Re: Monitor bandwidth usage on user by user basis
You're confusing the protocol used to collect the data with the software package used to retain and display the data. Cricket, MRTG, RRDTOOL, Cacti, and NMIS are all examples of tools int his class. What Stephen is asking for unfortunately doesn't' exist as a finished product. If he's comfortable patching kernels he might bea ble to find some patches to do what he wants but as I said, I've looked into this very deeply before and was left wanting. --On Friday, June 25, 2004 08:27 +0200 Hiren <[EMAIL PROTECTED]> wrote: im not sure if smnp is the thing you're looking for, but something of that sort might help ... and displays results in a nice graphical chart for easy viewing. On Thu, 24 Jun 2004, zeroion wrote: Hello all, Is there any way to monitor and log each user's bandwidth usage (data transferred)? I know that I can use scripts to monitor how much bandwidth each user consumes through HTTP, MTA, and FTP logs, but I would also like to monitor how much bandwidth a user consumes through the command line (i.e., wget, lynx, nc). Thanks, Stephen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- Michael Loftis Modwest Sr. Systems Administrator Powerful, Affordable Web Hosting -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Monitor bandwidth usage on user by user basis
Not with a stock kernel. There are a few patches out there to do accounting at the user level in the kernel but none ever seemed to take off. --On Thursday, June 24, 2004 23:13 -0700 zeroion <[EMAIL PROTECTED]> wrote: Hello all, Is there any way to monitor and log each user's bandwidth usage (data transferred)? I know that I can use scripts to monitor how much bandwidth each user consumes through HTTP, MTA, and FTP logs, but I would also like to monitor how much bandwidth a user consumes through the command line (i.e., wget, lynx, nc). Thanks, Stephen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- Michael Loftis Modwest Sr. Systems Administrator Powerful, Affordable Web Hosting -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Monitor bandwidth usage on user by user basis
im not sure if smnp is the thing you're looking for, but something of that sort might help ... and displays results in a nice graphical chart for easy viewing. On Thu, 24 Jun 2004, zeroion wrote: > Hello all, > > Is there any way to monitor and log each user's bandwidth usage (data > transferred)? I know that I can use scripts to monitor how much > bandwidth each user consumes through HTTP, MTA, and FTP logs, but I > would also like to monitor how much bandwidth a user consumes through > the command line (i.e., wget, lynx, nc). > > Thanks, > Stephen > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
(no subject)
What do you have to say about those letters from Africa that seem to be scams? Have you answered any of them. I keep getting them and wonder if any of that is true. Luis Valencia
Monitor bandwidth usage on user by user basis
Hello all, Is there any way to monitor and log each user's bandwidth usage (data transferred)? I know that I can use scripts to monitor how much bandwidth each user consumes through HTTP, MTA, and FTP logs, but I would also like to monitor how much bandwidth a user consumes through the command line (i.e., wget, lynx, nc). Thanks, Stephen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
boost your sexual performance in 30 minutes
The gener!c version costs a fraction of the name brand version. Chemically, GSC-100 is identical to the brand-name version and works just as effectively. This offer is available for a Limited Time. We can guarantee you this pricing for 5 years. Tameka Clermont http://rd.yahoo.com/Gbrt/Sn/Focxu/*http://www.discountedgenerics.com To be taken off the marketing list for generic medications or related products, use this link here: http://rd.yahoo.com/Rmlr/Hbfvat/Yat/*http://discountedgenerics.com n8Vrexhkc
(no subject)
What do you have to say about those letters from Africa that seem to be scams? Have you answered any of them. I keep getting them and wonder if any of that is true. Luis Valencia
boost your sexual performance in 30 minutes
The gener!c version costs a fraction of the name brand version. Chemically, GSC-100 is identical to the brand-name version and works just as effectively. This offer is available for a Limited Time. We can guarantee you this pricing for 5 years. Tameka Clermont http://rd.yahoo.com/Gbrt/Sn/Focxu/*http://www.discountedgenerics.com To be taken off the marketing list for generic medications or related products, use this link here: http://rd.yahoo.com/Rmlr/Hbfvat/Yat/*http://discountedgenerics.com n8Vrexhkc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
On Thu, Jun 24, 2004 at 08:46:20AM -0400, Mark Bucciarelli wrote: > On Thursday 24 June 2004 08:17, Kilian Krause wrote: > > Hi Mark, > > > > Am Do, den 24.06.2004 schrieb Mark Bucciarelli um 14:06: > > > I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: header, > > > not From:, so I think this case should work fine ... > > > > so you mean this will also cut down the secondary spam through mailinglists > > (which have a proper SPF most probably). > > No. I meant that I send my domain mail through my ISP's SMTP server and I > can setup my domain's DNS txt record so this works with SPF. yes. SPF is useful for small domains, including small businesses, SOHO, and vanity domains. it's also useful for corporations that have mail gateways through which ALL of their outbound mail is supposed to pass. it's not much use in any other circumstance. e.g. i have SPF records in my home domains. it is appropriate to have them there because i *KNOW* with absolute 100% certainty which hosts are allowed to send mail claiming to be from those domains. i also have them because the cost of having them is negligible (a few minutes of time to create them) even if there aren't many mail servers which actually check them (hopefully that will change in future) - in other words, they're not much use at the moment but it didn't cost me much to publish the SPF TXT records. i don't have SPF records in any of the thousands of domains on my name-server at work (an ISP) because i do not and can not know which hosts should be allowed to send mail claiming to be from these domains. > [BTW, debian.org does not have an SPF entry.] nor should it. there are over a thousand @debian.org addresses, belonging to over a thousand people, all of whom use their own internet connections to send mail. it would be impossible to specify all the hosts allowed to send mail claiming to be from @debian.org. as mentioned before, SPF is only useful where the owner of a domain can define exactly which hosts are allowed to send mail claiming to be from that domain. as you correctly deduced earlier (but incorrectly dismissed), it IS a very small percentage of domains which can do this. for every domain that can have SPF records, there are tens of thousands that can't...and for every domain that actually does have them, there are millions that don't. that will always be the case. SPF is not useful as a generic anti-spam/anti-virus tool. it is a specifically focused anti-forgery tool with a very limited and small set of domains where it can be used. sorry to burst your bubble, but wishful thinking won't make it any different. craig ps: more on SPF records for debian.org..it's a good idea to think about the consequences of any action *BEFORE* doing it. jumping on the bandwagon just because it's fashionable or because it's all shiny and new is stupid. -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home"
Re: Which Spam Block List to use for a network?
