Most implementations of qmail I've seen use hooks in inetd/xinetd for receiving mail. All you have to do is create a pseudoservice (xsmtp for example) in/etc/services on a different port:
xsmtp 5555/tcp
then copy the line for qmail's SMTPD in inetd as called from that pseudoservice (i.e. xsmtp rather than smtp) (or file in many default xinetd configurations), restart xinetd/inetd, and you're all set -- qmail is listening on two different ports simultaneously.
...I've seen this one before (by the description). When I was working on PCs for a living, an optomologist's secretary brought in her computer, which was acting "strangely" and all sorts of "foul things" were coming up on her screen. I figured something had just replaced her homepage on IE with a porn site or something like that, so I plugged the machine up and let it boot, explaining to her "well, there's some bad shit you have to look out for, but there's always worse". I was quite wrong. This was worse.
When I fired up IE on the system, it went straight to a child pornography site that was obviously a typoed URL (freecilpart.com or something like that...don't hold me to it since my memory's terrible), and the default homepage setting was being updated constantly (like kak). This program was listening on some oddball high-numbered port.
Since the box was inside a Novell network and wasn't exposed to the outside world (much) I figured it wasn't a normal compromise. I told her to contact the FBI over the site, and I went looking for the malware, but couldn't track it down (limited time on it, though) and wound up wiping the box clean and reinstalling Win98. She's very religious about keeping the a/v definitions updated now (:
"New -- this summer...an action tale that will rip out your spleen and eat it with ice cream. Arnold Schwarzenegger is...Pippi...Longstocking! This film has not yet been rated."
I agree with you 100% and have been warning people for years. These people are religious fanatics. They believe absolutely in everything written in the Bible... and if they have the power to make it happen, they're going to.
A little secret here -- it's not the bible-thumpers that you think it is, it's the bible-thumpers nobody knows about.
Beginning with Aleister Crowley, the ideals of certain fringe organizations became far more mainstream: the idea that the Great Beast was the Lion of the Tribe of Judah, and that the one heralded as the "Anti-Christ" was actually the returning Messiah.
Naturally, this has its roots somewhere, that somewhere being a derivative of the Gnostic religion, which was originally a "bastardisation" of the Bible (read over some of the Gnostic gospels and you will find a few references to these ideals in about 20% of them) in favor of a (most likely) Egyptian religious standpoint (short version): that the creator god, Ialdabaoth, created the world and mankind in sin and defiance of the "Father of Light", and only through the wisdom of the Instructor, "Lucifer" or "Jesus" did the first humans partake of the fruit of the tree of life and thus become gods, as they could control their own destinies.
The new "cataclysm" is that, essentially, the Great Beast will rise up and bring the world into a new Utopia (VERY abridged), so thusly, mankind, being gods, must do everything in their power to make certain it is so. While this does fly in the face of traditional Christian and other aligned religion's ideals of the end, it is the predominant ideal bestowed on people who have reached (after many years of pushing) the top heirarchies of many secret societies which most (not all, but most) politicians in the world, not just the US, subscribe to.
footnote: my apologies if there are any missing apostrophes or quotes -- slashdot doesn't like my habitual " and '
<offtopic>That reminds me -- a few years ago, I went out of town for a few days, and when I got back my old P200 refused to boot. I yanked out cables and cards in an attempt to get the old beast up and going again, and when I yanked out the sound card, it booted. Well, I put everything back together, and then looked closer at the sound card.
It had a nice, dried puddle of mouse piss on it, so I put it aside and waited for the next opportunity to grab another one.
I thought (after I'd gotten another one) that I should have called Dell tech support and discussed the problem with them:
(them) "Hello, <speil>"
(me) "Yeah, I've got a mouse problem."
(them) "What seems to be the problem?"
(me) "Oh, it sort of pissed on my sound card." </offtopic>
3. Create our own countries, outside the jurisdiction of evil legislation.
Several states in the US tried this years ago, and they were far better armed. I doubt you'll have that much of a chance.
Re:Stop crying and take action!
on
ISP Chief on Spam
·
· Score: 3, Insightful
Just some notes to your message:
They can implement strong AUPs that will do the following:
If a spammer is hosting on your system, you don't shut down the server/domain/site, but redirect it to a page saying it has been shut down for spamming while locking them out from changes or accessing the data.
