Received: from 61-216-68-78.hinet-ip.hinet.net (HELO TmpStr) (61.216.68.78)
by muncher.math.uic.edu with SMTP; 8 May 2001 22:12:33 -
The spammer is sending mail directly from the above dialup account.
hinet.net is the place to complain to.
--
Russ Allbery ([EMAIL PROTECTED])
would be stable on *bsd systems, emc symmetrix would not be
> an option anymore at all because of the hardware cost and tco).
Ahh, okay, I'm up to speed now. Sorry about that.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
;t recognize anything in your
descriptions even remotely like what we're running.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
cts are very different and not really the same sort of
storage.)
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
that would have
problems with all sorts of normal deliveries.
> For this reason it is best reserved for mailing list server purposes
> only."
> Do you all agree with this opinion that qmail is "best reserved for
> mailing list server purposes only"?
No.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
with documenting existing practice
and cleaning up some historical warts, not with introducing new features
(new features were specifically stated to be out of scope). As such,
there are no major changes from widespread practice in either, and they
are likely to have little effect on qmai
t; I could see this as a Denial of Service Attack against a mailing list..
> bombing it with viruses to watch all the subscribers reject all the
> viruses
Good reason to remove every person using such a scanner from the mailing
list.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
roken, because
>printf("%lu.%lu ", seconds, nanoseconds);
> suppresses leading zeroes in the fractional part.
There is (finally) a fixed version of my C implementation of tai64nfrac on
<ftp://ftp.eyrie.org/pub/software/misc/tai64nfrac.c>.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
ot arguing that
qmail should necessarily implement them. Not implementing those
extensions certainly doesn't make qmail a non-RFC-compliant e-mail system,
just one that doesn't implement some optional features.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
accurate
description.
> But as I said, if I am missing some great GPL MUA, pray tell...
mutt is pretty popular and is what we now recommend over Pine for anyone
willing to change.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
Kris Kelley <[EMAIL PROTECTED]> writes:
> Forgive me for opening this can of worms again, but I have something
> that proves that the MAPS RSS *is* listing servers that it suspects are
> open relays, even when they aren't.
Have you reported this to RSS?
--
Russ Allbe
en hammered out nearly well enough.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
y
kind of trademark or service mark on the term (the one on Open Source
wasn't pursued) and both of them have been known to argue at great length
over the precise meaning of the terms with people who they feel are using
them incorrectly.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
s to security problems due to precisely the sorts of things that
you're talking about. I think his point is more that just having the
source available doesn't automatically mean that the software has been
audited. Having the source be closed is obviously worse, but open source
isn&#x
It's worth bearing in mind, when evaluating this opinion, that Bruce
Schneier is a security expert that people hire to perform such security
audits. He has a point, but it's also unsurprising that he's in favor of
the work that he personally does.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
per RFC 822.
Trailing periods are not permitted.
(My guess is that djb would call an empty defaultdomain an unsupported
configuration.)
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
.5., it looks like it should be
> valid. In fact at A.3.3. there's an example that looks very much like
> mine...
> I'll find a workaround in the meantime, but, am I wrong to think its
> allright to have a comma-delimited To: field?
Comma-delimited To: headers are fine. You
l, as I think could be
established by using the qmail-queue interface directly.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
e scope. Under RFC 822, the above
address indicates that one should deliver the mail to the MX record for
"domain." (and as a general rule, TLDs don't have MX records, although it
is technically legal).
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
headers.
You'll find that sendmail does all sorts of bizarre things with locally
injected mail. It doesn't violate RFC 822 by doing so either.
Please become more familiar with the nature and scope of IETF standards
before using them as an arguing point.
--
Russ Allbery
a mail message gets bounced, the message comes back to the user
> that the web server is running as.
Bounces go back to the envelope sender. If you want to change the
envelope sender, pass the -f option to the sendmail emulation program, as
in:
/usr/lib/sendmail -t -f [EMAIL PROTECTED]
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
soft.com bounces the message back to
> mail.irelay.com.
Yup.
So if you're running microsoft.com's mail servers, you're screwed. You
just have to swallow the bounces and hope that someone will close the damn
relay and stop the spammer.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
generally being the case).
That's a *huge* loss for the spammers; unless tons of people start doing
this (and even in that case), they just can't handle that complexity.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
nd dicer if user@domain is valid.
There's a simple solution to that. Use user@domain as another spam trap
and have your *real* address that you give out to people who you want to
have a stable address be user-@domain and be careful about
revealing that . :)
--
Russ Allbery ([EMAIL P
t I can see an argument
either way). :)
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
d CYCLOG on the average system? Thanks.
It's been replaced by multilog, which is part of Dan's daemontools
package. See <http://cr.yp.to/daemontools.html>.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
Mark Walsh <[EMAIL PROTECTED]> writes:
> What are other people using for EMAil on Win9x systems? Anything else
> except Netscape?
