in terms of customer service. If they would just designate a couple of common markers as "known SPAM", the problem would have gone away for me, and a couple million other people forced to use Earthlink ("forced", because no matter where I go, Earthlink buys up my damn ISP -- no one talks about *that* monocoluture being a threat). Another pain in the ass is that people without direct Internet connections *somewhere* are stuck with POP3 maildrops going over quota because of these damn things, which is a denial of service attack (all messages to you bounce as "over quota", and most of the mailing list software in the world will auto-unsubscribe you when that happens). This is probably the biggest threat to the Internet yet, since communication in general, and email in particular, is still *the* killer application for the Internet. This is an inherent flaw in a store-with-quota+pickup-transiently model, which is what any POP3/IMAP4 forces their users into, and that means *any* ISP, even ones that give you full time connections, when they refuse to let you run your own mail server, either by explicitly disallowing it, or by not providing you a static IP. A non-quotaed maildrop would fix it. The ISP mail server admins growing a clue and not transiting executable attachments would fix it. And ASMTP would fix it (as long as there wasn't a queue quota). Again, Earthlink is no help, since they transit these damn things to the maildrop, against their customer's will, and, for most of their customers, this means propagating the damn things further. Can you imagine if someone wrote one of these things to *actively* target an ISP with a stupid network topology like Earthlink? You could drive the company out of business by chasing all their subscribers away by denying them the ability to receive communications from almost anyone else on the Internet. I'm really surprised these idiots are unwilling to do anything about saving their business model from extinction. In any case, my suggestion is that you write a program to delete off files with certain sizes from a "list" and/or certain content from a "head", and find a kind soul you trust to not abuse your password, which would have to be cleartext somewhere (command line or compiled in), and have the worms deleted out before they become an issue for you. -- Terry ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: hiding e-mail adresses needed badly
Hello Andrey, Wednesday, October 15, 2003, 1:29:21 PM, you wrote: AC> Due to increased activity of SPAM harvesters what are our plans to hide AC> our addresses from public WWW? I mean all browseable mailing lists, AC> FreeBSD site, CVS via WWW, PRs, ports and docs. AC> As I think, simple form will be enough to stop AC> them. OT: mail/procmail mail/relaydb mail/spamd mail/bmf ... etc. pp. http://www.benzedrine.cx/relaydb.html So would you please stop whining and configure your procmail okay. What you suggest is "Security Through Obscurity", which does not work! -- Best regards, Maxmailto:[EMAIL PROTECTED] ^^^SPAM HERE!!! =) ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: hiding e-mail adresses needed badly
Hi, Peter. PS> At this point in time it's downright irresponsible not to hide our PS> addresses. PS> I've been lurking on this list about a month to get caught up with PS> -current issues. Friday was both the first mail I sent to the list, PS> and the first use of this e-mail address. The only incoming mail was PS> from the FreeBSD lists I subscribed to. However, since that fateful PS> e-mail I have been viciously attacked by spammers posing as Microsoft PS> security updaters. These spams include attachments making them all PS> around 150KB in size. Maybe others of you have seen them? I receive such messages about three days. It looks like "the latest version of security update" with .exe file in attachment, but KAV detect I-Worm.Swen inside. And another messages looks like "undelivered mail to" addresses at @aol.com, @freemail.com and others with Exploit.IFrame in attachment. Thanks, Nikolay. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: hiding e-mail adresses needed badly
On Thu, Oct 16, 2003 at 04:43:27AM -0500, Peter Schultz wrote: > At this point in time it's downright irresponsible not to hide our > addresses. > > I've been lurking on this list about a month to get caught up with > -current issues. Friday was both the first mail I sent to the list, > and the first use of this e-mail address. The only incoming mail was > from the FreeBSD lists I subscribed to. However, since that fateful > e-mail I have been viciously attacked by spammers posing as Microsoft > security updaters. These spams include attachments making them all > around 150KB in size. Maybe others of you have seen them? I guess you are referring to the W32.Swen worm? I guess most people have seen that one by now. > > As far as I can tell, these guys are targeting the FreeBSD lists, > exploiting them terribly! This list's charter states that spam will be > blocked. Please enforce the list charter, with prejudice. The FreeBSD lists are not targeted