Re: Spam and mailing lists
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, Oct 19, 2006 at 06:54:34PM -0400, Mark E. Mallett wrote: > > PS: you mentioned running sendmail 8.13.1 -- you might want to look into > updating that. There have been one or more security updates since then, > tho I don't recall offhand if any were exploitable. But there was at > least one DOS type. I'd imagine what is actually running is sendmail 8.13.1-3.RHEL4.5, as shipped with RHEL4U4 and CentOS 4.4. This contains fixes for CVE-2006-1173, Sendmail Errata (2004-08-24), and a few small bugs. - -- Matt Brodeur RHCE [EMAIL PROTECTED] http://www.nexttime.com PGP ID: 2CFE18A3 / 9EBA 7F1E 42D1 7A43 5884 560C 73CF D615 2CFE 18A3 A little inaccuracy sometimes saves tons of explanation. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFFOPoAc8/WFSz+GKMRArTEAJ9CsuuL12yow44Gtd0i9FBNqRFWFwCgtPIO 8NSvZA55hGbVRCuLtYz3npA= =GNdY -END PGP SIGNATURE- ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
brk <[EMAIL PROTECTED]> writes: > The linux community is made up of militias, when what it needs is an army. This assumes that those of us choosing to use Linux care what others use and feel it our mission to attempt to "convert the great unwashed". Whereas in reality, many of who use do so because we feel it fits our needs better than and really don't give a flipping inode what anyone else uses. I have no care in the world what OS anyone else uses. But if they're *interested* in learning something about UN*X based OSes, I'm more than happy to talk to them about it and teach them what I know. I have *no* desire for world domination or converting the masses. I'd be perfectly happy if Linux never achieved more than a .5% market share penetration on the desktop. -- Seeya, Paul - who's been using Linux as a desktop since '94, and Mac OS X since '04 and has no idea what a "registry" is other than where he renews his driver's license :) ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On Thu, Oct 19, 2006 at 07:26:55AM -0400, Ben Scott wrote: > On 10/16/06, Ben Scott <[EMAIL PROTECTED]> wrote: > >Hello, world! > > I'm a bit surprised we haven't heard from any Postfix or qmail fans > in this thread. Perfect holy war folder here, people, come on. :) Choices are fun, and not just for having a war. sendmail, postfix, and exim have all done a good job over the past few years of adding some hooks for filtering requirements. Among other things, sendmail has its milter interface; postfix has its policy daemon interface, and now (2.3?) has an initial stab at milter interface too; exim has a nice built-in extension language. Whereas the official qmail package is fixed in time at about 1998, but has a bazillion patches and patchers. Although that's a dig, qmail is mainly what we use. One aspect of qmail is that it's architected as lots of modules each handling one piece of its mail flow. This is both good and bad. There are open source replacements for some of qmail's pieces, and as I mentioned, patches for others. qmail is not just another choice, it's a gateway into another universe of choices :) The qmail setup here is, briefly: - stock qmail with a number of performance-improving patches applied. - from-scratch replacement of qmail-smtpd (SMTP receiver), written by me. This includes the same scripting language as is contained in the MDA that I use (i.e., a procmail alternative). - a side daemon, the "mail client assessment" daemon, that the smtpd daemon consults for advice about how to deal with incoming connections. The combination of smtpd daemon and client assessment daemon is very powerful. It supports a feedback loop where bad client action can be remembered and acted on (and where feedback can come from other sources, such as post-delivery assessment); it gives a central control interface (e.g. allowing one to administratively shun certain senders and have the block expire automatically, or having a web form where senders can remove their own blocks); it helps enables things like greylisting and other techniques; it can coordinate activity and policy across multiple receivers; and other things that you can probably imagine. But you can do some or all of these things with milters and policy daemons too. Anyway, you asked, so there's a qmail side. -mm- (forgotting, I am sure, something else I was going to say.) PS: you mentioned running sendmail 8.13.1 -- you might want to look into updating that. There have been one or more security updates since then, tho I don't recall offhand if any were exploitable. But there was at least one DOS type. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On Wed, Oct 18, 2006 at 08:42:44PM -0400, mike ledoux wrote: > On Wed, Oct 18, 2006 at 07:16:05PM -0400, Travis Roy wrote: > > >Since I suggested it I should probably explain why I suggested this > > >change. It's very simple... I perfer that mailing lists have the name of > > >the list in the subject. That's all. I could adjust my mail client or > > >maybe create a .procmailrc entry to :0: this into a different mbox, but I > > >don't... I'm not into e-mail segregation and a quick glance of [listname] > > >is just visual appealing and easy to do a quick mental sort. > > > > I'm with Kenta. I find it odd that mailman still doesn't offer this as one of the things you can personalize (when the list admin enables personalization). Unless I've missed it, and it does offer it:) But I took a tour of the mailman docs, as I did another time this came up (a couple of years ago, and not here). > We've been through this before on the list, many times, and it > always works out that the majority of people who state a preference > prefer not to have the Subject: line munged. If you want it, and > are running procmail or can run procmail, it is simple enough to add > it yourself. Here's a rule to start with (not tested, just off the > top of my head): > > :0fwh > * ^List-Id:.*gnhlug-discuss > | sed '/^Subject:/s//& [gnhlug-discuss]/' IMHO it's a little tougher than that; you need to account for "Re:" and "Fwd:" and other common syntax items, and for '[gnhlug-discuss]' already being there (because somebody has procmail'd it in and not stripped it out when they replied). Much better to have the stripping & adding munging done by the MLM. -mm- (who is not in favor of subject-line tagging, but would not be affected if it were a personalization option) ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
