Re: Challenge-response mail filters considered harmful (was Re:Look at
On Thu, 7 Aug 2003 04:05:17 -0700 Paul Johnson [EMAIL PROTECTED] wrote: On Wed, Aug 06, 2003 at 06:28:03PM -0500, Scott C. Linnenbringer wrote: The USENET is a different story, and I'm willing to bet that he's not aware of munging policies of mailing lists vs. the USENET. But they're the same: It's equally unacceptable both places, just more clueless morons on Usenet. Uh, no, they're not the same. In a mailing list if someone munges they don't get mail and might cause accidental bounces. In usenet, no bounces are possible unless someone else is being clueless. I munge, quite legitimately I might add. -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. |-- Lenny Nero - Strange Days ---+- pgp0.pgp Description: PGP signature
Re: Challenge-response mail filters considered harmful (was Re:Look at
On Thu, 7 Aug 2003 23:07:57 -0700 Paul Johnson [EMAIL PROTECTED] wrote: It was one of the last straws that made me to start serving myself. I signed up for Yahoo and they sold me up the river. Now I'm not so concerned about it because I have better methods and report. We'll just have to chalk it up to our experiences being different. This just in, literally (rassa-fassa, found out my exim block on that domain is gone since I upgraded to exim4), from DailyInbox.com: You are subscribed with e-mail address: [EMAIL PROTECTED] Guess what address is only used on the newsgroups. -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. |-- Lenny Nero - Strange Days ---+- pgp0.pgp Description: PGP signature
Re: Challenge-response mail filters considered harmful (was Re:Look at
On Wed, 06 Aug 2003 17:47:02 -0500, Alan Shutko [EMAIL PROTECTED] wrote: Scott C. Linnenbringer [EMAIL PROTECTED] writes: By using an invalid email address in your headers with a valid domain, the site's mx is picking up the weight of spam, even though you are not. I think eskimo.com's mail system is actually slightly broken, and that Alan Connor isn't posting mail as if from eskimo.com. I looked at my copy of the parent post, and here's the headers Old-Return-Path: [EMAIL PROTECTED] From: Alan Connor [EMAIL PROTECTED] I think eskimo.com is rewriting that localhost into eskimo.com. So it isn't actually getting any extra load from Alan Connor... it's just slightly damaging the mail. (Which doesn't strike me as a large bug, since he shouldn't be posting with that address, anyway. Why people think that a fake From: but a valid Reply-To: is any use is beyond me.) Oh, you're right. Now that I examine the headers even further, it turns out that Eskimo is rewriting the address. But anyways, a valid, routable email address should always be used in mailing lists anyways. That's just proper netiquette, something that Alan Connor didn't hesitate to throw at us regarding PGP/GPG signatures. The USENET is a different story, and I'm willing to bet that he's not aware of munging policies of mailing lists vs. the USENET. -- Scott Christopher Linnenbringer [EMAIL PROTECTED] http://www.eskimo.com/~sl/info.txt [EMAIL PROTECTED] pgp0.pgp Description: PGP signature
Re: Challenge-response mail filters considered harmful (was Re:Look at
On Thu, 7 Aug 2003 22:33:58 -0700 Paul Johnson [EMAIL PROTECTED] wrote: However, it generates less spam than signing up for Yahoo, even when used over years. How can you be so sure? -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. |-- Lenny Nero - Strange Days ---+- pgp0.pgp Description: PGP signature
Re: Challenge-response mail filters considered harmful (was Re:Look at
On Wed, 6 Aug 2003 09:10:03 -0700, Alan Connor [EMAIL PROTECTED] wrote: I hate to have to do this, but I own an apology to Paul Johnson. (Having received a mail from a list member with an example of a false CR. Talk about FAST.) For all that you do in trying to fight the spam problem, I find it ironic that you yourself are contributing to the problem through your mail headers. You're grossly violating your own netiquette that you previously preached to us regarding PGP/GPG signatures. [EMAIL PROTECTED] is not a valid email address. I have verified by checking with the eskimo.com mx server, fingering that username and checking if you have a home directory on eskimo.com's shell. eskimo.com is, however, a valid site whose mx is processing all the mail, including spam from harvesters, and then bouncing them. By using an invalid email address in your headers with a valid domain, the site's mx is picking up the weight of spam, even though you are not. As a paying customer of eskimo.com, I feel that you should carefully reconsider how you post to these mailing lists. Robert Dinse at eskimo has a hell of a time fighting spam, as any admin at any site, and I do not appreciate you causing him to receive more spam which the mx has to bounce. (normally I would care less, but I feel more inclined to care in a situation like this.) -- Scott Christopher Linnenbringer [EMAIL PROTECTED] http://www.eskimo.com/~sl/info.txt [EMAIL PROTECTED] pgp0.pgp Description: PGP signature
Re: Challenge-response mail filters considered harmful (was Re:Look at