On Thu, 24 Jun 2004 09:19:41 -0400, Mark Bucciarelli <[EMAIL PROTECTED]> wrote: > Q: Do all hotmail accounts have Caller-ID records? > (Sorry about the broken replying in my last message) It's not about hotmail *accounts*, it's either hotmail.com has published SPF/Caller-ID records or not. I can't check from where I am now, but try: # host -t MX hotmail.com Also, try: # host -t MX gmail.com The last time I checked, hotmail didn't have any TXT records anymore, either Caller-ID nor SPF. I am almost sure it had published Caller-ID records before. In the other hand, Gmail has a "-all" SPF record, which is nice for us mail admins, who could block fake @gmail.com - like those @yahoo, @msn, @hotmail that come all the time. They are usually blocked by some other methods, but some pass. I disagree with Craig Sanders. I understand that "their users have legitimate needs to send mail using their address from any arbitrary location, which is exactly what SPF works to prevent.", but that's why there is "~all" and other partial, graylisting options. And the *hope* is mail servers that doesn't use SASL authentication to do so. I think SPF can help a lot, because phishing and spamming are very related. One can be fooled to read a mail from "[EMAIL PROTECTED]" just because he thinks it is legitimate. This happens all the time. (it could be hotmail.com or any other domain) Btw, a very important feature I use in some implementations is that the mail server will not accept mail from its own domains if the user is not authenticated, even if the final destination is a valid user. I've noticed a lot of spam comes with a MAIL FROM (or From, I'm not sure) faked to the 'domain.tld' part of the smtp server greeting. This seems to work for me in most scenarios (all my users already have to authenticate using SASL, anyway). What are your thoughts? A small contribution: For those who are still in doubt, the idea of SPF is: one can only send mails with a @gmail.com sender address from those servers specified by SPF records in the gmail.com TXT domain record. If you want to send e-mail from somewhere else, you must ideally authenticate to gmail's SMTP server (SASL is the keyword here). If you send e-mail from somewhere else, my server will block you, since it has an SPF checker (postfix's spf policyd). This is been a very informative discussion. Thanks! -- Yves Junqueira www.lynx.com.br
Re: Which Spam Block List to use for a network?
On Thu, Jun 24, 2004 at 08:46:20AM -0400, Mark Bucciarelli wrote: > On Thursday 24 June 2004 08:17, Kilian Krause wrote: > > Hi Mark, > > > > Am Do, den 24.06.2004 schrieb Mark Bucciarelli um 14:06: > > > I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: header, > > > not From:, so I think this case should work fine ... > > > > so you mean this will also cut down the secondary spam through mailinglists > > (which have a proper SPF most probably). > > No. I meant that I send my domain mail through my ISP's SMTP server and I > can setup my domain's DNS txt record so this works with SPF. yes. SPF is useful for small domains, including small businesses, SOHO, and vanity domains. it's also useful for corporations that have mail gateways through which ALL of their outbound mail is supposed to pass. it's not much use in any other circumstance. e.g. i have SPF records in my home domains. it is appropriate to have them there because i *KNOW* with absolute 100% certainty which hosts are allowed to send mail claiming to be from those domains. i also have them because the cost of having them is negligible (a few minutes of time to create them) even if there aren't many mail servers which actually check them (hopefully that will change in future) - in other words, they're not much use at the moment but it didn't cost me much to publish the SPF TXT records. i don't have SPF records in any of the thousands of domains on my name-server at work (an ISP) because i do not and can not know which hosts should be allowed to send mail claiming to be from these domains. > [BTW, debian.org does not have an SPF entry.] nor should it. there are over a thousand @debian.org addresses, belonging to over a thousand people, all of whom use their own internet connections to send mail. it would be impossible to specify all the hosts allowed to send mail claiming to be from @debian.org. as mentioned before, SPF is only useful where the owner of a domain can define exactly which hosts are allowed to send mail claiming to be from that domain. as you correctly deduced earlier (but incorrectly dismissed), it IS a very small percentage of domains which can do this. for every domain that can have SPF records, there are tens of thousands that can't...and for every domain that actually does have them, there are millions that don't. that will always be the case. SPF is not useful as a generic anti-spam/anti-virus tool. it is a specifically focused anti-forgery tool with a very limited and small set of domains where it can be used. sorry to burst your bubble, but wishful thinking won't make it any different. craig ps: more on SPF records for debian.org..it's a good idea to think about the consequences of any action *BEFORE* doing it. jumping on the bandwagon just because it's fashionable or because it's all shiny and new is stupid. -- craig sanders <[EMAIL PROTECTED]> The next time you vote, remember that "Regime change begins at home" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