I'm now using postfix + blacklists + spamassassin in daemon mode for server side filtering. I've found that the blacklists are moderately effective, the strict verification rules you can put into postfix are very effective, and spamassassin out of the box is not that effective. On the client side (via procmail), I use spamassassin with bayesian analysis, and razor. Razor is still very effective, but I worry that it will not always be so. It's possible to put razor on the server side with postfix, but not as easy as it really should be. I haven't done this yet because my site doesn't need it. I'm surprised that external filtering doesn't feel like it was part of the primary design any major MTA. With Sendmail (een with milters) and Postfix it feels from a sysadmin view like an add-on hack. Not much gets through past this as a percentage, but enough does to be mildly annoying. Sometimes I'll get a "Spam of consciousness", which looks like randomly generated poetry, without any kind of link or discernable sales pitch. Other times there's some stock scam that looks like a personal email but with a stock trading name thrown in somewhere. Some days a whitelist system sounds very tempting. Python said: > On Thu, 2006-10-19 at 07:26 -0400, Ben Scott wrote: >> On 10/16/06, Ben Scott <[EMAIL PROTECTED]> wrote: >> > Hello, world! >> >> I'm a bit surprised we haven't heard from any Postfix or qmail fans >> in this thread. Perfect holy war folder here, people, come on. :) >> >> Ha ha, only serious. I've got someone that's got my half-way >> convinced that Exim is better than a pastrami sandwich, but nothing on >> the other two popular MTAs. > > I'm running fedora 3 with (I think) defaults: postfix, mailman, amavisd- > new which includes spamassassin. Hooking up amavis required some minor > config file edits. Heavy lifting was provided by the packagers and yum. > It blocks about 80% of the total spam coming through. I assume some > tweaking could improve that, but I rely on spambayes with my email > client to filter the rest. > > Bill McGonigle's changes to his server > bfccomputing.com (Postfix) > have eliminated spam from the python-talk list. I used to delete 3 - 10 > spams per day. > >> >> "Opinions are like anuses. Everybody has one, and they all stink." >> >> -- Ben >> ___ >> gnhlug-discuss mailing list >> gnhlug-discuss@mail.gnhlug.org >> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ > -- > Lloyd Kvam > Venix Corp > > ___ > gnhlug-discuss mailing list > gnhlug-discuss@mail.gnhlug.org > http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ > ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Linux military tactics (was: Spam and mailing lists)
On Oct 19, 2006, at 10:00 AM, Ben Scott wrote: On 10/19/06, brk <[EMAIL PROTECTED]> wrote: This whole discussion has shown why linux has such a hard time winning serious market-share. My understanding is that Linux has won "serious market-share" in the server/infrastructure area, but has had relatively limited adoption "on the desktop". Right, in subsections of the market linux owns a healthy chunk. In others it is a rounding error. In the O/S market overall, linux is still a minority and not making any significant in-roads. There are several groups/projects pushing the linux desktop with much effort. The linux community is made up of militias, when what it needs is an army. Why? Because the fractured battles being fought are creating more commotion than progress. This is evidenced here on a small scale: battling over which MTA is best and the primary mortars launched have been more emotional than technical/tactical. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On Oct 19, 2006, at 9:55 AM, Ben Scott wrote: On 10/19/06, brk <[EMAIL PROTECTED]> wrote: Just pick an MTA and be done with it, as long as the list mail gets through 95% of the subscriber base probably doesn't care. The topic for this list is Linux and related software. I never said it wasn't on-topic. I am, however, still waiting for some real, solid arguments that go beyond "this is the system I know best, and it hasn't let me down". Yes, there have been some good points made all-round, just no clear differentiations. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: [Wed Oct 18 22:34:33 EDT 2006] [temp:63 fahrenheit][partly cloudy] Spam and mailing lists
On 10/18/06, Michael ODonnell <[EMAIL PROTECTED]> wrote: I wish there was some sort of standard for email messages that provided for a special section (maybe near the beginning?) reserved for information about the message itself, like the date, the destination address, the sender's address, etc. And then it would be way cool if the GNHLUG mail servers could put information somewhere in that section, maybe something like this: List-id: GNHLUG General Discussion Would that help? LMAO ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On 10/19/06, brk <[EMAIL PROTECTED]> wrote: Just pick an MTA and be done with it, as long as the list mail gets through 95% of the subscriber base probably doesn't care. The topic for this list is Linux and related software. That would include MTAs. There's lots of people here with experience with Linux, mail servers, list servers, and spam fighting. I can't think of a more on-topic and appropriate discussion for this forum. Since the only MTA I have any real experience with is Sendmail, I'm very interested in the experiences and opinions of others here. So far, I've found much of the discussion quite useful. This list doesn't exist just for the sake of having a mailing list. The idea is to, you know, share information. Sometimes the most important job of a list admin is simple to make decisions silently and gracefully. I am