Date: Tue, 10 Jan 2006 14:01:32 -0500
From: David F. Skoll [EMAIL PROTECTED]
Subject: Re: [Mimedefang] Pre-Emptive Greylist entries
spammer.com. 1d IN TXT v=spf1 +all
I own the world! :-)
(Yes, I know SPF implementations can treat such a record with suspicion,
From: Jan Pieter Cornet [EMAIL PROTECTED]
Subject: Re: [Mimedefang] dictionary attacks looking for a valid user
An easier solution might be to have a process tail(1) your logfile and
take action on the information there. I think I've even seen something
like that: more than x invalid
From: Junior Williamson [EMAIL PROTECTED]
Subject: Re: [Mimedefang] Re: Netblock 222
To: mimedefang@lists.roaringpenguin.com
On Tuesday 11 October 2005 14:57, Sean Ware wrote:
... and no more Australia. (Which may not be what you intended.) For a
slightly more granular approach to this
While I can see David squirm when I state this, I just block APNIC at the
kernel through IPTables. The nice thing about IP Tables is that there's
very little overhead, so I'm sure you could likely do that if you were
inclined. Letting Mimedefang site filter based on IP is probably a tad
much CPU
Not to make a statement here, but as I have worked as/with the feds for
many years, I think these attacks are a tad prejudice and ill placed on
this mailing list.
However, in regards to your statements about or against contacting the
feds to alert them of this new exploit. The comment made
domain either in the plain text name portion or the
actual sender email address should orgininate outside my domain's SPF
record. Any suggestions for hunting and destroying these emails?
Thank you,
Ian Mitchell
___
Visit http://www.mimedefang.org and http
Date: Thu, 26 May 2005 11:26:56 -0400
From: James Ebright [EMAIL PROTECTED]
Subject: Re: [Mimedefang] FTC asks ISPs to crack down on zombie PCs
In other words, you are not penalized price wise if you are a business
customer with our company. In fact, it opens up extra options and features
Date: Thu, 26 May 2005 15:48:23 -0400
From: James Ebright [EMAIL PROTECTED]
Subject: Re: [Mimedefang] FTC asks ISPs to crack down on zombie PCs
On Thu, 26 May 2005 15:20:33 -0400, WBrown wrote
Ummm wouldn't TLS only encrypt the traffic between the two servers
involved at the moment, ie,
Date: Wed, 25 May 2005 09:03:31 -0400
From: James Ebright [EMAIL PROTECTED]
Subject: Re: [Mimedefang] FTC asks ISPs to crack down on zombie PCs
On Tue, 24 May 2005 14:17:54 -0700, Matthew.van.Eerde wrote
* blocking a common Internet port used for e-mail when possible;
* providing
Date: Wed, 25 May 2005 10:50:13 -0400
From: James Ebright [EMAIL PROTECTED]
Subject: Re: [Mimedefang] FTC asks ISPs to crack down on zombie PCs
Where are you located at? We charge $5.00/mo for a single static ip which
would most likely work in your situation (We are in Sprint/Bellsouth ILEC
Date: Wed, 25 May 2005 13:37:44 -0400
From: James Ebright [EMAIL PROTECTED]
Subject: Re: [Mimedefang] FTC asks ISPs to crack down on zombie PCs
Yes, but in that scenario the client is relaying ALL of the mail through
the
ISPs mail server and not doing any direct-to-mta deliveries, which is
Date: Wed, 25 May 2005 19:44:49 +0200
From: ADNET Ghislain [EMAIL PROTECTED]
Subject: Re: [Mimedefang] FTC asks ISPs to crack down on zombie PCs
Can you broaden my vision of thing and give some exemples where the
hoster's smtp server and the ISP smtp server is not enough so you would
According to Hormel, the usage of spam as a term to identify Unsolicited
Commercial Email (UCE) is ok. However, it should not be confused with the
term SPAM which is a registered trademark of the SPAM lunchmeat product
they offer.
Here's a link. http://www.spam.com/ci/ci_in.htm
Always curious
Ok, when running a domain one must have certian email addresses that are
just unavoidable, perhaps the technical contact email for your DNS
provider? Ones which can be scooped up through email harvesting. While I
know this technique is old, I think I've thought up an idea on how to
combat it.
A
Date: Wed, 23 Mar 2005 10:27:26 -0500
From: James Ebright [EMAIL PROTECTED]
Subject: Re: Phish detection (was Re: [Mimedefang] for mcafee lovers)
I agree... unfortunately most of our clients use windoze and most IE and
even
with auto updates it seems many still manage to get spyware etc on
From: Rob MacGregor [EMAIL PROTECTED]
Subject: Re: [Mimedefang] Anti-virus software
Probably because they've still not hit a 1.0 release yet and it's very
heavily in development. It'll still work if you don't upgrade, you
just don't get the new signatures.
Um, not that I do this very
Evil Bastigiges! These products are the reason why setting up an open
relay is not only dumb but dangerous and why blind gateways that auto
forward error messages can also be just as dangerous. Finally! The idiots
responsible for filling my firewall logs...