On Thu, 24 Jun 2004 09:19:41 -0400, Mark Bucciarelli <[EMAIL PROTECTED]> wrote: > Q: Do all hotmail accounts have Caller-ID records? > (Sorry about the broken replying in my last message) It's not about hotmail *accounts*, it's either hotmail.com has published SPF/Caller-ID records or not. I can't check from where I am now, but try: # host -t MX hotmail.com Also, try: # host -t MX gmail.com The last time I checked, hotmail didn't have any TXT records anymore, either Caller-ID nor SPF. I am almost sure it had published Caller-ID records before. In the other hand, Gmail has a "-all" SPF record, which is nice for us mail admins, who could block fake @gmail.com - like those @yahoo, @msn, @hotmail that come all the time. They are usually blocked by some other methods, but some pass. I disagree with Craig Sanders. I understand that "their users have legitimate needs to send mail using their address from any arbitrary location, which is exactly what SPF works to prevent.", but that's why there is "~all" and other partial, graylisting options. And the *hope* is mail servers that doesn't use SASL authentication to do so. I think SPF can help a lot, because phishing and spamming are very related. One can be fooled to read a mail from "[EMAIL PROTECTED]" just because he thinks it is legitimate. This happens all the time. (it could be hotmail.com or any other domain) Btw, a very important feature I use in some implementations is that the mail server will not accept mail from its own domains if the user is not authenticated, even if the final destination is a valid user. I've noticed a lot of spam comes with a MAIL FROM (or From, I'm not sure) faked to the 'domain.tld' part of the smtp server greeting. This seems to work for me in most scenarios (all my users already have to authenticate using SASL, anyway). What are your thoughts? A small contribution: For those who are still in doubt, the idea of SPF is: one can only send mails with a @gmail.com sender address from those servers specified by SPF records in the gmail.com TXT domain record. If you want to send e-mail from somewhere else, you must ideally authenticate to gmail's SMTP server (SASL is the keyword here). If you send e-mail from somewhere else, my server will block you, since it has an SPF checker (postfix's spf policyd). This is been a very informative discussion. Thanks! -- Yves Junqueira www.lynx.com.br -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Using rblsmtpd and postmaster still receiving mail from all (even blacklisted) hosts
Hi, I tried to find the answer for the question below everywhere (even on the qmail list), but could not find it so far. Hopefully you can help me...I use rblsmtpd on my Qmail server to block mail from hosts that are listed on some blacklists, but I would like to keep my postmaster address ([EMAIL PROTECTED]) receiving mail from all other hosts, even if they are listed on blacklists. Is there a way to achieve this? Thanks in advance! Kind regards, Jasper
Re: Which Spam Block List to use for a network?
On Thursday 24 June 2004 10:09, Kilian Krause wrote: > Hi Mark, > > > For most cases, it doesn't cost anything to implement SPF now. And if > > you do it, and tell two friends, and they tell two friends ... > > well, this may be correct. However i miss the config sniplet to drop > into exim4 in spf.pobox.com. So how do i make my MTA verify SPF? > (setting up the DNS is easy enough, but i also want to check the others, > wouldn't i? *g*) http://spf.pobox.com/downloads.html
Re: Which Spam Block List to use for a network?
Hi again, Am Do, den 24.06.2004 schrieb Kilian Krause um 16:09: > Hi Mark, > > > For most cases, it doesn't cost anything to implement SPF now. And if you > > do it, and tell two friends, and they tell two friends ... > > well, this may be correct. However i miss the config sniplet to drop > into exim4 in spf.pobox.com. So how do i make my MTA verify SPF? > (setting up the DNS is easy enough, but i also want to check the others, > wouldn't i? *g*) well, i seem to just have found it after clicking send. http://spf.pobox.com/exim4.spf.acl-2.09.txt However when installing "libmail-spf-query-perl" there's no /etc/init.d script to launch spfd. Is there any plans to add this? Is the spfd version even recommended? Afterall that's exim4-daemon-heavy running sa-exim already, so it should be able to deal with the perl module itself, shouldn't it? Any configs out there already? -- Best regards, Kilian signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: Which Spam Block List to use for a network?