interested in the topics noted above, and feel they are on-topic, which is why I started this thread. The fact that I also happen to be handling the care and feeding of the list we are on is coincidental. I'm not asking the list membership to vote on which MTA the list should be using. For the processing power this list takes I could run it off of a PIC-based webserver and an MLM written in LOGO. The discussion (well, the one I'm interested in, anyway) actually has very little to do with processing power and that sort of thing. It's mainly about effective security tactics (spam fighting is security) and keeping administration costs down. Do whatever you want with the subject line, you'll never please everyone anyway. Absolutely. The subject-line-munging discussion gets raised on pretty much every list from time to time (along with reply-to-munging). It's one of those perennial debates. In my role of List Janitor, I mostly ignore such things, unless they're a clear mandate to actually change something. -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Linux military tactics (was: Spam and mailing lists)
On 10/19/06, brk <[EMAIL PROTECTED]> wrote: This whole discussion has shown why linux has such a hard time winning serious market-share. My understanding is that Linux has won "serious market-share" in the server/infrastructure area, but has had relatively limited adoption "on the desktop". For a brief period, though, I believe it was actually beating out the Mac in that department (depending on whose lies^W statistics you looked at). I presume the Apple Collective would qualify as "an army" in your estimation, but that didn't seem to help the Mac any. They needed an 21st-century Walkman for that. The linux community is made up of militias, when what it needs is an army. Why? -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
This whole discussion has shown why linux has such a hard time winning serious market-share. The linux community is made up of militias, when what it needs is an army. People are arguing over subject-line formatting and MTA's for a mailing list that is lucky to get a half-dozen messages per day on average. Just pick an MTA and be done with it, as long as the list mail gets through 95% of the subscriber base probably doesn't care. For the processing power this list takes I could run it off of a PIC-based webserver and an MLM written in LOGO. Do whatever you want with the subject line, you'll never please everyone anyway. Most lists still use subject-line text insertion, it's not the anti-christ of email, and it's not a requirement for filtering in most cases either. Sometimes the most important job of a list admin is simple to make decisions silently and gracefully. Yeah, I'm sure I'll get flamed. Oh well, maybe it'll push our daily email average up to 8. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
"Ben Scott" <[EMAIL PROTECTED]> writes: > On 10/16/06, Ben Scott <[EMAIL PROTECTED]> wrote: >> Hello, world! > > I'm a bit surprised we haven't heard from any Postfix or qmail fans > in this thread. Perfect holy war folder here, people, come on. :) I've never used Exim, but don't see any reason to learn yamta when I already know postfix and sendmail. What one of those two can't do can't be done :) I don't like either of them over the other, I know them both moderately well. I think postfix is easier to configure, sendmail more flexible ('cuz you just don't know when you'll need to move mail from an smtp-based network to an ftp-over-ncp based network ;) Seriously, though, I don't think there's another MTA which out-of-the-box, supports such a large variety of mail transfer protocols, including SMTP, ESMTP, DECnet's mail11, HylaFax, QuickPage and UUCP. (though, these days, I'm not sure who's still using many of these :) -- Seeya, Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On Thu, 2006-10-19 at 07:26 -0400, Ben Scott wrote: > On 10/16/06, Ben Scott <[EMAIL PROTECTED]> wrote: > > Hello, world! > > I'm a bit surprised we haven't heard from any Postfix or qmail fans > in this thread. Perfect holy war folder here, people, come on. :) > > Ha ha, only serious. I've got someone that's got my half-way > convinced that Exim is better than a pastrami sandwich, but nothing on > the other two popular MTAs. I'm running fedora 3 with (I think) defaults: postfix, mailman, amavisd- new which includes spamassassin. Hooking up amavis required some minor config file edits. Heavy lifting was provided by the packagers and yum. It blocks about 80% of the total spam coming through. I assume some tweaking could improve that, but I rely on spambayes with my email client to filter the rest. Bill McGonigle's changes to his server bfccomputing.com (Postfix) have eliminated spam from the python-talk list. I used to delete 3 - 10 spams per day. > > "Opinions are like anuses. Everybody has one, and they all stink." > > -- Ben > ___ > gnhlug-discuss mailing list > gnhlug-discuss@mail.gnhlug.org > http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ -- Lloyd Kvam Venix Corp ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On Thursday 19 October 2006 12:30 am, Ben Scott wrote: > In the meantime, is http://www.exim.org/ the best place to go to > learn about Exim? I've been quiet in this conversation so far, but I figured now is a good time to pipe up my Exim support as well. I've been a fan for some time and got started since I'm also a Debian guy and at least at first, it's just what was there. As I've built bigger and bigger systems with more hooks into things like spam filtering, virus filtering, virtual hosting, ldap databases, etc, I've found that it interoperates very well with just about everything. So to summarize, I agree with all that's been said so far. The one thing I can add about Exim is the answer to the question above. Exim's online documentation is really awesome. Browsing/searching the documentation for the version you're using is really easy and includes a healthy dose of explanatory writing as well as reference material for every option/argument/keyword