|
|
| Author |
Message |
| 25 new of 251 responses total. |
remmers
|
|
response 50 of 251:
| 
Jan 3 16:07 UTC 2003 |
Mh is just a mail reading/composing application. If it has any
filtering capabilities, they aren't very extensive. It's possible
to use procmail in conjuction with mh, or any other mail program
for that matter.
I'll copy my procmail quickstart to its own item.
|
remmers
|
|
response 51 of 251:
|
Jan 3 16:12 UTC 2003 |
Joe's $49 slipped in. I've already posted a mail processing item
and copied my procmail response over to it.
|
tonster
|
|
response 52 of 251:
|
Jan 3 21:51 UTC 2003 |
damn joe, why'd you throw $49 into an item ?
|
gelinas
|
|
response 53 of 251:
|
Jan 3 22:41 UTC 2003 |
'cause it was all I had on me at the time.
|
gull
|
|
response 54 of 251:
|
Jan 4 00:29 UTC 2003 |
Grex's network connection seems really laggy right now. I gave up and
dialed in because I kept getting 3 to 5 minute pauses.
|
aruba
|
|
response 55 of 251:
|
Jan 4 06:28 UTC 2003 |
Still really slow now.
|
gelinas
|
|
response 56 of 251:
|
Jan 4 06:40 UTC 2003 |
traceroute indicates a network problem; uptime says load is fine.
|
jor
|
|
response 57 of 251:
|
Jan 4 09:05 UTC 2003 |
peppy now
|
russ
|
|
response 58 of 251:
|
Jan 9 01:13 UTC 2003 |
Everything going over the Internet is extremely slow tonight.
|
drew
|
|
response 59 of 251:
|
Jan 10 18:20 UTC 2003 |
I am getting spam bounces, a coulple of samples of which I've saved in
/a/d/r/drew/spambounce. Apparantly someone is putting my login in the
"Return mail to:" line of their spam.
|
glenda
|
|
response 60 of 251:
|
Jan 10 18:36 UTC 2003 |
I am getting a bunch of them as well. Mine are all home mortage and
refinancing type spams being bounced. Steve says it sounds like someone has
Klez and it picked my address out of their address book to attach to the from.
|
mdw
|
|
response 61 of 251:
|
Jan 10 18:42 UTC 2003 |
Damn. *Please* save them all. If you get a bunch, please send mail to
"abuse@cyberspace.org". I know of 8 other IDs with the same problem.
In 6 of the 8 cases, the users ended up abandoning the accounts which
had then gotten reaped. In the other 2, the mailbox had filled up. In
some some of those cases, I saw bounces as often as once every 10
seconds. (I'm not looking forward to this. Yuck.)
I've already suggested to the board that we may need to consider pursing
legal or other action against this - this isn't just ordinary spam, this
is spam that could easily wipe our network connection out without
blinking, and without the real spammers even noticing or caring. I mean
to enter an item in coop talking about this (& perhaps one in garage to
deal with the inevitable "why can't we solve this technically" (which we
can't because we don't get involved until the bounce at which point
there's no way for us to duck the network/CPU hit.)) I haven't had time
to do this yet - got involved in dealing with another unrelated problem.
|
other
|
|
response 62 of 251:
|
Jan 10 19:04 UTC 2003 |
I have contacted the state AG about filing a complaint against the
perpetrators of the more extreme of these cases for Denial of Service
attacks.
I will post the relevant information in the item Marcus enters.
|
albaugh
|
|
response 63 of 251:
|
Jan 11 00:06 UTC 2003 |
Sorry for the drift, but can someone explain to me what seems to be the idiocy
of using someone else's From: address on SPAM? For the minute percentage of
recipients that might actually be interested in finding out more about
whatever product / service is being hawked in the SPAM, how are they supposed
to get that info with a bogus From: address?
|
gelinas
|
|
response 64 of 251:
|
Jan 11 00:16 UTC 2003 |
Spammers don't want a *reply* to their messages, they want to you to *buy*
something, which is available elsewhere. Further, they especially don't
want to deal with rejection notices and complaints. So directing that kind
of stuff to the great bit bucket in the sky, or to someone else's mailbox
(which, to the spammer, is the same thing) makes perfect sense.
