Re: [swinog] The truth about UCEPROTECT-Blocklists

[Viktor Steinmann]

> An admin that still allows such autoreplies should be tarred 
> and feathered and  hunted out of the city. He/she has no 
> business in running a mailserver.

You were right, if a mail-admin was actually the person with the right to
decide on the auto-reply policy. Unfortunately in most organizations, he is
not. We should all start to teach management the ways of the
forc...aehmm...internet.

Kind regards,
Viktor
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] The truth about UCEPROTECT-Blocklists

[Matthias Leisi]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Peter Keel schrieb:

> [193.138.29.15]: 571 Access denied and blocklisted: 990 
> (V4.07-RULE-0901) Sorry your IP is blacklisted at 
> http://www.backscatterer.org/?ip=217.26.49.182
> 
> Sadly, [EMAIL PROTECTED] doesn't really exist, so the mailserver
> of [EMAIL PROTECTED] gets into the uceprotect blacklist. 
> 
> The point of this is of course, that EVERY ISP which has some customer
> which uses autoreply can be blacklisted. This is very bad. 

Which concerns backscatterer.org, and _not_ Uceprotect. Same
organisation behind, but different policies.

And yes, autoreplies are bad. This also includes out-of-office
notifications. If you allow them out to the Internet at large, you're
almost as bad as the next pill spammer.

An admin that still allows such autoreplies should be tarred and
feathered and  hunted out of the city. He/she has no business in running
a mailserver.

- -- Matthias

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (Darwin)

iD8DBQFItdDVxbHw2nyi/okRAuR9AJkBFfcEqPKparoZxpjEt+M4UuLr8wCgydeK
AnG3wCrKBaxb9F4cW97j+jw=
=FyYx
-END PGP SIGNATURE-
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] Open Position

[Rene Caspar]

Hi all

Swisscom IT Services AG is looking for a 

Network Engineer Professional / Service Engineer (m/w)

More informations online (german):
https://jobsp.swisscom.com/sap/bc/webdynpro/sap/hrrcf_a_posting_apply?PARAM=cG9zdF9pbnN0X2d1aWQ9QjJFNjg5NDgwQjVFODMzQUUxMDAwMDAwMEFCQjg1QTQ%3d&sap-client=110&sap-language=EN

If you're interested - please contact me offlist

cu

René Caspar
[EMAIL PROTECTED]
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] The truth about UCEPROTECT-Blocklists

[Peter Keel]

Once again. 

It seems uceprotect has some feedback-mechanism, where an email to
a nonexistant address can automatically get the sending server 
added to a blacklist. See http://www.uceprotect.net/en/index.php?m=3&s=0

Pity that this also affects addresses which are not existant anymore,
and double the pity that people of course keep mailing to those, or 
do not deinstall their mailforwards. 

But the best things is the following. The users and their respective
domains have been anonymized, however, the IPs and ISPs NOT. 

Aug 21 08:40:09 10.0.2.1 exim-mxin[95536]: 2008-08-21 08:40:09 
1KW3q5-000Oqu-6m <= [EMAIL PROTECTED] 
H=(mailgate1.webhost4u.ch) [193.138.29.15] P=esmtp S=13147 
[EMAIL PROTECTED]

[EMAIL PROTECTED] sends a mail. His webhoster seemingly reports
to uceprotect. 

Aug 21 08:40:11 10.0.2.15 exim-dist[48224]: 2008-08-21 08:40:11 
1KW3q5-000CXo-Dy <= [EMAIL PROTECTED] 
H=(mxin001.mail.hostpoint.ch) [10.0.2.1] P=esmtp S=13618 
[EMAIL PROTECTED]
Aug 21 08:40:11 10.0.2.15 exim-dist[48239]: 2008-08-21 08:40:11 
1KW3q5-000CXo-Dy => [EMAIL PROTECTED] 
R=local_delivery_router T=local_delivery S=13708 QT=2s DT=0s
Aug 21 08:40:12 10.0.2.15 exim-dist[48239]: 2008-08-21 08:40:12 
1KW3q5-000CXo-Dy => otheruser <[EMAIL PROTECTED]> 
R=autoresponder T=autoresponder S=13684 QT=3s DT=1s
Aug 21 08:40:12 10.0.2.15 exim-dist[48239]: 2008-08-21 08:40:12 
1KW3q5-000CXo-Dy Completed

The mail arrives at [EMAIL PROTECTED] This otheruser
uses an autoresponder which sends a mail back to [EMAIL PROTECTED]

Aug 21 08:40:12 10.0.2.16 exim-mxout[21209]: 2008-08-21 08:40:12 
1KW3q8-0005W5-GD <= <> H=(dist004.mail.hostpoint.ch) [10.0.2.15] 
P=esmtp S=1064
Aug 21 08:40:13 10.0.2.16 exim-mxout[21210]: 2008-08-21 08:40:13 
1KW3q8-0005W5-GD ** [EMAIL PROTECTED] R=smtp_router 
T=remote_smtp: SMTP error from remote mail server after RCPT 
TO:<[EMAIL PROTECTED]>: host mailgate1.webhost4u.ch 
[193.138.29.15]: 571 Access denied and blocklisted: 990 
(V4.07-RULE-0901) Sorry your IP is blacklisted at 
http://www.backscatterer.org/?ip=217.26.49.182

Sadly, [EMAIL PROTECTED] doesn't really exist, so the mailserver
of [EMAIL PROTECTED] gets into the uceprotect blacklist. 

The point of this is of course, that EVERY ISP which has some customer
which uses autoreply can be blacklisted. This is very bad. 

Cheers
Seegras
-- 
"Those who give up essential liberties for temporary safety deserve 
neither liberty nor safety." -- Benjamin Franklin
"It's also true that those who would give up privacy for security are 
likely to end up with neither." -- Bruce Schneier
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog