Bart Silverstrim wrote:
On May 17, 2005, at 4:03 PM, Bill Taroli wrote:
Steffen Winther Soerensen wrote:
This seems more like a discussion for another mailing list or a Usenet
group on MTAs/SMTP IMHO
I don't disagree... are there any good ones for SPF or similar
debates? I do think -- much as you
On May 17, 2005, at 7:06 PM, Damian Menscher wrote:
On Tue, 17 May 2005, Dennis Peterson wrote:
Damian Menscher said:
Since you are speaking for all of us what do we think of your 5 line
sig?
I bet some of us think it sux.
As do I. But I think you'll agree it is about as dense as possible
given
On May 17, 2005, at 4:03 PM, Bill Taroli wrote:
Steffen Winther Soerensen wrote:
This seems more like a discussion for another mailing list or a Usenet
group on MTAs/SMTP IMHO
I don't disagree... are there any good ones for SPF or similar
debates? I do think -- much as you'd find in the Amavisd l
Damian Menscher said:
> On Tue, 17 May 2005, Dennis Peterson wrote:
>> Damian Menscher said:
>>
>>> I found Stephen Gran's comment interesting, in that he beat me to
>>> finding the bug (I'd wasted time looking in clamav-milter.c first).
>>> The rest of the posts, including your arrogant ramblings,
Damian Menscher wrote:
> > And did you not find the clamd log permissions debugging segment in
> > another thread educational? I did.
>
> I found Stephen Gran's comment interesting, in that he beat me to
> finding the bug (I'd wasted time looking in clamav-milter.c first).
> The rest of the pos
On Tue, 17 May 2005, Dennis Peterson wrote:
Damian Menscher said:
I found Stephen Gran's comment interesting, in that he beat me to
finding the bug (I'd wasted time looking in clamav-milter.c first).
The rest of the posts, including your arrogant ramblings, were
worthless.
I'll be damned. And here
Matt Fretwell wrote:
SAV probes are little less than content free spam. I have firewall rules
for offenders who don't cache their SAV results for a reasonable amount of
time.
We get hammered by these non-stop. We don't have rules targeting them
specifically, but the badly-behaved ones dig their
Damian Menscher said:
> On Tue, 17 May 2005, Dennis Peterson wrote:
> I found Stephen Gran's comment interesting, in that he beat me to
> finding the bug (I'd wasted time looking in clamav-milter.c first).
> The rest of the posts, including your arrogant ramblings, were
> worthless.
I'll be damne
On Tue, 17 May 2005, Dennis Peterson wrote:
Damian Menscher said:
Since you are speaking for all of us what do we think of your 5 line sig?
I bet some of us think it sux.
As do I. But I think you'll agree it is about as dense as possible
given the amount of information (I work two jobs, and my em
Damian Menscher said:
> On Tue, 17 May 2005, Matt Fretwell wrote:
>
>> Big :)
>
> The 100+ subscribers of this mailing list would prefer not to receive
> your meaningless one-word responses to every post.
Since you are speaking for all of us what do we think of your 5 line sig?
I bet some of us th
On Tue, 17 May 2005, Bill Taroli wrote:
> >>>If I have a server with 500 virt hosts you could get a helo from any one
> >>>of them. If you telnet back to it on port 25 what do you think you might
> >>>see? One of about 499 "liars", maybe?
> >>>
> >>>
> >>Well I am assuming that you would be
On Tue, 17 May 2005, Dennis Peterson wrote:
> > What I am saying is that if you can't do some type of verification,
> > whether it is connect-back (remember the old dialup
> > callback-verification-system?) to the sending server or SPF or some other
> > type of authentication mechanism, then you c
John Jolet wrote:
>> On Tue, 17 May 2005, Matt Fretwell wrote:
>>> [EMAIL PROTECTED] wrote:
If they do have a rouge spammer on their network, they might wish
to know about it anyway.
>>>
>>> I assume that should have been rogue. ( Unless spammers have a
>>> predilection for make up :)
>
It IS a word...just not the one you wanted. swine spellchekers
On Tuesday 17 May 2005 05:12 pm, [EMAIL PROTECTED] wrote:
> On Tue, 17 May 2005, Matt Fretwell wrote:
> > [EMAIL PROTECTED] wrote:
> > > If they do have a rouge spammer on their network, they might wish to
> > > know about it anyw
Jef Poskanzer wrote:
> I really miss the days of destructive viruses. We just don't
> >really see 'em like we used to. Remember Michaelangelo? What was his
> >birthday again?