Yeah. Great. Most spammers are "smart" enough that they don't spam from their own domain -- they open multiple web hosting accounts elsewhere and blast out their mail from there via perl or php scripts activated by something as simple as wget or a perlbot.
Implement a stiff fine/cleanup fee.
Sure thing. Oops, said credit card was stolen. There's the money they owe you, plus a $25 handling fee for a chargeback.
Provide people who complain the real information on the spammer.
Sure thing (actually, that's in our AUP as well). Oops, they're actually
a foreigner, and
they signed up with fictitious information and a stolen credit card to boot
Looks like the only thing we've got is an IP address in Indonesia, since they raped an open SOCKS proxy or someone else's web hosting server to sign up.
Confirm credit card information to make sure that the credit cards are not stolen.
Sure thing. It was an AOL/earthlink/someotherlargeISPthatcaterstoidiots user, and all the information matches. Most cards aren't reported stolen until several MONTHS after they've been used for this purpose, simply because of the "honey, did you charge this?" "I might have" effect.
Secure your servers.
That's always a given.
The typical scenario in this type of situation goes something like this:
A spammer in the US pays a spammer overseas x% to spam their shit.
Said overseas spammer steals a credit card via scams, social engineering, or what have you
Said overseas spammer uses an open relay in close proximity to the actual physical address of the cardholder, or a nationwide ISP to sign up for 50-100 web hosting accounts. The phone number given is a temporary cell phone number the spammer in the US has purchased on a temporary basis.
The overseas spammer sets up spam bots on all of the servers mere minutes before sending the spam. Since most of these are written for each individual circumstance, there's no real way to check for them, else everyone's formmail and PHP form scripts would set them off.
At the last minute of operation, the spammer starts a few hundred instances of wget, or a perl script that forks an instance per spam account, and the mail begins sending from all locations near-simultaneously.
The hosts shut them down, redirect the site NOBODY'S EVEN HEARD OF to a page saying "This site was closed due to spam", and sometimes place the personal information of the innocent (but relatively stupid) person whose credit card number was on the order form.
The spammer moves on for the next kill at the next location.
The spammer in the US ditches the cell phone, as it was paid for fraudulently in the first place
After adding a $400 cleanup fee to the customer's bill, the cardholder (who isn't the customer) does a chargeback for the time the site was hosted (often several months worth) and amount + $25/month for charges, so the host takes it in the ass. We've had some sit on a site for 6 months before spamming.
Sure, you could attempt to track down each and every spammer, but even the credit card companies and merchant account providers don't care, because the chargebacks make them MORE money on top of everything.
The simple fact of the matter is that the REAL people who could do something about this scenario, the credit card companies, who could actually provide contact information (like a home phone number!) to merchants checking to verify the charges, as well has changing their chargeback policy, couldn't care less because this type of fraud only nets them more money from providers who can only tell if the card and its information are "good" or "bad".
Strange idea... [paranoid mode] They're also working to crack down on spam. I wonder if the two events are coinciding -- it seems like the more spam one receives, the more a pain in the ass it is for investigators to wade through the bullshit, and the more likely they are to miss something. Think about this: someone sends an email to someone with the subject "HERBAL VIAGRA -- STAY HARD FOR HOURS!", though the body of the message is something desirable to the FBI. Considering after a while of wading through crap, they would just ignore something with said subject line, thereby potentially missing something crucial. If they really are planning to crack down on spam, this may be the motive behind it. [/paranoid mode]
Wow, great idea! Oh, wait -- some people actually need to use their vehicles for something other than getting from point A to point B.
While I understand most/.ers' religious railings against the SUV in an urban environment, let's not forget that they do have a purpose other than the soccer moms wanting to burn a shitload of gas.
Hauling capacity isn't as much as a pickup truck in an SUV, but it definitely assures (within reasonable limits) that your cargo won't get soaking wet in the rain. This comes in extremely handy when hauling moderate-sized loads of electronic equipment in situations where renting that U-Haul isn't economically feasible due to the amount of time the transport is needed.
