Re: how to deal with spam for good?
On Mar 12, 2005, at 4:44 AM, Ted Mittelstaedt wrote: [EMAIL PROTECTED] wrote: On Mar 11, 2005, at 1:37 AM, Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kirk Strauser Sent: Thursday, March 10, 2005 11:42 AM To: freebsd-questions@freebsd.org Subject: Re: how to deal with spam for good? You know, I'm no longer sure that's true. I think that spam will stick around as long as stupid business owners continue to get suckered into thinking that it's a legitimate means of marketing. One of my associate's customers (a brick and mortar store) was being sweet-talked by a spammer into sending a series of broadcasts. In this situation, the spammer would profit off the ignorance of that *business owner*. Even if 100% of the messages were blocked, he'd still get his pay for performing the service. Didn't anyone tell your associate's customers that spamming is now a felony? And, even if they hire a spammer to do it for them, the law still prosecutes them for the spamming? Add some teeth to that law and some lawyers who are willing to pursue this in volume, and you'd be on to something. As it stands, it's like prosecuting jaywalkers. Who bothers? http://www.forbes.com/home/feeds/ap/2004/11/03/ ap1631798.html%E2%80%9D%20 target= (although while the judge did set aside the verdict for DeGroot, Jayne's appeal of his conviction went nowhere) Keep in mind these are the very first convictions on this. Once the appeals process is exhausted then we will have set some precident, which is vitally important for these to go forward on a large scale. Even junk faxer's get away with that kind of crap despite the fines (happened to catch Tom Martino on the radio yesterday talking about it...) That is only because these days most people handling received faxes for companies are lazy and dumb administrative assistants who don't even know it's illegal or who to complain to. Actually, the problem (if the two really are similar, junk faxers and spammers and laws against them as they are forming) is that lawyers don't WANT the hassle because the payout is so little compared to the time they put into the case. It's just not worth it. One of the guys Tom Martino had on the radio DID sue a junk faxer. Got a lawyer, went to court, won. The law fines something like (from memory here) $500 per fax. He ended up getting something like forty or fifty bucks after the case was done, after fees. The lawyer he hired asked that he find someone else...it was too much paperwork and footwork for the profit to be made. Tom was discussing a class action lawsuit against some junk faxers. People submitting evidence and names were getting something like $25 for a winning case out of the lawsuit (again, I'm recalling this from memory, so you may have to research this if you're interested in more info). Essentially yes, there are laws against this sort of thing but it is expensive to prosecute and the reward is so meager compared to the effort. On top of that, *good luck collecting from Spammers!!* Especially scuzz that hide behind zombie systems and big pipes in Asia. While I won't discount laziness and stupidity as contributing factors to this continuing, the people acting as crimefighters face a long and hard uphill battle to make it worth the time invested. It may be more worthwhile to start finding people who respond to spam and threaten them with lawsuits so big that they'd have to be bankrupted by summary judgment in order to keep them from continuing to finance the spam kings...then their revenue will stop and then spam will stop. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: how to deal with spam for good?
