Bug#1043539: project: Forwarding of @debian.org mails to gmail broken
Hallo! Du (Russ Allbery) hast geschrieben: >The problem I suspect is with email forwarding, and specifically email >forwarding to Gmail, which has recently ramped up the amount of >verification it does on messages. Because of email forwarding, Gmail sees >a message purportedly from helgefjell.de but actually delivered by >debian.org mail servers, and has now decided to be suspicious of that. >If that's correct, you'll only have this problem with Debian developers >who forward their @debian.org addresses to Gmail. Gmail handles some >large percentage of all email on the Internet, so this probably isn't >rare, but Debian developers are less likely to use it than random Internet >users for obvious reasons, so it doesn't surprise me you've not run into >the problem before. (In other words, I doubt this is a problem with your >local configuration.) As listmaster i can confirm that it is a big problem to deliver Mails to gmail/outlook/yahoo. Yahoo Subscribers are mostly gone by now because they bounced a lot, for gmail it is so much that we just ignore bounces because of those rules. If you decide to handle your mails to be curated by someone else you have to live with an incomplete mailbox. | helgefjell.de descriptive text "v=spf1 ip4:142.132.201.35 mx ~all" so you flagged your mail has to come from that IP (or the MX) and from other sources it should be considered suspicious. Thats the result. SRS/ARC and so on are just dirty patches that try to fix things that were broken before, but they will break even more things like Mail signing. As long as we have this Oligopol that doesn't care about what they send out (i.e. Spamfloods through Outlook) things will only get worse. Cord
Re: shutting down httpredir.debian.org?
Hallo! Du (Peter Palfrader) hast geschrieben: >> Will you make httpredir point to a normal mirror so as not to break >> systems relying on it? (Or even to the geolocalized DNS entries if we >> still have that) >> >> If yes, then it's certainly a sensible thing to do. > >I agree that breaking existing uses (of at least /debian) should be >avoided, and that, therefore, pointing it to some working system would >be the way to go. Many of our pages mention httpredir as prefered service https://wiki.debian.org/SourcesList https://www.debian.org/mirror/list https://www.debian.org/mirror/ https://wiki.debian.org/DebianGeoMirror so if this announcement https://lists.debian.org/debian-devel-announce/2015/05/msg3.html isn't correct anymore, there should be made a new one. Cord
Listmaster Sprint at DebCamp 2015
The Debian Listmaster team is planning a sprint during DebCamp in Heidelberg this year. Goal is to work intensly on different things regarding the Debian Mailinglists: (Brainstorm ahead) DKIM/DMARC Search Discuss: make bendel DD accessable (harden lists.d.o)? prepare slides for DC15 BoF? Moderation/Banning/etc? Listarchives // Spamremoval Switching to git sigcheck? (PGP-Mime signing) and get some new people on board. if you are interested in getting a listmaster please contact us. You can contact us at listmas...@lists.debian.org Wiki: https://wiki.debian.org/Sprints/2015/ListMaster Looking forward to Heidelberg, Cord for the Listmaster Team -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150323093215.gn9...@wunder-nett.org
Re: PATCH for spamass-milter to solve Debian list spam->bounce issue (Was:- Spamming the World through Open Debian Mailinglists....)
Hallo! Du (Michelle Konzack) hast geschrieben: >> yes. we do that already. see >> http://alioth.debian.org/projects/pkg-listmaster/ which represents our >> running Amavis/SA-setup. > >For three seconds I was on the link above, but there is nothing visibel. >I was looking in the CVS... Checked the Mailinglists... :-/ svn://svn.alioth.debian.org/svn/pkg-listmaster >(Wo bekommet man das Script oben rechts für die VORRATSDATENSPEICHERUNG?) http://wiki.vorratsdatenspeicherung.de/Online-Demo >> I also understood that people want to have information about how many >> bounces we counted for them. I'm just thinking about how to implement >> that and will include that in the bounce-warning-message. this is now implemented. I hope this helps. Cord -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: PATCH for spamass-milter to solve Debian list spam->bounce issue (Was:- Spamming the World through Open Debian Mailinglists....)
