Re: RBL - Back to basics
Hello! On Sun, May 05, 2002 at 08:33:37AM -0400, Gene Grimm wrote: [...] > Alot of people will resist this if it means replacing every mail server > on the Internet, or even just the mail software on every Internet mail > server. This has to be a revision compatible with the existing SMTP > protocol or trying to implement this will cause catastrophic damage to > the Internet mail infrastructure far worse than SPAM. If you want an efficient and flexible Email system without Spam you won't be using old protocols. Every day new networked aplications are developed and people rush on them if they are good: If it's easier, more secure, faster and costs less you will opt to use it. Look at gopher, ftp and telnet: My clients all have clients to use ftp and telnet servers, but my servers do neither have ftp nor telnet servers installed, we use better ssh, rsync, scp and http for the corresponding tasks. No need to replace SMTP service, it will just fade out, and every sysadmin will be happy about it. [...] > > - Transmission of the message contents has to be initiated by the > > receiver, not by the sender, to allow beforehand trust/cost > > negotiation between the two parties: actual Email always puts the > > cost on the (helpless) receiver. > > How can this be possible when the recipient can't possibly know when > someone wants to send him something? Even if the protocol were to allow [...cut out interesting discussion...] My intention is not to start a discussion about an alternate Internet Mail on the debian-isp list, so I won't answer the questions on the list (I'll do personally though), but I encourage anybody who is interested to sneak into the corresponding discussions - im2000 mailing list is available, and just to give it a skim look at Clemens Fischer's Wiki http://wiki.haribeau.de/cgi-bin/wiki.pl?ProjectIM2000/ And on my homepage http://www.magma.com.ni/~jorge/ Best Regards, Jorge-León -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [Fwd: Re: Spamassasin over RBL, was Re: rblsmtpd -t?]
On Mon, May 06, 2002 at 04:31:24PM +1000, Jason Lim wrote: > It would be useful if you backed up your point with some sort of > evidence or proof. you're the one making the claim - the onus is on YOU to *prove* that spamcop has a lower collateral damage than other RBLs. > My point is that the collateral damage is lower, due to the fact that > entire IP ranges are not blocked, and hence it is useful for hosting > companies and ISPs. your theoretical point isn't worth very much, especially when practical experience directly contradicts your theory. > What is your's? What fact do you have to prove otherwise? How does > blocking entire IP ranges like other RBLs lower collateral damage? professionally run RBLs block genuine spam sources - including open relays. operations like spamcop can automatically blacklist any IP address which happens to be mentioned (or forged) in the headers of any message that any moron user forwards to the spamcop system.this kind of idiot automation results in much higher collateral damage. craig -- craig sanders <[EMAIL PROTECTED]> Fabricati Diem, PVNC. -- motto of the Ankh-Morpork City Watch -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [Fwd: Re: Spamassasin over RBL, was Re: rblsmtpd -t?]
> On Sun, May 05, 2002 at 11:48:10PM +1000, Jason Lim wrote: > > This is why Spamcop's collateral damage is much lower than others in > > that it does not block entire ranges, and which is why it is suitable > > for an ISP or Hosting company to use. > > both of the above assertions are false. > > spamcop does NOT have lower (let alone "much lower") collateral damage > than other RBL's - in fact, it has a MUCH HIGHER level of collateral > damage than professionally run RBLs. > > Nor is it at all suitable for use by ISP or hosting companies. at best, > it might be suitable for use by a hobbyist who didn't care much about > collateral damage. It would be useful if you backed up your point with some sort of evidence or proof. My point is that the collateral damage is lower, due to the fact that entire IP ranges are not blocked, and hence it is useful for hosting companies and ISPs. What is your's? What fact do you have to prove otherwise? How does blocking entire IP ranges like other RBLs lower collateral damage? Sincerely, Jason -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [Fwd: Re: Spamassasin over RBL, was Re: rblsmtpd -t?]
