> > For mailing lists this can be achieved by making the list
> > subscriber-only. For individual accounts such behaviour is very
> > anti-social as it results in confirmation messages being sent in
> > response to virus messages.
>
> Not if the message if refused by the smtp server before it's de
[snip]
> If CR systems get popular then spammers will start replying to the
> messages. Most spammers have working email addresses, so it would not be
> difficult to automate a response to a CR system. Any CR system which just
> requires that you "reply to this email" will be trivially broken by
>
> I just noticed that my exim4 config access to
> rbl.mail-abuse.org is no longer valid. I'd heard
> Vixie had 'gone pro' but hadn't thought much
> about it.
I believe it's very old news, smth like 4-5 years or so.
> What are the recommended rbl's these days?
Best thing is ask on NANAE or exim-u
> You do realize that the osirusoft blacklists are defunct and have been
> for several months, right? Basing your decision of whether or not to
> accept mail from a given host based on an answer from a defunct
> blacklist is probably not a good idea.
*ouch* thanks. I'm revising my blacklists now,
> Also, for Vassilii - you use the SpamCop blacklists. That is something
> that I would be very nervous of. They have some pretty liberal policies
> about what they accept, and their automatic tools are not that great at
> filtering out innocent parties...
>
This is why on the primary MX (which I
> > I'm actually not doing this for the improved security in ithis particular
> > case. As this is a home LAN, I don't have tons of room/pc's. So the gateway
> > in this case is just another pc, and using this idea I wouldn't have to
> > boot this pc for no other reason than "gatewaying". So it's m
> CVE-2007-1282
>
> It was discovered that an integer overflow in text/enhanced message
> parsing allows the execution of arbitrary code.
Isn't text/enhanced long forgotten for good? It has never been formally
registered, btw, see http://www.iana.org/assignments/media-types/text . I
sugges
The D. docs, e.g. the page at http://www.debian.org/events/keysigning ,
make a lot of effort in making sure the person (Alice's) real identity
corresponds to whatever is presented in the key (A) the person is asking
another person (Bob) to sign.
I think that an additional accent should be plac
> Thanks, I missed that. Being placed unter "internal variables" and
> "debug" seems to have tricked me in ignoring this part.
>
> There should at least be a sentence "search" to indicate that one has
> to read the ndots-part to get a real search-path.
>
> > So it looks like to achieve what you s
(See also the bugs from the CC).
I believe that Debian should be somehow put on the CERT vendor list:
they give the vendors more advance warning on the security issues before
they issue an advisory, allowing to issue an emergency patch.
Does anybody on this list (debian-security) have any ties wit
> The question is... is there any way to protect against this? I mean, how
> would you differenciate on for example, a squid, the traffic of one of this
> tunnels from the real traffic you want to allow?
There is a way to protect any particular form of tunnelling (i.e., if you
know that a particul
Lars,
if you look at the messages footer, there's a human address (I've put it
into CC) of the listmaster to contact if you wish to do such things.
It is quite common that the listmaster doesn't look into the list itself
for admin requests, esp. if there's one listmaster for a bunch of lists.
Vass
The D. docs, e.g. the page at http://www.debian.org/events/keysigning ,
make a lot of effort in making sure the person (Alice's) real identity
corresponds to whatever is presented in the key (A) the person is asking
another person (Bob) to sign.
I think that an additional accent should be placed
> Thanks, I missed that. Being placed unter "internal variables" and
> "debug" seems to have tricked me in ignoring this part.
>
> There should at least be a sentence "search" to indicate that one has
> to read the ndots-part to get a real search-path.
>
> > So it looks like to achieve what you s
(See also the bugs from the CC).
I believe that Debian should be somehow put on the CERT vendor list:
they give the vendors more advance warning on the security issues before
they issue an advisory, allowing to issue an emergency patch.
Does anybody on this list (debian-security) have any ties wit
> The question is... is there any way to protect against this? I mean, how
> would you differenciate on for example, a squid, the traffic of one of this
> tunnels from the real traffic you want to allow?
There is a way to protect any particular form of tunnelling (i.e., if you
know that a particul
Lars,
if you look at the messages footer, there's a human address (I've put it
into CC) of the listmaster to contact if you wish to do such things.
It is quite common that the listmaster doesn't look into the list itself
for admin requests, esp. if there's one listmaster for a bunch of lists.
Vass
> > For mailing lists this can be achieved by making the list
> > subscriber-only. For individual accounts such behaviour is very
> > anti-social as it results in confirmation messages being sent in
> > response to virus messages.
>
> Not if the message if refused by the smtp server before it's de
[snip]
> If CR systems get popular then spammers will start replying to the
> messages. Most spammers have working email addresses, so it would not be
> difficult to automate a response to a CR system. Any CR system which just
> requires that you "reply to this email" will be trivially broken by
>
> I just noticed that my exim4 config access to
> rbl.mail-abuse.org is no longer valid. I'd heard
> Vixie had 'gone pro' but hadn't thought much
> about it.
I believe it's very old news, smth like 4-5 years or so.
> What are the recommended rbl's these days?
Best thing is ask on NANAE or exim-u
> You do realize that the osirusoft blacklists are defunct and have been
> for several months, right? Basing your decision of whether or not to
> accept mail from a given host based on an answer from a defunct
> blacklist is probably not a good idea.
*ouch* thanks. I'm revising my blacklists now,
> Also, for Vassilii - you use the SpamCop blacklists. That is something
> that I would be very nervous of. They have some pretty liberal policies
> about what they accept, and their automatic tools are not that great at
> filtering out innocent parties...
>
This is why on the primary MX (which I
I have discovered that one of the machines I have an account on has been
hacked. As a result, I am left with the following worries.
I have been doing ssh into the box. THe client is set up not to request
the X forwarding by the default. When I try "ssh -v" now, I observe no X
forwarding being esta
> You could force the SSH client to *not* forward X11 with -x
> (the low-caps x char) regardless other client/server-side
> specifications. If you do not specify any other special
> forwarding (-L or -R) then there will be no forwarding.
Good, that was what I was hoping for. (Obviously, my
defaul
> Meanwhile, the only thing I have is looking at some offline backups and
> working remotely in the (compromised) environment. Right now I'm looking at
> the lsof output there, a curious entry from Apache shown by lsof:
>
> apache 3170 root memDEL0,5 0 /SYSV00
On Tue, 2005-01-18 at 12:40 +0100, Adrian von Bidder wrote:
> Hi,
>
> With web-board passwords and two or three auto-acks being posted to this
> list every week: could we think about setting the Reply-To of
I hope that I am not the only one who writes to the auto-ackers and
their postmasters that
26 matches
Mail list logo
