:[EMAIL PROTECTED]
Sent: Monday, July 23, 2007 5:26 PM
To: John D. Hardin
Cc: Skip Brott; spamd
Subject: Re: not everyone is happy with SA
The ridiculousness of that sentiment that prompted my first post to this
list came from the following comments:
I have found this whole line of debate
On Mon, 23 Jul 2007, jdow wrote:
> With snail mail it is nigh on to impossible to interrupt the
> reception process and reject a piece of mail. I simply place it
> into the trash on my way into the house. (Some things, like
> unwanted subscription offers or credit card offers, I tear in
> half. On
From: "John D. Hardin" <[EMAIL PROTECTED]>
On Fri, 20 Jul 2007, Robot Terror wrote:
Why is it my responsibility as a holder of a valid email address
to accept mail from anyone who wants to send me the mail?
Who ever said *that*?
Anyone who holds to the snail mail analogy certainly would.
Robot Terror wrote:
On 7/20/07 12:55 PM, "Skip Brott" <[EMAIL PROTECTED]> ostensibly wrote:
If I send an email to a valid
address, I find it a bit offensive that they send a challenge back. Why is
it my responsibility as the sender to teach another system to accept mail
from me?
Why is it my
On Mon, 23 Jul 2007, Robot Terror wrote:
> It is to that ³absolute standard² of recipient is responsible to
> verify sender that I made my reply.
Okay, but that is vastly different from:
> "[it is] my responsibility as a holder of a valid email address
> to accept mail from anyone who wants to s
ostensibly
wrote:
>
>> -Original Message-
>> From: Robot Terror [mailto:[EMAIL PROTECTED]
>> Sent: Friday, July 20, 2007 4:28 PM
>> To: Skip Brott; spamd
>> Subject: Re: not everyone is happy with SA
>>
>>
>> On 7/20/07 12:55 PM, "
The ridiculousness of that sentiment that prompted my first post to this
list came from the following comments:
> I have found this whole line of debate somewhat interesting, but it has
> clearly strayed from the real core question:
>
> Who is responsible?
>
> Is it the responsibility of the se
> -Original Message-
> From: Robot Terror [mailto:[EMAIL PROTECTED]
> Sent: Friday, July 20, 2007 4:28 PM
> To: Skip Brott; spamd
> Subject: Re: not everyone is happy with SA
>
>
> On 7/20/07 12:55 PM, "Skip Brott" <[EMAIL PROTECTED]> ostensib
On Fri, 20 Jul 2007, Robot Terror wrote:
> Why is it my responsibility as a holder of a valid email address
> to accept mail from anyone who wants to send me the mail?
Who ever said *that*?
--
John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
[EMAIL PROTECTED]FALaholic
On 7/20/07 12:55 PM, "Skip Brott" <[EMAIL PROTECTED]> ostensibly wrote:
> If I send an email to a valid
> address, I find it a bit offensive that they send a challenge back. Why is
> it my responsibility as the sender to teach another system to accept mail
> from me?
Why is it my responsibility
On 20 Jul 2007, [EMAIL PROTECTED] spake thusly:
> Um, captcha? Then I'd doubly never respond to the abortion. It wasted
> bandwidth on the captcha AND I CANNOT READ THE CAPTCHA IN PLAIN TEXT.
>
> I use plain text for security reasons.
What, are you worried about Langford basilisks?
More significa
Gene Heskett wrote:
On Friday 20 July 2007, John Rudd wrote:
All very well stated. So if "you" send me a C/R, for any reason whatsoever,
if it actually gets past SA, it either is fed back as spam to train my bayes
or deleted and promptly forgotten about. But don't expect any of us to be
ha
On Friday 20 July 2007, jdow wrote:
>From: "Steven Stern" <[EMAIL PROTECTED]>
>
>> John Rudd wrote:
>>> Further, I as the sender have no obligation to participate in your
>>> anti-spam mechanism. It's YOUR mechanism. You feed it, you configure
>>> it, your CPU cycles are spent on it. I have no o
On Friday 20 July 2007, John Rudd wrote:
>someone that Skip Brott didn't attribute wrote:
>>> Why is it my responsibility as a holder of a valid email address to
>>> accept mail from anyone who wants to send me the mail? As the owner of
>>> the email address or, as the admin of the domain's mail se
On Friday 20 July 2007, Loren Wilton wrote:
>> I guess that's just another chapter in the proof that there is one born
>> every
>> minute.