On Sun, May 05, 2002 at 11:48:10PM +1000, Jason Lim wrote: > This is why Spamcop's collateral damage is much lower than others in > that it does not block entire ranges, and which is why it is suitable > for an ISP or Hosting company to use. both of the above assertions are false. spamcop does NOT have lower (let alone "much lower") collateral damage than other RBL's - in fact, it has a MUCH HIGHER level of collateral damage than professionally run RBLs. Nor is it at all suitable for use by ISP or hosting companies. at best, it might be suitable for use by a hobbyist who didn't care much about collateral damage. craig -- craig sanders <[EMAIL PROTECTED]> Fabricati Diem, PVNC. -- motto of the Ankh-Morpork City Watch -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Novidades
http://www.lojadotelemovel.com/images/riscado_cinza.gif";> http://www.lojadotelemovel.com/mailing/images/logo.jpg"; width="580" height="49"> http://www.lojadotelemovel.com/mailing/images/topo.jpg"; width="580" height="93"> http://www.lojadotelemovel.com/product_info.php3?cPath=5&products_id=3624&SESSAO=";>http://www.lojadotelemovel.com/images/anuncios/carrebateria.jpg";> http://gs.cdnow.com/RP/DMG_ACCUCAST/graphics/spacer.gif"; height="20" border=0 align="left" width="5"> http://gs.cdnow.com/RP/DMG_ACCUCAST/Special_Offers/graphics/red_arrow.gif"; width="10" height="9">http://gs.cdnow.com/RP/DMG_ACCUCAST/graphics/spacer.gif"; height="10" border=0 align="left" width="5">http://www.lojadotelemovel.com/product_info.php3?products_id=3407&SESSAO=";>Antenas interiores http://gs.cdnow.com/RP/DMG_ACCUCAST/graphics/spacer.gif"; height="20" border=0 align="left" width="5"> http://gs.cdnow.com/RP/DMG_ACCUCAST/Special_Offers/graphics/red_arrow.gif"; width="10" height="9">http://gs.cdnow.com/RP/DMG_ACCUCAST/graphics/spacer.gif"; height="10" border=0 align="left" width="5">http://www.lojadotelemovel.com/product_info.php3?products_id=3534&SESSAO=";>6210-6310 Mistral Bege http://gs.cdnow.com/RP/DMG_ACCUCAST/graphics/spacer.gif"; height="20" border=0 align="left" width="5"> http://gs.cdnow.com/RP/DMG_ACCUCAST/Special_Offers/graphics/red_arrow.gif"; width="10" height="9">http://gs.cdnow.com/RP/DMG_ACCUCAST/graphics/spacer.gif"; height="10" border=0 align="left" width="5">http://www.lojadotelemovel.com/product_info.php3?products_id=3523&SESSAO=";>MC 218 (Psion 5 mx) http://gs.cdnow.com/RP/DMG_ACCUCAST/graphics/spacer.gif"; height="20" border=0 align="left" width="5"> http://gs.cdnow.com/RP/DMG_ACCUCAST/Special_Offers/graphics/red_arrow.gif"; width="10" height="9">http://gs.cdnow.com/RP/DMG_ACCUCAST/graphics/spacer.gif"; height="10" border=0 align="left" width="5">http://www.lojadotelemovel.com/product_info.php3?products_id=3393&SESSAO=";>Carcaça mutante 8210-8850 antracite http://gs.cdnow.com/RP/DMG_ACCUCAST/Special_Offers/graphics/red_arrow.gif"; width="10" height="9">http://gs.cdnow.com/RP/DMG_ACCUCAST/graphics/spacer.gif"; height="10" border=0 align="left" width="5">http://www.lojadotelemovel.com/product_info.php3?products_id=2561&SESSAO=";>Carcaça Nokia 8210- 8310 Azul http://gs.cdnow.com/RP/DMG_ACCUCAST/Special_Offers/graphics/red_arrow.gif"; width="10" height="9">http://gs.cdnow.com/RP/DMG_ACCUCAST/graphics/spacer.gif"; height="10" border=0 align="left" width="5">http://www.lojadotelemovel.com/product_info.php3?products_id=2030&SESSAO=";>Adaptador 3SIM Nokia 3310/3330 http://www.lojadotelemovel.com/mailing/images/red_arrow.gif";>http://www.lojadotelemovel.com/default.php3?cPath=3_9&SESSAO=";>Kit Mãos Livres de Isqueiro para Nokia http://www.lojadotelemovel.com/default.php3?cPath=3_9&SESSAO=";>http://www.lojadotelemovel.com/images/Kit_isq.jpg"; width="110" height="115"> http://gs.cdnow.com/RP/DMG_ACCUCAST/graphics/spacer.gif"; width="100" height="9" border="0"> É um dos mais fantásticos Kit de Mãos Livres para Viatura. De fácil instalação, liga-se ao isqueiro do automóvel e depois ao telemóvel. Possui um potente altifalante com regulador de som; Botão para carregamento opcional da bateria; Utiliza o microfone do próprio telemóvel http://www.lojadotelemovel.com/mailing/images/red_arrow.gif"; width="10" height="9">http://www.lojadotelemovel.com/product_info.php3?products_id=2619&SESSAO=";>A maior seleção de Carcaças em Portugal http://www.lojadotelemovel.com/product_info.php3?cPath=509_522&products_id=3534&SESSAO=";>http://www.lojadotelemovel.com/images/6210MISTRALBEGE.jpg"; width="47" height="115"> http://gs.cdnow.com/RP/DMG_ACCUCAST/graphics/spacer.gif"; width="100" height="9" border="0"> A Lojadotelemovel.com orgulha-se de apresentar a maior coleção de carca