[EMAIL PROTECTED] wrote: On Mar 11, 2005, at 1:37 AM, Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kirk Strauser Sent: Thursday, March 10, 2005 11:42 AM To: freebsd-questions@freebsd.org Subject: Re: how to deal with spam for good? You know, I'm no longer sure that's true. I think that spam will stick around as long as stupid business owners continue to get suckered into thinking that it's a legitimate means of marketing. One of my associate's customers (a brick and mortar store) was being sweet-talked by a spammer into sending a series of broadcasts. In this situation, the spammer would profit off the ignorance of that *business owner*. Even if 100% of the messages were blocked, he'd still get his pay for performing the service. Didn't anyone tell your associate's customers that spamming is now a felony? And, even if they hire a spammer to do it for them, the law still prosecutes them for the spamming? Add some teeth to that law and some lawyers who are willing to pursue this in volume, and you'd be on to something. As it stands, it's like prosecuting jaywalkers. Who bothers? http://www.forbes.com/home/feeds/ap/2004/11/03/ap1631798.html%E2%80%9D%20 target= (although while the judge did set aside the verdict for DeGroot, Jayne's appeal of his conviction went nowhere) Keep in mind these are the very first convictions on this. Once the appeals process is exhausted then we will have set some precident, which is vitally important for these to go forward on a large scale. Even junk faxer's get away with that kind of crap despite the fines (happened to catch Tom Martino on the radio yesterday talking about it...) That is only because these days most people handling received faxes for companies are lazy and dumb administrative assistants who don't even know it's illegal or who to complain to. Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Mar 11, 2005, at 1:34 AM, Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Anthony Atkielski Sent: Thursday, March 10, 2005 3:25 PM To: freebsd-questions@freebsd.org Subject: Re: how to deal with spam for good? There's no fundamental, objectively verifiable difference between spam and any other e-mail, Actually, there is. Spam is what I object to. Non-spam is what I don't object to. Isn't he referring to the technical side, as in an easy algorithm for a computer to examine it and say Spam! and get rid of it vs. someone sending a relative an email about their experiences using v1agra? so no automated or technical solution will ever work completely. It would if my computer could understand what I'm telling it better. ;-) Ever read I, Robot? I embrace our technological overlords... :-) Seriously, filters that are customized to the individual are very effective. The problem is getting the average person on the street to put in the time to write a customized e-mail filter for themselves. Yup...good luck with that one. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Mar 11, 2005, at 1:37 AM, Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kirk Strauser Sent: Thursday, March 10, 2005 11:42 AM To: freebsd-questions@freebsd.org Subject: Re: how to deal with spam for good? You know, I'm no longer sure that's true. I think that spam will stick around as long as stupid business owners continue to get suckered into thinking that it's a legitimate means of marketing. One of my associate's customers (a brick and mortar store) was being sweet-talked by a spammer into sending a series of broadcasts. In this situation, the spammer would profit off the ignorance of that *business owner*. Even if 100% of the messages were blocked, he'd still get his pay for performing the service. Didn't anyone tell your associate's customers that spamming is now a felony? And, even if they hire a spammer to do it for them, the law still prosecutes them for the spamming? Add some teeth to that law and some lawyers who are willing to pursue this in volume, and you'd be on to something. As it stands, it's like prosecuting jaywalkers. Who bothers? Even junk faxer's get away with that kind of crap despite the fines (happened to catch Tom Martino on the radio yesterday talking about it...) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
Ted Mittelstaedt writes: Actually, there is. Spam is what I object to. Non-spam is what I don't object to. Find a way to code that in C, and you can become a billionnaire. -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Thu, 10 Mar 2005, Doug Hardie wrote: On Mar 10, 2005, at 18:30, Warren Block wrote: milter-greylist works great with sendmail. Here's a somewhat-dated article I wrote about using it and clamav-milter with sendmail: http://www.wonkity.com/greylist.pdf I am getting a no such file back on that. Oops: http://www.wonkity.com/~wblock/greylist.pdf -Warren Block * Rapid City, South Dakota USA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: how to deal with spam for good?