under the sun. I've used qmail and been nothing but disappointed with its reliability and configurability. I've used Postfix and been happy with it so long as I'm not using it in too complicated an environment. I've used sendmail and loathed the entire configuration process more than I care to remember. I've used Exim and always been happy with it. -N ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On 10/16/06, Ben Scott <[EMAIL PROTECTED]> wrote: Hello, world! I'm a bit surprised we haven't heard from any Postfix or qmail fans in this thread. Perfect holy war folder here, people, come on. :) Ha ha, only serious. I've got someone that's got my half-way convinced that Exim is better than a pastrami sandwich, but nothing on the other two popular MTAs. "Opinions are like anuses. Everybody has one, and they all stink." -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: [GNHLUG] [Wed Oct 18 14:39:49 EST 2006] [Heck let's have all the text in the subject line too. > me too!] Re: Spam and mailing lists
On 10/18/06, Tom Buskey <[EMAIL PROTECTED]> wrote: ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ You don't say. ;-) -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On 10/17/06, Jason Stephenson <[EMAIL PROTECTED]> wrote: True. I will enumerate the reasons that I like Exim: 1. It is not Sendmail. Heh. I'll admit to sympathizing to that one. :) I'm no Sendmail expert, but from what I gather, Sendmail's original major selling point was the ability to process all the different protocols and message formats in use at the time. Back before IP and SMTP and RFC-822 took over the world, this was a big deal. The ability to write an entirely new protocol into the configuration file was useful. These days, of course, anybody and everybody speaks SMTP. Sendmail has no problem with that, of course. But it's still built around those original design concepts, which makes things more difficult for those who just want SMTP (i.e., just about everybody). Hence the popularity of qmail, Postfix, Exim, etc. 3. It is what I know. That counts for quite a lot. Don't discount it. Again, it's probably not exactly the answer that Ben is looking for ... Actually, I think that's a very good answer, and I really appreciate you taking the time to write that up. While you of course could not and did not attempt to significantly compare Exim to other MTAs, you gave some reasons *why* you like Exim, and described a few of the capabilities that you find useful. You even put it in context of spam-fighting. So that's good stuff. Thank you. Additionally, the above link points out something Ben may have overlooked in his original request. ... Indeed. I was ass-uming that the mailer could just make its decision based on the SMTP envelope; I wasn't thinking that people might have the two differ on a mailing list like this one. But that's hardly an impossibility, so would need to be handled. Still, even if it has to accept an entire bogus message and *then* reject it, that's still an improvement. It would eliminate the hold queue management problem while still giving diagnostics to most mailers. (I understand there are some mailers that ass-ume the SMTP transaction cannot fail once DATA is issued, but I'm willing to call that an "acceptable loss".) Ah, but the various bits of info used to authenticate a list member, whether you use the envelope sender or what's found in the From: or Reply-to:, are all supplied by the sender. All it takes for someone to spam or to send viruses to a subscriber-only list is for them to get the email address of a list member, or to become a list member. Since you cannot really trust what your MTA is told by the other end, I think it is better to have the AV and anti-spam than to not have it. Well, as far as AV goes, again, the plan is to employ attachment stripping always, so there's no way for a virus to actually propagate through the list. Scanning what we're going to throw away is silly. :) Now, as far as spam goes, I see two possible scenarios: 1. Spammer forges 'From' to match an existing subscriber, and sends to the posting address. List software allows the spam through, thinking it's from a legit subscriber. 2. Spammer subscribes an address they control to the list, and posts from that. Now, I have been and continue to be subscribed to a great many lists, and I've never actually seen a case of #1 happening. Which is not say it never has, or (more importantly) never will. But for now, I don't consider it a threat worth devoting resources to. Maybe someone the spammers will decide it's worth it. (Rue that day.) #2 I've seen, but it's still pretty rare. Same conclusion, with the further factor that most spammers want everything to be strictly one-way. A valid return path makes tracing a lot easier. The recent "kidney" message that came across this list may have been an case of #2. It was apparently from an address that was subscribed just before the message was sent. I'm not sure what that was; it didn't seem like traditional advertisement-type spam. Not that the reason for unwanted mail really matters *that* much, I suppose. However, Exim has a built-in ACL for every step of the SMTP transaction, and for every single SMTP command. That's pretty sweet. I just may have to check out Exim after all. I already volunteered to help in setting up Exim for the list. You're hired! ;-) Seriously, I may ask for your help doing just that. First I'd like to get a few kinks worked out of the existing system. But don't be surprised if I mail you in a month or three... :-) In the meantime, is http://www.exim.org/ the best place to go to learn about Exim? You can also have an ACL that checks against a database during the connection and could possibly reject the connection based on the other end's IP address. (Yes, I know that IP blacklists are not popular here ... I know some people here do use them and like them. It's really a case of what one's needs are. Some people are willing to accept more false positives than others. ... I maintain my own blacklist at work ... That's another difference.
