Re: trusted mailing list subscriber spam

2008-05-13 Thread Matus UHLAR - fantomas 
 On Sun, May 11, 2008 22:39, mouss wrote:
 
  a +all and you are annoying us about forwarding and SPF?

On 12.05.08 23:07, Benny Pedersen wrote:
 he, i have +all and forward nothing :)

it's not about what do you forward, it's about others forwarding your
e-mail (without rewriting mail from: which is a bad thing).

 stop annoying me that spf cant be used

Don't wonder if anyone will reject or flag your e-mail because havinr +all
in SPF

-- 
Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
   One OS to rule them all, One OS to find them, 
One OS to bring them all and into darkness bind them

Re: trusted mailing list subscriber spam

2008-05-13 Thread mouss 

Matus UHLAR - fantomas wrote:

On Sun, May 11, 2008 22:39, mouss wrote:



a +all and you are annoying us about forwarding and SPF?
  


On 12.05.08 23:07, Benny Pedersen wrote:
  

he, i have +all and forward nothing :)



it's not about what do you forward, it's about others forwarding your
e-mail (without rewriting mail from: which is a bad thing).
  


and more importantly: about others being able to reject mail claiming to 
be from his domain but coming out of faraway clients.
  

stop annoying me that spf cant be used



Don't wonder if anyone will reject or flag your e-mail because havinr +all
in SPF

  


exactly.

Re: trusted mailing list subscriber spam

2008-05-13 Thread Benny Pedersen 

On Tue, May 13, 2008 15:19, Matus UHLAR - fantomas wrote:

 Don't wonder if anyone will reject or flag your e-mail because havinr +all
 in SPF

yes i need to implement srs to fix it better ?

come on, srs and +all it imho the same seen to the recipient

diff is that i dont use srs installed anywhere

fact:
v=spf1 +all  this is bad !
v=spf1 mx +all  this is not

if admins see them as equal, blame them


Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098

Re: trusted mailing list subscriber spam

2008-05-13 Thread Matus UHLAR - fantomas 
 On Tue, May 13, 2008 15:19, Matus UHLAR - fantomas wrote:
 
  Don't wonder if anyone will reject or flag your e-mail because havinr +all
  in SPF

On 13.05.08 21:29, Benny Pedersen wrote:
 yes i need to implement srs to fix it better ?

no, forwarders need to.

 come on, srs and +all it imho the same seen to the recipient

it's not, they are much different.

 diff is that i dont use srs installed anywhere
 
 fact:
 v=spf1 +all  this is bad !
 v=spf1 mx +all  this is not
 
 if admins see them as equal, blame them

spammers will use whatever they'll see people don't catch.
you just told all spammers to use mx +all in SPF records for their domains
to be able to use them for world-wide spamming
-- 
Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux is like a teepee: no Windows, no Gates and an apache inside...

Re: trusted mailing list subscriber spam

2008-05-13 Thread Benny Pedersen 

On Tue, May 13, 2008 23:09, Matus UHLAR - fantomas wrote:

 spammers will use whatever they'll see people don't catch.
 you just told all spammers to use mx +all in SPF records for their domains
 to be able to use them for world-wide spamming

basic score in spf is olso very low pr default, one still have to
whitelist_from_spf if recipient agre this domain does not send spam


Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098

Re: trusted mailing list subscriber spam

2008-05-12 Thread Benny Pedersen 

On Sun, May 11, 2008 22:39, mouss wrote:

 a +all and you are annoying us about forwarding and SPF?

he, i have +all and forward nothing :)

stop annoying me that spf cant be used


Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098

Re: trusted mailing list subscriber spam

2008-05-11 Thread Benny Pedersen 

On Sun, May 11, 2008 03:07, [EMAIL PROTECTED] wrote:

 All I know is that I don't use SPF anymore for my domain as there are
 just too many problems... e.g., forwarded messages.

and you usely dont know where you forwards going from, :/(

come on, please :-)


Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098

Re: trusted mailing list subscriber spam

2008-05-11 Thread mouss 

Benny Pedersen wrote:

On Sun, May 11, 2008 03:07, [EMAIL PROTECTED] wrote:

  

All I know is that I don't use SPF anymore for my domain as there are
just too many problems... e.g., forwarded messages.



and you usely dont know where you forwards going from, :/(
  


unless you receive spam from his domain, you have nothing to say. if you 
have a problem with forwarding, contact the IETF. In the mean time, 
please stop your SPF crusade.

come on, please :-)
  


$ host -t txt junc.org
junc.org descriptive text v=spf1 ip4:80.166.47.252/30 
ip4:80.166.75.16/29 ip4:77.232.64.0/19 +all



a +all and you are annoying us about forwarding and SPF?

Re: trusted mailing list subscriber spam

2008-05-10 Thread jidanni 
 All a spam program would have to do is say [EMAIL PROTECTED] posts lots
 to that list. His address must be a trusted subscriber. Well, here's
 one more post from him, muhahaha.

SB If Bob posts a lot to a list(s) and is respected within said
SB list(s), then the other subs of that list will immediately recognize
SB by the tone and the writing style of a fake message that it wasn't Bob
SB that sent it.

Yes, but I'm talking about having spamassassin do the recognizing before
it reaches the humans. OK, that means some training for what each
trusted subscriber's message usually looks like. I have an idea: let's
discuss this complicated question at some other time.

 OK, I suppose that would be caught by SPF rules etc., if bob likes SPF.

SB Not all mail systems actually block upon SPF breakage...

BP what are you talking about ?, to score email addresses found on maillist a 
bit
BP negative since it looks like none spammy human ?

All I know is that I don't use SPF anymore for my domain as there are
just too many problems... e.g., forwarded messages.

Re: trusted mailing list subscriber spam

2008-05-09 Thread Steve Bertrand 

All a spam program would have to do is say [EMAIL PROTECTED] posts lots
to that list. His address must be a trusted subscriber. Well, here's
one more post from him, muhahaha.


If Bob posts a lot to a list(s) and is respected within said list(s), 
then the other subs of that list will immediately recognize by the tone 
and the writing style of a fake message that it wasn't Bob that sent it.



OK, I suppose that would be caught by SPF rules etc., if bob likes SPF.


Not all mail systems actually block upon SPF breakage...

Steve

trusted mailing list subscriber spam

2008-05-08 Thread jidanni 
Odd how mailing lists that don't obfuscate addresses don't see more
trusted mailing list subscriber spam.

All a spam program would have to do is say [EMAIL PROTECTED] posts lots
to that list. His address must be a trusted subscriber. Well, here's
one more post from him, muhahaha.

OK, I suppose that would be caught by SPF rules etc., if bob likes SPF.

Re: trusted mailing list subscriber spam

2008-05-08 Thread Benny Pedersen 

On Thu, May 8, 2008 19:19, [EMAIL PROTECTED] wrote:

 OK, I suppose that would be caught by SPF rules etc., if bob likes SPF.

what are you talking about ?, to score email addresses found on maillist a bit
negative since it looks like none spammy human ?


Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098