Re: Hello. Is anyone there?
On Tue, Jul 08, 2003 at 06:43:53PM -0400, Steven W. Orr wrote: > On Tuesday, Jul 8th 2003 at 16:51 -0400, quoth Jeff Kinz: > =>So RBL problem #1: RBL doesn't stop the smartest spammers so you will > => have to filter on content no matter what you do. > > We're in 100% agreement. That's why I use my RBLs, *plus* other traps and > filters from inside sendmail *plus* the latest version of spamassassin. > The amount of spam that actually makes it through is *very* low. But the > amount that has to be processed by spamassassin is very low to begin with. Spamassasin is extremely slow. (it does pattern matching among other things). Bayesian filtering has been shown to be many times faster. Drop Spamassasin and replace it with Bogofilter. Then drop your RBL filtering and you won't have to worry about the false positives Further you won't have scrutinize a huge stream of possible SPAM to make sure that there are no false positives in it. Something you've just indicated your going to start doing everyday. Whee - What fun! Oh - wait - you've just given yourself the job of being a spam filter! > Some RBLs are better than others. This episode underscored a change that I > will be making to my daily reject analyser to make it more obvious to me > what domains were rejected. Congratulations on your new position! :-) > =>RBL problem #2: RBL incorrectly rejects large amounts of non-spam. > => > =>RBL problem #3: Any possible notice about false positive (see #2), will > =>be completely buried in the mass of true-positive > =>notices and not be noticed. RBL problem #4: Some RBL list keepers do not update their lists or have extremely stringent requirements for getting taken off the their list. > > Ah, but they all *do* respond to people fixing their problems. Otherwise > they would all run out of disk space. :-) Seriously, I've never heard of > an RBL that won't take someone off their list if the problems get > corrected. I think there was one but they're gone now. Ah- some do-ish, some don't-ish. No system is perfect and when an RBL isn't perfect (and none of them are), innocent people get their mail rejected. This causes serious hardship in some cases! Its a Bad Thing(TM). Its also the most frequently heard complaint about RBL's (This is my impression only, not a published fact that I'm aware of, after all who's counting? :-) ) > Not sure I agree on this one. Apparently this addres *was* ligitimately > tagged and never made any effort before to be taken off. This is the first > we've heard f it. Sounds like easynet didn't do anything wrong. Did they notify the owners of the site that they were being put on a blacklist? If you're going to run a "McCarthy style blacklisting operation" you should at least have the guts to tell each victim that you are putting them on the list. Clearly no one at GNHLUG was aware that they were somehow being blacklisted. If your going to claim that the RBL owners would get too much grief from people if they actually notified folks they were being blacklisted then I would have to say that running an RBL should require a substantial amount of fortitude. A group or person without the courage to stand up and defend the principles that they are operating a blacklist under is not the kind of person(s) that should be in charge of such an effort. It degenerates into a revenge list or falls prey to other vices. > > =>For Non-ISP's, using RBL's will ultimately do more harm than good. > =>(False positives causing missed email) > =>(ISP's aren't harmed when they block their customer's real email as spam > =>so they can use an RBL without fear. Most of them will not lose enough > =>customers for it to ever be a problem, unfortunately.) > > No. The amount of mail that I get vs the false positives I've had are so > incredibly disproportionate as to not even allow me to consider changing > what I have going currently. Are you an ISP? Wouldn't No SPAM and NO false positives be even better? > > The spamassassin builtin bayesian seems to be doing a noticably better job > than previous versions. OK, the new Spamassasin does better than the old one. Try a well trained Bayesian solution. (SA don't cut it... yet.. and when it does all the other stuff SA does will become necessary, just slowing things down terribly like it does now.) > But my experience is that I do better with my > sendmail tricks (which you can see at > http://steveo.syslang.net/sendmail.mc) in conjunction with spamassassin > than I do with just spamassassin. And spamassassin does a lot more than > just simple bayesian filtering. > > =>(http://bogofilter.sourceforge.net/bogofilter-faq.html) > > =>I really really want to urge everyone who hasn't tried it yet to take a > =>look at the Bastian based spam-faltering solutions. It is really the > =>best solution. > > Definitely a good blade on the swiss army knive of mail tricks. :-) Bayesian
Re: Hello. Is anyone there?