>
> Actually, I think a little stealth would be better. Something like
> silently intercepting and dropping any attemp
On Tue, 17 May 2005, Matt Fretwell wrote:
Big :)
The 100+ subscribers of this mailing list would prefer not to receive
your meaningless one-word responses to every post. Not even if you're
correcting someone else's typo (rouge->rogue). I don't want to
single you out, though. Others have been
On Tue, 17 May 2005, Matt Fretwell wrote:
> [EMAIL PROTECTED] wrote:
>
> > If they do have a rouge spammer on their network, they might wish to
> > know about it anyway.
>
> I assume that should have been rogue. ( Unless spammers have a
> predilection for make up :)
Hmm. I guess aspell thinks
[EMAIL PROTECTED] wrote:
> When our MTA's are rebuilt for the new network some of the strategies
> discussed in this thread will be implemented. Others will be
> implemented in a test-and-alert-me-only setup to see how effective it
> is. If it breaks only <1% of the mta's out there then that is
Dennis Peterson wrote:
[EMAIL PROTECTED] said:
On Tue, 17 May 2005, Dennis Peterson wrote:
I guess I'm saying that if I telnet to fw.domain.name on 25, I should
see
something like
220 fw.domain.name ESMTP mail relay.
If it doesn't say that, then it is lying to anyone who c
Julian Mehnle wrote:
Bill Taroli wrote:
Eric Wheeler wrote:
[...] For email transfer and MTA's alike, putting SPF in DNS to help
"authenticate" the source is a step in the right direction. If SPF is
a good idea, and it is dns based, then so should forward-and-back
lookups.
I totally
[EMAIL PROTECTED] said:
> On Tue, 17 May 2005, Matt Fretwell wrote:
>> > True, but it could helo with its hostname and then it would match
>> > connecting back to check its 220 string. Even if its a sending
>> server,
>> > it should listen on 25 to verify that it is a mail server, even if it
>> >
[EMAIL PROTECTED] wrote:
> If they do have a rouge spammer on their network, they might wish to
> know about it anyway.
I assume that should have been rogue. ( Unless spammers have a
predilection for make up :)
Matt
___
http://lurker.clamav.net/list/
On Tue, 17 May 2005, Jef Poskanzer wrote:
> Actually, I think a little stealth would be better. Something like
> silently intercepting and dropping any attempts at opening an outbound
> email connection.
Ohh, you mean the New.net plugin?
--
Eric Wheeler
Vice President
National Security Concep
[EMAIL PROTECTED] wrote:
> What I am saying is that if you can't do some type of verification,
> whether it is connect-back (remember the old dialup
> callback-verification-system?) to the sending server or SPF or some
> other type of authentication mechanism, then you can't trust the sender.
> R
On Tue, 17 May 2005, Dennis Peterson wrote:
> Christopher X. Candreva said:
> > On Tue, 17 May 2005, Dennis Peterson wrote:
> >> What do you think the PTR for a host with 500 virtual domains might look
> >> like?
> >
> > It doesn't matter -- as long as it points to some name that points back to
On Tue, 17 May 2005, Matt Fretwell wrote:
> > True, but it could helo with its hostname and then it would match
> > connecting back to check its 220 string. Even if its a sending server,
> > it should listen on 25 to verify that it is a mail server, even if it
> > doesn't accept mail. If it doesn
Bill Taroli wrote:
> Eric Wheeler wrote:
> > [...] For email transfer and MTA's alike, putting SPF in DNS to help
> > "authenticate" the source is a step in the right direction. If SPF is
> > a good idea, and it is dns based, then so should forward-and-back
> > lookups.
>
> I totally agree that so
[EMAIL PROTECTED] said:
> On Tue, 17 May 2005, Dennis Peterson wrote:
>> > I guess I'm saying that if I telnet to fw.domain.name on 25, I should
>> see
>> > something like
>> >
>> > 220 fw.domain.name ESMTP mail relay.