Eudora is the one we support.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
connectivity is almost worthless except for playing games (for
which clock synchronization doesn't really matter).
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
your clock drifts naturally and then just keep adjusting for that
drift. It only needs occasional external data to correct it's idea of the
internal drift, not constant data.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
Hat is weird, but under most operating systems if you
su to a user, you get that user's shell. If you set the shell to
/bin/true, it will then immediately exit, leaving you back as root again.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
if you need particular features that stock qmail doesn't
provide, such as LDAP support or authenticated SMTP, but for
straightforward mail service you don't need any of them.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
oduce. If you're overclocking,
that's the first place that I'd look.
See <http://www.bitwizard.nl/sig11/>.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
in Perl, but should be possible to convert to C. The
queue sub is the one that does what you're trying to do.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
d then
wonder where all my include files went).
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
arisen as of late.
My Linux box says that /usr/include/sys/types.h is part of glibc-devel.
Do you have that package installed?
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
our system's development environment is either corrupted or only
partially installed at a very fundamental level.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
rafts/draft-ietf-drums-msg-fmt-08.txt>
| The form "+" SHOULD be used to indicate a time zone at Universal
| Time. Though "-" also indicates Universal Time, it is used to
| indicate that the time was generated on a system that may be in a local
| time zone other t
quot;fail" that test but
don't relay the mail. So it's not true that your tester is using the same
tests as ORBS is.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
David Dyer-Bennet <[EMAIL PROTECTED]> writes:
> In my years of working with computers, networks, and email, I don't
> think I've *ever* seen an MUA that performs this theoretically
> desirable function.
Gnus does, of course.
--
Russ Allbery ([EMAIL PROT
t add a line like:
|bouncesaying "Permission denied. (#5.7.1)" test X"$SENDER" != X"sender"
to the beginning of the submission .qmail file, where sender is the
envelope sender that should be allowed to send to that list. Not perfect
security, but generally good enou
Ben Beuchler <[EMAIL PROTECTED]> writes:
> I just implemented rblsmtpd using the MAPS DUL. I sent a message off to
> Russ' testing bot and received the following reply:
MAPS has recently dropped the TXT entries from their zones due to zone
size problems; perhaps that's
27;m perusing the Mail::* modules (docs and code), just grabbed
> from CPAN, looking for validating code, and finding none whatsoever. Has
> anyone experience with this modules?
Doesn't Mail::RFC822 have validation code? I thought it did.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
be removed right ?
It can be replaced with all of the Perl development mailing lists, all of
which are using ezmlm-idx.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
slog if you want to do anything at all automated with
the logs.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
Russ Allbery <[EMAIL PROTECTED]> writes:
> Ben Beuchler <[EMAIL PROTECTED]> writes:
>> I'm trying to use multilog's pattern matching to not log the non-stop
>> health checks from our load balancers. This is the command line I'm
>> using:
>&g
9376 mail.bitstream.net:216.243.128.140:25
>slb01.bitstream.net:216.243.128.254::1035
multilog filter patterns don't work like filename globs. You want:
'-* * * * * *:216.243.128.254'
instead. (There are several other ways of writing it too.)
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
it and
dumping that mail in the postmaster's mailbox seems wrong. Sure, it's not
that much spam, but when you have a number of hosts with mail setups like
that, it starts slowly adding up. And of course, their answer to it is to
just press delete.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
the same arguments that I was making here. I
still find the ORBS approach a lot more blatant about helping spammers,
given that they offer a neat file download (most spammers have no clue as
to how to do a zone transfer), but I don't think either of them should be
offering the data in that
off to
mail the RSS folks; I think that's a bad idea.
I know that you can "brute force" a zone transfer by just querying every
IP address, but this is also very detectable by the operator of the list,
and I'd *hope* that they'd block off sites that were doing t
hat without someone signing. Have you mentioned that to
them?
(More to the point, though, can you get the RSS? That would be closer to
what ORBS is doing; getting the RBL gives you a bunch of networks and a
bunch of sites that aren't open relays and isn't nearly as directly
useful.
em to get involved in
things like the recent business with AboveNet.
So in answer to the original question, I'd expect at least some folks at
vuurwerk.nl to have a bias, but I've yet to see anything from them that
didn't seem reasonable to some degree.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
t to another system for delivery; if
that happens, the single message with multiple recipients ends up being
split apart into multiple messages.
I bet you could find ways of doing exactly the same thing to sendmail. I
really don't think this is a problem peculiar to qmail.
--
Russ Allbery
n a security consulting service
and as part of that service you publish vulnerabilities in commonly used
products, as well as provide a network scanner. Now suppose you find a
security vulnerability in someone else's network scanner. Do you publish
that vulnerability?
