I get three hundred spam emails every day. My tarpit identifies 'em before they hit my inbox and holds the spammers' connections open to waste resources on their systems (or the open relays they're hijacking). Right now I have 100 spam connections being held open by my mail server. A large number of spambots are too stupid to break the connection until I drop them at the four day mark.
Even though I'm tarpitting so many spammers, the number of spam attempts I'm getting is steadily increasing. It bugs me that more and more people are trying to sell me underage pornography and shady business opportunities and miracle health products. It really bothers me that my poor neighbors, who have young kids, are getting all sorts of smut and trash blasted to their emailbox (and to their screens, thanks to Windows spyware and that stupid NetBIOS alert-dialog security hole) and have no idea how to protect themselves from it.
There needs to be a MUCH easier way of suing spammers. I've got an idea: why not form an organization whose sole purpose is to pursue legal action against spammers, on behalf of the people who are being spammed? In return for tracking down the spammers and handling the court cases, this organization would be more than welcome to keep the proceeds from winning their cases.
To me, knowing that more spammers are being brought to justice is more important than me getting money out of them.
The short of it is that there is no legal way to cause spammers pain.
I've been running a tarpit for the past six months. (Exim + SpamAssassin + SA-Exim) During that time, I've seen that roughly 5% of spammers will sit around for however long I feel like tarpitting them (my timeout is currently four days), while the rest of them are smart enough to disconnect from my tarpit when they see that I'm holding them open.
But the spammers are using open relays, and there's an infinite supply of open relays. If one of them gets bogged down, they'll just move on to another.
The especially interesting thing is that I've seen the amount of spam attempts on my server *triple* since I started tarpitting them, from 100/day last year to 300/day now! It's as if the spammers love to be tarpitted!
And I've found out there's absolutely no way to convince a spammer to remove me from his mailing list. Tarpit him, he doesn't care! Give him a 5xx error code, he doesn't care! Firewall his connection attempts, he doesn't care! It's easier for spammers to sell lists of five million addresses (4.99 million of which don't accept email) than it is to try to pay attention to error messages and failure states and weed out bad addresses. I've even seen spam addressed to the messageID's on Usenet news postings.
These days *anyone* can become a registrar, it seems.
That's how cybersquatters can afford to snatch up tens of thousands of domain names the moment they expire. The cybersquatters aren't paying $35 to another registrar for each name; they're just putting out a couple of thousand bucks to become registrars themselves then they get to snap up as many newly-expired domain names as they want, for free.
And then they easily recoup the couple of thousand bucks by finding people who didn't mean to let their domains expire, and extorting large sums of money from those people to give them their domains back.
Cybersquatters are scum of the earth, second only to spammers.
One of the worst travesties of the Atari 2600 Pac-Man is that it turned the monsters into ghosts!
The enemies in the original Pac-Man are monsters... but they flickered so much in the Atari 2600 version that Atari decided to call them 'ghosts' instead. And then the Pac-Man cartoon TV show decided to call them ghost-monsters, and so the pathetic 2600 cartridge caused an entire generation to be confused about exactly what's chasing poor Pac.;-)
So don't think this sort of attack hurts the spammers, it doesn't, they take countermeasures.
If they were smart, they'd simply remove my address from their list when they see that I'm teergrubeing them, because then they know there's no point to them even making an attempt to send me spam. But the vast majority of spammers, according to my logs, aren't so smart and patiently wait many hours for me to let go of them.
Instead the attack takes out legitimate senders whose emails are incorrectly identified by the teergrubbing algorithm.
No, it doesn't. The majority of emails that my server teergrubes are sent to spamtrap addresses -- throwaway addresses that I've long since thrown away, and which continue to get boatloads of spam. The rest are messages which contain phrases like 'make money fast' and 'money-back guarantee' and 'hot xxx chicks,' phrases which nobody who's not on my addressbook whitelist has ever sent me in a non-spam situation.
There are similar problems with the much touted blacklists,
No, there aren't. Tarpits have nothing to do with blacklists -- you can use a blacklist to control your tarpit, which as you pointed out is a bad idea; or you can score incoming messages with SpamAssassin and then tarpit the ones over a certain score, like I do.
Exim + SA-Exim + SpamAssassin. They're a great combination.
Teergrubes are the answer
on
ISP Chief on Spam
·
· Score: 5, Interesting
The only way to solve the problem is to make it cost something to send spam.
That's what I'm doing right now.