<rant> I just wanted to make a statement regarding new.net. That has to be one of the most foul excuses for software I've ever seen.
For those who don't know, it allows people to use the new.net TLDs, and sets them up so you don't have to reboot after installation.
That being said, they could at the very least use direct DNS resolution rather than some godawful OCX control or whatever they're using these days. We had a customer get royally pissed and almost demanded to return the system she bought from us because her kid would
Install some software
Install new.net with said software
Uninstall *something* (I'm not sure what)
Frap all DNS settings after uninstall, because new.net was never properly removed
If crapware like this becomes more and more prevalent, we'll have to start charging out the ass for support, which we don't want to do.
</rant>
(takes deep breath) This is becoming a trend that could initiate a spread of infected files with much the same ease as nimda and sircam. Not terribly frightening, but excruciatingly annoying.
You got that one too? That individual got my address off here (my old listing, phorlakh+slashdot@atralakh.dyndns.org), so that was fairly obvious. BTW, has anyone else gotten around a 700% to 1000% increase in spam after forwarding spam to the FTC? My spam rate used to be three per week until I started bouncing them to uce@ftc.gov
(this is from a small project I'm throwing together. Use it if you want
(anyone))
As a side note, most people previously dealing with a *NIX system never had
to touch the shell -- everything they did was through menus, bringing up the
programs/modules/whatever they needed. Complete and total morons (in a
computing manner) could, did, and still do manipulate these systems regularly.
The shell was initially only for the administrators when it came to business.
The GNOME environment, while it's a damn good gig, is pushing in the opposite
direction of that, and that's nothing but an uphill climb. For home, GNOME
is good enough for anyone (with the exception of blithering idiots) willing
to take the time to figure things out on their own. For work, no normal user
should have to learn a complete desktop to get work done. It's
counterproductive to have to get around the interface (start/programs/Office/whatever) to get things done. IMHO, the user interface for a business should
consist only of what's needed, and nothing else.
There's a lot of things on here that, despite sounding frivolous to a home
user, would be great for a system encompassing larger a/c systems etc... for
industry (some of it would even be great if they'd do it on the systems
themselves as opposed to network). Throwing diagnostics in as well would be
a tremendous idea on the whole; You could tell via a mail if refrigerant
pressure drops below a certain point, tell by airflow what filters need
changing, warn of mechanical failure (blower motors not running, compressors
stalled/shorted to ground/locked up, etc...), and electrical failure as well.
The one thing, however, that I do not like, is the fact this will introduce a
new level of complexity into a fairly simple system. Already, there are
unnecessary items inside many systems (high-dollar control units to replace
a simple contactor or relay mechanism, for example) that not only mean more
problems in event of failure, but result in a higher cost to the customer in
labor, parts replacement, and up front cost.
Slashdot Mirror
Most implementations of qmail I've seen use hooks in inetd/xinetd for receiving mail. All you have to do is create a pseudoservice (xsmtp for example) in /etc/services on a different port:
xsmtp 5555/tcpthen copy the line for qmail's SMTPD in inetd as called from that pseudoservice (i.e. xsmtp rather than smtp) (or file in many default xinetd configurations), restart xinetd/inetd, and you're all set -- qmail is listening on two different ports simultaneously.
HTH
...I've seen this one before (by the description). When I was working on PCs for a living, an optomologist's secretary brought in her computer, which was acting "strangely" and all sorts of "foul things" were coming up on her screen. I figured something had just replaced her homepage on IE with a porn site or something like that, so I plugged the machine up and let it boot, explaining to her "well, there's some bad shit you have to look out for, but there's always worse". I was quite wrong. This was worse.
When I fired up IE on the system, it went straight to a child pornography site that was obviously a typoed URL (freecilpart.com or something like that...don't hold me to it since my memory's terrible), and the default homepage setting was being updated constantly (like kak). This program was listening on some oddball high-numbered port.