On Tuesday, Jul 8th 2003 at 16:51 -0400, quoth Jeff Kinz: =>On Tue, Jul 08, 2003 at 01:38:20PM -0400, Steven W. Orr wrote: =>> Lots of interesting commentary here. => Thanks! :-) =>> =>> * Why do I use RBL's in the 1st place? Because I would much rather reject =>> mail before it's received than after. If I filter it out after then they =>> know that I have accepted it. => =>Unfortunately top shelf spammers (an absurd concept!) will not be =>stopped by RBL's since they just change accounts every few hours and use =>automated tools to pump those accounts to the max of their limited =>transmission capability. (Try sending out an email to 100 people =>if you're a comcast subscriber!) By using multiple parallel accounts =>they achieve large transmission rates from non-RBL'ed sites. => =>So RBL problem #1: RBL doesn't stop the smartest spammers so you will => have to filter on content no matter what you do. We're in 100% agreement. That's why I use my RBLs, *plus* other traps and filters from inside sendmail *plus* the latest version of spamassassin. The amount of spam that actually makes it through is *very* low. But the amount that has to be processed by spamassassin is very low to begin with. Also, the time that it takes for an address to get into lots of the RBL is generally pretty low. => =>> =>> * Derek Martin said that you have no way of knowing if you've missed =>> important mail. Not true: I get a report every morning showing what =>> senders were rejected. (I just wasn't paying attention.) => =>Right - which means the RBL technique is failure-prone whenever people =>are part of it. No one pays attention to something they see all the =>time. So its always going to fail. => =>RBL problem #2: RBL incorrectly rejects large amounts of non-spam. => =>RBL problem #3: Any possible notice about false positive (see #2), will =>be completely buried in the mass of true-positive => notices and not be noticed. Some RBLs are better than others. This episode underscored a change that I will be making to my daily reject analyser to make it more obvious to me what domains were rejected. =>> =>> * Jeff Kinz says it's not important to make sure that you are accepted by =>> all RBLs. => =>This is a mis-quote or a complete fabrication of what I said. In the =>future please actually quote what I said so it can't be mis-interpreted =>unless I write it badly, OK? :-) Thanks. (There's a fair chance I'll =>write it poorly anyway.. :-) => =>What I said was (and I'll quote it:) =>>On Tue, Jul 08, 2003 at 12:29:08PM -0400, Steven W. Orr wrote: =>>> But I really do think that it's somewhat important to find out why easynet =>>> thinks that gnhlug.org is a spammer? =>> =>>No, its not important to do that because there will always be another =>>RBL list somewhere which is also broken, especially since RBL's are =>>proliferating at an increasing rate. => =>So I'm saying that its not that important to correct RBL's which have =>bad information because so many do. (see more on this below). Why =>waste your life yelling at people who aren't going to change your =>listing in their RBL anyway? Ah, but they all *do* respond to people fixing their problems. Otherwise they would all run out of disk space. :-) Seriously, I've never heard of an RBL that won't take someone off their list if the problems get corrected. I think there was one but they're gone now. => =>> I totally disagree on this one. You don't have to be accepted by =>> an RBL but you should at least know why they are rejecting you and to =>> have at least made the effort to try to clear up the conflict. Like I =>> mentioned earlier, some RBLs base themselves on vastly different criteria. =>> Some criteria are acceptable and some are not (to me). For example, I =>> mentioned one RBL that rejects all clients of uunet. Another rejects all =>> dynamic ip addresses. You have to decide what sets are right for you. => =>Clearly the RBL's which list all of uunet and all dynamic IPs have more =>bad information than they have good information about Spam sources. => =>As Bruce Dawson pointed out today: =>>The problem is that easynet.nl (and a number of others) DO NOT remove =>>addresses from their lists - regardless of the number or type of requests. =>>And a number of others do not validate the requests to list spamming =>>addresses. => =>>So, if your system is coopted by a spam worm, then your system is dead as =>>far as these RBLs and internet mail is concerned. Even if you use virus =>>protection. Even if you get rid of the open proxy. You can never get off =>>their lists. => =>There are many RBL's and more are popping up as we go forward. While =>some are worse than others, ALL of them have erroneous information in =>them that will cause you to throw away real email and at the same time =>they don't prevent spam from getting to your system. Eventually this =>will cause RBL's to become un-truste
Re: Hello. Is anyone there?