Hi Mark, > For most cases, it doesn't cost anything to implement SPF now. And if you > do it, and tell two friends, and they tell two friends ... well, this may be correct. However i miss the config sniplet to drop into exim4 in spf.pobox.com. So how do i make my MTA verify SPF? (setting up the DNS is easy enough, but i also want to check the others, wouldn't i? *g*) -- Best regards, Kilian signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
AW: Which Spam Block List to use for a network?
test -Ursprüngliche Nachricht- Von: Mark Bucciarelli [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 24. Juni 2004 15:20 An: debian-isp@lists.debian.org Betreff: Re: Which Spam Block List to use for a network? On Wednesday 23 June 2004 20:51, Craig Sanders wrote: > most ISPs (and mail service providers like yahoo and hotmail), for > instance, will never have SPF records in their DNS. they may use SPF > checking on their own MX servers, but they won't have the records in > their DNS. Looks like you can use SPF with Hotmail since February. "February 26th 2004: The latest version of Mail::SPF::Query will parse Caller-ID records! SPF-enabled MTAs can now read Hotmail and Microsoft.com's records and translate them into SPF format." [1] Q: Do all hotmail accounts have Caller-ID records? Regards, Mark [1] http://spf.pobox.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Using rblsmtpd and postmaster still receiving mail from all (even blacklisted) hosts
Hi, I tried to find the answer for the question below everywhere (even on the qmail list), but could not find it so far. Hopefully you can help me...I use rblsmtpd on my Qmail server to block mail from hosts that are listed on some blacklists, but I would like to keep my postmaster address ([EMAIL PROTECTED]) receiving mail from all other hosts, even if they are listed on blacklists. Is there a way to achieve this? Thanks in advance! Kind regards, Jasper -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
On Thu, 24 Jun 2004, Mark Bucciarelli wrote: > > > I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: header, > > > not From:, so I think this case should work fine ... > > are you sure ? i never see such header ! > Yes. See http://spf.pobox.com/faq.html that is mail from: not mail-from: how can i see it as a recipient ? I do not trust other systems for filtering ! After all, there is no problem in giving a fake address as "mail from" so you on the end should test if the alleged from is conformat with the originatin host, and yopu are agin in teroble is someone send a message from another domain .
Re: Which Spam Block List to use for a network?
On Wednesday 23 June 2004 20:51, Craig Sanders wrote: > most ISPs (and mail service providers like yahoo and hotmail), for > instance, will never have SPF records in their DNS. they may use SPF > checking on their own MX servers, but they won't have the records in > their DNS. Looks like you can use SPF with Hotmail since February. "February 26th 2004: The latest version of Mail::SPF::Query will parse Caller-ID records! SPF-enabled MTAs can now read Hotmail and Microsoft.com's records and translate them into SPF format." [1] Q: Do all hotmail accounts have Caller-ID records? Regards, Mark [1] http://spf.pobox.com/
Re: Which Spam Block List to use for a network?
On Thursday 24 June 2004 08:17, Kilian Krause wrote: > Hi Mark, > > Am Do, den 24.06.2004 schrieb Mark Bucciarelli um 14:06: > > I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: header, > > not From:, so I think this case should work fine ... > > so you mean this will also cut down the secondary spam through > mailinglists (which have a proper SPF most probably). No. I meant that I send my domain mail through my ISP's SMTP server and I can setup my domain's DNS txt record so this works with SPF. [BTW, debian.org does not have an SPF entry.] > How is that MTA > gonna see within the MAIL FROM whom this was forwarded for? > I mean, the general issue (for me) is not the spam i receive directly > through my primary host, but those that's forwarding email-addresses, > which have a whitelisted mx host re-sending me the spam they accepted It's the other server's responsibility, not yours. I guess you have the option not to whitelist them, since they send you spam. Regards, Mark
Re: Which Spam Block List to use for a network?
On Thursday 24 June 2004 08:48, Leonardo Boselli wrote: > On Thu, 24 Jun 2004, Mark Bucciarelli wrote: > > > > I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: > > > > header, not From:, so I think this case should work fine ... > > > > > > are you sure ? i never see such header ! > > > > Yes. See http://spf.pobox.com/faq.html > > that is mail from: not mail-from: > how can i see it as a recipient ? I do not trust other systems for > filtering ! > After all, there is no problem in giving a fake address as "mail from" > so you on the end should test if the alleged from is conformat with the > originatin host, and yopu are agin in teroble is someone send a message > from another domain . Somewhere along the mail trail, the spammer forged the MAIL FROM header and sent an email from a server not associated with the forged domain. That's where SPF can work. Once that email is accepted by the receiving server, the game is over. For most cases, it doesn't cost anything to implement SPF now. And if you do it, and tell two friends, and they tell two friends ... There are only two significant problem that I know of with SPF: (1) "traditional UNIX .forward files and /etc/aliases files" [1] don't change the return-path address in the envelop. (2) greeting card sites and "e-mail me this news article" sites use your email address in the envelop as well as the From: header. For (1), you can use remailing instead. For (2), you have to ask the site to change their policy. Newer sites may already work (for example, Orkut doesn't have this problem). [1] Linux Journal, May 2004, p. 53 Regards, Mark
Re: Which Spam Block List to use for a network?