RE: Some Help with the mail side of things
Agreed,.. /bin/false works nicely. Sincerely, Daniel J. Rychlik " Money does not make the world go round , Gravity does ." -Original Message- From: Glenn Hocking [mailto:[EMAIL PROTECTED]] Sent: Sunday, May 05, 2002 7:54 PM To: Johnno; [EMAIL PROTECTED] Subject: Re: Some Help with the mail side of things Try setting their shell to /bin/false. This should allow pop3 access but disable ftp/telnet/ssh logins. Best regards Glenn Hocking Publish Media Pty Ltd http://www.sitegeneral.com Johnno wrote: >Hello All, > >I am running Postfix 1.1.3 and ipop3d. > >What I am wanting to do instead of going a adduser etc.. to add a user >mailbox it have it like a virtual system where I can add a user in and when >they pop in there account pick up mail.. at the moment I have to use the >adduser command to make it work so there have a mailbox on the system... > >I have mapped various email addresses to that account and it works find... > >The problem I find is that if a use the adduser they can also ssh or ftp >into there accounts.. this is not want I want to happen... > >how do a get around (apart from running other mail server) hosting domains >and they want the same name.. > >ie.. [EMAIL PROTECTED] and [EMAIL PROTECTED] these are 2 different people... > >I am thinking of maybe a database system.. > >Many Thanks, > Johnno > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Some Help with the mail side of things
Try setting their shell to /bin/false. This should allow pop3 access but disable ftp/telnet/ssh logins. Best regards Glenn Hocking Publish Media Pty Ltd http://www.sitegeneral.com Johnno wrote: >Hello All, > >I am running Postfix 1.1.3 and ipop3d. > >What I am wanting to do instead of going a adduser etc.. to add a user >mailbox it have it like a virtual system where I can add a user in and when >they pop in there account pick up mail.. at the moment I have to use the >adduser command to make it work so there have a mailbox on the system... > >I have mapped various email addresses to that account and it works find... > >The problem I find is that if a use the adduser they can also ssh or ftp >into there accounts.. this is not want I want to happen... > >how do a get around (apart from running other mail server) hosting domains >and they want the same name.. > >ie.. [EMAIL PROTECTED] and [EMAIL PROTECTED] these are 2 different people... > >I am thinking of maybe a database system.. > >Many Thanks, > Johnno > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Some Help with the mail side of things
Hello All, I am running Postfix 1.1.3 and ipop3d. What I am wanting to do instead of going a adduser etc.. to add a user mailbox it have it like a virtual system where I can add a user in and when they pop in there account pick up mail.. at the moment I have to use the adduser command to make it work so there have a mailbox on the system... I have mapped various email addresses to that account and it works find... The problem I find is that if a use the adduser they can also ssh or ftp into there accounts.. this is not want I want to happen... how do a get around (apart from running other mail server) hosting domains and they want the same name.. ie.. [EMAIL PROTECTED] and [EMAIL PROTECTED] these are 2 different people... I am thinking of maybe a database system.. Many Thanks, Johnno -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Spamassasin over RBL, was Re: rblsmtpd -t?