This is bullshit, milter-greylist is in the ports. Greylisting does not require postfix. Just because YOU are too lazy to understand sendmail doesen't mean everyone else is. Keep in mind that Greylisting isn't going to be very effective for long if a lot of people adopt it. We run, like most ISP's, a very busy mailserver. If 3/4 of the hosts we were sending mail to did this, our server would be completely overloaded. Every other ISP in the world of any size would be in the same boat. Why should we have to go spend a lot of money buying a new mailserver that's 5 times more powerful just to handle your goofy filter? Long before the number of hosts greylisting got to 3/4 of the hosts on the Internet we would just reconfigure to start returning the mails back to our customers when we got a 541 and telling the customer to contact their coorespondent and tell the cooresponent to switch ISP's. If only a few hosts on the Internet are doing it, (and none of the major ISP's are right now) then all the rest of the big ISP's (like Hotmail) will do the same thing. If our customer's coorespondent cannot get mails from us and from hotmail, how long do you think he's going to put up with his ISP running a greylist? Long before this happened of course the spammers would mod their software to simply start retrying more. If you think about it, if they are sending a million mails a minute, and the greylist delay is 5 minutes, they merely need to construct a server that stores 5 million mails for a set period and then retries. The server never has to store more than 5 million mails at a time. It's just one more anti-spam filter that is utterly dependent on nobody else on the Internet doing it. Typical bright idea from some tech somewhere that understands just enough of the SMTP standards to cause a lot of trouble for people. The only long term solution that is going to work is modding the DNS records to designate an official SMTP server for each domain, such a plan has been in the works for a while among the standard bodies that know what they are doing. Ted -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Charles Swiger Sent: Wednesday, March 09, 2005 10:51 PM To: Luciano Musacchio Cc: freebsd-questions@freebsd.org Subject: Re: how to deal with spam for good? On Mar 9, 2005, at 10:53 PM, Luciano Musacchio wrote: I'm wondering, how does this mailing list doesn't get any spam? :), I need to set some filter on my mail server, can some one here give me a hint on this? Consider greylisting, amavisd, SpamAssassin, and a virus scanner of your choice. Greylisting needs postfix as your MTA at the moment, but is extremely effective for very few resources. Perl-based scripts like amavisd and SA are a lot more resource-intensive, perhaps dspam or other tools might also be worth looking at if your mail volume is high -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Thu, 10 Mar 2005 00:53:58 -0300 Luciano Musacchio [EMAIL PROTECTED] wrote: Hi, I'm wondering, how does this mailing list doesn't get any spam? :), I need to set some filter on my mail server, can some one here give me a hint on this? mail/dspampd and mail/dspam-devel As for the lists, our postmaster has some nice header_checks (possibly body_checks also) and uses a few RBLs. -- IOnut Unregistered ;) FreeBSD user ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Mar 10, 2005, at 4:49 AM, Ted Mittelstaedt wrote: This is bullshit, milter-greylist is in the ports. Greylisting does not require postfix. Just because YOU are too lazy to understand sendmail doesen't mean everyone else is. I've paid my dues to sendmail: http://groups-beta.google.com/groups? as_ugroup=comp.mail.sendmailas_uauthors=Chuck+Swiger ...shows about 900 postings from me. As of sendmail-8.11, and even early 8.12's perhaps, greylisting via sendmail wasn't possible because the MILTER API didn't support it. If the situation has been improved and you can greylist with sendmail now, that's fine. What isn't fine is your attitude: FOAD. Keep in mind that Greylisting isn't going to be very effective for long if a lot of people adopt it. Your opinion differs. If our customer's coorespondent cannot get mails from us and from hotmail, how long do you think he's going to put up with his ISP running a greylist? If a customer isn't happy with you, they'll take their business elsewhere. Lord knows I wouldn't blame them, either. Long before this happened of course the spammers would mod their software to simply start retrying more. If you think about it, if they are sending a million mails a minute, and the greylist delay is 5 minutes, they merely need to construct a server that stores 5 million mails for a set period and then retries. The server never has to store more than 5 million mails at a time. Let them retry more. There is more than one way to deal with UCE, and shifting the burden to the spammers, making them consume lots of time for minimal resources is amoung those ways. It's just one more anti-spam filter that is utterly dependent on nobody else on the Internet doing it. Typical bright idea from some tech somewhere that understands just enough of the SMTP standards to cause a lot of trouble for people. Someone whose SMTP engine is unwilling to retry delivering email after the first response is refused with a 4xx code is the one failing to understand RFC-822/2822. Real mailers retry at a recommended 1 hour interval for a recommended maximum queue length of 5 days, per RFC. Once you've whitelisted your clients and covered 95+% of incoming mail, up your greylisting time from 5 to say, 59 minutes, works wonders. The only long term solution that is going to work is modding the DNS records to designate an official SMTP server for each domain, such a plan has been in the works for a while among the standard bodies that know what they are doing. SPF is another way of dealing with UCE. It's not hard to find people who have implemented SPF in their DNS, either. I haven't seen it do much good as yet... -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On 2005-03-10T01:49:20-0800, Ted Mittelstaedt wrote: [snip caustic commentary] [snip real-life facts] The only long term solution that is going to work is modding the DNS records to designate an official SMTP server for each domain, such a plan has been in the works for a while among the standard bodies that know what they are doing. Ted While not all-encompassing, I found the following site to be very useful, not just for finding problems with my own domains, but finding out why my draconian Postfix config would reject email from some friends (check the NANOG archives for Verizon's retarded SMTP tactics). http://www.dnsreport.com/ That site also turned me onto SPF[1] records in DNS, which I think is what Ted is talking about (or something similar). If not, I am sure that he will correct me. [1] http://spf.pobox.com/ -- Mike Oliver [see complete headers for contact information] pgpcwqBS2wdrK.pgp Description: PGP signature
RE: how to deal with spam for good?