>> >
>> > If it doesn't say that, then it is lying to anyone who connects to i
Bill Taroli wrote:
> Steffen Winther Soerensen wrote:
> > This seems more like a discussion for another mailing list or a Usenet
> > group on MTAs/SMTP IMHO
>
> I don't disagree... are there any good ones for SPF or similar debates?
You're welcome to discuss things related to SPF on spf-discuss:
>Nice. That couldn't be cleaner. There are plenty of ways of
>harmlessly disabling a system (no lost data, just no boot) and that
>would certainly be an awakening call for everyone across the board.
>People would get to reinstall their os and loose at least 2hrs of
>time. I really miss the days
On Tue, 17 May 2005, Dennis Peterson wrote:
> > I guess I'm saying that if I telnet to fw.domain.name on 25, I should see
> > something like
> >
> > 220 fw.domain.name ESMTP mail relay.
> >
> > If it doesn't say that, then it is lying to anyone who connects to it.
> > Forward and back dns should
Christopher X. Candreva said:
> On Tue, 17 May 2005, Dennis Peterson wrote:
>
>> What do you think the PTR for a host with 500 virtual domains might look
>> like?
>
> It doesn't matter -- as long as it points to some name that points back to
> the same IP. mail723.theprovidersdomain.com would wor
[EMAIL PROTECTED] wrote:
> > Once again, a sending server does not have to be a MX. Something
> > within that domain should be listening on port 25, but not always the
> > machine which is connecting to yours. Look at the hostname of my
> > machine in the headers. You will see it has rDNS and
[EMAIL PROTECTED] said:
>
>
>
> On Tue, 17 May 2005, Eric J. Wisti wrote:
>
>>
>> What about the users (like me) that have one ip address to play with? Do
>> I
>> use the ONE ptr record for mail, web, dns, ftp or whatever else I choose
>> to make available to the world. Generally, only mail has a l
Dennis Peterson wrote:
> What do you think the PTR for a host with 500 virtual domains might look
> like?
Big :)
Matt
___
http://lurker.clamav.net/list/clamav-users.html
On Tue, 17 May 2005, Dennis Peterson wrote:
> What do you think the PTR for a host with 500 virtual domains might look
> like?
>
> dp
If the hosting company is some-hoster.com then (adjusting file pathing
appropriately) it might look like so:
Forward: (/var/named/some-hoster.com)
mail.some-
On Tue, 17 May 2005, Eric J. Wisti wrote:
>
> What about the users (like me) that have one ip address to play with? Do I
> use the ONE ptr record for mail, web, dns, ftp or whatever else I choose
> to make available to the world. Generally, only mail has a loose
> 'requirement' for front to
On Tue, 17 May 2005, Bill Taroli wrote:
> Matt Fretwell wrote:
> >>IMO, a sending MTA should never have its smtp port closed unless
> >>it is an end-user.
> >>
> >>
> >
> > Once again, a sending server does not have to be a MX. Something within
> >that domain should be listening on port 25, b
On Tue, 17 May 2005, Matt Fretwell wrote:
> [EMAIL PROTECTED] wrote:
>
> > IMO, a sending MTA should never have its smtp port closed unless
> > it is an end-user.
>
> Once again, a sending server does not have to be a MX. Something within
> that domain should be listening on port 25, but not
On Tue, 17 May 2005, Dennis Peterson wrote:
> What do you think the PTR for a host with 500 virtual domains might look
> like?
It doesn't matter -- as long as it points to some name that points back to
the same IP. mail723.theprovidersdomain.com would work.
===
[EMAIL PROTECTED] said:
> On Tue, 17 May 2005, Bart Silverstrim wrote:
>
>> >> If we can standardize the set of rules and protocols required for an
>> >> MTA to accept an email, then spam will reduce. Either that or we
>> >> need to build a better mousetrap. This is jut my $0.02.
>> >
>> > How wou
ative in your filtering of mail.
Punish the 'criminals' not the responsible persons.
Eric Wisti
On Tue, 17 May 2005, [EMAIL PROTECTED] wrote:
Date: Tue, 17 May 2005 12:06:53 -0700 (PDT)
From: [EMAIL PROTECTED]
Reply-To: ClamAV users ML
To: ClamAV users ML
Subject: Re: [Clamav-users] so
Matt Fretwell wrote:
[EMAIL PROTECTED] wrote:
IMO, a sending MTA should never have its smtp port closed unless
it is an end-user.