On Tuesday, Jul 8th 2003 at 15:25 -0400, quoth Bruce Dawson: =>In the interest of full disclosure, I did discover that rogue.codemeta.com =>(199.125.75.14) WAS (as in: used to be) an open proxy and was fixed in, I =>believe, January 2003. => =>The problem is that easynet.nl (and a number of others) DO NOT remove =>addresses from their lists - regardless of the number or type of requests. =>And a number of others do not validate the requests to list spamming =>addresses. => =>So, if your system is coopted by a spam worm, then your system is dead as =>far as these RBLs and internet mail is concerned. Even if you use virus =>protection. Even if you get rid of the open proxy. You can never get off =>their lists. >From http://informatie.easynet.nl/error/errors.htm [Once you are entirely confident that no one but yourself and/or your local network can use your proxy server, send an email to [EMAIL PROTECTED] requesting removal. State your IP address and/or include an error message in your removal request, or we will not be able to process it. Once an IP address is listed as an open proxy, it will not be automatically or periodically retested. You must request removal in order to be retested and consequently removed. ] You actually have to ask them to take you off their list. Ask first, and then if they don't cooperate we can say nasty things about them. Hell, I might even stop using them if they get pissy enough. :-) -- -Time flies like the wind. Fruit flies like a banana. Stranger things have - -happened but none stranger than this. Does your driver's license say Organ -Donor?Black holes are where God divided by zero. Listen to me! We are all- -individuals! What if this weren't a hypothetical question? steveo at syslang.net ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Tue, 2003-07-08 at 13:38, Steven W. Orr wrote: > This problem between easynet and codemeta issuch an incredibly small > factor of how much I reject on a daily basis, that I would recommend > anyone who wanted to use a good rbl to *start* with this one. In the absence of consensus on this issue, it should be possible to add a whitelist to your system so that domains you explicitly want to accept (like gnhlug.org) can skip over the RBL-check entirely. signature.asc Description: This is a digitally signed message part
Re: Hello. Is anyone there?
On Tue, 2003-07-08 at 12:29, Steven W. Orr wrote: > But I really do think that it's somewhat important to find out why easynet > thinks that gnhlug.org is a spammer? I doubt that it's the case, but have > we checked that we are not a relay (or never were). Whatever the reason > is, we really should track it down and prove to them that we are worthy of > not being blocked. If the reason turns out to be bad *then* we can condemn > easynet. I checked ghnlug.org (199.125.75.14) with rblcheck, and I found that easynet.nl is the only one filtering it. According to their (huge) blockedIPs.txt file: 199.125.75.14 Open Proxy \ http://proxies.blackholes.easynet.nl/errors.html (The file is about 30 MB, and contains over 400,000 lines.I didn't see any way to check a specific address, other than downloading this monter and grep'ing it afterward.) -- John Abreau <[EMAIL PROTECTED]> The Abreau Family signature.asc Description: This is a digitally signed message part
Re: Hello. Is anyone there?