Re: The final solution [was: Spam and mailing lists]
On 10/18/06, Paul Lussier <[EMAIL PROTECTED]> wrote: Dealing with consoles, xterms, and Xauthority are highly encouraged, but not required. You should get X resources in there, too. P.S. This mail is X-Visually-Appealing-And-Easy-To-Sort-On header compliant. You put the list-of-identifying-characteristics-by-which-alt-contact-can-be-recognized field in the wrong position. -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
The final solution [was: Spam and mailing lists]
Brian Chabot <[EMAIL PROTECTED]> writes: > But what about requiring POSTERS to put that in there in order to be > able to filter out spam at the server? It is hereby decreed that all mail clients must add an X-Visually-Appealing-And-Easy-To-Sort-On: header to outgoing mails destined for the gnhlug-* mailing lists. The purpose of which is to: a) guarantee the authenticity and relevance of any mail arriving at the list b) ease sorting for those who wish to do so c) ease identification of "interesting" mail to those who care d) be visually "appealing" The format for the X-Visually-Appealing-And-Easy-To-Sort-On: header shall be: X-Visually-Appealing-And-Easy-To-Sort-On: \ [ ] \ [ ] \ [ ] \ [ ] \ [ ] \ [ ] \ [ ] \ [ ] \ [ ] \ [ ] \ [ ] \ [ ] Additionally, all mail clients used to read mail arriving from these lists must implement a means of displaying this header in the "Summary" view of the relevant INBOX. This feature may, and should be customizable (please reference the Emacs GNUS manual, the X Window Toolkit developer series, both GNOME and KDE Developer Documentation sets, and the entire Perl documentation set for ideas on how to implement any number of "end-user customization mechanisms"). It is recommended that this feature have no less than 3 different configuration files with completely differing syntax where one could opt to configure it. Dealing with consoles, xterms, and Xauthority are highly encouraged, but not required. Dates used in this field should be in UTC, but the client may, via means of the various configuration files, allow for configuration of the local timezone based on locale. Adherence l10n and i18n, as well as usability "best practices" are required, ISO9000 compliance is required for ISO9000 compliant companies. Sarbanes-Oxley (SOX), HIPPA, ADA, and other local and federal compliance requirements may be required, please check with your legal counsel. -- Thank you for your time and attention to this matter. Paul Former reluctant chairman of GNHLUG P.S. This mail is X-Visually-Appealing-And-Easy-To-Sort-On header compliant. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: [Wed Oct 18 22:34:33 EDT 2006] [temp:63 fahrenheit][partly cloudy] Spam and mailing lists
> That would be fairly obnoxious, and has the same problem > of obscuring the subject line that having the server munge > the Subject: line does. I wish there was some sort of standard for email messages that provided for a special section (maybe near the beginning?) reserved for information about the message itself, like the date, the destination address, the sender's address, etc. And then it would be way cool if the GNHLUG mail servers could put information somewhere in that section, maybe something like this: List-id: GNHLUG General Discussion Would that help? ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
mike ledoux wrote: > :0fwh > * ^List-Id:.*gnhlug-discuss > | sed '/^Subject:/s//& [gnhlug-discuss]/' That's all well and good for client side filtering. But what about requiring POSTERS to put that in there in order to be able to filter out spam at the server? Brian ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
Since I suggested it I should probably explain why I suggested this change. It's very simple... I perfer that mailing lists have the name of the list in the subject. That's all. I could adjust my mail client or maybe create a .procmailrc entry to :0: this into a different mbox, but I don't... I'm not into e-mail segregation and a quick glance of [listname] is just visual appealing and easy to do a quick mental sort. I'm with Kenta. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On Wed, 18 Oct 2006, Kevin D. Clark wrote: Yeah, let's put [gnlug-] in every subject :) I try to see other people's perspectives, really, I do. About the only valid rationale for a change like this that I can come up with is that this might be useful for somebody who uses a free webmail service that doesn't offer extensive filtering. Or maybe for somebody who works for a company that has their desktop locked down and forces them to use a crummy email client. Since I suggested it I should probably explain why I suggested this change. It's very simple... I perfer that mailing lists have the name of the list in the subject. That's all. I could adjust my mail client or maybe create a .procmailrc entry to :0: this into a different mbox, but I don't... I'm not into e-mail segregation and a quick glance of [listname] is just visual appealing and easy to do a quick mental sort. So it would be stellar if we did it, and if we don't that's cool too. -Kenta ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: [GNHLUG] [Wed Oct 18 14:39:49 EST 2006] [Heck let's have all the text in the subject line too. > me too!] Re: Spam and mailing lists
And top post, in HTML! *mutter* -Mark On 10/18/2006 02:41 PM, Tom Buskey wrote: ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On 10/18/2006 02:00 PM, Tom Buskey wrote: > I think I've heard this debate before. > > Most mail filters can filter on from, to, cc. I've found this works well > with procmail and more recently gmail. > > Personally, I have a limited width for the subject line and I'd rather > not > clutter it up w/ a [field]. If the [field] was at the end of the subject > line I'd not notice. It's still not needed for filtering though. I don't filter, at least I don't have my MTA/MDA /MUA do my filtering, I just look (with my eyeballs) at the subject. Wow, didn't think I'd get the reaction I did... BTW, date (and time) are displayed properly on all my readers. What I get is almost never out out sequence. -Mark ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
[GNHLUG] [Wed Oct 18 14:39:49 EST 2006] [Heck let's have all the text in the subject line too. > me too!] Re: Spam and mailing lists