I run a tarpit on my mail server. Send me spam, and my mail server identifies it as such and imposes a cost on the sender -- in this case, the cost is that my mail server holds on to his connection and sends nothing but occasional keepalive messages in return. The spammer's relay (or the open relay he's hijacking) is deprived of an outgoing connection it could be using for sending spam to somebody else. Eventually the spammer will hit enough teergrubes that all of his outgoing connections will be tied up by them, and he'll come to a complete stop.
If the spammers begin catching on to this, and dropping their connections to me after they see me stall for N seconds, then I'll just set my mail server to automatically stall all incoming SMTP connections for N+10 seconds.
So the cost I'm imposing on spammers isn't money, but time and resources. A mom-and-pop ISP isn't going to be deterred by having its outgoing SMTP connections held for a minute before they're accepted. A spammer trying to send out two and a half million spam messages *will* be deterred by this.
If the spammers start bailing after a short time, like 30 seconds, then all you've got to do is set your own mail server to delay that long before it accepts legitimate email. The spammers will bail out after half a minute, you accept the email if the sender sticks around for 45 seconds and never have to worry about those spammers.
Imposing a delay on all incoming mail connections will have a much more devastating effect on someone who sends out a million messages a day than it will on someone who sends out a dozen messages a day.
Adding a delay like this wouldn't work for a large mail server which accepts a lot of email, but for a personal mail server which accepts less than a hundred messages a day, you can easily afford the hit.
But that's not fighting back.;) Once your ISP has accepted the spam for you, the spammer's already gone on his way.
There are many ways to better defend yourself against the onslaught of spam, but there are also a few relatively easy ways to take the battle right to their own mail relays!
I'm going to take advantage of a duplicate article, shamelessly grab a place near the top of the replies, and tell y'all how to fight back against spam.
1. Get a cheap discarded PC and install Linux on it. Get one of those 'always-on' net connections to your home, like DSL or a cable modem. You'll need a service plan that gives you a static IP address. Register a domain name of your very own, and use dyndns.org to point your domain name at your PC. This has the added benefit of letting you host your own web site on your own domain name if you want to.
2. Download the Exim mail server and install it on your PC, and set it up to accept email for you. You'll also want to set up an IMAP server so that you can fetch your email from the PC. Now you can make up any address you want on your new domain, and have mail sent to it reach you. This is great for when you need a one-time throwaway address for something.
3. Install SpamAssassin, and also install SA-Exim to link SpamAssassin with the Exim mail server. This will let the mail server identify and reject spam instead of only dealing with it after it's been accepted.
Once you run this for a while to make sure it's doing a good job of identifying spam, turn on Sa-Exim's teergrube ('tarpit') feature. Now, when someone tries to send you spam, your mail server will hold the spammer's connection open indefinitely by sending it occasional 'keepalive' messages without ever sending an accept or a reject. Once the spammer stumbles across enough teergrubes, the mail relay he's using will hit a process limit and be unable to continue sending spam until the spammer notices and resets it or moves on to another relay.
Teergrubing is a passive way of tying up a spammer's resources, or the resources of an open relay that's being abused by spammers. It has a negligible hit on your own resources. The more teergrubes (and honeypot web pages which feed spamtrap addresses to address harvesters) pop up out there, the harder it will be for a spammer to simply spam millions of people with the touch of a button.
Does the new installer have hardware autodetection? I read the links in the article, but I can't find any detailed explanation of exactly what the new installer's all about.
I've been trying Debian recently. The most frustrating thing about it is that the installer requires me to know what graphics chip I have, what sound chip I have, what network interface I have, what IrDA interface I have, and all sorts of other little hardware details that will foul up the system if I choose wrong.
On my Dell laptop it took me a day to figure out what NIC driver I was supposed to use (a 3c5xx driver for a 3c905 card, go fig) so I could start the network install, then another day to figure out what video driver to use so X wouldn't hang on startup (I had a Neomagic chip, but I wasn't supposed to be using the Neomagic driver), and now it's been a few days and I still haven't been able to get audio working.
I'm tired of digging around on mailing lists and web sites to figure out how to get Debian to behave. And lots of the available documentation is now outdated; for example, I was puzzled why I didn't have '/etc/conf.modules' until I figured out that it's been replaced by '/etc/modules.conf'. Huh.
I really hope the new installer makes all this easier.
I agree with you wholeheartedly. I reallyreallyreally want to love Linux with all my heart, but it's really tough to love...