Jason Lim wrote: > > Also note that Spamcop blocks points of origination... that is, afaik, it > blocks the actual sender's IP. > > Now, if your IP was 111.222.111.222 and the spammer's (which is blocked by > spamcop) is 111.222.111.223, then you would still not be affected, because > only the spammer's IP was blocked. > > And Spamcop does *NOT* block entire ranges of IPs like other RBLs, so it > is virtually impossible for you to say that t-online, gmx and web.de are > "blocked". Only the spamming IPs within their ranges would be blocked, NOT > the entire range. A question, so I can understand how SpamCop and RBLs in general work as you understand it. Does SpamCop block the specific IP address of the client workstation/host (as opposed to a mail server) that originated the specific spam message or the IP address of a relay through which the spammer sent his garbage? If it is the IP of the originating host that is blocked, how does this work exactly. Does the mail software check the IP address of each host that handled a message to see if it is blacklisted? If it is the a mail relay, wouldn't that seem to indicate legitimate mail going through that serice provider will be blocked as well? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [Fwd: Re: Spamassasin over RBL, was Re: rblsmtpd -t?]
On Thu, 2 May 2002 21:47:07 +1000, Russell Coker <[EMAIL PROTECTED]> wrote: >On Thu, 2 May 2002 19:58, Glenn Hocking wrote: >> I've found that spamcop blocks email from both GE (General Electric) and >> Pizza Hut mail servers which clients of mine need to receive. > >Are the GE and Pizza Hut cases because of mis-reporting? Or have these >companies spammed? > >Generally, I have found the Spam Cop blocking list to be much too >aggressive for being useable as a filter for an ISP. They classify >spam sources by the amount of legitimate mail they receive compared to >the amount of spam they receive. > >Naturally, an english language organisation does not receive much >legitimate e-mail from Germany, so they have found to frequently list >t-online, gmx and web.de, the three largest e-mail providers for the >german speaking countries, all three of them being pure white head >when it comes to spam fighting. > Hold on... IS any spam coming from t-online, gmx and web.de? Also note that Spamcop blocks points of origination... that is, afaik, it blocks the actual sender's IP. Now, if your IP was 111.222.111.222 and the spammer's (which is blocked by spamcop) is 111.222.111.223, then you would still not be affected, because only the spammer's IP was blocked. And Spamcop does *NOT* block entire ranges of IPs like other RBLs, so it is virtually impossible for you to say that t-online, gmx and web.de are "blocked". Only the spamming IPs within their ranges would be blocked, NOT the entire range. Then, if GMX and these other ISPs kick out that spammer, after 1 week that IP is again clear, so it can again send email. If the same IP repeatedly gets blocked, then the period gets longer, AFAIK. This is why Spamcop's collateral damage is much lower than others in that it does not block entire ranges, and which is why it is suitable for an ISP or Hosting company to use. Sincerely, Jason http://www.zentek-ionternational.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: RBL - Back to basics
[EMAIL PROTECTED] wrote: > > There are several projects which discuss a substitution of traditional > Email with a more modern infrastructure, and I think it is time to > spent effort on pushing this forward and stop loosing time with > preventing what's inevitable - abuse of SMTP. > > Personally I just enlisted in one of these projects - im2000 - > http://cr.yp.to/im2000.html, which aparently has been kind of sleepy > during two years, but actually is kind of awakening. Alot of people will resist this if it means replacing every mail server on the Internet, or even just the mail software on every Internet mail server. This has to be a revision compatible with the existing SMTP protocol or trying to implement this will cause catastrophic damage to the Internet mail infrastructure far worse than SPAM. > To prevent Spam (really), an Email system has some criteria to > fullfill, I will point out some of them here: > > - Sender and Receiver Identity have to be verifyable by the underlying > protocol. I believe this was the original intent of the VRFY command of the SMTP protocol until it was abused by Spammers attempting to confirm their mailing lists. But as for verification of anything beyond email address, some people legitimately don't want names associated with their email addresses. Additionally, as has been raised before regarding proposed legislation, spammers simply need to get a temporary email address from some service provider and then they can send massive quantities of spam from a legitimate address. > - Transmission of the message contents has to be initiated by the > receiver, not by the sender, to allow beforehand trust/cost > negotiation between the two parties: actual Email always puts the > cost on the (helpless) receiver. How can this be possible when the recipient can't possibly know when someone wants to send him something? Even if the protocol were to allow a yes/no answer to accepting the message contents, the recipient will be inundated by a flood of message transfer requests from spammers. For people who operate web sites and look for viewer feedback, how will they know who is sending spam and who is sending comments? This can be worse than getting the actual spam since you have no idea what is what until after you read the content so you be getting double the amount of traffic on the net. > - User configurable comercial advertisment: An Email user shall be > able to allow advertisers to send offers, by criteria defined by the > user. How will the protocol itself verify what is commercial mail and what is feedback or other noncommercial mail? As with the SMTP protocol, it will have to rely on the sender's word as to the validity of message content as stated. All a spammer will have to do is get a program that labels everything as noncommercial mail to defeat the protocol. > A new Email system has to implement a "closed door - open mind" > policy, which simpy does not lend to itself to propagate junk to *@*. With the snail mail system, the postal service simply can't provide a filtering method for junk mail. The recipient has to perform the filtering to "file 13" himself. Even with sophisticated automation of the mail server, how can the proposed new mail protocol allow the above mentioned feedback comments from an unknown user reach the recipient if you have to first get permission for each sender to transmit content to each recipient? This would seem to have a result in overburdening the end user's mail server with the added cost passed along to the end users in the form of higher service fees. At the very least, the end users will still have to perform the filtering themselves. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [Fwd: Re: Spamassasin over RBL, was Re: rblsmtpd -t?]
On Thu, 2 May 2002 21:47:07 +1000, Russell Coker <[EMAIL PROTECTED]> wrote: >On Thu, 2 May 2002 19:58, Glenn Hocking wrote: >> I've found that spamcop blocks email from both GE (General Electric) and >> Pizza Hut mail servers which clients of mine need to receive. > >Are the GE and Pizza Hut cases because of mis-reporting? Or have these >companies spammed? Generally, I have found the Spam Cop blocking list to be much too aggressive for being useable as a filter for an ISP. They classify spam sources by the amount of legitimate mail they receive compared to the amount of spam they receive. Naturally, an english language organisation does not receive much legitimate e-mail from Germany, so they have found to frequently list t-online, gmx and web.de, the three largest e-mail providers for the german speaking countries, all three of them being pure white head when it comes to spam fighting. I wouldn't even use the Spam Cop blocking list for generating RBL-Warning-Headers. Greetings Marc -- -- !! No courtesy copies, please !! - Marc Haber | " Questions are the | Mailadresse im Header Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15 Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]