--
Russ Allbery
Eric Cox <[EMAIL PROTECTED]> writes:
> Russ Allbery wrote:
>> You're aware that some machines *which didn't relay* were being tested
>> by ORBS as frequently as once a *day*, aren't you? Or are you just
>> going by Alan Brown's account
nk it's actually rather inconsistent of the RBL that
they're *not* on it for doing that, although I can understand the
political reasons for not doing so given that Alan Brown seems to have an
endless capacity for duping people like yourself who aren't looking at
what's actua
o clue whatsoever how Internet routing works. This is one of
the things that's rather annoying those of us who have heard a lot of the
story from various sides.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
'd heard, he was rather annoyed at
the qmail patches, not welcoming them. That means that he's likely to be
willing to break them without giving them a second thought in later
releases, whereas he may work closer with the ezmlm-idx folks if he
releases a new version of ezmlm.
--
Russ
against the express design
intention of its primary author is rather like banging one's head
repeatedly against a brick wall.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
us is another quantum leap ahead of VM. (I don't even mind
HTML e-mail as much any more; w3 mode does a nice job of it. And it does
an excellent job handling inline images, and a fantastic job of handling
multiple character sets.)
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
Petr Novotny <[EMAIL PROTECTED]> writes:
> Please stop that. When was the last time you saw a crashed mailserver
> due to getting too many mails? And what was the software?
It happens with sendmail all the time, which is most of what people are
running.
--
Russ Allbery ([EMA
Bruce Guenter <[EMAIL PROTECTED]> writes:
> On Fri, Jul 14, 2000 at 06:28:44PM -0700, Russ Allbery wrote:
>> I consider it to be an absolute requirement for any autoresponder to
>> not reply to a message that isn't addressed to the recipient it is
>> acting on
nding
autoreplies to mailing list traffic, which is an absolute no-no even if
the mailing list isn't "properly" tagging messages with a Precedence
header.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
Petr Novotny <[EMAIL PROTECTED]> writes:
> That's a really easy way to unsubscribe: From your .qmail file, bounce
> every message you receive from the list. ezmlm will unsubscribe you
> automatically, and pretty fast.
Takes 20 days, actually, I believe.
--
Russ Allbe
g good: The C library might know too
> much about the 1024 internally.
Raising the limit in this fashion is supported and should work correctly
for Solaris 7 or later, IIRC. It's a Solaris-specific hack, though.
(Solaris, being a SysV derivative, really wants you to convert your
softwa
g this). This is, of course,
really not true; sendmail does way more inside that big monolithic black
box. But because it hides all the complexity, it scores some marketing
points.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
t have to learn
>> python
> WHAT'S WRONG WITH LEARNING PYTHON
It's annoying? :)
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
RBS will list any machine that's open regardless of
whether it's being abused or not (by design). I disagree with ORBS on a
lot of things, but it's good that this particular choice is available to
people.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
wed, dev=84
> May 30 04:53:11 uxtrav03 unix: NOTICE: qmail-queue, uid 333: setuid
> execution not allowed, dev=84
> May 30 05:05:00 uxtrav03 unix: NOTICE: qmail-queue, uid 0: setuid
> execution not allowed, dev=84
You've mounted the file system /var/qmail is on n
Darren Wyn Rees <[EMAIL PROTECTED]> writes:
> On Tue, May 30, 2000 at 10:18:39PM -0700, Russ Allbery wrote:
>> I'm not sure this is a good idea, mostly because I don't see the
>> distinction between the newsgroup and this mailing list
> ^^^
>
uch
> trouble
<http://www.newsguy.com/> will let you purchase basic Usenet access using
your own ISP for Internet access for some fairly low price (something like
$30 a year). You can also use <http://www.deja.com/> for free, but the
interface sucks.
--
Russ Allbery ([EMAIL PROTECTED]
rom one to
another. You couldn't turn, say, comp.unix.programmer into a mailing list
without losing a lot of the strong points of the group, and similarly I
don't think this mailing list would convert to a newsgroup well. And I
don't think there's enough qmail discussion
ng the mailing list to really want to move to a
newsgroup. Without the core of people on this mailing list that know
qmail very well and answer most of the questions, the newsgroup is
unlikely to be all that useful, and I haven't heard much indication that
those people would really prefer a ne
rts with M), but that would also make it slower, and I really
don't mind the false positives. (And I do mind having the body scanning
be slower.)
In other words, it's possible for Claus's signature to show up as an
attachment in a non-borken mail reader; it's just not a big d
> guys where drowning out here.
I don't believe that publisher interest is the hold-up. To publish a
book, someone has to write it first, and one would hope that the people
doing so would actually know a decent amount about qmail. :) Those
people are somewhat rare; qmail hasn't b
g to need), a better way of managing users, and in general a
cleaner and seemingly more reliable package.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
re innumerable different authentication mechanisms
possible once you use SASL, including ones considerably better than APOP,
and POP3 definitely supports SASL.