On Tue, Jul 08, 2003 at 01:38:20PM -0400, Steven W. Orr wrote: > Lots of interesting commentary here. Thanks! :-) > > * Why do I use RBL's in the 1st place? Because I would much rather reject > mail before it's received than after. If I filter it out after then they > know that I have accepted it. Unfortunately top shelf spammers (an absurd concept!) will not be stopped by RBL's since they just change accounts every few hours and use automated tools to pump those accounts to the max of their limited transmission capability. (Try sending out an email to 100 people if you're a comcast subscriber!) By using multiple parallel accounts they achieve large transmission rates from non-RBL'ed sites. So RBL problem #1: RBL doesn't stop the smartest spammers so you will have to filter on content no matter what you do. > > * Derek Martin said that you have no way of knowing if you've missed > important mail. Not true: I get a report every morning showing what > senders were rejected. (I just wasn't paying attention.) Right - which means the RBL technique is failure-prone whenever people are part of it. No one pays attention to something they see all the time. So its always going to fail. RBL problem #2: RBL incorrectly rejects large amounts of non-spam. RBL problem #3: Any possible notice about false positive (see #2), will be completely buried in the mass of true-positive notices and not be noticed. > > * Jeff Kinz says it's not important to make sure that you are accepted by > all RBLs. This is a mis-quote or a complete fabrication of what I said. In the future please actually quote what I said so it can't be mis-interpreted unless I write it badly, OK? :-) Thanks. (There's a fair chance I'll write it poorly anyway.. :-) What I said was (and I'll quote it:) >On Tue, Jul 08, 2003 at 12:29:08PM -0400, Steven W. Orr wrote: >> But I really do think that it's somewhat important to find out why easynet >> thinks that gnhlug.org is a spammer? > >No, its not important to do that because there will always be another >RBL list somewhere which is also broken, especially since RBL's are >proliferating at an increasing rate. So I'm saying that its not that important to correct RBL's which have bad information because so many do. (see more on this below). Why waste your life yelling at people who aren't going to change your listing in their RBL anyway? > I totally disagree on this one. You don't have to be accepted by > an RBL but you should at least know why they are rejecting you and to > have at least made the effort to try to clear up the conflict. Like I > mentioned earlier, some RBLs base themselves on vastly different criteria. > Some criteria are acceptable and some are not (to me). For example, I > mentioned one RBL that rejects all clients of uunet. Another rejects all > dynamic ip addresses. You have to decide what sets are right for you. Clearly the RBL's which list all of uunet and all dynamic IPs have more bad information than they have good information about Spam sources. As Bruce Dawson pointed out today: >The problem is that easynet.nl (and a number of others) DO NOT remove >addresses from their lists - regardless of the number or type of requests. >And a number of others do not validate the requests to list spamming >addresses. >So, if your system is coopted by a spam worm, then your system is dead as >far as these RBLs and internet mail is concerned. Even if you use virus >protection. Even if you get rid of the open proxy. You can never get off >their lists. There are many RBL's and more are popping up as we go forward. While some are worse than others, ALL of them have erroneous information in them that will cause you to throw away real email and at the same time they don't prevent spam from getting to your system. Eventually this will cause RBL's to become un-trusted and eventually less used. Since some people have falsely submitted domains/ip's to RBL's to harm the owners/users of same, and more people continue to do it all the time, its clear we will never be able to trust the RBL's I'll admit its nice and easy to say "Oh Ip 192.x.x.x? Sorry, you're spam, disconnect" before the email can arrive on your site/system. But this is one time where taking the easy way out is the wrong way to do it. For Non-ISP's, using RBL's will ultimately do more harm than good. (False positives causing missed email) (ISP's aren't harmed when they block their customer's real email as spam so they can use an RBL without fear. Most of them will not lose enough customers for it to ever be a problem, unfortunately.) In order to intelligently stop spam you cannot filter on RBL based IP addresses/domains. You must filter only on content. The trials which the Bogofilter people have run on real email indicate that it more accurate than any other way of doing it. (http://bogofilter.sourceforge.net/bogofilter-faq.html) I really really
Re: Hello. Is anyone there?
On Tue, Jul 08, 2003 at 03:28:59PM -0400, Ben Boulanger wrote: > On Tue, 8 Jul 2003, Bruce Dawson wrote: > > So, if your system is coopted by a spam worm, then your system is dead as > > far as these RBLs and internet mail is concerned. Even if you use virus > > protection. Even if you get rid of the open proxy. You can never get off > > their lists. > > That's rediculous and, in my mind, harms their legitimacy. Look at the > XBL... no one uses them anymore because they're pointlessly arrogant about > their service - a breed heading for extinction. This is why I love spamassassin - RBL entries are only one of a series of tests to see if something should be marked as spam. -Mark pgp0.pgp Description: PGP signature
Re: Hello. Is anyone there?