It seems that Mr. Connor never paid attention to Sesame St. when the Count was on. On Wed, 6 Aug 2003 08:54:03 -0700 Alan Connor [EMAIL PROTECTED] wrote: = 1. First level of quoting. From [EMAIL PROTECTED] Wed Aug 6 08:41:46 2003 ^^^ = 2. second level of quoting. On Tue, Aug 05, 2003 at 10:57:21PM -0700, Paul Johnson wrote: ^ = 3. Third level of quoting. -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Aug 05, 2003 at 09:55:11AM +0200, David Fokkema wrote: = 4. Fourth level of quoting. Agreed. Although the 'very high' depends on the willingness of people to answer challenges. I won't respond to TMDA challenges anymore. Some spammers actually send out TMDA-like messages to get your email address, adding to the reasons why TMDA is inconsiderate at best to other users. ^ ^ ^ = 3. 3rd level of quoting, hence it was written by Paul Johnson. Hmmm... very inconvenient. Of course, if it would _really_ have been TMDA, you would have your own original mail attached to it. It now seems that filtering is the _only_ solution, ;-) ^ ^ = 2. 2nd level of quoting. Written by David Fokkema. David Big hint. Ah! Another member of the anti-CR crowd One second you are screaming that CR's are wasting bandwidth and cluttering up the internet, and the next you are complaining because they don't include the original message, which as anyone knows, with spam, can be hundreds of kb's long. First off, you're responding to two different people as if they were one. Secondly David Fokkema has been on the pro-C-R side of the fence. I do not recall him ever complaining about bandwidth (unlike one Mr. Connor who complains about PGP signatures taking up bandwidth). Third David here was pointing out what TMDA does do, not making a complaint about it. The CR's from MSP have Re: the_subject_of_the_original_message on the subject line. As do the CRs from ANY well-designed system. Which MSP is not thanks to the numerous holes that have been pointed out here. Does that bullet-hole in your foot hurt? No. Does the boot up your posterior smart? -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. |-- Lenny Nero - Strange Days ---+- pgp0.pgp Description: PGP signature
Re: Challenge-response mail filters considered harmful (was Re:Look at
On Thu, 7 Aug 2003 21:05:10 -0700 Paul Johnson [EMAIL PROTECTED] wrote: USENET was designed as a replacement to listservs. Given the origin, lost functionality, and it's about as effective as C-R for reducing spam, munging is considered harmful. No functionality is lost, I get protection from spam, verification that they have harvested spam and the fact that it harms no one, sorry, ain't changing my tune. http://www.interhack.net/pubs/munging-harmful/ Let's go through the list: Spammers Do Not See Bounces Yeah, and? Not why I munge. I'm not the one who is effectively causing a DoS. Violating Standards The standards upon which Usenet is built, that is, the specification for the system's operation, requires that the poster use a legitimate email address. The address I use is legitimate. It just also happens to be an address that I have configured *my* machine to ignore. More Hassle for Innocent Third Parties Those who manage the systems whose addresses have been forged or whose hosts have been used for relaying will need to deal with even more bounces than usual. Which is a repeat of the above. Not my problem as I am not the one who initiated the DoS. Additional Hassle for You In addition, you will have some hassle trying to juggle your munged and non-munged addresses, trying to remember which to use for each occasion, and having to set it back and forth. No extra hassle, it is essentially the same address. There Is No Silver Bullet Even someone who perfectly manages their munged addresses will receive spam at some point. Yes, but that doesn't mean that the tool should be ignored. SpamAssassin is defeated every now and again. Does that mean we should drop it? Nope. Rather than spending that precious energy trying in vain to protect your address, why not invest that energy into learning how to use effective tools for complaining about net abuse, thereby actually working to solve the problem (by making spam less effective) rather than just closing your eyes to it? Or how about use all the tools available. Hell, it didn't even list some other problems. For example: - Munging to a 'fake' machine causes problems if that machine is real. I munge right back to my own machine which handles my DNS queries and Mail queries. No additional work has been made for other machines, only my own. Can munging be harmful? Oh, you bet'cha. Done right, it helps. -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. |-- Lenny Nero - Strange Days ---+- pgp0.pgp Description: PGP signature
Re: Challenge-response mail filters considered harmful (was Re:Look at
On Thu, 7 Aug 2003 22:33:06 -0700 Paul Johnson [EMAIL PROTECTED] wrote: You don't get protection from spam. If humans can decode it, so can the spammers. If humans can't decode it, you're voiding functionality needlessly. That's just it, while a human *can* decode it a harvester cannot. It is a valid address. Furthermore if you think a human is going to scan the address list to pick out/decode the addresses then, uh, whatever. But supposing a human did it would be passed over since it is a valid address, looks like a valid address at a passing glance and without context would NOT be caught as a munged address. Additional Hassle for You In addition, you will have some hassle trying to juggle your munged and non-munged addresses, trying to remember which to use for each occasion, and having to set it back and forth. No extra hassle, it is essentially the same address. If you hit reply and have to change the address, that's needless hassle. No extra hassle... FOR ME. I don't have to remember which address to use in what situation. The above passage was about *me*, the