I use Mac OS X for work. I use Windows 98 for games. I just got a retired Dell Latitude CPi laptop computer, and I decided to install Debian Linux on it to find out how far Linux has come since I last messed with it three years ago.
The net install wouldn't work at first because I had to figure out what Ethernet interface I was using and figure out how to load the drivers for it. This wasted half a day of scouring web sites and mailing lists for the answer. Then the install succeeded, but X Windows wouldn't come up (black screen and the X server chewed cycles), and I had to spend a full day digging through the Internet for answers. Now I'm past that, but audio won't work after two days of trying to figure it out, and I'm at wit's end. And never mind all the problems I hit in the interim, like 'dselect' trying to uninstall my operating system by default, or Gnome using the twm window manager instead of Sawfish for some unknown reason.
I've been getting inside computers for twenty years. I've been a sysadmin and a webmaster for hundreds of thousands of dollars worth of servers. If *I* can't figure out how to get Linux running smoothly on my desktop, then there's NO chance that Mom ever would.
I set up my own Exim mail server, and tied it to SpamAssassin via the SA-Exim filtering software. Now whenever I get email that 'looks like' spam, Exim bounces it with a message which says 'this looks like spam, if it's not then please re-send to notspam@mydomain.com.'
This 'notspam' address is configured to let all mail through without checking it. If spammers get this address and begin to abuse it, then I'll simply choose a new address to use, and update the bounce message.
It feels really good to shove the burden of proof upon the sender, especially when I haven't yet gotten any false positives in over four thousand spams since I started using this approach.
I had two big problems with the first Harry Potter movie. Firstly, there was no plot; it was all backstory and setup and wide-eyed kids being led on a field trip through Fantasyland, and then at the very end, Chris Columbus says 'oh yeah, there's a bad guy too' and provides a meager showdown. There wasn't nearly enough tension through the first movie to drive the plot. Secondly, in the first movie (and the first book, too) Harry doesn't really do anything, he just gets towed through the events by the plot and by the people around him. He doesn't really make any difficult decisions which define his character.
But the second movie hits the ground running. All the messy exposition is out of the way; the characters are already established, so Columbus can start doing things with them right away. And there are plenty of times when the secondary characters leave the limelight for a little while, giving Harry the chance to show what he's made of.
The computer graphics are really well done. The flying car is terrific. Dobby is rendered well. The only thing they've still got to work on is movement: Dobby shouldn't bob and weave like a Don Bluth character every time the camera's on him, and birds have short quick motions, not smooth fluid motions.
There's one scene with Dobby where he looks like he's trying really hard to be Episode II Yoda.:) But I won't give away any more than that.
So this film was fun, and I hope the other four I'll be seeing in the next few weeks (Treasure Planet, Die Another Day, LotR: The Two Towers, ST: Nemesis) are as good. This is a great movie season.
P.S.: I was surprised there was no 'In Memory of Richard Harris' dedication anywhere to be seen.
P.P.S.: Stay 'til the end of the credits for another laugh.
The computer is a Power Macintosh 6100-class, probably a 6115CD because the 6100 didn't come with a CD-ROM drive.
There's a slim possibility that the computer could be a Power Macintosh 6100/66 DOS Compatible with a 486/66 card inside it, running Windows 95, but that only matches the photo if they added an internal CD-ROM drive to the stock machine.
Those are the same reasons why I never went with a GM EV1 even though they had plenty of recharging stations in Silicon Valley. They even had four recharging stations in front of Fry's Electronics, right up as close as you could park to the front doors of the store! It was always amusing to see big SUV's ignore the 'Electric Car Only' signs in those spaces and park there anyway.
The only hybrid that's really useable right now is the Honda Civic hybrid; the Prius is too bare-bones to be an enjoyable car. But even the Civic has really terrible pickup.
I'm in the market for a new car, and I want something geek-approved. By this I mean I'm not looking for the latest Honda Accord clone or a big fat engine or airbags on every exposed surface. I want something a little further away from mainstream. I want a hybrid engine with more horsepower. I want plastic sidepanels that don't dent. I want a car radio that loads new mp3's from my home computer over wireless every time I park in the garage. I want to be able to talk with my car like KITT. I want a car with high tail lights and a snub nose and aggressive curves like something out of Ridge Racer.
But most of the cars out there on the road are still big hulks of metal that are trying to look just like each other so they can avoid being unpopular, and they still think a CD changer is primo technology, and they're still using engine technology from forty years ago. Le sigh.