On Tue, 8 Jul 2003, Bruce Dawson wrote: > So, if your system is coopted by a spam worm, then your system is dead as > far as these RBLs and internet mail is concerned. Even if you use virus > protection. Even if you get rid of the open proxy. You can never get off > their lists. That's rediculous and, in my mind, harms their legitimacy. Look at the XBL... no one uses them anymore because they're pointlessly arrogant about their service - a breed heading for extinction. Ben -- Clear conscience never fears midnight knocking. ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
In the interest of full disclosure, I did discover that rogue.codemeta.com (199.125.75.14) WAS (as in: used to be) an open proxy and was fixed in, I believe, January 2003. The problem is that easynet.nl (and a number of others) DO NOT remove addresses from their lists - regardless of the number or type of requests. And a number of others do not validate the requests to list spamming addresses. So, if your system is coopted by a spam worm, then your system is dead as far as these RBLs and internet mail is concerned. Even if you use virus protection. Even if you get rid of the open proxy. You can never get off their lists. ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
Lots of interesting commentary here. * Why do I use RBL's in the 1st place? Because I would much rather reject mail before it's received than after. If I filter it out after then they know that I have accepted it. The fact that they always try multiple times after a 500 series error code is just even more grating. If you don't run your own domain, then you really don't have access to this technique. * Derek Martin said that you have no way of knowing if you've missed important mail. Not true: I get a report every morning showing what senders were rejected. (I just wasn't paying attention.) * Jeff Kinz says it's not important to make sure that you are accepted by all RBLs. I totally disagree on this one. You don't have to be accepted by an RBL but you should at least know why they are rejecting you and to have at least made the effort to try to clear up the conflict. Like I mentioned earlier, some RBLs base themselves on vastly different criteria. Some criteria are acceptable and some are not (to me). For example, I mentioned one RBL that rejects all clients of uunet. Another rejects all dynamic ip addresses. You have to decide what sets are right for you. This problem between easynet and codemeta issuch an incredibly small factor of how much I reject on a daily basis, that I would recommend anyone who wanted to use a good rbl to *start* with this one. -- -Time flies like the wind. Fruit flies like a banana. Stranger things have - -happened but none stranger than this. Does your driver's license say Organ -Donor?Black holes are where God divided by zero. Listen to me! We are all- -individuals! What if this weren't a hypothetical question? steveo at syslang.net ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Tue, 8 Jul 2003, at 12:38pm, [EMAIL PROTECTED] wrote: > Personally, I think that's a bad way to look at it. Spam is our problem > and if we were vulnerable to either unauthenticated proxying or SMTP > relaying, then it's -OUR- problem. That is a completely different situation. Spam is a problem. But we were not talking about spam; we were talking about being present on somebody's list of something-or-other. There is a subtle but important difference there. On Tue, 8 Jul 2003, at 12:33pm, [EMAIL PROTECTED] wrote: > Apparently, it thinks rogue.codemeta.com is an open proxy. AFAIK, they are wrong (see below). If someone can demonstrate that rogue is an open proxy, then I will immediately move to get that fixed, since that *is* our problem. But the fact that they are wrong is not our problem. | $ telnet rogue.codemeta.com 80 | Trying 199.125.75.14... | Connected to rogue.codemeta.com (199.125.75.14). | Escape character is '^]'. < CONNECT mail.ntisys.com:25 HTTP/1.0 < > HTTP/1.1 405 Method Not Allowed > Date: Tue, 08 Jul 2003 16:52:52 GMT -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Tue, Jul 08, 2003 at 12:29:08PM -0400, Steven W. Orr wrote: > First off, I neglected to apologize for the snafu in my last message. Yes > it really was my spam filtering that was causing the problem. > > But I really do think that it's somewhat important to find out why easynet > thinks that gnhlug.org is a spammer? No, its not important to do that because there will always be another RBL list somewhere which is also broken, especially since RBL's are proliferating at an increasing rate. All it does is demonstrate that the concept of RBL's (as currently implemented), are broken and