And thank you much for NOT cold-calling
Date: Thu, 3 Feb 2005 10:31:50 -0800
From: [EMAIL PROTECTED]
Subject: RE: [Mimedefang] ZDnet article on new Zombie Trick
Why would the ISP do this? To protect themselves from being sued by the
spam recipients' ISPs.
The Laws in the State of IL include exemptions of liability to the ISP
From: Kevin A. McGrail [EMAIL PROTECTED]
Subject: Re: [Mimedefang] MIMEdefang on CPAN? or in RPM form?
Personally, I'm also starting to agree that some elitism is necessary and
making installation too easy is a bad thing. Having a few hurdles to make
people install MD sorts out the weaker
From: David F. Skoll [EMAIL PROTECTED]
Subject: Re: [Mimedefang] -x and -X options
To: mimedefang@lists.roaringpenguin.com
On Thu, 23 Dec 2004, Ian Mitchell wrote:
Any thoughts on an option to define the address to mask internal
addresses, or atleast to block the on 10.0.0.1 portion
Ok, having run many many different versions of Mimedefang in the past few
years, I noticed something interesting on the latest version (49) that I
though was a bit odd. The X-Scanned-by header reports the IP address of
the machine running Mimedefang. I know this isn't new, but it was from the
Date: Fri, 17 Dec 2004 08:38:59 -0800
From: Kenneth Porter [EMAIL PROTECTED]
Subject: Re: [Mimedefang] Question on confidentiality statements
Disclaimer:
By sending an email to ANY of my addresses you are agreeing that:
1. I am by definition, the intended recipient
2. All
Date: Mon, 13 Dec 2004 08:26:25 -0600
From: Chris Myers [EMAIL PROTECTED]
Subject: Re: [Mimedefang] Need help with virus notifications
Take the time to identify whether the message is a mass-mailer that
falsifies the sender's address. This is simple to do, and it avoids
attacking an
Date: Wed, 8 Dec 2004 14:21:30 -0500
From: [EMAIL PROTECTED]
Subject: [Mimedefang] RBL suggestions
I am looking to start using an RBL. In the past, a colegue did some
testing of RBLs and got a lot of false positives.
---
If you would like to test particular addresses that give false
From: Ben Kamen [EMAIL PROTECTED]
Subject: [Mimedefang] SpamTraps
To: [EMAIL PROTECTED]
How many of you out there use spamtraps with spamassassin??
I'm just curious about the feeling of others using them...
-Ben
I was rejecting emails with scores higher than a 5 (very restrictive) but
From: Randy Hammock [EMAIL PROTECTED]
Subject: Re: [Mimedefang] Re: Lycos Screen saver that attacks
Spammers, Ahmore off topic...
Lycos Screen Saver / Legal Zombies? Just wait until someone figures out
how to hack all those Lycos zombies out there to perform DDoS's. What
makes
Date: Thu, 02 Dec 2004 14:50:18 -0800
From: Kenneth Porter [EMAIL PROTECTED]
Subject: Re: [Mimedefang] Lycos Screensaver that attacks Spammers
Democracy is three wolves and a sheep voting on what to have for dinner.
Guess who gets eaten.
I've always loved that quote.
I'm going to remember
Date: Wed, 1 Dec 2004 11:46:10 -0500 (EST)
From: David F. Skoll [EMAIL PROTECTED]
Subject: Re: [Mimedefang] Lycos Screensaver that attacks Spammers
This is a very bad idea for a number of reasons:
1) In a lot of places, people's bandwidth is metered, so this will cost
them
money.
Nothing saying you can't have something along the lines of
127.0.0.1RELAY
If no other IP's are listed and you have access_db feature turned on, then
that would make is so that only the MX itself would be able to relay. Now,
one thing I would think that could be potentially ugly is if any
From: Mark Penkower [EMAIL PROTECTED]
Subject: [Mimedefang] OFF TOPIC - Need a product to block spyware
This is off topic, but I suspect that people on this list may have an
answer.
I need a product to block spyware, adware and other related crap from
infecting Windows 2000 PC's.
You're
Here's a good place to check in mass.
http://rbls.org/
From: Kenneth Porter [EMAIL PROTECTED]
Subject: Re: [Mimedefang] roaringpenguin.com is listed in rfc-ignorant
BTW, does anyone know of an automated piece of code that checks a list of
dnsbl's like this for one's own domain? It would be
13 servers which are 486/50dx2's and 13 thousand node zeon clusters makes
a bit of a difference. It's not the number but the size that counts. ;)
sc.surbl.org has 13 name servers, just like the root name servers of
the Internet. You can imagine that if 13 name servers can handle all
the root
If you do a little search of the archives from a few years ago, there was
a posting of code for doing dirty word searches. I put together a small
snippet of code to include in the filter that would allow you to put
together a text file of regular expressions for known bad words. It worked
pretty
exploit in
the wild, however there are no reported worms to date, and it is arguable
that many people using email in *nix would be smart enough not to open png
files coming in from email. But I always err on the side of caution.
Thank you,
Ian Mitchell
34 matches
Mail list logo