Since the box was inside a Novell network and wasn't exposed to the outside world (much) I figured it wasn't a normal compromise. I told her to contact the FBI over the site, and I went looking for the malware, but couldn't track it down (limited time on it, though) and wound up wiping the box clean and reinstalling Win98. She's very religious about keeping the a/v definitions updated now (:
Don't worry -- MIT will get half the allottment up front. We'll be bitching about running out of IP space in 27 more years.
such as:
"New -- this summer...an action tale that will rip out your spleen and eat it with ice cream. Arnold Schwarzenegger is...Pippi...Longstocking! This film has not yet been rated."
?
I agree with you 100% and have been warning people for years. These people are religious fanatics. They believe absolutely in everything written in the Bible... and if they have the power to make it happen, they're going to.
A little secret here -- it's not the bible-thumpers that you think it is, it's the bible-thumpers nobody knows about.
Beginning with Aleister Crowley, the ideals of certain fringe organizations became far more mainstream: the idea that the Great Beast was the Lion of the Tribe of Judah, and that the one heralded as the "Anti-Christ" was actually the returning Messiah.
Naturally, this has its roots somewhere, that somewhere being a derivative of the Gnostic religion, which was originally a "bastardisation" of the Bible (read over some of the Gnostic gospels and you will find a few references to these ideals in about 20% of them) in favor of a (most likely) Egyptian religious standpoint (short version): that the creator god, Ialdabaoth, created the world and mankind in sin and defiance of the "Father of Light", and only through the wisdom of the Instructor, "Lucifer" or "Jesus" did the first humans partake of the fruit of the tree of life and thus become gods, as they could control their own destinies.
The new "cataclysm" is that, essentially, the Great Beast will rise up and bring the world into a new Utopia (VERY abridged), so thusly, mankind, being gods, must do everything in their power to make certain it is so. While this does fly in the face of traditional Christian and other aligned religion's ideals of the end, it is the predominant ideal bestowed on people who have reached (after many years of pushing) the top heirarchies of many secret societies which most (not all, but most) politicians in the world, not just the US, subscribe to.
footnote: my apologies if there are any missing apostrophes or quotes -- slashdot doesn't like my habitual " and '
<offtopic>That reminds me -- a few years ago, I went out of town for a few days, and when I got back my old P200 refused to boot. I yanked out cables and cards in an attempt to get the old beast up and going again, and when I yanked out the sound card, it booted. Well, I put everything back together, and then looked closer at the sound card.
It had a nice, dried puddle of mouse piss on it, so I put it aside and waited for the next opportunity to grab another one.
I thought (after I'd gotten another one) that I should have called Dell tech support and discussed the problem with them:
(them) "Hello, <speil>"
(me) "Yeah, I've got a mouse problem."
(them) "What seems to be the problem?"
(me) "Oh, it sort of pissed on my sound card."
</offtopic>
3. Create our own countries, outside the jurisdiction of evil legislation.
Several states in the US tried this years ago, and they were far better armed. I doubt you'll have that much of a chance.
Yeah. Great. Most spammers are "smart" enough that they don't spam from their own domain -- they open multiple web hosting accounts elsewhere and blast out their mail from there via perl or php scripts activated by something as simple as wget or a perlbot.
Sure thing. Oops, said credit card was stolen. There's the money they owe you, plus a $25 handling fee for a chargeback.
Sure thing (actually, that's in our AUP as well). Oops, they're actually
- a foreigner, and
- they signed up with fictitious information and a stolen credit card to boot
Looks like the only thing we've got is an IP address in Indonesia, since they raped an open SOCKS proxy or someone else's web hosting server to sign up.Sure thing. It was an AOL/earthlink/someotherlargeISPthatcaterstoidiots user, and all the information matches. Most cards aren't reported stolen until several MONTHS after they've been used for this purpose, simply because of the "honey, did you charge this?" "I might have" effect.
That's always a given.
The typical scenario in this type of situation goes something like this:
Sure, you could attempt to track down each and every spammer, but even the credit card companies and merchant account providers don't care, because the chargebacks make them MORE money on top of everything.
The simple fact of the matter is that the REAL people who could do something about this scenario, the credit card companies, who could actually provide contact information (like a home phone number!) to merchants checking to verify the charges, as well has changing their chargeback policy, couldn't care less because this type of fraud only nets them more money from providers who can only tell if the card and its information are "good" or "bad".
perhaps He, in His infinite wisdom, unzipped his pants, thereby proving (with base 11) that God isn't a woman after all.