>
>When P.T. Barnum made that statement the population of the US was about 60
>million. It is now somewhere north of 250 million.
>
>Loren
Humm, so we
Steven Stern wrote:
>> >
>>
>> My company's website has a "click here and we'll send you your password"
>> (or something similar). You'd be amazed how many calls we get claiming
>> it doesn't work. When I track through the logs, I find most come from
>> people with CR systems. You can't use a C
From: "Steven Stern" <[EMAIL PROTECTED]>
John Rudd wrote:
Further, I as the sender have no obligation to participate in your
anti-spam mechanism. It's YOUR mechanism. You feed it, you configure
it, your CPU cycles are spent on it. I have no obligation to
participate in the program you use
From: "John Rudd" <[EMAIL PROTECTED]>
someone that Skip Brott didn't attribute wrote:
Why is it my responsibility as a holder of a valid email address to
accept
mail from anyone who wants to send me the mail? As the owner of the
email
address or, as the admin of the domain's mail server, I hav
From: "Skip Brott" <[EMAIL PROTECTED]>
Why is it my responsibility as a holder of a valid email address to
accept
mail from anyone who wants to send me the mail? As the owner of the email
address or, as the admin of the domain's mail server, I have no
obligation
to
accept your mail at all.
O
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John Rudd wrote:
>
> Further, I as the sender have no obligation to participate in your
> anti-spam mechanism. It's YOUR mechanism. You feed it, you configure
> it, your CPU cycles are spent on it. I have no obligation to
> participate in the prog
I guess that's just another chapter in the proof that there is one born
every
minute.
When P.T. Barnum made that statement the population of the US was about 60
million. It is now somewhere north of 250 million.
Loren
someone that Skip Brott didn't attribute wrote:
Why is it my responsibility as a holder of a valid email address to accept
mail from anyone who wants to send me the mail? As the owner of the email
address or, as the admin of the domain's mail server, I have no obligation
to
accept your mail at
> Why is it my responsibility as a holder of a valid email address to accept
> mail from anyone who wants to send me the mail? As the owner of the email
> address or, as the admin of the domain's mail server, I have no obligation
to
> accept your mail at all.
> Obligations should be on the sender.
From: "Skip Brott" <[EMAIL PROTECTED]>
I have found this whole line of debate somewhat interesting, but it has
clearly strayed from the real core question:
Who is responsible?
Is it the responsibility of the sender to verify that they indeed intended
to send the email?
Or is it the responsibil
From: "John Rudd" <[EMAIL PROTECTED]>
David B Funk wrote:
On Fri, 20 Jul 2007, John Rudd "@ucsc.edu" wrote:
Jonas Eckerman wrote:
What do they think will happen when someone who doesn't know english
tries to send to a user of such a system that outputs english error
mesages that directs the
On Friday 20 July 2007, Kelson wrote:
>Gene Heskett wrote:
>>> I've been toying with "DANGER - DIHYDROGEN-MONOXIDE IN USE" signs
>>> recommending use of appropriate protective gear. But in today's terrorism
>>> atmosphere some idiot might not get it and
>>
>> Chuckle...
>>
>> Only if they faile
I have found this whole line of debate somewhat interesting, but it has
clearly strayed from the real core question:
Who is responsible?
Is it the responsibility of the sender to verify that they indeed intended
to send the email?
Or is it the responsibility of the recipient to verify senders?
M
David B Funk wrote:
On Fri, 20 Jul 2007, John Rudd "@ucsc.edu" wrote:
Jonas Eckerman wrote:
What do they think will happen when someone who doesn't know english
tries to send to a user of such a system that outputs english error
mesages that directs the sender to web pages with english instru
Gene Heskett wrote:
I've been toying with "DANGER - DIHYDROGEN-MONOXIDE IN USE" signs
recommending use of appropriate protective gear. But in today's terrorism
atmosphere some idiot might not get it and
Chuckle...