Once again, a sending server does not have to be a MX. Something within
that domain should be listening on port 25, but not always the machine
which is connecti
[EMAIL PROTECTED] wrote:
> IMO, a sending MTA should never have its smtp port closed unless
> it is an end-user.
Once again, a sending server does not have to be a MX. Something within
that domain should be listening on port 25, but not always the machine
which is connecting to yours. Look at t
Bart Silverstrim wrote:
On May 17, 2005, at 3:21 PM, [EMAIL PROTECTED] wrote:
On Tue, 17 May 2005, Damian Menscher wrote:
Would the person who implements this do me a favor and make the virus
pretend to be a viagra spam? If we format the hard drives of people
that buy from spammers, and the media
Bill Taroli wrote:
> > This seems more like a discussion for another mailing list or a Usenet
> > group on MTAs/SMTP IMHO
> I don't disagree... are there any good ones for SPF or similar debates?
Postfix list: SPF practically banned except for implementation questions.
Exim list: Will probab
On Tue, 17 May 2005, Bart Silverstrim wrote:
> >> If we can standardize the set of rules and protocols required for an
> >> MTA to accept an email, then spam will reduce. Either that or we
> >> need to build a better mousetrap. This is jut my $0.02.
> >
> > How would you handle the PTR record for
On Tue, 17 May 2005, Bart Silverstrim wrote:
> >> Kill two birds with one stone... I like it.
> >
> > Nice. That couldn't be cleaner. There are plenty of ways of
> > harmlessly disabling a system (no lost data, just no boot) and that
> > would certainly be an awakening call for everyone across t
On Tue, 17 May 2005, Dennis Peterson wrote:
>
> How would you handle the PTR record for an SMTP server that hosts 500
> virtual domains?
>
Yes, I realize that getting everyone to change would be a pain in the
butt and if we can do the following it would certainly reduce spam. We
host many doma
Steffen Winther Soerensen wrote:
This seems more like a discussion for another mailing list or a Usenet
group on MTAs/SMTP IMHO
I don't disagree... are there any good ones for SPF or similar debates?
I do think -- much as you'd find in the Amavisd list -- that these
issues do tend to intersect a
Matt Fretwell wrote:
[EMAIL PROTECTED] wrote:
If we can standardize the set of rules and protocols required for an MTA
to accept an email, then spam will reduce. Either that or we need to
build a better mousetrap. This is jut my $0.02.
What time is the next rocketship to this planet you ha
[EMAIL PROTECTED] wrote:
On Mon, 16 May 2005, Bill Taroli wrote:
Matt Fretwell wrote:
plenty of legitimate MTA setups running on dynamic IP's. [...] What
really does amaze me though, is that these are generally the admins who
will turn around and say, 'Don't block (variable), you will lose
On May 17, 2005, at 3:39 PM, Dennis Peterson wrote:
[EMAIL PROTECTED] said:
For email transfer and MTA's alike, putting SPF in DNS to help
"authenticate" the source is a step in the right direction. If SPF
is a
good idea, and it is dns based, then so should forward-and-back
lookups.
If additiona
On May 17, 2005, at 3:21 PM, [EMAIL PROTECTED] wrote:
On Tue, 17 May 2005, Damian Menscher wrote:
Would the person who implements this do me a favor and make the virus
pretend to be a viagra spam? If we format the hard drives of people
that buy from spammers, and the media picks up on it, then eve
On Tue, 17 May 2005, Matt Fretwell wrote:
> > If we can standardize the set of rules and protocols required for an MTA
> > to accept an email, then spam will reduce. Either that or we need to
> > build a better mousetrap. This is jut my $0.02.
> >
> > Your thoughts?
>
> What time is the next
On Tue, 2005-05-17 at 12:06 -0700, [EMAIL PROTECTED] wrote:
> On Mon, 16 May 2005, Bill Taroli wrote:
>
> > Matt Fretwell wrote:
> > >plenty of legitimate MTA setups running on dynamic IP's. [...] What
> Once upon a time, email was simple. It carried text. Later people got
> ... ... ...