Hrmm...looking at the URL, it could easily be this.
Sorry, I couldn't resist (:
I can almost see the commercials now...people throwing these things at fires to the tune of "Goodness, gracious, great balls 'o' fire!"
*shudder*
Strange idea...
[paranoid mode] They're also working to crack down on spam. I wonder if the two events are coinciding -- it seems like the more spam one receives, the more a pain in the ass it is for investigators to wade through the bullshit, and the more likely they are to miss something.
Think about this: someone sends an email to someone with the subject "HERBAL VIAGRA -- STAY HARD FOR HOURS!", though the body of the message is something desirable to the FBI. Considering after a while of wading through crap, they would just ignore something with said subject line, thereby potentially missing something crucial.
If they really are planning to crack down on spam, this may be the motive behind it.
[/paranoid mode]
Wow, great idea! Oh, wait -- some people actually need to use their vehicles for something other than getting from point A to point B.
/.ers' religious railings against the SUV in an urban environment, let's not forget that they do have a purpose other than the soccer moms wanting to burn a shitload of gas.
While I understand most
Hauling capacity isn't as much as a pickup truck in an SUV, but it definitely assures (within reasonable limits) that your cargo won't get soaking wet in the rain. This comes in extremely handy when hauling moderate-sized loads of electronic equipment in situations where renting that U-Haul isn't economically feasible due to the amount of time the transport is needed.
Not everyone lives in cities, nor desires to.
honestly, it looks more like it rhymes with "Clitoris"...perhaps *that's* why it gets such favorable reviews
<rant> I just wanted to make a statement regarding new.net. That has to be one of the most foul excuses for software I've ever seen.
For those who don't know, it allows people to use the new.net TLDs, and sets them up so you don't have to reboot after installation.
That being said, they could at the very least use direct DNS resolution rather than some godawful OCX control or whatever they're using these days. We had a customer get royally pissed and almost demanded to return the system she bought from us because her kid would
If crapware like this becomes more and more prevalent, we'll have to start charging out the ass for support, which we don't want to do. </rant>
(takes deep breath) This is becoming a trend that could initiate a spread of infected files with much the same ease as nimda and sircam. Not terribly frightening, but excruciatingly annoying.
maybe he intends to build a beowulf clu*WHACKWHACKWHACK* OW DAMNIT! I didn't say it! I *SWEAR!*
That could be fun... onMouseOver('blinkANSIcolor()') :D
strangely enough, that's where they got my address -- all of them sent to phorlakh+slashdot@ :)
shouldn't that be "Bob"?
You got that one too? That individual got my address off here (my old listing, phorlakh+slashdot@atralakh.dyndns.org), so that was fairly obvious. BTW, has anyone else gotten around a 700% to 1000% increase in spam after forwarding spam to the FTC? My spam rate used to be three per week until I started bouncing them to uce@ftc.gov
I thought it was "Penguin Attack" by GWAR
What about something like this?