Mozilla doesn't feel like a Mac OS X application, either. Sure, if you set the theme to 'Classic' then it fakes having Aqua scrollbars and buttons, but set the theme to 'Modern' and the generic interface elements return.
It just lacks the spit-and-polish that other Mac OS X applications have. Mozilla doesn't get the text navigation shortcuts (option- and command-arrowing through text) quite right, it doesn't get the 'new document' behavior quite right (if it has no windows open and I click on the 'M' icon in the dock then it should create a window), the pulldown menus don't look quite right, it shouldn't hijack Command-W to close tabs instead of windows... sure, there's another project ('Chimera') to create a Mac OS X-friendly version of Mozilla, but there shouldn't *have* to be; the original Mozilla shouldn't be such a Frankenstein's monster on Mac OS X in the first place.
IMHO, the Mozilla developers made a very bad decision when they decided to create their own GUI toolkit from scratch rather than rely on the interface of each operating system Mozilla ran on. Sure, Mozilla's controls look the same on Mac OS X as they do on Windows and Linux and Be and OS/2 and OpenVMS... but who cares? I don't want it to look like a Windows application on my Mac. And having to reinvent the wheel and get all the buttons and scrollbars and pulldowns working right must have added at least a year or two to Mozilla's schedule, and they still need work.
Tribes 2 is an *excellent* game. After a year, I'm still addicted to Siege, which is a capture-the-flag variation where one team is entirely on defense and the other team is entirely on offense (and then when D captures the flag, they swap places).
It's got great balance to it; there are no powerups or BFG's or invincibility to mess up the game dynamics. And people who focus on deploying and repairing equipment can make as much or more difference than people who act like cowboys.
And the 3-D nature of the game, the ability to fly around with a jetpack and head as far as I want in any direction across the terrain, means I'll never again play one of those games where I'm stuck to the ground in a claustrophobic dungeon.
Tribes 2 is a terrific game. I'm really disappointed Dynamix was scuttled. I'm ticked at Sierra in general for lots of other bad decisions, such as killing off the Mac versions of Tribes 2 and Half-Life when they were all but ready to ship, and also for cancelling Babylon 5: Into The Fire.
(If you play Tribes 2, look for me! I'm 'wow! scotfox'. My tribe, 'wow!' aka Wookies Of War, has been the #1 ranked Siege tribe for most of the time since T2 was released.)
Sure, the ATI web page says that, but the card doesn't have component output and neither the software nor the documentation mentions anything about HDTV output.
Slashdot Mirror
Please tell me you're running a tarpit. :) With spam volume like that, you could really slow down the spammers!
I get three hundred spam emails every day. My tarpit identifies 'em before they hit my inbox and holds the spammers' connections open to waste resources on their systems (or the open relays they're hijacking). Right now I have 100 spam connections being held open by my mail server. A large number of spambots are too stupid to break the connection until I drop them at the four day mark.
Even though I'm tarpitting so many spammers, the number of spam attempts I'm getting is steadily increasing. It bugs me that more and more people are trying to sell me underage pornography and shady business opportunities and miracle health products. It really bothers me that my poor neighbors, who have young kids, are getting all sorts of smut and trash blasted to their emailbox (and to their screens, thanks to Windows spyware and that stupid NetBIOS alert-dialog security hole) and have no idea how to protect themselves from it.
There needs to be a MUCH easier way of suing spammers. I've got an idea: why not form an organization whose sole purpose is to pursue legal action against spammers, on behalf of the people who are being spammed? In return for tracking down the spammers and handling the court cases, this organization would be more than welcome to keep the proceeds from winning their cases.
To me, knowing that more spammers are being brought to justice is more important than me getting money out of them.
'should' != 'does'
The short of it is that there is no legal way to cause spammers pain.
I've been running a tarpit for the past six months. (Exim + SpamAssassin + SA-Exim) During that time, I've seen that roughly 5% of spammers will sit around for however long I feel like tarpitting them (my timeout is currently four days), while the rest of them are smart enough to disconnect from my tarpit when they see that I'm holding them open.
But the spammers are using open relays, and there's an infinite supply of open relays. If one of them gets bogged down, they'll just move on to another.
The especially interesting thing is that I've seen the amount of spam attempts on my server *triple* since I started tarpitting them, from 100/day last year to 300/day now! It's as if the spammers love to be tarpitted!