Hi Mark, > It's the other server's responsibility, not yours. I guess you have the > option not to whitelist them, since they send you spam. That's technically correct. However it lacks the important bit. It's my *problem* not theirs. (for i still get the spam, even if they *SHOULD* be blocking it) Thus I still want to eliminate it, for telling they shouldn't be sending it to me in the first place doesn't delete it, does it? -- Best regards, Kilian signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: Which Spam Block List to use for a network?
On Thursday 24 June 2004 10:09, Kilian Krause wrote: > Hi Mark, > > > For most cases, it doesn't cost anything to implement SPF now. And if > > you do it, and tell two friends, and they tell two friends ... > > well, this may be correct. However i miss the config sniplet to drop > into exim4 in spf.pobox.com. So how do i make my MTA verify SPF? > (setting up the DNS is easy enough, but i also want to check the others, > wouldn't i? *g*) http://spf.pobox.com/downloads.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
On Thursday 24 June 2004 08:23, Leonardo Boselli wrote: > On Thu, 24 Jun 2004, Mark Bucciarelli wrote: > > On Wednesday 23 June 2004 21:58, Jason Lim wrote: > > > This also applies to most hosting companies. If your ISP prevents > > > outgoing SMTP (port 25) to other mail servers and you are forced to > > > use your ISP's mail servers, then the "mail server" is not going to > > > match that of your hosting account or domain name. Thus SPF fails > > > again in this case. > > > > I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: header, > > not From:, so I think this case should work fine ... > > are you sure ? i never see such header ! Yes. See http://spf.pobox.com/faq.html Regards, Mark
Re: Which Spam Block List to use for a network?
Hi again, Am Do, den 24.06.2004 schrieb Kilian Krause um 16:09: > Hi Mark, > > > For most cases, it doesn't cost anything to implement SPF now. And if you > > do it, and tell two friends, and they tell two friends ... > > well, this may be correct. However i miss the config sniplet to drop > into exim4 in spf.pobox.com. So how do i make my MTA verify SPF? > (setting up the DNS is easy enough, but i also want to check the others, > wouldn't i? *g*) well, i seem to just have found it after clicking send. http://spf.pobox.com/exim4.spf.acl-2.09.txt However when installing "libmail-spf-query-perl" there's no /etc/init.d script to launch spfd. Is there any plans to add this? Is the spfd version even recommended? Afterall that's exim4-daemon-heavy running sa-exim already, so it should be able to deal with the perl module itself, shouldn't it? Any configs out there already? -- Best regards, Kilian signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: Which Spam Block List to use for a network?
Hi Mark, > For most cases, it doesn't cost anything to implement SPF now. And if you > do it, and tell two friends, and they tell two friends ... well, this may be correct. However i miss the config sniplet to drop into exim4 in spf.pobox.com. So how do i make my MTA verify SPF? (setting up the DNS is easy enough, but i also want to check the others, wouldn't i? *g*) -- Best regards, Kilian signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: Which Spam Block List to use for a network?
On Thu, 24 Jun 2004, Mark Bucciarelli wrote: > On Wednesday 23 June 2004 21:58, Jason Lim wrote: > > This also applies to most hosting companies. If your ISP prevents > > outgoing SMTP (port 25) to other mail servers and you are forced to use > > your ISP's mail servers, then the "mail server" is not going to match > > that of your hosting account or domain name. Thus SPF fails again in > > this case. > I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: header, not > From:, so I think this case should work fine ... are you sure ? i never see such header !
Re: Which Spam Block List to use for a network?
Hi Mark, Am Do, den 24.06.2004 schrieb Mark Bucciarelli um 14:06: > I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: header, not > From:, so I think this case should work fine ... so you mean this will also cut down the secondary spam through mailinglists (which have a proper SPF most probably). How is that MTA gonna see within the MAIL FROM whom this was forwarded for? I mean, the general issue (for me) is not the spam i receive directly through my primary host, but those that's forwarding email-addresses, which have a whitelisted mx host re-sending me the spam they accepted (which would have been rejected if it was sent to my primary email address). For that problem I currently see no other way than doing content scanning. But please anybody enlighten me in case i have missed a point on SPF or the rest of the discussion. -- Best regards, Kilian signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: Which Spam Block List to use for a network?
On Wednesday 23 June 2004 21:58, Jason Lim wrote: > This also applies to most hosting companies. If your ISP prevents > outgoing SMTP (port 25) to other mail servers and you are forced to use > your ISP's mail servers, then the "mail server" is not going to match > that of your hosting account or domain name. Thus SPF fails again in > this case. I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: header, not From:, so I think this case should work fine ... Regards, Mark
Re: Which Spam Block List to use for a network?