atralakh% cat Filesystem.sh
#!/bin/sh
(umask 022 && mkdir "/Boot")
(umask 022 && mkdir "/Boot")
(umask 022 && mkdir "/Boot/Kernel Source")
(umask 022 && mkdir "/Drives")
(umask 022 && mkdir "/Drives/CD-Rom1")
(umask 022 && mkdir "/Drives/CD-Rom2")
(umask 022 && mkdir "/Drives/Floppy-A")
(umask 022 && mkdir "/Drives/Windows")
(umask 022 && mkdir "/Drives/Floppy-B")
(umask 077 && mkdir "/Devices")
(umask 022 && mkdir "/System")
(umask 022 && mkdir "/System/Programs")
(umask 022 && mkdir "/System/Libraries")
(umask 022 && mkdir "/System/Logs")
(umask 022 && mkdir "/System/Temporary")
(umask 022 && mkdir "/System/Configuration")
(umask 022 && mkdir "/System/Configuration/Default Locker")
(umask 022 && mkdir "/System/Configuration/Default Locker/Programs")
(umask 022 && mkdir "/System/Configuration/Default Locker/Libraries")
(umask 022 && mkdir "/System/Configuration/Default Locker/Configuration")
(umask 022 && mkdir "/System/Configuration/Default Locker/Desktop")
(umask 022 && mkdir "/System/Configuration/Default Locker/My Stuff")
(umask 022 && mkdir "/System/Configuration/Default Locker/My Stuff/Pictures")
(umask 022 && mkdir "/System/Configuration/Default Locker/My Stuff/Documents")
(umask 022 && mkdir "/System/Configuration/Default Locker/My Stuff/Sounds")
(umask 022 && mkdir "/System/Configuration/Default Locker/Temporary")
(umask 022 && mkdir "/System/Configuration/rc.d")
(umask 022 && mkdir "/System/Configuration/rc.d/rc1.d")
(umask 022 && mkdir "/System/Configuration/rc.d/rc2.d")
(umask 022 && mkdir "/System/Configuration/rc.d/rc3.d")
(umask 022 && mkdir "/System/Configuration/rc.d/rc4.d")
(umask 022 && mkdir "/System/Configuration/rc.d/rc5.d")
(umask 022 && mkdir "/System/Configuration/rc.d/rc6.d")
(umask 022 && mkdir "/System/Configuration/rc.d/init.d")
(umask 022 && mkdir "/System/Variable_Data")
(umask 022 && mkdir "/Users")
(umask 022 && mkdir "/Users/Programs")
(umask 022 && mkdir "/Users/Libraries")
(umask 022 && mkdir "/Users/Configuration")
(umask 022 && mkdir "/Users/Lockers")
(umask 077 && mkdir "/Users/Lockers/Administrator")
(umask 077 && mkdir "/Users/Lockers/Administrator/Configuration")
(umask 077 && mkdir "/Users/Lockers/Administrator/Desktop")
(umask 077 && mkdir "/Users/Lockers/Administrator/Libraries")
(umask 077 && mkdir "/Users/Lockers/Administrator/My Stuff")
(umask 077 && mkdir "/Users/Lockers/Administrator/My Stuff/Pictures")
(umask 077 && mkdir "/Users/Lockers/Administrator/My Stuff/Sounds")
(umask 077 && mkdir "/Users/Lockers/Administrator/My Stuff/Documents")
(umask 077 && mkdir "/Users/Lockers/Administrator/Temporary")
(umask 077 && mkdir "/Users/Lockers/Administrator/Programs")
(this is from a small project I'm throwing together. Use it if you want (anyone))
As a side note, most people previously dealing with a *NIX system never had to touch the shell -- everything they did was through menus, bringing up the programs/modules/whatever they needed. Complete and total morons (in a computing manner) could, did, and still do manipulate these systems regularly. The shell was initially only for the administrators when it came to business. The GNOME environment, while it's a damn good gig, is pushing in the opposite direction of that, and that's nothing but an uphill climb. For home, GNOME is good enough for anyone (with the exception of blithering idiots) willing to take the time to figure things out on their own. For work, no normal user should have to learn a complete desktop to get work done. It's counterproductive to have to get around the interface (start/programs/Office/whatever) to get things done. IMHO, the user interface for a business should consist only of what's needed, and nothing else.
uhhhhhhh....isn't that called slashdot? :D
RMS Calls Bill Gates Pee-peehead
Gates responds with "You and your mama"
There's a lot of things on here that, despite sounding frivolous to a home
user, would be great for a system encompassing larger a/c systems etc... for
industry (some of it would even be great if they'd do it on the systems
themselves as opposed to network). Throwing diagnostics in as well would be
a tremendous idea on the whole; You could tell via a mail if refrigerant
pressure drops below a certain point, tell by airflow what filters need
changing, warn of mechanical failure (blower motors not running, compressors
stalled/shorted to ground/locked up, etc...), and electrical failure as well.
The one thing, however, that I do not like, is the fact this will introduce a
new level of complexity into a fairly simple system. Already, there are
unnecessary items inside many systems (high-dollar control units to replace
a simple contactor or relay mechanism, for example) that not only mean more
problems in event of failure, but result in a higher cost to the customer in
labor, parts replacement, and up front cost.