not reliable. Bayesian filtering programs such as Bogofilter (see sourceforge) not only do a better job, in my experience they produce fewer false positives. No RBL is needed. I concede that some form of publically or widely participated in "trust metric" measuement might do a good job of creating a dependable RBL but that would require a great deal more effort and watchdog mechanism than is currently being expenede. I doubt it would ever happen and they would still not stop spammer who move rapidly from ISP to ISP. Bogofilter and similar tools can and does stop them, but based soley on the content of the email and customized to your personal idea of what spam is. -- Jeff Kinz, Open-PC, Emergent Research, Hudson, MA. [EMAIL PROTECTED] copyright 2003. Use is restricted. Any use is an acceptance of the offer at http://www.kinz.org/policy.html. Don't forget to change your password often. ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Tue, 8 Jul 2003, at 12:29pm, [EMAIL PROTECTED] wrote: > Whatever the reason is, we really should track it down and prove to them > that we are worthy of not being blocked. Why should that be our responsibility? Strictly my opinion here: I take a very "lazier fair" attitude toward blacklist services. There are those who hate them and think they should be sued/illegal/regulated/etc. Then there are those who think we should all bow down before them. I consider them a vendor, like any other. They provide a service. You can choose to use their service, or not. You cannot hold others responsible for the service they provide. If your vendor is feeding you incorrect information, it is not our responsibility to correct your vendor. If you feel your vendor has incorrectly listed GNHLUG, it is your responsibility to correct your vendor. -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Tue, 8 Jul 2003 [EMAIL PROTECTED] wrote: > Ultimately, if your system is blocking mail, it's your problem, regardless > of why you made that decision. If you are basing your decision on a > third-party information source that is not doing what you want, take it up > with that third-party. :) Personally, I think that's a bad way to look at it. Spam is our problem and if we were vulnerable to either unauthenticated proxying or SMTP relaying, then it's -OUR- problem. They provide easy to use tools to look it up. They have an awful lot of IP's listed, so I question their legitimacy, but if Steve Orr has faith in them, it's worth looking at. That's like saying a car with an emissions problem is the driver's problem and the state shouldn't care about it. Ben -- Judge not the horse by his saddle. ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Tue, 8 Jul 2003, at 12:17pm, [EMAIL PROTECTED] wrote: >> GNHLUG is not responsible for your spam filtering. > > Agreed, but perhaps it would be better if mail.gnhlug.org were not listed > in any RBLs? It actually appeared that rogue.codemeta.com (GNHLUG's current mail server) is the system that is blacklisted. You or anyone else is welcome to find out why rogue is blacklisted with these people. If there's something reasonable we can do to get off the list, we can probably arrange to have it done. :) Myself, I don't have much patience for people who use a single third-party blacklist as a sufficient criteria to block mail. They are too unreliable. Better to use them as one factor is a weighted-scoring system. Ultimately, if your system is blocking mail, it's your problem, regardless of why you made that decision. If you are basing your decision on a third-party information source that is not doing what you want, take it up with that third-party. :) -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Tue, 8 Jul 2003, Derek Martin wrote: > Agreed, but perhaps it would be better if mail.gnhlug.org were not > listed in any RBLs? Have you attempted to download the list from easynet - the one that listed it? It's rediculously long I seriously wonder if they have an ip in every c block in existence. It's so long that less than halfway through downloading it with my browser, I had to bail for fear of running out of memory. Apparently, it thinks rogue.codemeta.com is an open proxy. If you use their lookup tool, you get: Lookup 199.125.75.14 (mail.gnhlug.org) in 11+21 Zones AS: 199.125.75.0/24 AS701 [US] UUNET Technologies, Inc. Ashburn/Virginia Net 199.125.64-127 MV-NETS [US] Manchester, New Hampshire @mv.mv.com Results: Positive=3, Negative=29 (2003-07-08 16:30:25 UTC) * @SPAM/spamsource: 553 553 OpenProxy http://proxy.openrbl.org/?199.125.75.14 * EASYNET/permblock: 553 OpenProxy - http://proxies.blackholes.easynet.nl/errors.html * REYNOLDS/t1.bl.reynolds.net.au: PLEASE URGENTLY SEE http://www.openrbl.org/lookup?i=199.125.75.14 memory. -- A tiger never returns to his prey he did not finish off. ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Tuesday, Jul 8th 2003 at 12:06 -0400, quoth [EMAIL PROTECTED]: =>On Tue, 8 Jul 2003, at 11:56am, [EMAIL PROTECTED] wrote: =>> So it looks like we have two problems. One is that I am really not getting =>> the mail sent to me. => => Are you sure it is not your spam filtering that is/was blocking said mail? =>Have you tried unsubscribing/resubscribing now that you've made exceptions =>for GNHLUG/CodeMeta in your spam filtering? => =>> Two is that somehow gnhlug.org got put onto the spammers list. easynet =>> really is my best RBL and I'm not willing to not use them. => => GNHLUG is not responsible for your spam filtering. First off, I neglected to apologize for the snafu in my last message. Yes it really was my spam filtering that was causing the problem. But I really do think that it's somewhat important to find out why easynet thinks that gnhlug.org is a spammer? I doubt that it's the case, but have we checked that we are not a relay (or never were). Whatever the reason is, we really should track it down and prove to them that we are worthy of not being blocked. If the reason turns out to be bad *then* we can condemn easynet. Footnote: I do use a fairly carefully selected set of RBLs. (If anyone wants them just let me know.) And yes on rare occasions I can run into a small snafu with them. (One time I used a new rbl and it shut off all clients of uunet.) But in my RBL experience blackholes.easynet.nl is *the* most productive RBL out there. I reject the majority of real spam every day just from this. -- -Time flies like the wind. Fruit flies like a banana. Stranger things have - -happened but none stranger than this. Does your driver's license say Organ -Donor?Black holes are where God divided by zero. Listen to me! We are all- -individuals! What if this weren't a hypothetical question? steveo at syslang.net ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Tue, 8 Jul 2003, at 11:56am, [EMAIL PROTECTED] wrote: > So it looks like we have two problems. One is that I am really not getting > the mail sent to me. Are you sure it is not your spam filtering that is/was blocking said mail? Have you tried unsubscribing/resubscribing now that you've made exceptions for GNHLUG/CodeMeta in your spam filtering? > Two is that somehow gnhlug.org got put onto the spammers list. easynet > really is my best RBL and I'm not willing to not use them. GNHLUG is not responsible for your spam filtering. -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Tuesday, Jul 8th 2003 at 11:56 -0400, quoth Steven W. Orr: =>I get a few of these starting Jul 1 (my logs *do* go back further). => =>So it looks like we have two problems. One is that I am really not =>getting the mail sent to me. => =>Two is that somehow gnhlug.org got put onto the spammers list. easynet =>really is my best RBL and I'm not willing to not use them. I did add an ok =>to my access database: => =>From:gnhlug.org OK => =>so I should be good to receive. It's official. I'm back. -- -Time flies like the wind. Fruit flies like a banana. Stranger things have - -happened but none stranger than this. Does your driver's license say Organ -Donor?Black holes are where God divided by zero. Listen to me! We are all- -individuals! What if this weren't a hypothetical question? steveo at syslang.net ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Tuesday, Jul 8th 2003 at 11:42 -0400, quoth Steven W. Orr: => =>My delivery option is not turned off. (I am able to access it.) It's just =>that nothing is sent to me. => One more note: I did a careful check of my maillog (running sendmail) and I spotted the following messages: Jul 8 11:46:20 saturn sendmail[17666]: h68FkJ1o017666: ruleset=check_rcpt, arg1=<[EMAIL PROTECTED]>, relay=IDENT:bV9hTV8/+DdAsGEVlnIzo5f4vq/[EMAIL PROTECTED] [199.125.75.14], reject=550 5.7.1 <[EMAIL PROTECTED]>... ACCESS DENIED to <[EMAIL PROTECTED]> thru rogue.codemeta.com by easynet.nl DNSBL (http://blackholes.easynet.nl/errors.html) Jul 8 11:46:20 saturn sendmail[17666]: h68FkJ1o017666: from=<[EMAIL PROTECTED]>, size=3210, class=0, nrcpts=0, proto=ESMTP, daemon=MTA, relay=IDENT:bV9hTV8/+DdAsGEVlnIzo5f4vq/[EMAIL PROTECTED] [199.125.75.14] (Imagine this all on one line.) I get a few of these starting Jul 1 (my logs *do* go back further). So it looks like we have two problems. One is that I am really not getting the mail sent to me. Two is that somehow gnhlug.org got put onto the spammers list. easynet really is my best RBL and I'm not willing to not use them. I did add an ok to my