Re: AOL testing new anti-spam technology

2004-01-24 Thread Russell Coker 
On Sat, 24 Jan 2004 12:23, [EMAIL PROTECTED] wrote:
> On Sat, Jan 24, 2004 at 11:59:18AM +1100, Russell Coker wrote:
> > One of the worst aspects of spam is the way much of it uses
> > forged sender addresses. AOL is hoping to stir up some organized
> > resistance to the practice of address forgery through a new
> > e-mail protocol called Sender Permitted From, or SPF.
> > 
>
> spf.pobox.com is the main site IIRC. It's a good idea, easy to implement.
> If everyone would start to use it, SPAM would be cut down.

I've just implemented it the DNS for my domain.  It was easy enough to do, and 
doesn't seem to have any great issues.  No mail from me has been blocked yet.

The next thing is to make my mail server check such records before receiving 
mail.

Once we get some good test results we can ask the Debian listmasters to 
consider implementing it for lists.debian.org.  There are significant 
problems with spam going to the Debian lists and of @lists.debian.org 
addresses being used to spam other people and causing bounce messages.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: AOL testing new anti-spam technology

2004-01-24 Thread Joey Hess 
Russell Coker wrote:
> I've just implemented it the DNS for my domain.  It was easy enough to do, and 
> doesn't seem to have any great issues.  No mail from me has been blocked yet.

Do beware of the .forward issue.

> The next thing is to make my mail server check such records before receiving 
> mail.

Next version of spamassassin is supposed to do that.

> Once we get some good test results we can ask the Debian listmasters to 
> consider implementing it for lists.debian.org.  There are significant 
> problems with spam going to the Debian lists and of @lists.debian.org 
> addresses being used to spam other people and causing bounce messages.

One thing I've been wondering about is pseudo-forged @debian.org From
addresses (like mine) and spf. It would seem we can never turn it on for
toplevel debian.org without some large changes in how developers send
their email.

-- 
see shy jo


signature.asc
Description: Digital signature

Re:Fw: Cok Sicak Debian-cd

2004-01-24 Thread Ayse Emine 





  


 
 
  GÝZLÝ KAMERA
  OKUL KIZLARI
  ETEK ALTI
  SEXY KALÇALAR
 
 
  http://0ec.com>http://www.erotikresim.com/gizlikamera/small/gizlicekim097.jpg border=0>Gizli çekimler
  http://0ec.com>http://www.erotikresim.com/liseli/small/okul020.jpg border=0>Okul kýzlarýnýn frikikleri
  http://0ec.com>http://www.erotikresim.com/etekalti/small/etekalti035.jpg border=0>Etek altý çekimleri
  http://0ec.com>http://www.erotikresim.com/pantolon/small/pantolon001.jpg border=0>Sexy pantolon giyenler
 
 
  SÝZDEN GELENLER
  TÜRK ÜNLÜLER
  PLAYBOY KIZLARI
  VÝDEO VE FÝLMLER
 
 
  http://0ec.com>http://www.erotikresim.com/amatorler/small/t-mac01.jpg width=90 height=90 
border=0>Sizin 
yakaladýklarýnýz
  http://0ec.com>http://www.erotikresim.com/turkunluler/small/frikik13.jpg border=0>Türk ünlülerin frikikleri
  http://0ec.com>http://www.erotikresim.com/bikini/small/camasir02.jpg border=0>Playboy Güzelleri
  http://0ec.com>http://www.erotikresim.com/video/video01.jpg width=90 height=90 border=0>Gizli çekim videolarý
 
 
  EROTÝK E-KART
  BÝKÝNÝ - ÝÇ ÇAMAÞIRI
  FANTASTÝK
  SEKS HÝKAYELERÝ
 
 
  http://0ec.com>http://www.erotikresim.com/small/ekart01.jpg width=90 height=90 border=0>Erotik e-kart gönderin
  http://0ec.com>http://www.erotikresim.com/bikini/small/bikini43.jpg border=0>Bikinili ve iç çamaþýrlýlar
  http://0ec.com>http://www.erotikresim.com/fantastik/small/fantastik36.jpg border=0>Fantastik resimler
  http://0ec.com>http://www.erotikresim.com/small/ekart02.jpg width=90 height=90 border=0>Yaþanmýþ seks hikayeleri
 
 
  SEX CHAT
  CANLI SOHBET
  PORNOGRAFÝK
  PORNO YILDIZLARI

Re: AOL testing new anti-spam technology

2004-01-24 Thread Russell Coker 
On Sun, 25 Jan 2004 05:07, Joey Hess <[EMAIL PROTECTED]> wrote:
> Russell Coker wrote:
> > I've just implemented it the DNS for my domain.  It was easy enough to
> > do, and doesn't seem to have any great issues.  No mail from me has been
> > blocked yet.
>
> Do beware of the .forward issue.