On Thu, 10 Mar 2005, Ted Mittelstaedt wrote: The only long term solution that is going to work is modding the DNS records to designate an official SMTP server for each domain, such a plan has been in the works for a while among the standard bodies that know what they are doing. Which, of course, will do nothing to stop spam, but only forgeries. This issue has been dealt with many times upon the anti-spam lists. -- Dave ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: how to deal with spam for good?
-Original Message- From: Charles Swiger [mailto:[EMAIL PROTECTED] Sent: Thursday, March 10, 2005 2:17 AM To: Ted Mittelstaedt Cc: freebsd-questions@freebsd.org Questions list Subject: Re: how to deal with spam for good? On Mar 10, 2005, at 4:49 AM, Ted Mittelstaedt wrote: This is bullshit, milter-greylist is in the ports. Greylisting does not require postfix. Just because YOU are too lazy to understand sendmail doesen't mean everyone else is. I've paid my dues to sendmail: http://groups-beta.google.com/groups? as_ugroup=comp.mail.sendmailas_uauthors=Chuck+Swiger ...shows about 900 postings from me. As of sendmail-8.11, and even early 8.12's perhaps, greylisting via sendmail wasn't possible because the MILTER API didn't support it. FreeBSD 4.EIGHT came with Sendmail 8.12.8 out of the box. OK, so now your not too lazy to understand Sendmail, you just have a gigantic chip on your shoulder against it so your going to ignore the most popular MTA on the planet and pretend it doesen't exist. Fine, just don't contaminate anyone else particularly a newbie. If the situation has been improved and you can greylist with sendmail now, that's fine. Not a question of -if-. What isn't fine is your attitude: FOAD. I FOAD any technical idea that the cure is as bad or worse than the disease. Spammers waste everyone else's network resources for their own gain. A greylist on a mailserver, particularly a busy one, causes an enormous waste of bandwidth because every legitimate mailserver that is sending to you has to re-initiate the connection to you - meaning they have to send the same handshake packets all over again that you had properly received in the beginning. If you have a small mailserver that processes few mails you might argue that this is of no consequence to the rest of the world and be correct. But if you have a large mailserver, the amount of bandwidth chewed up on the Internet by this kind of a trick, espically if everyone in the world does it, you can perhaps see that greylisting is nothing more than a scheme to waste other people's resources and bandwidth for your own personal gain. The differences between spammers and greylisters is very thin indeed. Keep in mind that Greylisting isn't going to be very effective for long if a lot of people adopt it. Your opinion differs. Yup, and since my opinion is based on logic, and yours (apparently) is based on emotion, your opinion is worthless and mine is valuable. That's the case until you start substantiating your opinion with some logical explanations of how Greylisting is going to scale to the entire Internet. Remember, unless everyone on the Internet can run a greylist, it is nothing more than an elitist solution that works for a few people at everyone else's expense. If our customer's coorespondent cannot get mails from us and from hotmail, how long do you think he's going to put up with his ISP running a greylist? If a customer isn't happy with you, they'll take their business elsewhere. Lord knows I wouldn't blame them, either. Are you being deliberately dense? I'm not talking about OUR customer I'm talking about the coorespondent of our customer and his relationship with his ISP. On the Internet there are a handful of ISPs or ASPs or whatever you call them who send out _enormous_ numbers of _legitimate_ mail. AOL, is one, Hotmail is another, MSN is another. Long, long before greylisting starts wasting too much of our bandwidth it will be wasting huge amounts of bandwidth of these companies. They are not going to want that, and they are going to retaliate. And the easiest way of retaliating is when they identify a greylisting mailserver, to just stop even attempting to send mail to it. Particularly hotmail, which has NOTHING WHATSOVER to lose since they give out e-mail accouts FOR FREE. Do you think that Hotmail gives a shit if some puffed up crumb announces to them that they are pulling their e-mail account out of Hotmail and finding another ISP because Hotmail has stopped delivering mail to greylisters? Of course not. And in the meantime the other 99% of hotmail subscribers that cannot send mail to the greylister - well they are too stupid to understand what good e-mail is (otherwise why do you think they have hotmail accounts to begin with) and they will simply swallow it when Hotmail blames the greylisters mailserver, they will then complain to their coorespondent who is using the greylister, and that coorespondent even if he loves his ISP's greylisting mailserver, if he wants to keep getting mail from the moron hotmail users, he's going to tell his ISP to knock it off with the greylisting. I an sorry you don't seem to understand this. It is possibly all because it is part of what is called SCALABILITY in networking. Greylisting is NOT scalable. It ONLY WORKS if a few people running very low volume mailservers do it. It will fall apart if a lot of people try
Re: how to deal with spam for good?