access database: From:gnhlug.org OK so I should be good to receive. -- -Time flies like the wind. Fruit flies like a banana. Stranger things have - -happened but none stranger than this. Does your driver's license say Organ -Donor?Black holes are where God divided by zero. Listen to me! We are all- -individuals! What if this weren't a hypothetical question? steveo at syslang.net ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Tuesday, Jul 8th 2003 at 11:22 -0400, quoth [EMAIL PROTECTED]: =>On Mon, 7 Jul 2003, at 10:39pm, [EMAIL PROTECTED] wrote: =>> Guys, I seem to need some help here. I don't know who the admin is ... => => Contact info for all known GNHLUG suckers^Wvolunteers is available at: => => http://wiki.gnhlug.org/twiki2/bin/view/Www/ContactUs => => As of right now, for mailing list stuff, contact either of these two =>people: => => [EMAIL PROTECTED] => [EMAIL PROTECTED] => =>(Remove the spam guards.) => =>> I'm not getting mail from this list. Can I get someone to straighten this =>> out? => => Have you checked your subscription options? You can do so at => => http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss => => In particular, I suspect you might have mail delivery turned off. My delivery option is not turned off. (I am able to access it.) It's just that nothing is sent to me. -- -Time flies like the wind. Fruit flies like a banana. Stranger things have - -happened but none stranger than this. Does your driver's license say Organ -Donor?Black holes are where God divided by zero. Listen to me! We are all- -individuals! What if this weren't a hypothetical question? steveo at syslang.net ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Mon, 7 Jul 2003, at 10:39pm, [EMAIL PROTECTED] wrote: > Guys, I seem to need some help here. I don't know who the admin is ... Contact info for all known GNHLUG suckers^Wvolunteers is available at: http://wiki.gnhlug.org/twiki2/bin/view/Www/ContactUs As of right now, for mailing list stuff, contact either of these two people: [EMAIL PROTECTED] [EMAIL PROTECTED] (Remove the spam guards.) > I'm not getting mail from this list. Can I get someone to straighten this > out? Have you checked your subscription options? You can do so at http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss In particular, I suspect you might have mail delivery turned off. -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Monday, Jul 7th 2003 at 22:24 -0400, quoth Chris: =>I can hear you here not had any problems myself => =>"Steven W. Orr" wrote: => =>> I've had no email from gnhlug in over at least a month. =>> =>> Can anyone hear me? =>> =>> I tried rezubzcribing and all I get is a blank page when I hit the =>> zubzcribe button. On Monday, Jul 7th 2003 at 22:42 -0400, quoth Erik Price: =>I hear you. There has been quite a lot of mail in the past 30 days or =>so -- I'd guess over 300 msgs. Don't forget you can always check the =>archives. => =>http://www.mail-archive.com/index.php?hunt=gnhlug => => => =>Erik Guys, I seem to need some help here. I don't know who the admin is but I'm not getting mail from this list. Can I get someone to straighten this out? Obviously you can hear me but I'm not getting any msgs sent to the list. -- -Time flies like the wind. Fruit flies like a banana. Stranger things have - -happened but none stranger than this. Does your driver's license say Organ -Donor?Black holes are where God divided by zero. Listen to me! We are all- -individuals! What if this weren't a hypothetical question? steveo at syslang.net ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
I can hear you here not had any problems myself "Steven W. Orr" wrote: > I've had no email from gnhlug in over at least a month. > > Can anyone hear me? > > I tried rezubzcribing and all I get is a blank page when I hit the > zubzcribe button. > > -- > -Time flies like the wind. Fruit flies like a banana. Stranger things have - > -happened but none stranger than this. Does your driver's license say Organ > -Donor?Black holes are where God divided by zero. Listen to me! We are all- > -individuals! What if this weren't a hypothetical question? > steveo at syslang.net > ___ > gnhlug-discuss mailing list > [EMAIL PROTECTED] > http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Hello. Is anyone there?
On Monday, July 7, 2003, at 10:09 PM, Steven W. Orr wrote: I've had no email from gnhlug in over at least a month. Can anyone hear me? I hear you. There has been quite a lot of mail in the past 30 days or so -- I'd guess over 300 msgs. Don't forget you can always check the archives. http://www.mail-archive.com/index.php?hunt=gnhlug Erik ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