Hallo! Du (Michelle Konzack) hast geschrieben: >In how many languages do you receive messages? > >I get german, english, french, spanish, portugues, arabic, turkish and >persian messages > >Some times I get korean and chinese to because I have business contacts >there. > >Tried to educate "spamassassin" for this kind of languages? yes. we do that already. see http://alioth.debian.org/projects/pkg-listmaster/ which represents our running Amavis/SA-setup. >> They are not set high enough apparently, otherwise I would not get >> unsubscribed. See your archives, then you can easily count the number of >> spams and the amount. > >I think the threshold is at 5 bounces and then you have to confirm a >message that the message was rejected in accident... No. please don't speculate about things. This only confuses people. I tried to describe the kick-policy at http://cord.de/blog/index.php?entry=entry080126-001137 I also understood that people want to have information about how many bounces we counted for them. I'm just thinking about how to implement that and will include that in the bounce-warning-message. Cord -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: Spamming the World through Open Debian Mailinglists (Re: lists.debian.org has received bounces from you)
Hallo! Du (Jeroen Massar) hast geschrieben: [ JUst two corrections ] > You claim the mailbox does 50k mails per day, and 2500 spams make it > through the filters (cool that you know that btw, if you know it is > spam, why don't you filter them?) Now, multiply that 2500 times the > number of subscribers, and tada you can calculate how many spam you are > sending, I bet it is more than the original 50k. the 2500 mails/day that pass our filters contain about 1-2% spam (that can be a higher percentage on low-traffic lists) > And yes, my SMTP server and those of a lot of other people will > CORRECTLY refuse to accept mail classified as spam and correctly give a > 500 SMTP error code as the server will refuse to deliver it. according to RfC2822 Chapter 3.3 blocking because of Content is discouraged. Yours, Cord, Debian Listmaster of the day -- http://lists.debian.org -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: remove my post from 2001
Hallo! Du (Charles Plessy) hast geschrieben: >Does that mean that the listmasters will really remove his posts if he manages >to do what you told him? If not, we should better not make advices that sound >like promises. > >Also I would like to recommend to not increase the page rank of messages >requested for removal by not quoting their full web address??? this is what we send to such requests: - The Debian-Listarchives-Policy is to NOT remove or alter any postings if they are published. Even if we would, it wouldn't help, as our lists are archived elsewhere, so once an email has been accepted it is out in the wild with its entire content and addresses and theres no way to get it back. The one exception to this rule is, when the posting is clearly spam. In that case press the 'Report as spam' button at the top of the page to nominate the posting for reviewing. Please see http://www.debian.org/MailingLists/#disclaimer, http://www.debian.org/MailingLists/disclaimer and http://wiki.debian.org/Teams/ListMaster/ListArchiveSpam for more information [EMAIL PROTECTED]:~$ cat debian-listarchives The Debian-Listarchives-Policy is to NOT remove or alter any postings if they are published. Even if we would, it wouldn't help, as our lists are archived elsewhere, so once an email has been accepted it is out in the wild with its entire content and addresses and theres no way to get it back. The one exception to this rule is, when the posting is clearly spam. In that case press the 'Report as spam' button at the top of the page to nominate the posting for reviewing. Please see http://www.debian.org/MailingLists/#disclaimer, http://www.debian.org/MailingLists/disclaimer and http://wiki.debian.org/Teams/ListMaster/ListArchiveSpam for more information - Cord -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Spam in mail archive
Hallo! Du (Javier Fernández-Sanguino Peña) hast geschrieben: >If there any concerns from listmasters related to this patch I would really >like to hear them and would try to give a hand to make these improvements get >used in our web archives. http://lists.debian.org/debian-devel-announce/2007/07/msg00011.html Especially the listarchive-part is currently nearly without manpower. Cord -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Ban on svenl established.
Hi. I'm sad to make this announcement, but i see no other way to stop the flood of mails on debian-project. I just setup a filter which stops the mails from Sven Luther to get to d-project. This block may be enhanced if we encounter more abusive behaviour on other lists, but i hope that this isn't nessecary. Running discussions should be taken to private mail, if someone has a suggestion to handle this better, we are open to hear it. Please note that this decision hasn't been made because of the points svenl is trying to make, the complaints that have reached us mainly talk about the sheer number of Mails from Sven and his opponents, so we took this measure to stop the flood. I hope we can lift this ban in a few days, when the involved people have calmed down. Yours, Cord, Debian Listmaster of the day -- http://lists.debian.org -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
usable console jabber-clients? (was: irc.debian.org)
Hallo! Du (Paul Johnson) hast geschrieben: >All the concole Jabber clients I've come across suit me fine. I can't program >for a variable that I can't perceive. Name them please, maybe i missed them. Cord -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: irc.debian.org