Only if they failed introductory chemistry 101, but it should be good for a
On Fri, 20 Jul 2007, John Rudd "@ucsc.edu" wrote:
> Jonas Eckerman wrote:
>
> > What do they think will happen when someone who doesn't know english
> > tries to send to a user of such a system that outputs english error
> > mesages that directs the sender to web pages with english instructions?
>
Jonas Eckerman wrote:
John Rudd wrote:
If they're not multi-lingual, and only speak english, then there
wasn't any point in the non-english speaker trying to contact them,
was there? :-)
The fact that the mail system and it's supporting sites aren't
multilingual does not mean that the mail
Leonardo Rodrigues Magalhães wrote:
John Rudd escreveu:
If they're not multi-lingual, and only speak english, then there
wasn't any point in the non-english speaker trying to contact them,
was there? :-)
And what about non-english companies that host their domains
worldwide, sometim
John Rudd wrote:
What do they think will happen when someone who doesn't know english
tries to send to a user of such a system that outputs english error
One possibility is, it could just spit out a url, with no other text,
and assume that the sender will understand
They can, but my *guess
Leonardo Rodrigues Magalhães wrote:
John Rudd escreveu:
If they're not multi-lingual, and only speak english, then there
wasn't any point in the non-english speaker trying to contact them,
was there? :-)
And what about non-english companies that host their domains
worldwide, sometim
John Rudd escreveu:
If they're not multi-lingual, and only speak english, then there
wasn't any point in the non-english speaker trying to contact them,
was there? :-)
And what about non-english companies that host their domains
worldwide, sometimes in USA servers or even in other co
Jonas Eckerman wrote:
What do they think will happen when someone who doesn't know english
tries to send to a user of such a system that outputs english error
mesages that directs the sender to web pages with english instructions?
One possibility is, it could just spit out a url, with no othe
Dave Pooser wrote:
Yes, it used a CAPTCHA. And if we can design a system where sending spam
requires more effort from the spammer (reading the error message, browsing
to the site, reading the CAPTCHA, typing it in, and then clicking "Release"
Ah. Of course. A system that prevents all blind use
Per Jessen wrote:
> Like I said - provided that the objective is to avoid spam, it might
> work for the individual user. The objective of C-R was never (IMO) to
> help reduce or eliminate spam other than for one person.
However, there isn't just one email user; there's a lot of them.
If every pri
Andy Sutton wrote:
> On Thu, 2007-07-19 at 21:35 +0200, Per Jessen wrote:
>> Well, provided the objective is to avoid spam, it still might work
>> well for that individual user.
>
> Avoid? For whom? The objective should be to reduce or eliminate
> spam, not pass filtering costs off on others.
Love it Loren, justice prevails. :) But don't they eventually take over
the
place leading to the purchase of a DR Trimmer and other less neat
eradication
methods, like flame throwers and such?
They started from some my mother had planted beside the house that took over
about half an acre and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
jdow wrote:
> From: "Michael Scheidell" <[EMAIL PROTECTED]>
>> -Original Message-
>> From: David B Funk [mailto:[EMAIL PROTECTED]
>> On Thu, 19 Jul 2007, Dave Pooser wrote:
>> their 'PC' interpretation of the error code. Thus Exchange LLusers[1
From: "Michael Scheidell" <[EMAIL PROTECTED]>
-Original Message-
From: David B Funk [mailto:[EMAIL PROTECTED]
On Thu, 19 Jul 2007, Dave Pooser wrote:
their 'PC' interpretation of the error code. Thus Exchange
LLusers[1] will not see the link and have no chance to
release their messag
> -Original Message-
> From: David B Funk [mailto:[EMAIL PROTECTED]
> Sent: Thursday, July 19, 2007 8:17 PM
> To: spamassassin-users
> Subject: Re: not everyone is happy with SA
>
>
> On Thu, 19 Jul 2007, Dave Pooser wrote:
> their 'PC' interpreta
On Thursday 19 July 2007, jdow wrote:
>From: "Loren Wilton" <[EMAIL PROTECTED]>
>
>>> Chuckle. Now in that case, a tall chain link fence, with a few "Beware
>>> of
>>> Mickey" placards might be in order.