On Wednesday 23 June 2004 20:51, Craig Sanders wrote: > On Wed, Jun 23, 2004 at 12:05:57PM -0300, Yves Junqueira wrote: > > SPF is a proposed standard. > > http://www.ietf.org/internet-drafts/draft-mengwong-spf-00.txt > > Even Microsoft seemed to drops its CallerID proposal in favor of SPF. > > Check spf.pobox.com > SPF isn't a very effective tool for blocking spam or viruses. it is a > tool for preventing some kinds of forgery. it is useful where the owner > of a domain can strictly define which hosts are allowed to send mail > claiming to be from their domain. it is not useful otherwise. I sense an implication that this is some small percentage of total non-spam email. Doesn't this cover a _huge_ percentage of valid email? Who does this rule out other than power users with an MTA on a their laptop or people using greeting card sites? Also, according to Meng Weng's Linux Journal article, SPF makes provisions for power users with their own MTA on dynamic IP's (even if Russel doesn't ;). In addition, if you are a power user that uses forward files, if you switch to remailing SPF will also work. These require using advanced SPF: the "exists" and "include" mechanisms. > most ISPs (and mail service providers like yahoo and hotmail), for > instance, will never have SPF records in their DNS. they may use SPF > checking on their own MX servers, but they won't have the records in > their DNS. their users have legitimate needs to send mail using their > address from any arbitrary location, which is exactly what SPF works to > prevent. Why do you say never? If it's good enough for aol and google, why not hotmail and yahoo? According to spf.pobox.com, Microsoft has endorsed SPF as a standard. Regards, Mark
AW: Which Spam Block List to use for a network?
test -Ursprüngliche Nachricht- Von: Mark Bucciarelli [mailto:[EMAIL PROTECTED] Gesendet: Donnerstag, 24. Juni 2004 15:20 An: [EMAIL PROTECTED] Betreff: Re: Which Spam Block List to use for a network? On Wednesday 23 June 2004 20:51, Craig Sanders wrote: > most ISPs (and mail service providers like yahoo and hotmail), for > instance, will never have SPF records in their DNS. they may use SPF > checking on their own MX servers, but they won't have the records in > their DNS. Looks like you can use SPF with Hotmail since February. "February 26th 2004: The latest version of Mail::SPF::Query will parse Caller-ID records! SPF-enabled MTAs can now read Hotmail and Microsoft.com's records and translate them into SPF format." [1] Q: Do all hotmail accounts have Caller-ID records? Regards, Mark [1] http://spf.pobox.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
On Wednesday 23 June 2004 20:51, Craig Sanders wrote: > most ISPs (and mail service providers like yahoo and hotmail), for > instance, will never have SPF records in their DNS. they may use SPF > checking on their own MX servers, but they won't have the records in > their DNS. Looks like you can use SPF with Hotmail since February. "February 26th 2004: The latest version of Mail::SPF::Query will parse Caller-ID records! SPF-enabled MTAs can now read Hotmail and Microsoft.com's records and translate them into SPF format." [1] Q: Do all hotmail accounts have Caller-ID records? Regards, Mark [1] http://spf.pobox.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
On Thursday 24 June 2004 08:48, Leonardo Boselli wrote: > On Thu, 24 Jun 2004, Mark Bucciarelli wrote: > > > > I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: > > > > header, not From:, so I think this case should work fine ... > > > > > > are you sure ? i never see such header ! > > > > Yes. See http://spf.pobox.com/faq.html > > that is mail from: not mail-from: > how can i see it as a recipient ? I do not trust other systems for > filtering ! > After all, there is no problem in giving a fake address as "mail from" > so you on the end should test if the alleged from is conformat with the > originatin host, and yopu are agin in teroble is someone send a message > from another domain . Somewhere along the mail trail, the spammer forged the MAIL FROM header and sent an email from a server not associated with the forged domain. That's where SPF can work. Once that email is accepted by the receiving server, the game is over. For most cases, it doesn't cost anything to implement SPF now. And if you do it, and tell two friends, and they tell two friends ... There are only two significant problem that I know of with SPF: (1) "traditional UNIX .forward files and /etc/aliases files" [1] don't change the return-path address in the envelop. (2) greeting card sites and "e-mail me this news article" sites use your email address in the envelop as well as the From: header. For (1), you can use remailing instead. For (2), you have to ask the site to change their policy. Newer sites may already work (for example, Orkut doesn't have this problem). [1] Linux Journal, May 2004, p. 53 Regards, Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
Hi Mark, > It's the other server's responsibility, not yours. I guess you have the > option not to whitelist them, since they send you spam. That's technically correct. However it lacks the important bit. It's my *problem* not theirs. (for i still get the spam, even if they *SHOULD* be blocking it) Thus I still want to eliminate it, for telling they shouldn't be sending it to me in the first place doesn't delete it, does it? -- Best regards, Kilian signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: Which Spam Block List to use for a network?
