Re: Possibly OT, definately humor. rDNS is to policy set by federal law.
Peter Corlett wrote: On 16 Mar 2007, at 18:21, Rich Kulawiec wrote: [...] abusive, spam-supporting tactics such as callbacks/sender address verification.) Would you care to expand on why you think sender callback verification is apparently abusive and supports spam? I sure don't mind my MXers being probed if it stops somebody forging mail from my domains. What next, will forward lookups of rDNS to verify that they're not forged also be considered abusive because the forged third-party's servers get consulted out of paranoia? Also others didn't mention it doesn't actually work properly when other things are going on. Anywhere that is RBL'd when it tries to callback receives a message saying that delivery fails - this results in the outgoing mail not getting delivered (and I've had to deal with that problem several times where people are accusing SORBS of blocking their outgoing mail). DDoS attack is very understated, consider any SOHO... I have an 8M link here, 2m call backs will wipe out both my bandwidth for a few hours, as well as probably use up my monthly quota. Spammers who are blocked from my servers can use callback on your servers to determine what the real/working addresses are on my network. Rate-limiting on my servers is useless under callback attack (because it's not a DoS, but a DDoS). Many other things are bad about it... Read Spam-L and other lists for information. Regards, Mat
Re: Possibly OT, definately humor. rDNS is to policy set by federal law.
On Thu, Mar 15, 2007 at 07:41:58PM -0700, S. Ryan wrote: However, while it's not really above me to do the same, he could have removed the email address so spammers aren't adding to that guys list of problems. Anti-spam strategies based on concealment and/or obfuscation of addresses are no longer viable. (For a variety of reasons, including harvesting from public sources, harvesting from private sources such as compromised systems, and the deployment of abusive, spam-supporting tactics such as callbacks/sender address verification.) Yes, I know there are counter-examples, I have my own collection of them. But they're exceptions, not the rule. ---Rsk
RE: Possibly OT, definately humor. rDNS is to policy set by federal law.
We do not have any problem with SORBS. We use SORBS entire list with the exception of the DUL at all of our client sites. I have worked with Mat for years, and despite our differences with regard to DUL lists, our relationship has always been both respectful and cordial. This guy was talking out the wrong end of his anatomy, and Mat called him on it. You can like SORBS (as I do), or not like them, that's your choice, and I will respect all of you for it. But a follow-up bashing SORBS listing policies certainly went off topic if the original premise of the post was maybe a little off topic. I think what we're talking about here as the larger issue is your dog in your yard. Your dog is free to take a crap in your yard all it likes, but when your dog comes over to my yard and takes a crap, I might build a fence. I might also conscript something like Mat's service, or Steve Lindford's service, or mine to keep my yard clean, if that means your dog doesn't get to play in my yard... well that's just unfortunate for you. (or in another manner of speaking, I could care less) And damn, I think I just equated all of my volunteer time to the equivalent of a pooper-scooper... ooh well. Andrew D Kirch - All Things IT Office: 317-755-0200 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of S. Ryan Sent: Thursday, March 15, 2007 10:42 PM To: Steve Sobol Cc: Matthew Sullivan; nanog@merit.edu Subject: Re: Possibly OT, definately humor. rDNS is to policy set by federal law. Nothing is wrong with what he posted. The guy is a moron. However, I was taking my 15 min of fame to jab at SORBS policy of listing people on their respective lists. It's dysfunctional and broken, but that again is just my opinion. Oh and, of course publicly humiliating the guy is certainly not that cool. However, while it's not really above me to do the same, he could have removed the email address so spammers aren't adding to that guys list of problems. Anyway, don't mind me. I just wanted to add to the off-topic drivel Mat posted since I can't stand SORBS. : Steve Sobol wroteth on 3/15/2007 7:31 PM: On Thu, 15 Mar 2007, S. Ryan wrote: Typical SORBS behavior. While this guy can demand all he wants, doesn't mean he will get what he wants or that he's right or wrong. What's wrong with what Mat posted? The guy claiming DNS is regulated by federal law is an idiot. Not that I always agree with what Mat says, but the guy's claims are obviously and patently false. The claims, in fact, are so ridiculous that I tend to think he's making them to weasel out of solving the problem that got him listed in the first place. People doing that *deserve* to be publically ridiculed. When I talk to Mat I generally have no problems having a civil and productive discussion with him. But I don't start out with an attitude, and I don't cook up absurd stories to try to get out of fixing my spam problem. (Not that I have one, but if I did, I'd not try to weasel out of fixing it.) Personally, we gave up using SORBS because of it's very high false-positive ratio YMMV; at $DAYJOB we don't seem to have the same problem. Disclaimer: My opinions, not my boss's, etc.
Possibly OT, definately humor. rDNS is to policy set by federal law.
Could be considered off-topic because it is humor. I guess a lot of US network operators are going to have to change their DNS entries because apparently the rDNS policies are now set by federal law. http://www.au.sorbs.net/~matthew/funny/rDNS-set-by-federal-law.txt Regards, Mat
Re: Possibly OT, definately humor. rDNS is to policy set by federal law.