>>
>> It is a 6' fence, variously wood and chain link. And I used to have LOTS
>> of problem
On Thursday 19 July 2007, Loren Wilton wrote:
>> Chuckle. Now in that case, a tall chain link fence, with a few "Beware of
>> Mickey" placards might be in order.
>
>It is a 6' fence, variously wood and chain link. And I used to have LOTS of
>problem with people ignoring the "private property" sig
On Thursday 19 July 2007, jdow wrote:
>From: "Gene Heskett" <[EMAIL PROTECTED]>
>
>> On Thursday 19 July 2007, Loren Wilton wrote:
If someone poops in my swimming pool, I don't find it an acceptable
solution to chuck it over the fence into my neighbors yard. Why do you?
>>>
>>>Perhaps be
From: "Loren Wilton" <[EMAIL PROTECTED]>
Chuckle. Now in that case, a tall chain link fence, with a few "Beware
of
Mickey" placards might be in order.
It is a 6' fence, variously wood and chain link. And I used to have LOTS
of problem with people ignoring the "private property" signs on th
On Thu, 19 Jul 2007, Dave Pooser wrote:
> Actually I've seen one C/R variant that addresses the backscatter C/R issue
> quite nicely; it dropped the suspected spam in a quarantine folder and
> issued an SMTP fakereject after DATA that included a link to a website where
> the sender could release t
THAT you should have realized already.
Justin is a gentleman and a scholar as I see it.
{^_^}Joanne said that
- Original Message -
From: "Thomas Raef" <[EMAIL PROTECTED]>
You went into some fantastic depth in investigating the "truth" of this
PR.
You, sir, ROCK!!!
Thomas J. Rae
jdow wrote:
From: "John Rudd" <[EMAIL PROTECTED]>
If you return a 5xx error, what is to prevent the spammer from
clicking to release? CAPTCHA?
I'm actually not concerned about that. While that is a quality issue
for the user of the C/R system, it isn't something that pollutes the net.
So THIS Is where the idiot thread started.
Please don't troll with this crap.
{^_^}
- Original Message -
From: "Per Jessen" <[EMAIL PROTECTED]>
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/07-17-2007/0004626829&EDATE=
/Per Jessen, Zürich
Chuckle. Now in that case, a tall chain link fence, with a few "Beware of
Mickey" placards might be in order.
It is a 6' fence, variously wood and chain link. And I used to have LOTS of
problem with people ignoring the "private property" signs on the other side
and jumping the fence any time
From: "Dave Pooser" <[EMAIL PROTECTED]>
I think CR can perhaps work quite well for an individual user with the
technical insight & time to spare, but such individual users are only
an small part of the picture.
No it doesn't. It foists the recipients burden on others, usually due
to the *lack
From: "Gene Heskett" <[EMAIL PROTECTED]>
On Thursday 19 July 2007, Loren Wilton wrote:
If someone poops in my swimming pool, I don't find it an acceptable
solution to chuck it over the fence into my neighbors yard. Why do you?
Perhaps because most people believe that is the correct solution?
From: "Dave Pooser" <[EMAIL PROTECTED]>
That sounds like a very badly designed system. While I do not like C/R
systems so would never implement one, surely it is only common sense to
expect responses to emails which are sent out and therefore to accept
such responses without issuing a challenge.
Loren Wilton wrote:
It occurs to me to wonder how C/R is supposed to establish
communications between two users of C/R systems.
You send a message to X. His C/R system, not knowing you, doesn't
deliver the mail to X, it sends a challenge back to you.
Your C/R system, not knowing X, sends hi
From: "John Rudd" <[EMAIL PROTECTED]>
Graham Murray wrote:
John Rudd <[EMAIL PROTECTED]> writes:
However, it still leaves the problems of:
1) A user sends me a technical question. I answer, and get back a
Challenge, forcing me to jump through hoops to get their answer to
them.
That sounds
From: "John Rudd" <[EMAIL PROTECTED]>
Ken A wrote:
Dave Pooser wrote:
I think CR can perhaps work quite well for an individual user with the
technical insight & time to spare, but such individual users are only
an small part of the picture.
No it doesn't. It foists the recipients burden on o
On Thursday 19 July 2007, Loren Wilton wrote:
>> If someone poops in my swimming pool, I don't find it an acceptable
>> solution to chuck it over the fence into my neighbors yard. Why do you?
>
>Perhaps because most people believe that is the correct solution?
>
>I have a fairly large yard surroun
If someone poops in my swimming pool, I don't find it an acceptable
solution to chuck it over the fence into my neighbors yard. Why do you?
Perhaps because most people believe that is the correct solution?
I have a fairly large yard surrounded by about two dozen newer tract houses.
I employ a
It occurs to me to wonder how C/R is supposed to establish communications
between two users of C/R systems.
You send a message to X. His C/R system, not knowing you, doesn't deliver
the mail to X, it sends a challenge back to you.
Your C/R system, not knowing X, sends him a C/R message, dema
> -Original Message-
> From: John Rudd [mailto:[EMAIL PROTECTED]
> Sent: Thursday, July 19, 2007 6:06 PM
> To: Graham Murray
> Cc: users@spamassassin.apache.org
> Subject: Re: not everyone is happy with SA
>
> Graham Murray wrote:
> > John R
>> That sounds like a very badly designed system. While I do not like C/R
>> systems so would never implement one, surely it is only common sense to
>> expect responses to emails which are sent out and therefore to accept
>> such responses without issuing a challenge.
>
> I agree. But the propose
Graham Murray wrote:
John Rudd <[EMAIL PROTECTED]> writes:
However, it still leaves the problems of:
1) A user sends me a technical question. I answer, and get back a
Challenge, forcing me to jump through hoops to get their answer to
them.
That sounds like a very badly designed system. Whil
John Rudd <[EMAIL PROTECTED]> writes:
> However, it still leaves the problems of:
>
> 1) A user sends me a technical question. I answer, and get back a
> Challenge, forcing me to jump through hoops to get their answer to
> them.
That sounds like a very badly designed system. While I do not like
Ken A wrote:
Dave Pooser wrote:
I think CR can perhaps work quite well for an individual user with the
technical insight & time to spare, but such individual users are only
an small part of the picture.
No it doesn't. It foists the recipients burden on others, usually due
to the *lack* of tech
On Thu, 2007-07-19 at 21:35 +0200, Per Jessen wrote:
> Well, provided the objective is to avoid spam, it still might work
> well for that individual user.
Avoid? For whom? The objective should be to reduce or eliminate spam,
not pass filtering costs off on others. The "individual user" didn't
s
Dave Pooser wrote:
I think CR can perhaps work quite well for an individual user with the
technical insight & time to spare, but such individual users are only
an small part of the picture.
No it doesn't. It foists the recipients burden on others, usually due
to the *lack* of technical insight.
>> I think CR can perhaps work quite well for an individual user with the
>> technical insight & time to spare, but such individual users are only
>> an small part of the picture.
>
> No it doesn't. It foists the recipients burden on others, usually due
> to the *lack* of technical insight. Othe
Andy Sutton wrote:
> On Thu, 2007-07-19 at 19:37 +0200, Per Jessen wrote:
>> I think CR can perhaps work quite well for an individual user with
>> the technical insight & time to spare, but such individual users are
>> only an small part of the picture.
>
> No it doesn't. It foists the recipient
On Thu, 2007-07-19 at 19:37 +0200, Per Jessen wrote:
> I think CR can perhaps work quite well for an individual user with the
> technical insight & time to spare, but such individual users are only
> an small part of the picture.
No it doesn't. It foists the recipients burden on others, usually
John Thompson wrote:
> Perhaps C-R users are so satisfied because they seldom have to deal
> with the backscatter their "solution" causes?