poster, having to remember to munge or not to munge. Yes, but that doesn't mean that the tool should be ignored. Yes, I agree. Munging isn't a tool as much as it's garbage, however. It is a tool if used properly. Come now, haven't you heard of the most famous of munged addresses? They have a term for it. It's called a honey-pot. However, what you are doing is not munging. You just have an extra mailbox for crap that you (hopefully) check before reporting and deleting. No, it isn't an extra mailbox and no, I don't check it. It is a different subdomain which exim is configured to reject outright. Like I said, essentially the same address, it is valid, all the work is done on my machine, doesn't look like it is munged to a cursory human glance. -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. |-- Lenny Nero - Strange Days ---+- pgp0.pgp Description: PGP signature
Re: Challenge-response mail filters considered harmful (was Re:Look at
On Thu, 7 Aug 2003 04:10:05 -0700 Paul Johnson [EMAIL PROTECTED] wrote: I did an experiment by posting a temporary account in the From header in a bunch of different fairly high-traffic, high-spam groups as well as the ones I regular. Six months later when I remembered I had started that little experiment, the box was still empty. This doesn't jive with my experience. I munge with a legal address and just ignore that address. I get tons of spam to it a day and the only place I ever use it has been one, maybe 2 newsgroups. -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. |-- Lenny Nero - Strange Days ---+- pgp0.pgp Description: PGP signature
Re: Challenge-response mail filters considered harmful (was Re:Look at
Scott C. Linnenbringer [EMAIL PROTECTED] writes: Munging has always traditionally been okay in news. Not to many people, including myself. -- Alan Shutko [EMAIL PROTECTED] - I am the rocks. Show up at the funeral services in a clown suit. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Challenge-response mail filters considered harmful (was Re:Look at
On Thu, 7 Aug 2003 21:05:46 -0700 Paul Johnson [EMAIL PROTECTED] wrote: I'm sorry, I think I missed it. Why aren't you reporting? What makes you think I'm not? I'm pointing out that the assertion that addresses posted to newsgroups are not harvested is false. I use an address ONLY on the newsgroups and I have seen in my logs spam trying to get to that address. A non-trivial amount, I might add. That has no bearing at all on me reporting or not. -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. |-- Lenny Nero - Strange Days ---+- pgp0.pgp Description: PGP signature
Re: Challenge-response mail filters considered harmful (was Re:Look at
At 2003-08-06T22:10:13Z, Scott C. Linnenbringer [EMAIL PROTECTED] writes: [EMAIL PROTECTED] is not a valid email address. Neither is [EMAIL PROTECTED], which is how it appears on my system. Or [EMAIL PROTECTED] for everyone else. -- Kirk Strauser pgp0.pgp Description: PGP signature
Re: Challenge-response mail filters considered harmful (was Re:Look at
Scott C. Linnenbringer [EMAIL PROTECTED] writes: By using an invalid email address in your headers with a valid domain, the site's mx is picking up the weight of spam, even though you are not. I think eskimo.com's mail system is actually slightly broken, and that Alan Connor isn't posting mail as if from eskimo.com. I looked at my copy of the parent post, and here's the headers Old-Return-Path: [EMAIL PROTECTED] From: Alan Connor [EMAIL PROTECTED] I think eskimo.com is rewriting that localhost into eskimo.com. So it isn't actually getting any extra load from Alan Connor... it's just slightly damaging the mail. (Which doesn't strike me as a large bug, since he shouldn't be posting with that address, anyway. Why people think that a fake From: but a valid Reply-To: is any use is beyond me.) -- Alan Shutko [EMAIL PROTECTED] - I am the rocks. That unit is defective. Nomad on Uhura -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Challenge-response mail filters considered harmful (was Re:Look at
On Thu, 7 Aug 2003 00:51:33 +0100, Colin Watson [EMAIL PROTECTED] wrote: On Wed, Aug 06, 2003 at 05:47:02PM -0500, Alan Shutko wrote: I think eskimo.com is rewriting that localhost into eskimo.com. So it isn't actually getting any extra load from Alan Connor... it's just slightly damaging the mail. (Which doesn't strike me as a large bug, since he shouldn't be posting with that address, anyway. Why people think that a fake From: but a valid Reply-To: is any use is beyond me.) It's arguably a useful (if rude) tactic in news, since, I hypothesize, it's much faster for spammers to harvest From: addresses because they're usually in the overview file while Reply-To: is not. That makes it a matter of downloading an index versus downloading every article. That argument doesn't apply to e-mail, though. Munging has always traditionally been okay in news. Typically, one would munge his or her email address as [EMAIL PROTECTED], in a form which makes it stand-out as being munged slightly easier. On the USENET, too, correspondence is always done in the newsgroup. Often times people carbon copy messages in mailing lists, especially when a person does not wish to subscribe to the mailing list. In news, carbon copying messages and requesting it is generally considered unethical, so munging is not so frowned upon. -- Scott Christopher Linnenbringer [EMAIL PROTECTED] http://www.eskimo.com/~sl/info.txt [EMAIL PROTECTED] pgp0.pgp Description: PGP signature