> If we c
[EMAIL PROTECTED] said:
>
> For email transfer and MTA's alike, putting SPF in DNS to help
> "authenticate" the source is a step in the right direction. If SPF is a
> good idea, and it is dns based, then so should forward-and-back lookups.
> If additional mail standardization can take place (agai
On Tue, 17 May 2005, Damian Menscher wrote:
> Would the person who implements this do me a favor and make the virus
> pretend to be a viagra spam? If we format the hard drives of people
> that buy from spammers, and the media picks up on it, then everyone will
> be informed of how dangerous spa
[EMAIL PROTECTED] wrote:
> If we can standardize the set of rules and protocols required for an MTA
> to accept an email, then spam will reduce. Either that or we need to
> build a better mousetrap. This is jut my $0.02.
>
> Your thoughts?
What time is the next rocketship to this planet you ha
On Mon, 16 May 2005, Bill Taroli wrote:
> Matt Fretwell wrote:
> >plenty of legitimate MTA setups running on dynamic IP's. [...] What
> >really does amaze me though, is that these are generally the admins who
> >will turn around and say, 'Don't block (variable), you will lose too
> >much legitimat
Matt Fretwell wrote:
Bart Silverstrim wrote:
Maybe even do a reverse check to see if there's a mail server on the
sending system...how many systems would break doing a check like that?
The sending server isn't guaranteed to be a MX, so any DNS MX or reverse
connection tests would fail.
But
Bart Silverstrim wrote:
On May 17, 2005, at 12:17 PM, Matt Fretwell wrote:
Bart Silverstrim wrote:
Maybe even do a reverse check to see if there's a mail server on the
sending system...how many systems would break doing a check like that?
The sending server isn't guaranteed to be a MX, so any DNS
On May 17, 2005, at 12:17 PM, Matt Fretwell wrote:
Bart Silverstrim wrote:
Maybe even do a reverse check to see if there's a mail server on the
sending system...how many systems would break doing a check like that?
The sending server isn't guaranteed to be a MX, so any DNS MX or
reverse
connectio
Bart Silverstrim wrote:
> Maybe even do a reverse check to see if there's a mail server on the
> sending system...how many systems would break doing a check like that?
The sending server isn't guaranteed to be a MX, so any DNS MX or reverse
connection tests would fail.
Matt
__
On Tue, 17 May 2005, Bart Silverstrim wrote:
After yet another day of putting up with all this crap from viruses, there's
a part of me that wonders what would happen if someone wrote a virus that
would pull a sober.p "infectinfectinfect...sleep...payload" trick where
instead of turning the compu
On May 17, 2005, at 8:48 AM, Dennis Peterson wrote:
Bart Silverstrim said:
To me, that price is learning how to do it right. Price isn't always
monetary.
I wouldn't argue with the idea of having to tell your provider that
you
need your particular connection unfiltered and leave it unfiltered
beca
Bart Silverstrim said:
>
> On May 16, 2005, at 5:43 PM, Dennis Peterson wrote:
>
>> Most of the spam I've gotten the last three days is from comcast.net.
>> Apparently they allow their customers to send out to port 25. They
>> should
>> lock that down so that spam goes out through their own servers
On May 17, 2005, at 2:17 AM, Alan Premselaar wrote:
Jef Poskanzer wrote:
..snip...
And finally, if you want to run a check on the HELO string, I find
that just rejecting outside connections that claim a HELO of your own
hostname gets rid of a very high proportion of crapmail. This
very simple chec
One final point here, I know I, and I'm sure many of you, have seen or come
into contact with infected exchange serverson static ip addresses. The
fact that it's static, or in fact, a business connection, speaks not a thing
for the competence of the administrator, or the security of the ser
On May 16, 2005, at 5:43 PM, Dennis Peterson wrote:
Most of the spam I've gotten the last three days is from comcast.net.
Apparently they allow their customers to send out to port 25. They
should
lock that down so that spam goes out through their own servers so they
can
feel the pain when they ar
On Mon, 16 May 2005, Todd Lyons wrote:
> From: Todd Lyons <[EMAIL PROTECTED]>
> To: ClamAV users ML
> Date: Mon, 16 May 2005 10:14:26 -0700
> Subject: Re: [Clamav-users] sober.p and german adverts?
> Reply-To: ClamAV users ML
...
> Some ISP's don't allow you
Jef Poskanzer wrote:
..snip...