Hallo! Du (Paul Johnson) hast geschrieben: >> Jabber doesn't have any useable non-graphic Clients. > >So write one or grab one of the existing ones and make it not suck. sorry. out of skills. (beside that that would be on my todo-list the point behind 'rewriting nn') Btw, there was an irssi-plugin for jabber, but that didn't implement groupchat, and it looks like the development has been discontinued. bts#188465 >> for the usual one >> to one communication it might be ok, but for groupchat (and thats what >> most people do on IRC it simply sucks. >By design, IRC encourages people to do truly obnoxious things, like spamming >the channel to announce they're going away, or indicating their status with >nicknames (which also spams the channel). You also get spammed on IRC >whenever someone joins or leaves a channel. Jabber prevents this by >providing a real presence system. Jabber provides all the same "modes" IRC >does in group chat, except bans actually work because they're not stupidly >tied to some arbitrary netmask. Nicknames changes, joins and parts aren't >spammed to the channel unless your client adds them in for you (but changes >are still reflected in the listing of who is in the chat). Jabber networks >don't go on begging sprees for funding. OFTC will invariably spam you like >every other IRC network since the dawn of time the first moment they get more >than a few users. You don't need to tell me what jabber is. I deployed and run it on our company-network, to get cow-orkers away from Yahoo/AIM/MSN/... IM-Services, so internal information has a better chance to be internal ;-) My experience is that there isn't a useable Textual Client (there are a few, but they don't have groupchat implemented), and the graphical ones (GAIM, PSI) implement some things but are not complete. So with psi it isn't possible to configure Groupchat, Gaim can't discover Services, and if you are Operator of the thing, you need tkabber, which falls short on some other nice-to-haves (iirc it crashes after some time). (as a footnote, my irssi-client usually has nearly the same uptime as the box it runs on.) So, until there isn't a stable and complete free-as-in-speech client-implementation jabber isn't ready to provide the recommended online way to get help for Debian. >IRC was a good early effort, but 20 years have passed and IRC is still plagued >by the same problems it started with and shows no signs of improvement over >time, just like Windows. Isn't it time the world moved on already? the world won't. (and Windows is still there, even if The Hurd would be released before Vista) So you want us to moving on to something that is worse than the current (yes, 20 year old) technology, only because it is old? Maybe it simply provides all that is needed? If it wouldn't people really moved on as some did, for example on the Webserver-Sector. (btw: did you notice that http and smtp is already over 10 years old. Time to replace it?). personally, i would prefer Psyc (http://psyc.pages.de) as the successor of irc. at least because it provides a functional irc-client-interface (and jabber, and web, and) and brings the good things of IRC and Jabber (and some more IM-thingies) together. Sadly there's only one free-as-in-beer server yet (you are not allowed to use the underlying ldmud for commercial things) Cord -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: irc.debian.org
Hallo! Du (Paul Johnson) hast geschrieben: >On Sunday 30 April 2006 11:34, Steve McIntyre wrote: >> I've heard it suggested by a variety of people that we should move the >> official irc.debian.org alias away from freenode to oftc. I can see >> that more and more of my own Debian IRC discussions are on oftc, to >> the extent that I'm (currently) not on any freenode channels at >> all. I strongly second to move to OFTC. why? lilo spammed me some years ago to get some funding for freenode (which ment in that case that he wanted to be paid for running freenode), so i decided to not use it. Nothing against funding, and adding notes to websites and motds, but getting a daily wallop was annoying. >Why not move it to Jabber? More people use and know what Jabber is these days >than IRC. Jabber doesn't have any useable non-graphic Clients. for the usual one to one communication it might be ok, but for groupchat (and thats what most people do on IRC it simply sucks. Cord -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: uol.com.br and petsupermarket
Hallo! Du (Henning Makholm) hast geschrieben: >Out of curiosity, how did the probe emails some time ago manage to >*not* locate the subscriber address that generates the bounces? None >of them bounced? correct, i got exactly one response to the personalized probe i sent out, and that was a windows-worm, which sent to the adress which maps to the mail2news-gw at bofh.it. no petsupermarket. Cord -- BOFH excuse #36: dynamic software linking table corrupted -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: mailbox clogging, need daily "digests" of the list
Hallo! Du (Madana Prathap) hast geschrieben: >How come only a few lists (like -devel, & -users) are offering digest-mode >(on the web interface) ? The others (like -project, -release, -amd64, etc) >offer plain subscribe/unsubscribe - I see no way of getting digests. >AFAIK, the recent versions of mailman (the mailing list manager) offers >digests as an option when subscribing from the web itself. What I want to >know is how to modify my existing subscription for all these lists, to >receive daily digests instead of individual mails. We only run digests on those lists you see. You can't have digests for the other lists mentioned. (and we don't run mailman) Yours, Cord, Debian Listmaster of the day -- http://lists.debian.org signature.asc Description: Digital signature
Re: [Fwd: Problems contacting the debian people .... (was: new configuration to avoid spam at the lists)]
Hallo! Du (Adrian von Bidder) hast geschrieben:
>> Would a Debian Enquiry Response Team help?