You can definitely use POP3 without cleartext passwords.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
t; function of the program.
2.53 appears to be vulnerable.
> Also, the advisory suggests upgrading to 3.1b1 (which i did) and says
> that it's a safe version (for now, anyway)
The 3.x series has been having *tons* of security problems, including
stuff that was previously fixed in 2.x. I rea
nis server and qmail be running on the same machine
> physically?
Probably not. It's generally a good rule of thumb to run one major
service per machine if you can.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
ery common and doesn't cause problems.
Anyway, that's also a bit apart from what Dan was talking about, as I
would assume that Dan was talking about the 8BITMIME SMTP extension, not
the MIME conventions for body labelling. The former is even less
necessary than the latter.
--
Russ Allbery
e and more worthless junk to the point that it's practically
more unwanted bytes in my mailbox than spam is. It's rather simple to
skip over the messages from the completely lost people; footers that any
intelligent person doesn't need are both intrusive and ugly.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
is different from IP accounting, as you won't catch TCP/IP
> protocol overhead, retransmissions on packet loss, etc.
For most purposes, I doubt you need to worry about all those details.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
a new mail message and resending it to
the common POP account address. You also shouldn't need to; I presume
that the purpose is to support filtering, which you can just as easily do
based on the To and Cc headers (or even the Delivered-To header).
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
idding. Taught me the importance of having a chatserver, IRC channel,
or *something* like that real time where you can bitch about stuff with
other people without having to stop what you're doing.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
them.
qmail-analog expects seconds and fractional seconds since epoch. For
documentation of TAI64, TAI64N, and related subjects, see
<http://cr.yp.to/proto/utctai.html>.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
ver the queuing if a system goes down.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
keep trying until they bounce, but all new
messages should now be going to the new machine.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
quot;#@[]" to ensure that
double-bounces can't then bounce again and generate mail loops.
You apparently are forwarding postmaster mail to another system which is
doing resolveable name checks on envelope senders, and doesn't like
qmail's special double-bounce sender.
--
I've seen a depressing quantity of users that put all
sorts of random trash in their envelope sender and never see any of their
bounces.
Ideally, I'd track down the double-bounces and get the user to fix their
configuration so that they see further bounces, but there really isn't
it comes through.
Our mail server that just sends out bounce messages already has a queue
lifetime of just one day, but that's a special case (a very large number
of those messages will just double-bounce and get silently discarded).
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
lely in saying hello to the remote
SMTP server. Default: me, if that is supplied; otherwise
qmail-remote refuses to run.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
ore passing them to qmail-queue
anyway.
But I stand by my statement that this is papering over the bug, not fixing
it. You need to decide what addressing convention your e-mail network
uses and enforce it uniformly, or you're asking for more problems down the
road.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
es it's thing with the UUCP addressing, and I wind up in ORBS.
Sounds like your problem is with your sendmail box. Why don't you turn
off !-addressing on your sendmail system? That would seem to neatly solve
the problem.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
t I use:
/var/qmail R-2
/var/qmail/bin/qmail-queue R
/var/qmail/control/badmailfrom L-i
!/var/qmail/queue
That checks all the man pages, which is probably unnecessary (although it
is possible to do shell escapes from inside *roff, so...).
--
Russ Allbery ([EMAIL PROTECTED
es to quoting. :/
> I take this back. If an e-mail is *all* HTML, then mutt (by default) is
> SOL.
Ever since Gnus added the ability to render HTML using w3-mode, these
discussions tend to surprise me becaues I don't even notice the original
was in HTML. :)
--
Russ Allbery ([EMA
John White <[EMAIL PROTECTED]> writes:
> On Wed, Apr 12, 2000 at 12:07:09AM -0700, Russ Allbery wrote:
>> None. By the time the message reaches the SMTP level, VERP has already
>> been done. VERP is not an SMTP feature.
> *cough*
> Actually, you can use the u
uld assume it has something to do with the twin goals of putting the
mail queue in /var like it normally is and keeping all of qmail together
in the same place.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
ot; >&2
this goes to stderr
$ ( echo "this goes to stderr" >&2 ) > /dev/null 2>&1
$ ( echo "this goes to stderr" >&2 ) 2>&1 > /dev/null
this goes to stderr
Order is significant in Bourne shell I/O redirection.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
gets moved off to long-term
storage mailboxes.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
Adam McKenna <[EMAIL PROTECTED]> writes:
> No. If you installed qmail correctly, you would have created an account
> called mailer-daemon, which is required to be RFC compliant.
I believe the only required e-mail account is postmaster.
--
Russ Allbery ([EMAIL PROTECTED])
re likely to see more activity on
the qmail front again.
--
Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
1 - 100 of 308 matches
Mail list logo