> And finally, if you want to run a check on the HELO string, I find
> that just rejecting outside connections that claim a HELO of your own
> hostname gets rid of a very high proportion of crapmail. This
> very simple check is successful enough th
Matt Fretwell said:
> Dennis Peterson wrote:
>
>> There is no need to block outright from the outset.
>
>> As I mentioned earlier, I'm getting slammed from comcast.net from relays
>> all over the US. It is far easier to block by obvious dsl/cable host
>> identifiers than to spend hours trying to fi
Bill Taroli:
>I wind up blocking mail from people like that for an entirely different
>reason. Basic DNS checking against the HELO string to be sure it
>resolves to the IP address the connection's actually coming from.
There are a few different ways to do DNS checks. I haven't seen
this partic
On Mon, 16 May 2005, Matt Fretwell wrote:
> Dennis Peterson wrote:
> > The world experience is that Windows drones on dialups or cable/dsl
> > are a major source of spam/viruses.
> That is coming back to the dynamic elitist viewpoint.
I agree with both of you, actually. In theory, of course, Mat
Matt Fretwell wrote:
Brian Read wrote:
Block all mails from dynamic IP. They are 99,99% spam.
No they aren't that "rule" causes quite a few of my customers a
headache, as the (linux) mailserver I often install sends the email
direct, irrespective of whether there Ip is "dynamic" or "sta
Brian Read wrote:
Block all mails from dynamic IP.
They are 99,99% spam.
No they aren't that "rule" causes quite a few of my customers a
headache, as the (linux) mailserver I often install sends the email
direct, irrespective of whether there Ip is "dynamic" or "static".
Some ISPs charge an ar
Matt Fretwell wrote:
> There is no need to blanket ban every other providers dsl yet, though
> :)
Just as a side note, here are a couple of links for Postfix header checks
for this german spam outbreak.
http://archives.neohapsis.com/archives/postfix/2005-05/1377.html
http://www.heise.de/
Dennis Peterson wrote:
> There is no need to block outright from the outset.
> As I mentioned earlier, I'm getting slammed from comcast.net from relays
> all over the US. It is far easier to block by obvious dsl/cable host
> identifiers than to spend hours trying to figure out what /24 IP ranges
Matt Fretwell said:
> Dennis Peterson wrote:
>
>> Here's how it works, Matt - if you have a dynamic IP, even one that has
>> a long life time, other people will still block mail from your IP block.
>> That seldom happens if you have a true fixed IP, all other things being
>> equal. And you know wha
Dennis Peterson wrote:
> Here's how it works, Matt - if you have a dynamic IP, even one that has
> a long life time, other people will still block mail from your IP block.
> That seldom happens if you have a true fixed IP, all other things being
> equal. And you know what? You have no say in it. I
Matt Fretwell said:
> Dennis Peterson wrote:
>
>> > That was my point. My mail IS filtered outbound. So I should have to
>> > pay double for the privilege of controlling my own email?
>
>> How am I to know that you are filtering your mail? If your IP is in the
>> middle of a block of dynamic IP's
Dennis Peterson wrote:
> > That was my point. My mail IS filtered outbound. So I should have to
> > pay double for the privilege of controlling my own email?
> How am I to know that you are filtering your mail? If your IP is in the
> middle of a block of dynamic IP's you are fair game for me to
John Jolet said:
> On Monday 16 May 2005 04:43 pm, Dennis Peterson wrote:
>> John Jolet said:
>> Nobody should send mail directly unless it is filtered outbound. In
>> fact,
>> that would be a good blacklist: real-time-morons.org. I'd even toss in
>> systems that NDR after the connection is closed
Matt Fretwell said:
> Dennis Peterson wrote:
>
>> Nobody should send mail directly unless it is filtered outbound. In
>> fact, that would be a good blacklist: real-time-morons.org. I'd even
>> toss in systems that NDR after the connection is closed as they have no
>> idea at that point whe the send
Dennis Peterson wrote:
> Nobody should send mail directly unless it is filtered outbound. In
> fact, that would be a good blacklist: real-time-morons.org. I'd even
> toss in systems that NDR after the connection is closed as they have no
> idea at that point whe the sender is.