That is an issue.  However for some time I have had my mail server configured 
to do DNS checks for significant domains when receiving mail.  The domains I 
have checks for include hotmail, yahoo, a few big ISPs, and my personal 
domain...

So when I send mail via /etc/aliases on some other machine that has an entry 
pointing back to me (EG root@ some machines where I have root access) then 
the message bounces when going to me, but then the bounce gets through.

I've also had the same issue with spam being sent through open relays where 
the From: and To: addresses are both my address, the original gets blocked 
but I get the bounce message.

> > The next thing is to make my mail server check such records before
> > receiving mail.
>
> Next version of spamassassin is supposed to do that.

That's not good enough.  To do it properly that check has to be done in the 
SMTP dialog.  I want the message to be rejected with code 55x to discourage 
the spammer from sending me any more.

> > Once we get some good test results we can ask the Debian listmasters to
> > consider implementing it for lists.debian.org.  There are significant
> > problems with spam going to the Debian lists and of @lists.debian.org
> > addresses being used to spam other people and causing bounce messages.
>
> One thing I've been wondering about is pseudo-forged @debian.org From
> addresses (like mine) and spf. It would seem we can never turn it on for
> toplevel debian.org without some large changes in how developers send
> their email.

True.

But protecting mailing lists is a much higher priority.  If you get one spam 
to your personal address you can send it to spamcop or just delete it.  If it 
goes to 10,000 people on a mailing list it causes a lot more bother.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: AOL testing new anti-spam technology

2004-01-24 Thread Russell Coker 
On Sat, 24 Jan 2004 12:23, [EMAIL PROTECTED] wrote:
> On Sat, Jan 24, 2004 at 11:59:18AM +1100, Russell Coker wrote:
> > One of the worst aspects of spam is the way much of it uses
> > forged sender addresses. AOL is hoping to stir up some organized
> > resistance to the practice of address forgery through a new
> > e-mail protocol called Sender Permitted From, or SPF.
> > 
>
> spf.pobox.com is the main site IIRC. It's a good idea, easy to implement.
> If everyone would start to use it, SPAM would be cut down.

I've just implemented it the DNS for my domain.  It was easy enough to do, and 
doesn't seem to have any great issues.  No mail from me has been blocked yet.

The next thing is to make my mail server check such records before receiving 
mail.

Once we get some good test results we can ask the Debian listmasters to 
consider implementing it for lists.debian.org.  There are significant 
problems with spam going to the Debian lists and of @lists.debian.org 
addresses being used to spam other people and causing bounce messages.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Re: AOL testing new anti-spam technology

2004-01-24 Thread Joey Hess 
Russell Coker wrote:
> I've just implemented it the DNS for my domain.  It was easy enough to do, 
> and 
> doesn't seem to have any great issues.  No mail from me has been blocked yet.

Do beware of the .forward issue.

> The next thing is to make my mail server check such records before receiving 
> mail.

Next version of spamassassin is supposed to do that.

> Once we get some good test results we can ask the Debian listmasters to 
> consider implementing it for lists.debian.org.  There are significant 
> problems with spam going to the Debian lists and of @lists.debian.org 
> addresses being used to spam other people and causing bounce messages.

One thing I've been wondering about is pseudo-forged @debian.org From
addresses (like mine) and spf. It would seem we can never turn it on for
toplevel debian.org without some large changes in how developers send
their email.