|
albaugh
|
|
response 65 of 251:
|
Jan 11 00:25 UTC 2003 |
Then why don't they just select a bogus address? Why "pick on" an actual
someone, or is being a *total* asshole a perk of spamming?
|
russ
|
|
response 66 of 251:
|
Jan 11 00:30 UTC 2003 |
Faking the originating address so that "bounces" go to the
intended spam recipient is another nasty (but old) spammer trick.
|
gelinas
|
|
response 67 of 251:
|
Jan 11 00:57 UTC 2003 |
It's getting to the point that there are *no* bogus addresses.
|
mdw
|
|
response 68 of 251:
|
Jan 11 06:24 UTC 2003 |
They probably *are* selecting what they think of as a "bogus" address.
Unfortunately, since most mailers check for a real domain on retrun
addresses, spammers have to pick a "real" sounding domain, with "real"
looking names, in order to get their spam delivered. We just so happen
to have the bad luck to be "in the way". I believe spammers are
"*total* assholes" by definition.
|
malymi
|
|
response 69 of 251:
|
Jan 11 10:32 UTC 2003 |
re #5: why would grex get rid of telnet? (it would be foolish to do
so.) the ssh configuration isn't such that it can do the whole login
thing, i.e., it wasn't patched to handle expiry so you had to use telnet
which used login which does the right thing.
|
mdw
|
|
response 70 of 251:
|
Jan 11 11:24 UTC 2003 |
Presumably if we got rid of telnet, everybody would already be using ssh
and there would be universal agreement that it was time to get rid of
the insecure protocol with plaintext passwords sent in the clear.
At least in terms of use, we could probably justify getting rid of
rlogin today - we actually do still support it (but not .rhosts
authentication) and I think it even implements waiting on the waitlist
which is beats sshd, but of course there is no real advantage over using
telnet and not very many people at all use it today.
|
keesan
|
|
response 71 of 251:
|
Jan 11 14:30 UTC 2003 |
I use telnet every time that I don't dial in. Kermit or CUTCP or even Windows
telnet programs. I would have no idea how to use ssh and probably don't have
any DOS versions of it.
|
gelinas
|
|
response 72 of 251:
|
Jan 11 15:08 UTC 2003 |
I think the final clause of #70, "but of course there is no real advantage
over using telnet and not very many people at all use it today," referred
to rlogin. We _know_ lots of people are still using telnet; we wont' turn
off telnet any time soon. (And I'd like to see us go to kerberised telnet
instead of turning it off, when we do switch.)
|
keesan
|
|
response 73 of 251:
|
Jan 11 15:30 UTC 2003 |
What is rlogin?
I received the following bounced mail report today for mail that I apparently
sent Friday morning from a Czech free webmail site. Grex is rejecting
some incoming mail.
From: [14]postmaster@email.cz
To: keesan@email.cz
Subject: Cannot deliver (nelze dorucit)
Date: 10.01.2003 08:45:12
[See full header below with time zone info.]
Vasi zpravu nebylo mozne dorucit nasledujicim prijemcum:
I can't deliver Your message to:
[20]keesan@grex.org
Duvod (reason): Nelze se spojit se serverem
[Cannot connect with server]
ATTACHMENTS:
[21] zprava [message] 5.82 kB
----------
[The full header: message was rejected Friday Jan 10 8:44 am +0100 (CET)
(Central European time - about 7 hours later than here)]
Received: from 10.0.0.1 [10.0.0.1] by smtp.email.cz
(ATCO SMTP server v3.0); Fri, 10 Jan 2003 08:45:05 +0100
X-atco-email: [1]postmaster@email.cz
MIME-Version: 1.0
Message-Id: <3E1E79F4.000001.11368@file1>
Content-Type: Multipart/Mixed;
boundary="------------Boundary-00=_SUMH40MWKGMMYJ0CCJD0"
To: [2]keesan@email.cz
From: [3]postmaster@email.cz
Subject: Cannot deliver (nelze dorucit)
Date: Fri, 10 Jan 2003 08:44:52 +0100 (CET)
[Should I be deleting all of these lines except the date/time line when
making these reports or is any of the other info pertinent?]
|
naftee
|
|
response 74 of 251:
|
Jan 11 18:17 UTC 2003 |
RE:71 You are wrong. I use SSH for DOS, and I believe there is a SSH
implementation for WIndows 3.1 aswell
|