___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
We should also mention the date on the Subject: line since my mailer doesn't show it clearly enough, with the unfortunate result that I sometimes read messages out of sequence. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On 10/18/06, Mark Komarinski <[EMAIL PROTECTED]> wrote: On 10/16/2006 08:21 PM, kenta wrote:> On Mon, 16 Oct 2006, Ben Scott wrote:>> Other ideas are also welcomed. I know there are some other list>> admins on this list, and plenty of mail exchanger administrators. >> Yeah, let's put [gnlug-] in every subject :)>> woot!Heh. Didn't see this until I was looking for information on something Irecently purchased from woot.com.Let me second this proposal. I generally filter by subject, and thingsthat come from mailing lists I know get higher brain time than others,since it's a good change the other stuff is spam. Woot!I think I've heard this debate before.Most mail filters can filter on from, to, cc. I've found this works well with procmail and more recently gmail.Personally, I have a limited width for the subject line and I'd rather not clutter it up w/ a [field]. If the [field] was at the end of the subject line I'd not notice. It's still not needed for filtering though. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
> Yeah, let's put [gnlug-] in every subject :) I try to see other people's perspectives, really, I do. About the only valid rationale for a change like this that I can come up with is that this might be useful for somebody who uses a free webmail service that doesn't offer extensive filtering. Or maybe for somebody who works for a company that has their desktop locked down and forces them to use a crummy email client. I'm not in either situation and I have no problem filtering my mail based on things other than the Subject: header. Regards, --kevin -- GnuPG ID: B280F24E And the madness of the crowd alumni.unh.edu!kdc Is an epileptic fit -- Tom Waits ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On 10/16/2006 08:21 PM, kenta wrote: > On Mon, 16 Oct 2006, Ben Scott wrote: >> Other ideas are also welcomed. I know there are some other list >> admins on this list, and plenty of mail exchanger administrators. > > Yeah, let's put [gnlug-] in every subject :) > > woot! Heh. Didn't see this until I was looking for information on something I recently purchased from woot.com. Let me second this proposal. I generally filter by subject, and things that come from mailing lists I know get higher brain time than others, since it's a good change the other stuff is spam. Woot! -Mark ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
mike ledoux wrote: I'm sure there are some exim fans out there, but I'm not one of them. I have had two experiences with Exim, neither positive. The relevent one was a server that processed 20-50k inbound messages/day, and was ground nearly to a halt under Exim. Replacing with a properly configured sendmail on the same hardware completely eliminated the problem. My experience was just the opposite. When I came to my current job in 2003, the mail server ran Sendmail on Red Hat 7. I was asked to do something about the growing spam and virus problem, so I installed clamav and spamass-milter. Clamav seemed to work just fine, but Sendmail would crap out every few hours, and it would sometimes make it a day or so before crashing. It turns out that there was apparently a memory leak in the milter code for Sendmail that shipped with Red Hat 7 or that was in the update RPM. After I switched to a properly configured installation of Exim with SpamAssassin and Clamav, the crashing of the MTA vanished on that machine. The server is the same computer today, though it has had RAM and OS upgrades as well as the addition of a hard disk for storing IMAP folders. Last week it delivered 127,713 messages and handled 201,781 SMTP connections. That puts it very near the 20,000 messages per day mark. Load sometimes goes up to 5 when our batch notices are being sent. That's when my software hammers the server with a thousand or two messages in the space of minutes. Exim may very well require more resources than Sendmail. I've never benchmarked either application, nor seen the results of published benchmarks.--Does anyone benchmark MTAs? Would it be a worthwhile research projet? Of course, that might say more about the difference in the previous admin's competence and mine than it does about the difference between exim and sendmail... Yes, I think the key phrase in the preceding paragraphs is "properly configured." It should be possible to do what you want to do with a sendmail milter, which would not require changing MTAs. That's very likely, but I still like Exim, and I can point Ben at some documentation for doing what he wants. ;) ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On Tue, 2006-10-17 at 11:53 -0400, mike ledoux wrote: > It should be possible to do what you want to do with a sendmail > milter, which would not require changing MTAs. > We have the book Sendmail Milters Bryan Costales, Marcia Flynt Addison-Wesley in the library. Let me know if you want me to bring it to pysig next week or do something quicker. Flipping through the book, the code examples appear to be in C and are available for download. I'm using amavisd-new with postfix on my lightly loaded mail server. For me, it discards (saved in a folder for 6 days) about 80% of the spam at the server. At my client, spambayes catches most of the rest and shuffles the spam to my spam folder for deletion. spambayes gets daily training. Since Bill McGonigle upgraded the DLSLUG server, the pysig spam has disappeared. We used to get 5 to 10 spams each day that I would delete. -- Lloyd Kvam Venix Corp ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On Mon, Oct 16, 2006 at 10:22:28PM -0400, Ben Scott wrote: > [repling to off-list message, with author's permission] > > Baring other solutions, applying SpamAssassin to the Mailman hold > queue might be useful, and is in fact something we were doing before, > thanks to some magic by Jeff Kinz. But if rejection during the SMTP > transaction is being done, there's no hold queue to worry about. FYI: Its not Spamassasin. Its a bash script that uses Bogofilter, curl and some bash glue to process the email fragments posted to the gnhlug admin pages. Due to the new spam technique of posting "ham worded" text with image based spam ads it has pretty much reached its limits. I haven't used Spamassasin because I've always felt uncomfortable with its design. 2006 year to date the script stats are: out of 14267, Killed: 13714, Ignored: 532, Approved: 21, Killed 96% > > -- Ben > ___ > gnhlug-discuss mailing list > gnhlug-discuss@mail.gnhlug.org > http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ > ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