And I've found out there's absolutely no way to convince a spammer to remove me from his mailing list. Tarpit him, he doesn't care! Give him a 5xx error code, he doesn't care! Firewall his connection attempts, he doesn't care! It's easier for spammers to sell lists of five million addresses (4.99 million of which don't accept email) than it is to try to pay attention to error messages and failure states and weed out bad addresses. I've even seen spam addressed to the messageID's on Usenet news postings.
These days *anyone* can become a registrar, it seems.
That's how cybersquatters can afford to snatch up tens of thousands of domain names the moment they expire. The cybersquatters aren't paying $35 to another registrar for each name; they're just putting out a couple of thousand bucks to become registrars themselves then they get to snap up as many newly-expired domain names as they want, for free.
And then they easily recoup the couple of thousand bucks by finding people who didn't mean to let their domains expire, and extorting large sums of money from those people to give them their domains back.
Cybersquatters are scum of the earth, second only to spammers.
One of the worst travesties of the Atari 2600 Pac-Man is that it turned the monsters into ghosts!
;-)
The enemies in the original Pac-Man are monsters... but they flickered so much in the Atari 2600 version that Atari decided to call them 'ghosts' instead. And then the Pac-Man cartoon TV show decided to call them ghost-monsters, and so the pathetic 2600 cartridge caused an entire generation to be confused about exactly what's chasing poor Pac.
So don't think this sort of attack hurts the spammers, it doesn't, they take countermeasures.
If they were smart, they'd simply remove my address from their list when they see that I'm teergrubeing them, because then they know there's no point to them even making an attempt to send me spam. But the vast majority of spammers, according to my logs, aren't so smart and patiently wait many hours for me to let go of them.
Instead the attack takes out legitimate senders whose emails are incorrectly identified by the teergrubbing algorithm.
No, it doesn't. The majority of emails that my server teergrubes are sent to spamtrap addresses -- throwaway addresses that I've long since thrown away, and which continue to get boatloads of spam. The rest are messages which contain phrases like 'make money fast' and 'money-back guarantee' and 'hot xxx chicks,' phrases which nobody who's not on my addressbook whitelist has ever sent me in a non-spam situation.
There are similar problems with the much touted blacklists,
No, there aren't. Tarpits have nothing to do with blacklists -- you can use a blacklist to control your tarpit, which as you pointed out is a bad idea; or you can score incoming messages with SpamAssassin and then tarpit the ones over a certain score, like I do.
Exim + SA-Exim + SpamAssassin. They're a great combination.
The only way to solve the problem is to make it cost something to send spam.
That's what I'm doing right now.
I run a tarpit on my mail server. Send me spam, and my mail server identifies it as such and imposes a cost on the sender -- in this case, the cost is that my mail server holds on to his connection and sends nothing but occasional keepalive messages in return. The spammer's relay (or the open relay he's hijacking) is deprived of an outgoing connection it could be using for sending spam to somebody else. Eventually the spammer will hit enough teergrubes that all of his outgoing connections will be tied up by them, and he'll come to a complete stop.
If the spammers begin catching on to this, and dropping their connections to me after they see me stall for N seconds, then I'll just set my mail server to automatically stall all incoming SMTP connections for N+10 seconds.
So the cost I'm imposing on spammers isn't money, but time and resources. A mom-and-pop ISP isn't going to be deterred by having its outgoing SMTP connections held for a minute before they're accepted. A spammer trying to send out two and a half million spam messages *will* be deterred by this.
Yes... BUT: :-)
If the spammers start bailing after a short time, like 30 seconds, then all you've got to do is set your own mail server to delay that long before it accepts legitimate email. The spammers will bail out after half a minute, you accept the email if the sender sticks around for 45 seconds and never have to worry about those spammers.
Imposing a delay on all incoming mail connections will have a much more devastating effect on someone who sends out a million messages a day than it will on someone who sends out a dozen messages a day.
Adding a delay like this wouldn't work for a large mail server which accepts a lot of email, but for a personal mail server which accepts less than a hundred messages a day, you can easily afford the hit.
But that's not fighting back. ;) Once your ISP has accepted the spam for you, the spammer's already gone on his way.
There are many ways to better defend yourself against the onslaught of spam, but there are also a few relatively easy ways to take the battle right to their own mail relays!
I'm going to take advantage of a duplicate article, shamelessly grab a place near the top of the replies, and tell y'all how to fight back against spam.
1. Get a cheap discarded PC and install Linux on it. Get one of those 'always-on' net connections to your home, like DSL or a cable modem. You'll need a service plan that gives you a static IP address. Register a domain name of your very own, and use dyndns.org to point your domain name at your PC. This has the added benefit of letting you host your own web site on your own domain name if you want to.