LM Hi, LM I'm wondering, how does this mailing list doesn't get any spam? :), LM I need to set some filter on my mail server, can some one here give LM me a hint on this? LM thanks Spamers are too lazy to subscribe freebsd-questions, so they can't post here :) -- WBR, Dmitry Kozhevnikovmailto:[EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: how to deal with spam for good?
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Dave Horsfall Sent: Thursday, March 10, 2005 2:42 AM To: freebsd-questions@freebsd.org Subject: RE: how to deal with spam for good? On Thu, 10 Mar 2005, Ted Mittelstaedt wrote: The only long term solution that is going to work is modding the DNS records to designate an official SMTP server for each domain, such a plan has been in the works for a while among the standard bodies that know what they are doing. Which, of course, will do nothing to stop spam, but only forgeries. This issue has been dealt with many times upon the anti-spam lists. Correct, however when I go to the police to report criminal spamming activity, it gets a lot better response when I can tell them who is doing it. :-) Don't be impatient. There are a lot of pieces that still have to be placed before the spam is going to start dropping. We aren't going to see much change until at least 2010 because by then most of the Windows XP desktop systems will be flushed out of the network, and replaced with the next version of Windows which will be much harder to find holes in. I don't have a lot of respect for Microsoft but I will say that once they get moving in a general direction, they are like the Borg they don't stop until everything has been assimilated. Microsoft only gave lip service to computer security until just a couple years ago, but they are finally moving in that direction, and they are not going to stop for a long time yet. Once you see most of the desktops on the Internet behind firewalls and translators, and being forceably updated with security patches, without the consent or even knowledge of their owners, a lot of this hit and run spamming is going to die down. That will flush out the amateur spammers that operate out of their garages and make a few extra bucks at it, and push a lot of the spam to the professionals, who will get a lot richer and thus make far more attractive targets to the collection of state DA's who's job it is to go after them. And the more agressive those people get the more the large networks are going to be encouraged to be nasty also. Red China is pretty successful at filtering stuff that goes into that country, they are proof that the technology exists to clamp down on offshore spammers. It is merely a political problem of generating the necessary will among the ISP's and their customers to deploy that technology in the US, but that will is slowly being developed. It would have happened sooner but for the pioneer wild west mythos attached to the Internet in the US, just because it started here, and it's taken a long time to stamp that out. Also don't forget too that the war on drugs would be pointless if they didn't arrest the people buying the stuff as well as the people selling the stuff. So far the lawmakers have focused on the spammers selling the spam, but what isn't discussed is that spam wouldn't happen if people wern't buying the stuff spammers are pushing. It's not out of the realm of possibility to make it illegal to buy products from a spammer, and a few high profile prosecutions of purchasers would do wonders to reduce the revenue stream that feeds spammers, don't you think? I better stop now before you think I'm a total devil. :-) But seriously the problems with spam are growing to be more of a political/economic/criminal nature than a technical nature. Solutions are going to have to come from the governments, not from the techs. And they will unfortunately be solutions that are not as clean as ones the technical community will want to use, but they will be more effective, in the same way a club is more effective at opening a door than a lockpick is. Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Mar 10, 2005, at 6:44 AM, Ted Mittelstaedt wrote: FreeBSD 4.EIGHT came with Sendmail 8.12.8 out of the box. OK, so now your not too lazy to understand Sendmail, you just have a gigantic chip on your shoulder against it so your going to ignore the most popular MTA on the planet and pretend it doesen't exist. Dude, half my mailservers are running sendmail. Sendmail's fine. As for chips on the shoulder: pot, kettle, black. Fine, just don't contaminate anyone else particularly a newbie. When was the last time someone thanked you for diatribes like these, Ted? You're wasting more time than just mine with this drivel, and frankly, your rabid personal attacks say more about you then they do about me. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Mar 9, 2005, at 11:54 PM, Mike Hauber wrote: On Wednesday 09 March 2005 10:53 pm, Luciano Musacchio wrote: Hi, I'm wondering, how does this mailing list doesn't get any spam? :), I need to set some filter on my mail server, can some one here give me a hint on this? thanks heh... I'm working on that right now, actually... :) There are so many options and combinations out there, it wouldn't be worth it to list them. From my experience (somewhat limited)... If you're running sendmail on FreeBSD, then SpamAssassin and clamav running thorugh MIMEDefang is probably the best way to go (MIMEDegang is pretty cool and it simplifies the whole process... and it supports a lot of other stuff too) At the moment we're running FreeBSD 4.x with postfix, clamav, and spamassassin via amavisd-new; after processing the message is injected into another postfix queue where it's forwarded to an internal mail server. Is there an easy way to plug mimedefang into that kind of setup? Is there a nice howto on the subject? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Wednesday 09 March 2005 21:53, Luciano Musacchio wrote: I'm wondering, how does this mailing list doesn't get any spam? :), I need to set some filter on my mail server, can some one here give me a hint on this? I just wrote an article for Free Software Magazine on this subject. It's available online at http://www.freesoftwaremagazine.com/free_issues/issue_02/focus_spam_postfix . While it's largely aimed at Postfix users, every method I use is available in other MTAs. -- Kirk Strauser pgpCQtbNU3vhO.pgp Description: PGP signature
Re: how to deal with spam for good?
On Mar 10, 2005, at 01:49, Ted Mittelstaedt wrote: The only long term solution that is going to work is modding the DNS records to designate an official SMTP server for each domain, such a plan has been in the works for a while among the standard bodies that know what they are doing. SPF is only going to address one form of spam distribution. Unfortunately it does nothing for the spammers who get their own domain and establish their own SPF records. They can continue to spam away at will. Likewise SPF will not close any of the open relays run by the organizations that are pushing SPF. Those will continue to forward spam like they do today. I suspect the open relays are ahead of their SPF checking as we continue to receive mail through them even theough they claim SPF is in use. Spam will only go away when people no longer respond to it. When there is no revenue generated to cover the cost of spamming then it will end. Since spamming is so cheap, it only takes a couple of responses to cover the costs. Probability of finding a couple of morons out there is 1.00. People still respond to the Nigerian scams. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Thursday 10 March 2005 12:40, Doug Hardie wrote: Unfortunately it does nothing for the spammers who get their own domain and establish their own SPF records. Not necessarily true. If you can *force* senders to tie themselves to their own domain, then it becomes rather easy to blacklist that particular domain. Imagine having a DNS blackhole list that was 100% accurate with no chance of collateral damage. If SPF (or another similar system) were universally deployed, then such things would be possible. Likewise SPF will not close any of the open relays run by the organizations that are pushing SPF. I'm not sure what you mean by that. Could you elaborate? Spam will only go away when people no longer respond to it. You know, I'm no longer sure that's true. I think that spam will stick around as long as stupid business owners continue to get suckered into thinking that it's a legitimate means of marketing. One of my associate's customers (a brick and mortar store) was being sweet-talked by a spammer into sending a series of broadcasts. In this situation, the spammer would profit off the ignorance of that *business owner*. Even if 100% of the messages were blocked, he'd still get his pay for performing the service. -- Kirk Strauser pgpO5DMMwWu5c.pgp Description: PGP signature
Re: how to deal with spam for good?