"Ben Scott" <[EMAIL PROTECTED]> writes: >> BTW, integrating SpamAssassin and Clamav or Amavis are fairly easy, too. > > I suspect, for the case of our mailing lists, these are less useful. > The plan is to get general attachment stripping in place, which means > any kind of AV is redundant. Likewise, if all the lists are > subscriber-posting-only, SpamAssassin doesn't get us anything (one > hopes the subscribers aren't spammers). Spammers perform joe-jobs all the time. They forge senders. All you need is a virus that pulls an addressbook from a subscriber and bam! a spammer can now forge email as a sender. > Baring other solutions, applying SpamAssassin to the Mailman hold > queue might be useful, and is in fact something we were doing before, > thanks to some magic by Jeff Kinz. But if rejection during the SMTP > transaction is being done, there's no hold queue to worry about. Another thing I'd highly recommend is some sort of sender verification and greylisting. I've used milter-sender (although last time I looked the current versions are no longer "free" Boo!). As someone who runs a mailing list server with sender-only mailman lists, you really DO want to minimize the hold queues. Oh, the other thing something like SpamAssassin gives you is the ability to key off of RBL without bowing down to any set of RBLs and letting them screw you over by false positives. And yes, every RBL has false positives on there. For example, every once in a while MIT's outbound mailservers get onto an RBL. Good Luck, > -- Ben -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH [EMAIL PROTECTED]PGP key available ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On Tue, 2006-10-17 at 00:09 -0400, Jason Stephenson wrote: > >> Exim ... It's my preferred MTA. > > Every MTA is somebody's preferred MTA. ;-) > True. I will enumerate the reasons that I like Exim: > > 1. It is not Sendmail. > 2. It is very powerful. > 3. It is what I know. > > [At least, I'm honest.] In continuation of this tradition, my views and experiences pretty much mirror Jason's. So while I may not be adding a lot to the reasoning, I'd at least add my vote towards exim for all the same reasons. I don't have the time to offer to set exim up, but I'd certainly be willing to help with debugging the config afterwards. -- Cole Tuininga <[EMAIL PROTECTED]> http://www.code-energy.com/ ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
Ben Scott wrote: Other ideas are also welcomed. I know there are some other list admins on this list, and plenty of mail exchanger administrators. I am a moderator of the python-tutor mailing list. This is a subscribers only Mailman list where posts from non-subscribers are placed in the admin queue (your option 3). I only see a handful of spam a week come through to the admin interface. I don't know how this is done but obviously there is some kind of spam filter in place. I could try to find out more if you would like. Kent ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
Ben Scott wrote: [repling to off-list message, with author's permission] On 10/16/06, Jason Stephenson <[EMAIL PROTECTED]> wrote: Exim ... It's my preferred MTA. Every MTA is somebody's preferred MTA. ;-) True. I will enumerate the reasons that I like Exim: 1. It is not Sendmail. 2. It is very powerful. 3. It is what I know. [At least, I'm honest.] I've used Exim since 2000 (version 3.something). I found myself in a SA job at the University of Kentucky Engineering Computing Center. The MTA on the College of Engineering's mail server, for which I was partly responsible, was Exim. I learned to configure and maintain Exim at that job, found that Exim suited my needs elsewhere, and have not bothered to try another MTA. Prior to that job, I had dabbled in Sendmail and found it ridiculously complex.--I also think it somewhat silly using M4 to configure an application.--I also found it ridiculously arcane with overly short configuration mnemonics. Exim's configuration is very straightforward by comparison, and for a basic setup, there isn't much that needs customization from the default. However, if you need something special, chances are that Exim can do it. If Exim can't do it as-is, it is possible to have Exim run external programs or connect to local daemons and use the results. If that is not enough, Exim can be compiled with Perl embedded and you can run Perl directly in the configuration file and at run time. (I don't recommend this, but used sparingly, it can solve quite a few interesting problems.) Exim can run also filters on messages after they've been processed but just before delivery. Finally, Exim has a notion of routers and transports. These can be used to make Exim deliver messages in a variety of ways, and can be used in place of some of Exim's ACLs which are normally used during the various SMTP phases. Exim also supports database lookups directly including Berkely DB, DNS, flat text, LDAP, Oracle, MySQL, ProstgresQL, and Interbase/Firebird. These are very handy in the ACLs, and far more handy than they might seem at first blush. I use them to maintain my own blocklists of spam hosts, and this feature, along with a little Perl and router/transport magic, could be used to implement a listserv directly in the MTA. I'm sure that Postfix and Qmail are quite configurable and useful. I haven't used them, so I don't know what their capabilities are exactly. Therefore, I won't pretend to compare them to Exim. Granted, you could argue that my Sendmail experience has been limited and that it has all largely been negative. I can't really compare the deeper features of Sendmail with the deeper features of Exim because I never took the time to figure out Sendmail's deeper features. I wanted something that worked, was powerful enough to get the job done, and would not take me a lifetime to master. ;) Again, it's probably not exactly the answer that Ben is looking for, but it's hard to get specific about why I like Exim, or anything for that matter. It basically comes down to features, configurability, and it is what I know. If the above doesn't work exactly, I know how to set up the ACLs in Exim so that you can check the arguments of any SMTP command and do whatever checks are required. This part is interesting to me. Some searching for something unrelated just now did, in fact, lead me to: http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20060703/msg00026.html The above is a pretty good idea and some of that could be copied into the appropriate places in an Exim configuration file, but parts of it are missing.