On Thu, 24 Jun 2004, Mark Bucciarelli wrote: > > > I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: header, > > > not From:, so I think this case should work fine ... > > are you sure ? i never see such header ! > Yes. See http://spf.pobox.com/faq.html that is mail from: not mail-from: how can i see it as a recipient ? I do not trust other systems for filtering ! After all, there is no problem in giving a fake address as "mail from" so you on the end should test if the alleged from is conformat with the originatin host, and yopu are agin in teroble is someone send a message from another domain . -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
On Thursday 24 June 2004 08:17, Kilian Krause wrote: > Hi Mark, > > Am Do, den 24.06.2004 schrieb Mark Bucciarelli um 14:06: > > I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: header, > > not From:, so I think this case should work fine ... > > so you mean this will also cut down the secondary spam through > mailinglists (which have a proper SPF most probably). No. I meant that I send my domain mail through my ISP's SMTP server and I can setup my domain's DNS txt record so this works with SPF. [BTW, debian.org does not have an SPF entry.] > How is that MTA > gonna see within the MAIL FROM whom this was forwarded for? > I mean, the general issue (for me) is not the spam i receive directly > through my primary host, but those that's forwarding email-addresses, > which have a whitelisted mx host re-sending me the spam they accepted It's the other server's responsibility, not yours. I guess you have the option not to whitelist them, since they send you spam. Regards, Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
On Thursday 24 June 2004 08:23, Leonardo Boselli wrote: > On Thu, 24 Jun 2004, Mark Bucciarelli wrote: > > On Wednesday 23 June 2004 21:58, Jason Lim wrote: > > > This also applies to most hosting companies. If your ISP prevents > > > outgoing SMTP (port 25) to other mail servers and you are forced to > > > use your ISP's mail servers, then the "mail server" is not going to > > > match that of your hosting account or domain name. Thus SPF fails > > > again in this case. > > > > I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: header, > > not From:, so I think this case should work fine ... > > are you sure ? i never see such header ! Yes. See http://spf.pobox.com/faq.html Regards, Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
On Thu, 24 Jun 2004, Mark Bucciarelli wrote: > On Wednesday 23 June 2004 21:58, Jason Lim wrote: > > This also applies to most hosting companies. If your ISP prevents > > outgoing SMTP (port 25) to other mail servers and you are forced to use > > your ISP's mail servers, then the "mail server" is not going to match > > that of your hosting account or domain name. Thus SPF fails again in > > this case. > I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: header, not > From:, so I think this case should work fine ... are you sure ? i never see such header ! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
Hi Mark, Am Do, den 24.06.2004 schrieb Mark Bucciarelli um 14:06: > I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: header, not > From:, so I think this case should work fine ... so you mean this will also cut down the secondary spam through mailinglists (which have a proper SPF most probably). How is that MTA gonna see within the MAIL FROM whom this was forwarded for? I mean, the general issue (for me) is not the spam i receive directly through my primary host, but those that's forwarding email-addresses, which have a whitelisted mx host re-sending me the spam they accepted (which would have been rejected if it was sent to my primary email address). For that problem I currently see no other way than doing content scanning. But please anybody enlighten me in case i have missed a point on SPF or the rest of the discussion. -- Best regards, Kilian signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: Which Spam Block List to use for a network?
On Wednesday 23 June 2004 21:58, Jason Lim wrote: > This also applies to most hosting companies. If your ISP prevents > outgoing SMTP (port 25) to other mail servers and you are forced to use > your ISP's mail servers, then the "mail server" is not going to match > that of your hosting account or domain name. Thus SPF fails again in > this case. I'm pretty sure this is incorrect. SPF checks the MAIL-FROM: header, not From:, so I think this case should work fine ... Regards, Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Which Spam Block List to use for a network?