specially. That worm mainly harvests e-mail addresses from newsgroups (and from files stored on infected computers.) There are several mail<->news gateways for this list (and other freebsd lists), so this is probably where it got your mail-address. Since these gateways are not under the control of FreeBSD.org there isn't much that can be done about it. These spams are mainly not sent through the lists so they can't be blocked there (even though lots and lots of spam is blocked by the FreeBSD list servers.) > > It would be best if subscribers could just choose to have their address > published or not. I can understand being so dedicated to the cause that > you're willing to take on some spam. Non-subscribers addresses should > definitely not be published. > > Sincerely, > Pete... > > Wilko Bulte wrote: > >On Wed, Oct 15, 2003 at 03:29:21PM +0400, Andrey Chernov wrote: > > > > > >I fail to see why this is relevant to -current but OK.. I think that > >the opportunity to do this has long since passed. Just type your name > >in Google and see what happens.. > > > >Wilko > > > > > >>Due to increased activity of SPAM harvesters what are our plans to hide > >>our addresses from public WWW? I mean all browseable mailing lists, > >>FreeBSD site, CVS via WWW, PRs, ports and docs. Note that there are many web-archives of the mailing lists. Lots of them are run by other people. You need to talk to them too. > >> > >>As I think, simple form will be enough to stop > >>them. > >> -- Erik Trulsson [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: hiding e-mail adresses needed badly
On Thu, 16 Oct 2003 04:43:27 -0500 Peter Schultz <[EMAIL PROTECTED]> wrote: > However, since that fateful > e-mail I have been viciously attacked by spammers posing as Microsoft > security updaters. These spams include attachments making them all > around 150KB in size. Maybe others of you have seen them? Certainly have - they're not spammers it's a worm, called Swen. It targets an amazing variety of things, including every email address it can get hold of. One of my accounts gets about a hundred a day of these *still*. If you get infected it filters your inbox and removes attempts to reinfect you so that you don't see it at all. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: hiding e-mail adresses needed badly
At this point in time it's downright irresponsible not to hide our addresses. I've been lurking on this list about a month to get caught up with -current issues. Friday was both the first mail I sent to the list, and the first use of this e-mail address. The only incoming mail was from the FreeBSD lists I subscribed to. However, since that fateful e-mail I have been viciously attacked by spammers posing as Microsoft security updaters. These spams include attachments making them all around 150KB in size. Maybe others of you have seen them? As far as I can tell, these guys are targeting the FreeBSD lists, exploiting them terribly! This list's charter states that spam will be blocked. Please enforce the list charter, with prejudice. It would be best if subscribers could just choose to have their address published or not. I can understand being so dedicated to the cause that you're willing to take on some spam. Non-subscribers addresses should definitely not be published. Sincerely, Pete... Wilko Bulte wrote: On Wed, Oct 15, 2003 at 03:29:21PM +0400, Andrey Chernov wrote: I fail to see why this is relevant to -current but OK.. I think that the opportunity to do this has long since passed. Just type your name in Google and see what happens.. Wilko Due to increased activity of SPAM harvesters what are our plans to hide our addresses from public WWW? I mean all browseable mailing lists, FreeBSD site, CVS via WWW, PRs, ports and docs. As I think, simple form will be enough to stop them. -- Andrey Chernov | http://ache.pp.ru/ ---end of quoted text--- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: hiding e-mail adresses needed badly
On Wed, Oct 15, 2003 at 03:29:21PM +0400, Andrey Chernov wrote: I fail to see why this is relevant to -current but OK.. I think that the opportunity to do this has long since passed. Just type your name in Google and see what happens.. Wilko > Due to increased activity of SPAM harvesters what are our plans to hide > our addresses from public WWW? I mean all browseable mailing lists, > FreeBSD site, CVS via WWW, PRs, ports and docs. > > As I think, simple form will be enough to stop > them. > > -- > Andrey Chernov | http://ache.pp.ru/ > ___ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ---end of quoted text--- -- | / o / /_ _ [EMAIL PROTECTED] |/|/ / / /( (_) Bulte ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[EMAIL PROTECTED]"
hiding e-mail adresses needed badly
Due to increased activity of SPAM harvesters what are our plans to hide our addresses from public WWW? I mean all browseable mailing lists, FreeBSD site, CVS via WWW, PRs, ports and docs. As I think, simple form will be enough to stop them. -- Andrey Chernov | http://ache.pp.ru/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[EMAIL PROTECTED]"