Luciano Musacchio wrote: Hi, I'm wondering, how does this mailing list doesn't get any spam? :), I need to set some filter on my mail server, can some one here give me a hint on this? thanks # sudo ipfw add 1 deny ip from any to me 25 :-) Should do the trick. Actually, it's a never-ending battle. And it's tricky to fight. And, as you've seen, a lot of people have opinions. So far, I've tried: a] blocking entire countries with ACL's. b] SpamAssasssin + Amavisd + Dual-Sendmail c] Greylisting with Perl + Mysql + Sendmail (excluding a lot of big SP's, thank you much) It frankly takes more of my time than it's worth, and that's an economic issue, to be sure. I'm beginning to think that, if you have time to spend on it, b] isn't such a bad option. But I've not found the *answer* yet. Good luck. Kevin Kinsey ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
Doug Hardie writes: Spam will only go away when people no longer respond to it. When there is no revenue generated to cover the cost of spamming then it will end. Exactly. A surprising number of people _do_ respond to spam--more than enough to justify sending it. Ironically, I seem to see a slight decline in the spam I receive myself, which has dropped a bit from the usual 1500 messages per day. Some weeks ago I removed my e-mail address entirely from my Web site, so that it could not be harvested. It seems unlikely that this could have much effect since it has been out there for years, but perhaps it does. In any case, I don't use any automated filters for spam. I have filters that sort probable spam into folders that I periodically examine, but I don't delete anything automatically because even a single false positive can cost me more than I'd ever save by running automatic spam filters. As it is, sometimes I can't answer clients by e-mail because their own ISPs (e.g., anything run by Time-Warner) simply throw away my e-mail because it doesn't come from a Big ISP. If fewer people respond to spam, spam will decline. If more people respond to it, it will increase. It's a simple as that. There's no fundamental, objectively verifiable difference between spam and any other e-mail, so no automated or technical solution will ever work completely. -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Mar 10, 2005, at 15:24, Anthony Atkielski wrote: As it is, sometimes I can't answer clients by e-mail because their own ISPs (e.g., anything run by Time-Warner) simply throw away my e-mail because it doesn't come from a Big ISP. I doub't thats the reason. I am presuming you are referring to wanado.fr. I know we have its MTA blocked because of the unresolved spam complaints over the years. I suspect thats the same for others also. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
Doug Hardie writes: I doub't thats the reason. I am presuming you are referring to wanado.fr. No, I'm referring to e-mail sent directly from my own server (not relayed through Wanadoo). Time-Warner and a few other ISPs either reject it openly or silently throw it away. I know we have its MTA blocked because of the unresolved spam complaints over the years. I suspect thats the same for others also. What about the millions of legitimate subscribers using this ISP? -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Mar 10, 2005, at 17:38, Anthony Atkielski wrote: Doug Hardie writes: I doub't thats the reason. I am presuming you are referring to wanado.fr. No, I'm referring to e-mail sent directly from my own server (not relayed through Wanadoo). Time-Warner and a few other ISPs either reject it openly or silently throw it away. Can't say then. However we are a fairly small ISP and Time-Warner takes our mail. I doub't size is the issue. I know we have its MTA blocked because of the unresolved spam complaints over the years. I suspect thats the same for others also. What about the millions of legitimate subscribers using this ISP? We don't receive much legitimate mail from them. Get a lot more spam. -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Thu, 10 Mar 2005, Charles Swiger wrote: On Mar 9, 2005, at 10:53 PM, Luciano Musacchio wrote: I'm wondering, how does this mailing list doesn't get any spam? :), I need to set some filter on my mail server, can some one here give me a hint on this? Consider greylisting, amavisd, SpamAssassin, and a virus scanner of your choice. Greylisting needs postfix as your MTA at the moment, milter-greylist works great with sendmail. Here's a somewhat-dated article I wrote about using it and clamav-milter with sendmail: http://www.wonkity.com/greylist.pdf -Warren Block * Rapid City, South Dakota USA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Mar 10, 2005, at 18:30, Warren Block wrote: milter-greylist works great with sendmail. Here's a somewhat-dated article I wrote about using it and clamav-milter with sendmail: http://www.wonkity.com/greylist.pdf I am getting a no such file back on that. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: how to deal with spam for good?