-- 
see shy jo


signature.asc
Description: Digital signature

Re:Fw: Cok Sicak Debian-cd

2004-01-24 Thread Ayse Emine 





  


 
 
  
GÝZLÝ KAMERA
  
OKUL KIZLARI
  
ETEK ALTI
  
SEXY KALÇALAR
 
 
  http://0ec.com>http://www.erotikresim.com/gizlikamera/small/gizlicekim097.jpg 
border=0>Gizli çekimler
  http://0ec.com>http://www.erotikresim.com/liseli/small/okul020.jpg border=0>Okul kýzlarýnýn frikikleri
  http://0ec.com>http://www.erotikresim.com/etekalti/small/etekalti035.jpg 
border=0>Etek altý 
çekimleri
  http://0ec.com>http://www.erotikresim.com/pantolon/small/pantolon001.jpg 
border=0>Sexy pantolon 
giyenler
 
 
  
SÝZDEN GELENLER
  
TÜRK ÜNLÜLER
  
PLAYBOY KIZLARI
  
VÝDEO VE FÝLMLER
 
 
  http://0ec.com>http://www.erotikresim.com/amatorler/small/t-mac01.jpg width=90 height=90 
border=0>Sizin 
yakaladýklarýnýz
  http://0ec.com>http://www.erotikresim.com/turkunluler/small/frikik13.jpg 
border=0>Türk ünlülerin 
frikikleri
  http://0ec.com>http://www.erotikresim.com/bikini/small/camasir02.jpg border=0>Playboy Güzelleri
  http://0ec.com>http://www.erotikresim.com/video/video01.jpg 
width=90 height=90 border=0>Gizli 
çekim videolarý
 
 
  
EROTÝK E-KART
  
BÝKÝNÝ - ÝÇ ÇAMAÞIRI
  
FANTASTÝK
  
SEKS HÝKAYELERÝ
 
 
  http://0ec.com>http://www.erotikresim.com/small/ekart01.jpg 
width=90 height=90 border=0>Erotik 
e-kart gönderin
  http://0ec.com>http://www.erotikresim.com/bikini/small/bikini43.jpg border=0>Bikinili ve iç çamaþýrlýlar
  http://0ec.com>http://www.erotikresim.com/fantastik/small/fantastik36.jpg 
border=0>Fantastik 
resimler
  http://0ec.com>http://www.erotikresim.com/small/ekart02.jpg 
width=90 height=90 border=0>Yaþanmýþ seks hikayeleri
 
 
  
SEX CHAT
  
CANLI SOHBET
  
PORNOGRAFÝK
  
PORNO YILDIZLARI

Re: AOL testing new anti-spam technology

2004-01-24 Thread Russell Coker 
On Sun, 25 Jan 2004 05:07, Joey Hess <[EMAIL PROTECTED]> wrote:
> Russell Coker wrote:
> > I've just implemented it the DNS for my domain.  It was easy enough to
> > do, and doesn't seem to have any great issues.  No mail from me has been
> > blocked yet.
>
> Do beware of the .forward issue.

That is an issue.  However for some time I have had my mail server configured 
to do DNS checks for significant domains when receiving mail.  The domains I 
have checks for include hotmail, yahoo, a few big ISPs, and my personal 
domain...

So when I send mail via /etc/aliases on some other machine that has an entry 
pointing back to me (EG root@ some machines where I have root access) then 
the message bounces when going to me, but then the bounce gets through.

I've also had the same issue with spam being sent through open relays where 
the From: and To: addresses are both my address, the original gets blocked 
but I get the bounce message.

> > The next thing is to make my mail server check such records before
> > receiving mail.
>
> Next version of spamassassin is supposed to do that.

That's not good enough.  To do it properly that check has to be done in the 
SMTP dialog.  I want the message to be rejected with code 55x to discourage 
the spammer from sending me any more.

> > Once we get some good test results we can ask the Debian listmasters to
> > consider implementing it for lists.debian.org.  There are significant
> > problems with spam going to the Debian lists and of @lists.debian.org
> > addresses being used to spam other people and causing bounce messages.
>
> One thing I've been wondering about is pseudo-forged @debian.org From
> addresses (like mine) and spf. It would seem we can never turn it on for
> toplevel debian.org without some large changes in how developers send
> their email.

True.

But protecting mailing lists is a much higher priority.  If you get one spam 
to your personal address you can send it to spamcop or just delete it.  If it 
goes to 10,000 people on a mailing list it causes a lot more bother.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page