Typical SORBS behavior. While this guy can demand all he wants, doesn't mean he will get what he wants or that he's right or wrong. Personally, we gave up using SORBS because of it's very high false-positive ratio and we got tired of hearing customers who were upset because they didn't get their airline tickets, hotel reservations, or someone in the family was hurt and they missed the email. Fact of the matter is, whether Yahoo! has an SMTP server that 'is spewing SPAM according to SORBS..' or not, blanket screwing over everyone else in the same range which SORBS does -- is crap. Customers found it to be crap and I got tired of justifying it. Very hard to justify when someone mails a customer and 50 other people and only *my* customers were rejected due to SORBS. Ditched SORBS and the customers couldn't be happier. If I were this guy, I wouldn't care. I'd complain to anyone sending him a SORBS failure about all the other *important* mail they're missing and prevent their SORBS usage and educate them the harm SORBS is doing. Thanks for the OT post though. It gave me my chance to RANT. Regards, SR Matthew Sullivan wroteth on 3/15/2007 2:28 PM: Could be considered off-topic because it is humor. I guess a lot of US network operators are going to have to change their DNS entries because apparently the rDNS policies are now set by federal law. http://www.au.sorbs.net/~matthew/funny/rDNS-set-by-federal-law.txt Regards, Mat
Re: Possibly OT, definately humor. rDNS is to policy set by federal law.
Nothing is wrong with what he posted. The guy is a moron. However, I was taking my 15 min of fame to jab at SORBS policy of listing people on their respective lists. It's dysfunctional and broken, but that again is just my opinion. Oh and, of course publicly humiliating the guy is certainly not that cool. However, while it's not really above me to do the same, he could have removed the email address so spammers aren't adding to that guys list of problems. Anyway, don't mind me. I just wanted to add to the off-topic drivel Mat posted since I can't stand SORBS. : Steve Sobol wroteth on 3/15/2007 7:31 PM: On Thu, 15 Mar 2007, S. Ryan wrote: Typical SORBS behavior. While this guy can demand all he wants, doesn't mean he will get what he wants or that he's right or wrong. What's wrong with what Mat posted? The guy claiming DNS is regulated by federal law is an idiot. Not that I always agree with what Mat says, but the guy's claims are obviously and patently false. The claims, in fact, are so ridiculous that I tend to think he's making them to weasel out of solving the problem that got him listed in the first place. People doing that *deserve* to be publically ridiculed. When I talk to Mat I generally have no problems having a civil and productive discussion with him. But I don't start out with an attitude, and I don't cook up absurd stories to try to get out of fixing my spam problem. (Not that I have one, but if I did, I'd not try to weasel out of fixing it.) Personally, we gave up using SORBS because of it's very high false-positive ratio YMMV; at $DAYJOB we don't seem to have the same problem. Disclaimer: My opinions, not my boss's, etc.
Re: Possibly OT, definately humor. rDNS is to policy set by federal law.
Steve Sobol wrote (on Thu, Mar 15, 2007 at 10:31:44PM -0400): On Thu, 15 Mar 2007, S. Ryan wrote: Personally, we gave up using SORBS because of it's very high false-positive ratio YMMV; at $DAYJOB we don't seem to have the same problem. I gave up using SORBS (and I'm not Mat's enemy, mind you - I used to work for SORBS and still like the idea) because it was so random. Mat would block 2, say, out of AOL's 26 or whatever mailservers. Why? b/c those two were used to send spam. Right. So, not only do I have to explain to users why their AOL friends cannot write them, I *also* have to explain that the blocking is at random, and if their friend just retrys sending, they'll have a 92% chance of getting through. Completely unworkable. If you want to block AOL (and I totally sympathize with Mat here) just ... block ... them and be done with it. Don't make me play email roulette. -- _ Nachman Yaakov Ziskind, FSPA, LLM [EMAIL PROTECTED] Attorney and Counselor-at-Law http://ziskind.us Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants
Re: Possibly OT, definately humor. rDNS is to policy set by federal law.
On Thu, 15 Mar 2007, S. Ryan wrote: Oh and, of course publicly humiliating the guy is certainly not that cool. However, while it's not really above me to do the same, he could have removed the email address so spammers aren't adding to that guys list of problems. Fair enough. -- Steve Sobol, Professional Geek ** Java/VB/VC/PHP/Perl ** Linux/*BSD/Windows Victorville, California PGP:0xE3AE35ED It's all fun and games until someone starts a bonfire in the living room.
Re: Possibly OT, definately humor. rDNS is to policy set by federal law.
Nothing is wrong with what he posted. The guy is a moron. However, I was taking my 15 min of fame to jab at SORBS policy of listing people on their respective lists. when 42 other folk have similarly whined, i am not sure the word 'fame' is appropriate randy