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Anthony Atkielski Sent: Thursday, March 10, 2005 3:25 PM To: freebsd-questions@freebsd.org Subject: Re: how to deal with spam for good? There's no fundamental, objectively verifiable difference between spam and any other e-mail, Actually, there is. Spam is what I object to. Non-spam is what I don't object to. so no automated or technical solution will ever work completely. It would if my computer could understand what I'm telling it better. ;-) Seriously, filters that are customized to the individual are very effective. The problem is getting the average person on the street to put in the time to write a customized e-mail filter for themselves. Most MUA's these days have mechanisms for the users to insert rules. But very few users avail themselves of these. It's easier for them to bitch to the ISP, and assume of course that the ISP understands exactly what they want to get and what they don't want to get. Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: how to deal with spam for good?
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Kirk Strauser Sent: Thursday, March 10, 2005 11:42 AM To: freebsd-questions@freebsd.org Subject: Re: how to deal with spam for good? You know, I'm no longer sure that's true. I think that spam will stick around as long as stupid business owners continue to get suckered into thinking that it's a legitimate means of marketing. One of my associate's customers (a brick and mortar store) was being sweet-talked by a spammer into sending a series of broadcasts. In this situation, the spammer would profit off the ignorance of that *business owner*. Even if 100% of the messages were blocked, he'd still get his pay for performing the service. Didn't anyone tell your associate's customers that spamming is now a felony? And, even if they hire a spammer to do it for them, the law still prosecutes them for the spamming? Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: how to deal with spam for good?
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Doug Hardie Sent: Thursday, March 10, 2005 10:40 AM To: FreeBSD Questions Subject: Re: how to deal with spam for good? On Mar 10, 2005, at 01:49, Ted Mittelstaedt wrote: The only long term solution that is going to work is modding the DNS records to designate an official SMTP server for each domain, such a plan has been in the works for a while among the standard bodies that know what they are doing. SPF is only going to address one form of spam distribution. Unfortunately it does nothing for the spammers who get their own domain and establish their own SPF records. They can continue to spam away at will. Likewise SPF will not close any of the open relays run by the organizations that are pushing SPF. Those will continue to forward spam like they do today. In which case they will get blacklisted and that is that. If your running an ISP you need to start using the blacklist servers. We put all our own customers on notice years ago. A few didn't like it and ended up running their own mailservers, which I am sure gets lots of good spam for them to wade through. Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Wednesday 09 March 2005 10:53 pm, Luciano Musacchio wrote: Hi, I'm wondering, how does this mailing list doesn't get any spam? :), I need to set some filter on my mail server, can some one here give me a hint on this? thanks heh... I'm working on that right now, actually... :) There are so many options and combinations out there, it wouldn't be worth it to list them. From my experience (somewhat limited)... If you're running sendmail on FreeBSD, then SpamAssassin and clamav running thorugh MIMEDefang is probably the best way to go (MIMEDegang is pretty cool and it simplifies the whole process... and it supports a lot of other stuff too) With sendmail on OpenBSD, it's probably SpamAssassin and clamav running through smtp-vilter (but clamav and smtp-vilter are still very much a work in progress on obsd, and will cause hair to fall out until at least the next release... parsed me off. :( ) Really though, there are lots of possibilities... I would start with a google with something like: bsd +u're_MTA-of-choise_goes_here +spam +filter +scan HTH Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Thu, 10 Mar 2005, Luciano Musacchio wrote: I'm wondering, how does this mailing list doesn't get any spam? :), It does, and I report it (but not the mailing list itself). -- Dave ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to deal with spam for good?
On Mar 9, 2005, at 10:53 PM, Luciano Musacchio wrote: I'm wondering, how does this mailing list doesn't get any spam? :), I need to set some filter on my mail server, can some one here give me a hint on this? Consider greylisting, amavisd, SpamAssassin, and a virus scanner of your choice. Greylisting needs postfix as your MTA at the moment, but is extremely effective for very few resources. Perl-based scripts like amavisd and SA are a lot more resource-intensive, perhaps dspam or other tools might also be worth looking at if your mail volume is high -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]