--I like the suggestion at the bottom about possibly implementing the listserv directly into the MTA. Additionally, the above link points out something Ben may have overlooked in his original request. Because of the way that SMTP works and because mailman uses the From: and Reply-to: to determine who can send mail to the list, you can't really check for a valid list member until the STMP DATA command is sent and the data are received. If you use any earlier phase (MAIL, RCPT, etc.), then you may actually kick a message that should legitimately go to the list. The reason being that you don't have the From: and Reply-to: headers until the DATA phase. If you want to check on the envelope sender, then you force everyone to have total control of their MUA and/or you preclude someone from sending a quick message when not at their usual location, assuming that they can easily change what appears in the From: header of the email but not what the MUA sends as the envelope sender in the MAIL command. Ostensibly, you could also end up in a situation where Exim accepts the message for the list, but mailman rejects it because the envelope sender is on the list and does not appear in the From: or Reply-to:. which is exactly what I'm talking about. Unfortunately, the linked-to scripts are on a server which
Re: Spam and mailing lists
[repling to off-list message, with author's permission] On 10/16/06, Jason Stephenson <[EMAIL PROTECTED]> wrote: Exim ... It's my preferred MTA. Every MTA is somebody's preferred MTA. ;-) If the above doesn't work exactly, I know how to set up the ACLs in Exim so that you can check the arguments of any SMTP command and do whatever checks are required. This part is interesting to me. Some searching for something unrelated just now did, in fact, lead me to: http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20060703/msg00026.html which is exactly what I'm talking about. Unfortunately, the linked-to scripts are on a server which isn't responding right now. This would also mean running Exim, which I'm not against, but don't know anything about. Any Exim fans on this list who would be willing to help out in a transition? BTW, integrating SpamAssassin and Clamav or Amavis are fairly easy, too. I suspect, for the case of our mailing lists, these are less useful. The plan is to get general attachment stripping in place, which means any kind of AV is redundant. Likewise, if all the lists are subscriber-posting-only, SpamAssassin doesn't get us anything (one hopes the subscribers aren't spammers). Baring other solutions, applying SpamAssassin to the Mailman hold queue might be useful, and is in fact something we were doing before, thanks to some magic by Jeff Kinz. But if rejection during the SMTP transaction is being done, there's no hold queue to worry about. -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On 10/16/06, Ben Scott <[EMAIL PROTECTED]> wrote: First, we're currently using this software: CentOS 4 (Red Hat Enterprise Linux 4 clone). Sendmail 8.13.1. Mailman 2.1.5. (All of which can be changed.) A little more info: We're using Sendmail because (1) it was the default on CentOS and (2) the previous mail host was using Sendmail and (3) everyone involved already knew Sendmail. Sendmail works. That's about the only good thing I can say about it, but it still counts for a lot. So, while I suspect switching MTAs is a good idea, I'm not going to spend time switching just because "FooMTA is better". I want to realize some actual benefits. Picky, I know. :) If someone else wants to volunteer to run the mail server, they can use whatever they want. ;-) -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Spam and mailing lists
On Mon, 16 Oct 2006, Ben Scott wrote: Other ideas are also welcomed. I know there are some other list admins on this list, and plenty of mail exchanger administrators. Yeah, let's put [gnlug-] in every subject :) woot! -Kenta ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Spam and mailing lists
Hello, world! Now that "we" have finished migrating all our mail services to our own server, I'd like to start addressing spam in a more sophisticated fashion. First, we're currently using this software: CentOS 4 (Red Hat Enterprise Linux 4 clone). Sendmail 8.13.1. Mailman 2.1.5. (All of which can be changed.) We (GNHLUG) have a handful of mailing lists. The posting addresses are in wide circulation, so they get a lot of spam shot at them. The lists require the 'From' address be a subscriber to post, so the spam never makes it to the list proper. With our current setup, we have a few choices as to what to do with mail that isn't from a subscriber: (1) We can send a rejection notice to the SMTP envelope sender (return path), and discard the message. The problem is most spam uses forged addresses, so this generates huge problems with backscatter. Backscatter can actually get you marked as a spam emitter. So this is out. (2) We can silently discard mail not from a subscriber. This solves the backscatter problems and keeps admin overhead near zero. Unfortunately, it also means users are never notified of legitimate mistakes (e.g., posting from the wrong address). We dislike this on principle. (3) We can put all the non-subscriber mail in a hold queue, and manually sift through it, looking for legitimate mail. This creates no backscatter, and keeps things user-friendly, but creates significant admin overhead. It's not uncommon to have a list accumulate 100 messages per day in the hold queue. That leads to the admin clicking "Delete All", which basically turns this solution into #2. We're currently using option #3, complete with the "Delete All" problem. From my chair, the ideal solution would be to reject mail from non-subscribers *during the SMTP transaction*, with a fatal SMTP error code. That means we never even accept the spam, there's no hold queue to manage, but legitimate mistakes still get notification. In theory, we already have enough information to do this: The SMTP "MAIL FROM" and "RCPT TO" commands specify the nominal-subscriber and list-posting addresses, respectively. The problem is, we would need some kind of hook in the MTA, to have it check against the list subscriber database. Anyone have any thoughts on the above? Other ideas are also welcomed. I know there are some other list admins on this list, and plenty of mail exchanger administrators. The Mailman documentation is a bit scattered when it comes to this, with lots of ideas and suggestions and links to list archives, but nothing too coherent. I'm looking more for a "Best Current Practices" answer. :) -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/