That, I cannot ar
On Monday 16 May 2005 04:43 pm, Dennis Peterson wrote:
> John Jolet said:
> > Matt Fretwell wrote:
> >
> >
> >
> > This email, for instance was sent from a properly configured mta running
> > antispam and antivirus scanning in BOTH directions, from a dynamic ip.
> > If my wife sends email from her
>that would be a good blacklist: real-time-morons.org. I'd even toss in
>systems that NDR after the connection is closed as they have no idea at
>that point whe the sender is.
Which means all sites running qmail! Yay!
___
http://lurker.clamav.net/list/c
John Jolet said:
> Matt Fretwell wrote:
>>
>>
> This email, for instance was sent from a properly configured mta running
> antispam and antivirus scanning in BOTH directions, from a dynamic ip.
> If my wife sends email from her computer, it goes to the isp's mta,
> which does inbound only scanning
On May 16, 2005, at 1:54 PM, Rainer Zocholl wrote:
[EMAIL PROTECTED](Bart Silverstrim) 16.05.05 11:05
I did enter it in when I first discovered it, but there were no hits.
Ok, next time mention it ;-)
Here I thought it was common sense now! :-)
Apparently it will be very hard to block if it's just
On May 16, 2005, at 1:41 PM, John Jolet wrote:
This email, for instance was sent from a properly configured mta
running antispam and antivirus scanning in BOTH directions, from a
dynamic ip. If my wife sends email from her computer, it goes to the
isp's mta, which does inbound only scanning. I
On May 16, 2005, at 11:06 AM, Thomas Hochstein wrote:
Bart Silverstrim schrieb:
That address had been hammering us over and over for awhile with
sober.p. Now it's become quiet.
Yes. Now the infected hosts are sending out spam containing (very)
right-wing political propaganda.
Don't read German, an
[EMAIL PROTECTED](Todd Lyons) 16.05.05 10:14
>Brian Read wanted us to know:
>>>Block all mails from dynamic IP.
>>>They are 99,99% spam.
>Agreed.
>>No they aren't that "rule" causes quite a few of my customers a
>>headache, as the (linux) mailserver I often install sends the email
>>direct, ir
[EMAIL PROTECTED](Brian Read) 16.05.05 16:08
Once upon a time "Brian Read " shaped the electrons to say...
>>Block all mails from dynamic IP.
>>They are 99,99% spam.
>>
>>
>No they aren't that "rule" causes quite a few of my customers a
>headache,
Thats the missing 0.01% i know.
>as the (lin
[EMAIL PROTECTED](Bart Silverstrim) 16.05.05 11:05
>I did enter it in when I first discovered it, but there were no hits.
Ok, next time mention it ;-)
>I thought perhaps it was too new at the time, and then turned to the
>lists to corroborate what I was seeing.
>> Many of them are pointing t
Matt Fretwell wrote:
Brian Read wrote:
Block all mails from dynamic IP. They are 99,99% spam.
No they aren't that "rule" causes quite a few of my customers a
headache, as the (linux) mailserver I often install sends the email
direct, irrespective of whether there Ip is "dynamic" or "
Todd Lyons wrote:
> You should make their ISP's mail servers be the "smarthost" or
> "relayhost" for that customer's mail server.
Oh yes, really.
> Some ISP's don't allow you to relay mail through them if it's not for
> @ispdomain.com.
They don't allow you to do that so that they can charge
Bart Silverstrim schrieb:
> That address had been hammering us over and over for awhile with
> sober.p. Now it's become quiet.
Yes. Now the infected hosts are sending out spam containing (very)
right-wing political propaganda.
> Perhaps we now know what happened to sober.p?
Yes. The same thin
Brian Read wrote:
> >Block all mails from dynamic IP. They are 99,99% spam.
> No they aren't that "rule" causes quite a few of my customers a
> headache, as the (linux) mailserver I often install sends the email
> direct, irrespective of whether there Ip is "dynamic" or "static". Some
> ISPs c
Brian Read wanted us to know:
>>Block all mails from dynamic IP.
>>They are 99,99% spam.
Agreed.
>No they aren't that "rule" causes quite a few of my customers a
>headache, as the (linux) mailserver I often install sends the email
>direct, irrespective of whether there Ip is "dynamic" or "stat
1 - 100 of 112 matches
Mail list logo