>
>Yes, imho it could help - I could imagine offering myself to sort out sort
>out simple inquiries (point people to mailing lists or point out that our
>policy/current SOP doesn't include doing whatever the person might want)
>from requests that really require attention of a listmaster, for example.
>Would this take some noticeable load off the listmasters, or just would it
>just cause additional delay unitl listmasters see the real requests?
as we are currently two people that do the work (and i guess Pasc also
has a life) the simple requests that i answer with readymade texts
('no, we don't delete Mails after they passed our filters', 'please
answer the unsub-confirmation to get off the list') that could be of
some help.
>mails that
>I think some way for me to flag that listmaster attention is needed/is not
>needed for a specific request and some (vaguely) defined way of who takes
>care of requests when I don't answer a mail within some time would be the
>only prerequisites. With some common sense, a modern threading mailreader
>and cc:ing the listmaster address back on all replies with edited Subject
>lines), I think this could be done 99% - no complicated set up necessary.
The question is: which emails should go through the listmasters? What
knowledge does one need to decide this accuratly? sometimes some spam
bounces are important, or a block of unsuccessful unsub-requests. If
that is filtered out maybe some information is missing that the
'real'-listmasters would need to diagnose that there is a problem
somewhere.
>alternative: use a ticketing system (should probably only accessible to
>listmasters or at least only to DDs). But that would need some set up, and
>besides I haven't seen a ticketing system that satisfied me yet.
>
>Before I commit myself to this: how much traffic are we looking at?
690 went through the first line of defense on murphy and weren't
dropped by clamav here yesterday. today those were 835 up to now.
From those two days 140 made it through my filters. As I check the
junk filtered out sometimes i think that about 10 real false positives
are sorted out. (false positive doesn't mean real requests here, just
mails that could be of some interest for the listmasters, bounces,
autoresponders and challenge-response-requests).
So, my personal opinion is: you need listmaster knowledge to accuratly
decide which mails are important and which are not. If we find two
more people that qualify to do that, don't burnout them on a
listmaster-secretary desk, just add them to the listmaster-team. (The 'easy'
requests noted above are only 5-20 Mails/week, not a problem.) THat
would lower the possibility that all listmasters are dealing at the
same time with issues from another world.
Cord (also with the 'listmasters are people too'-badge)
--
BOFH excuse #171:
NOTICE: alloc: /dev/null: filesystem full
signature.asc
Description: Digital signature
Re: irc.debian.org
Hallo! Du (Andrew Suffield) hast geschrieben: >On Sat, Aug 17, 2002 at 02:54:08PM +0200, Cord Beermann wrote: >> (freenode-people: the in my opinion acceptable way to collect funds >> and something, would be to write it in the motd of your servers. It >> would be ok to enforce showing the motd on login to your net.) > >It is completely and utterly impossible to "enforce" showing >anything. The client decides what to display. correct. but OPN doesn't seem to send the motd on connect. However: an even better (to my opinion) method to notify every user about fundraising would be to use the MemoServ. Each user would be notified ONCE, and not two times a day. The first decision to make (or not) is if Debian should continue to point irc.debian.org to OPN. When there is consesus about moving away, there should be the discussion where to point to. Cord -- Cord Beermann [EMAIL PROTECTED] (Privat)
Re: irc.debian.org
Hallo! Du (Josip Rodin) hast geschrieben: >The arguments are pretty much laid out, so I'll leave the thread over the >weekend so that the people who are catching up can voice their opinions, so >that we get a better sample. As long as OPN^Wfreenode tries to collects its funds (or a job for someone) on the way they do currently, my voice would be to point irc.debian.org to another Network. (freenode-people: the in my opinion acceptable way to collect funds and something, would be to write it in the motd of your servers. It would be ok to enforce showing the motd on login to your net.) Cord -- Cord Beermann [EMAIL PROTECTED] (Privat) pgpIkMBQzsVfu.pgp Description: PGP signature
Re: RFC: Changing the NM system
Hallo! Du (Adrian Bunk) hast geschrieben: >No, I don't intend to change this. My point is: Someone who has a Debian >account can do much harm (intentional or accidential). That's a reason why >I think we should have a severe look at the work of an applicant before he >gets an account. I think that it's also important to look that the existing Debian-Maintainers (no matter how they got into the official part of the project) do the work that is now expected from the NMs. When i look into the BTS, i see a lot of bugs, that are somehow fixed, but not closed, or bugs where no one has touched them for years. (not even 'wontfix' or 'moreinfo' -actions.) It's wrong to let NM run through a long procedure, and on the other side old maintainers disappear (or stop working on their Package) and nobody cares. Cord