On Wednesday 23 June 2004 20:51, Craig Sanders wrote: > On Wed, Jun 23, 2004 at 12:05:57PM -0300, Yves Junqueira wrote: > > SPF is a proposed standard. > > http://www.ietf.org/internet-drafts/draft-mengwong-spf-00.txt > > Even Microsoft seemed to drops its CallerID proposal in favor of SPF. > > Check spf.pobox.com > SPF isn't a very effective tool for blocking spam or viruses. it is a > tool for preventing some kinds of forgery. it is useful where the owner > of a domain can strictly define which hosts are allowed to send mail > claiming to be from their domain. it is not useful otherwise. I sense an implication that this is some small percentage of total non-spam email. Doesn't this cover a _huge_ percentage of valid email? Who does this rule out other than power users with an MTA on a their laptop or people using greeting card sites? Also, according to Meng Weng's Linux Journal article, SPF makes provisions for power users with their own MTA on dynamic IP's (even if Russel doesn't ;). In addition, if you are a power user that uses forward files, if you switch to remailing SPF will also work. These require using advanced SPF: the "exists" and "include" mechanisms. > most ISPs (and mail service providers like yahoo and hotmail), for > instance, will never have SPF records in their DNS. they may use SPF > checking on their own MX servers, but they won't have the records in > their DNS. their users have legitimate needs to send mail using their > address from any arbitrary location, which is exactly what SPF works to > prevent. Why do you say never? If it's good enough for aol and google, why not hotmail and yahoo? According to spf.pobox.com, Microsoft has endorsed SPF as a standard. Regards, Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
《緊急情報のお知らせ!簡単確実100%嘘偽り一切なし!》
$B!T6[5^>pJs$N$*CN$i$;!*4JC13N<[EMAIL PROTECTED](B
(B
$B!!"!!|"!%Q%V%j%C%/#S#O#H#O"!!|"!(B
(B
$B!y!!(B http://my.formman.com/form/pc/yOtRNQD5yfYtIeHW/$B!!!y(B
(B
(B $B!!!~!{!~!!FH<+G[?.HG8BDj(B [EMAIL PROTECTED](B
(B--
(B$BK\Ev$K$"$C$?2T$2$kOC!#Bh#1OC!&!&!&!J=i?449$G$9!o!J!0!2!0!K!o(B
(B
$B!vHQ$o$7$$%9%-%k%A%'%C%/!&!&!&(B
(B[EMAIL PROTECTED]"%C%W$N;~4V$,/$7$G$bM>J,$K2T$2$l$P!&!&!&(B
(B[EMAIL PROTECTED]&$=$&;E;v$,!&!&!&(B
$B!vI,$:Kh7n;E;v$,$[$7$$$N$K!&!&!&(B
(B
(B [EMAIL PROTECTED]"=i?4DL$j2T$$$G$$$^$9$+!)!Y(B
(B
(B[EMAIL PROTECTED],$"$j$^$;$s!*!z!y(B
(B
(B
$B!!DL>o$N:_Bp%o!<%/$O%9%-%k$,$J$1$l$P$G$-$^$;$s!#%9%-%k%A%'%C%/$Kl$rGK2u$9$k(B
$B6HL3K832$H$7$FAJ$($?$$$N$,8=>u$G$9!#(B
$B!!J@o$K0BDjE*$J;E;v$r6!5k$9$k$3$H$,3Ne%^%&%9$G9T$&0Y!"%Q%=%3%sL$7P83fIW$G$9!*(B
(B
(B($B"(Cm"(8=:_$O(BWindows$B$N$_BP1~$G$9!*!*!K(B
$B!!(B
$B"!>\$7$$FbMF!";[EMAIL PROTECTED]<5-$N%"%I%l%9$K$FL5NAH/AwCW$7$^$9!#"!(B
(B
$B!!!~(Bhttp://my.formman.com/form/pc/yOtRNQD5yfYtIeHW/$B!~(B
$B(B
$B!!!ZB(<}F~$K7k$S$D$/=i?4http://my.formman.com/form/pc/yOtRNQD5yfYtIeHW/$B!Y$X%"%/%;%9$9$k!#(B
$B#2!%(B $B!X%H%C%W2hLL!Y"*!X;[EMAIL PROTECTED](B
$B#3!%(B $B%U%)!<%`$K$7$?$,$C$FI,MW;v9`$rF~NO$9$k!#(B
$B#4!%(B $B%a!<%k%"%I%l%9$O$*4V0c$($N$J$$$h$&$KF~NO$7$F$/[EMAIL PROTECTED](B
$B#5!%!!I,MW;v9`$r$9$Y$FF~NO$7!"!XAw?.!Y$r%/%j%C%/!#(B
$B#6!%!!%a!<%kJX$K$FMbF|!&[EMAIL
(BPROTECTED]|$K$OL5NA%Q%s%U%l%C%H$OE~Ce$$$?$7$^$9!#(B
(B
(B
(B
(B
$B!z!y!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!y!z(B
(B $B!z!y!z!!%a!<%k%^%,%8%s2r=|J}Ky!z!y(B
$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B
$B"#Ev%a%k%^%,$NITMW$JJ}$O!"$3$N%^%,%8%s$N0lHV:G8e$K#1%/%j%C%/$G(B
$B2r=|$G$-$k#U#R#L$,$"$j$^$9!#$^$?!"$=$l$G$b$&$^$/$$$+$J$$>l9g$O!"(B
$B$*\:Y!">&IJ!&%5!<%S%9$K$D$$$F$O!"%[%C%H%$%s%U%)%a!<%7%g(B
$B%s(B($B3t(B)$B$G$O$*Ez$($9$k$3$H$,$G$-$^$;$s!#%a!<%kCf$G$40FFb$7$F$$$k3F4k6H$N$*(B
$BLd$$9g$o$;Ak8}$r$43NG'$/[EMAIL PROTECTED](B
$B$^$?!"(BHTML$B7A<0$G$*Aw$j$9$k%a!<%k$K$O%&%'%C%V%S!<%3%s$,;HMQ$5$l$F$$$^$9!#(B
(B
$B"'G[?.Dd;_!"$^$?$O?4$"$?$j$,$J$$>l9g(B
(Bhttp://news.hot.hot.com/VAY6qoU.yTmjdeDZ9_MoGixYY
$B"'[EMAIL PROTECTED](B
(Bhttp://direct.hot.hot.com/config/delivernews.src=deliver
$B"'(BHot Hot News$B$K$D$$$F$N$*Ld9g$;!&$4http://help.hot.hot.com/help/jp/delivers/news/
(B
$B$&$^$/2r=|$G$-$J$$>l9g$O!"$*$r!V2r=|4uK>!W$H$7$F!"(B
$B$3$N%a!<%k$NFbMF$r$9$Y$F0zMQ$7$F(B [EMAIL PROTECTED] $B$^$G$*Aw$j$/[EMAIL
(BPROTECTED](B
(B
$B"(%a!<%k$,Jx$l$F8+$($k>l9g$O!V(BMS$B%4%7%C%/!W$d!V(BOsaka$BEyI}!W$J$IEyI}%U%)%s(B
$B%H$G$4Mw$/[EMAIL PROTECTED](B
(B
(B
$BCm!'G[?.%7%9%F%`$N;EMM>e!"2r=|:n6H$,CY$l$k;v$,$"$j$^$9!#(B
$B$4N;>5$/[EMAIL PROTECTED](B
(B
(B=