I think CR can perhaps work quite well for an individual user with the
technical insight & time to spare, but such individual users are only a
small part of t
Funny how the closed-source companies need to base their marketing
policies on FUD, or even worse, user-defined indexes. If I'm allowed
to non-literally quote Homer Simpson here:
"Ah, Kent, everything can be proven these days with statistics. 60% of
the people knows it..."
I used to work as neta
Per Jessen wrote:
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/07-17-2007/0004626829&EDATE=
Justin's response is far better reading:
http://taint.org/2007/07/19/122638a.html
Kind regards,
Steve.
On 2007-07-19, Per Jessen <[EMAIL PROTECTED]> wrote:
> Jim Maul wrote:
>
>> Thats retarded. Might as well say, "Uplugging my mail server from
>> the internet is the best method because I received 0 spam since I did
>> it!"
>>
>> Challenge response is fundamentally broken. It can not and shoul
> Any C/R I recieve automatically gets deleted.
Back when we were running a catchall account at $DAYJOB I used to confirm
every C/R message that hit the catchall. I figured if they wanted me to be
their unpaid filter-boy, I was going to give them exactly the service they
were paying me for.
--
Da
> -Messaggio originale-
> Da: Per Jessen [mailto:[EMAIL PROTECTED]
>
>
> http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/07-17-2007/0004626829&EDATE=
So sorry I can't deploy a CR technology since I have unix systems.
Due to this, I may, eventually, deploy an LF on
On Thu, 2007-07-19 at 08:58 -0500, Thomas Raef wrote:
> I think you should rename your subject to: SPAM filtering alone is not
> accepted as well as Challenge-Response.
C-R is accepted? By whom?
Probably by harvesters of verified addresses ...
One problem is that the sad person with the C-R does
On Thu, 19 Jul 2007 at 15:35 +0200, [EMAIL PROTECTED] confabulated:
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/07-17-2007/0004626829&EDATE=
Any C/R I recieve automatically gets deleted.
---
_|_
(_| |
Michael Scheidell wrote:
> No problem, just uninstall it troll and go away.
>
>
Go away yourself.
Listen - I'm not trolling - I just thought this was a bit news worth
mentioning, regardless of what one's opinion about it might be. I have
already seen it quoted in several other news sources a
JT DeLys wrote:
> "Login required for download."
>
> Heh. There's a surprise ... Marketing wizards at work!
>
http://www.brockmann.com/index.php?option=com_content&task=view&id=847&Itemid=2
/Per Jessen, Zürich
Jim Maul wrote:
> Thats retarded. Might as well say, "Uplugging my mail server from the
> internet is the best method because I received 0 spam since I did it!"
>
> Challenge response is fundamentally broken. It can not and should not
> be considered an anti-spam solution.
Completely agree.
CTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 19, 2007 9:00 AM
To: Per Jessen
Cc: users@spamassassin.apache.org
Subject: Re: not everyone is happy with SA
Per Jessen writes:
>
>
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/0
7-17-2007/0004626829&EDATE=
Per Jessen writes:
>
> http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/07-17-2007/0004626829&EDATE=
That "study" is very flawed. I wrote up two major problems over
at my blog: http://taint.org/2007/07/19/122638a.html
--j.
rom: Per Jessen [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 19, 2007 8:36 AM
To: users@spamassassin.apache.org
Subject: not everyone is happy with SA
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/07-17-2007/0004626829&EDATE=
/Per Jessen, Zürich
"Login required for download."
Heh. There's a surprise ... Marketing wizards at work!
--
Thanks,
JTDeLys
No problem, just uninstall it troll and go away.
--
Michael Scheidell, CTO
SECNAP Network Security Corporation
Keep up to date with latest information on IT security: Real time
security alerts:
http://www.secnap.com/news
_
Per Jessen wrote:
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/07-17-2007/0004626829&EDATE=
/Per Jessen, Zürich
Thats retarded. Might as well say, "Uplugging my mail server from the
internet is the best method because I received 0 spam since I did it!"
Challe
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/07-17-2007/0004626829&EDATE=
/Per Jessen, Zürich
89 matches
Mail list logo