2. Download the Exim mail server and install it on your PC, and set it up to accept email for you. You'll also want to set up an IMAP server so that you can fetch your email from the PC. Now you can make up any address you want on your new domain, and have mail sent to it reach you. This is great for when you need a one-time throwaway address for something.
3. Install SpamAssassin, and also install SA-Exim to link SpamAssassin with the Exim mail server. This will let the mail server identify and reject spam instead of only dealing with it after it's been accepted.
Once you run this for a while to make sure it's doing a good job of identifying spam, turn on Sa-Exim's teergrube ('tarpit') feature. Now, when someone tries to send you spam, your mail server will hold the spammer's connection open indefinitely by sending it occasional 'keepalive' messages without ever sending an accept or a reject. Once the spammer stumbles across enough teergrubes, the mail relay he's using will hit a process limit and be unable to continue sending spam until the spammer notices and resets it or moves on to another relay.
Teergrubing is a passive way of tying up a spammer's resources, or the resources of an open relay that's being abused by spammers. It has a negligible hit on your own resources. The more teergrubes (and honeypot web pages which feed spamtrap addresses to address harvesters) pop up out there, the harder it will be for a spammer to simply spam millions of people with the touch of a button.
Does the new installer have hardware autodetection? I read the links in the article, but I can't find any detailed explanation of exactly what the new installer's all about.
I've been trying Debian recently. The most frustrating thing about it is that the installer requires me to know what graphics chip I have, what sound chip I have, what network interface I have, what IrDA interface I have, and all sorts of other little hardware details that will foul up the system if I choose wrong.
On my Dell laptop it took me a day to figure out what NIC driver I was supposed to use (a 3c5xx driver for a 3c905 card, go fig) so I could start the network install, then another day to figure out what video driver to use so X wouldn't hang on startup (I had a Neomagic chip, but I wasn't supposed to be using the Neomagic driver), and now it's been a few days and I still haven't been able to get audio working.
I'm tired of digging around on mailing lists and web sites to figure out how to get Debian to behave. And lots of the available documentation is now outdated; for example, I was puzzled why I didn't have '/etc/conf.modules' until I figured out that it's been replaced by '/etc/modules.conf'. Huh.
I really hope the new installer makes all this easier.
I agree with you wholeheartedly. I reallyreallyreally want to love Linux with all my heart, but it's really tough to love...
I use Mac OS X for work. I use Windows 98 for games. I just got a retired Dell Latitude CPi laptop computer, and I decided to install Debian Linux on it to find out how far Linux has come since I last messed with it three years ago.
The net install wouldn't work at first because I had to figure out what Ethernet interface I was using and figure out how to load the drivers for it. This wasted half a day of scouring web sites and mailing lists for the answer. Then the install succeeded, but X Windows wouldn't come up (black screen and the X server chewed cycles), and I had to spend a full day digging through the Internet for answers. Now I'm past that, but audio won't work after two days of trying to figure it out, and I'm at wit's end. And never mind all the problems I hit in the interim, like 'dselect' trying to uninstall my operating system by default, or Gnome using the twm window manager instead of Sawfish for some unknown reason.
I've been getting inside computers for twenty years. I've been a sysadmin and a webmaster for hundreds of thousands of dollars worth of servers. If *I* can't figure out how to get Linux running smoothly on my desktop, then there's NO chance that Mom ever would.
I set up my own Exim mail server, and tied it to SpamAssassin via the SA-Exim filtering software. Now whenever I get email that 'looks like' spam, Exim bounces it with a message which says 'this looks like spam, if it's not then please re-send to notspam@mydomain.com.'
This 'notspam' address is configured to let all mail through without checking it. If spammers get this address and begin to abuse it, then I'll simply choose a new address to use, and update the bounce message.
It feels really good to shove the burden of proof upon the sender, especially when I haven't yet gotten any false positives in over four thousand spams since I started using this approach.
I really enjoyed 'The Chamber of Secrets.'
:) But I won't give away any more than that.
I had two big problems with the first Harry Potter movie. Firstly, there was no plot; it was all backstory and setup and wide-eyed kids being led on a field trip through Fantasyland, and then at the very end, Chris Columbus says 'oh yeah, there's a bad guy too' and provides a meager showdown. There wasn't nearly enough tension through the first movie to drive the plot. Secondly, in the first movie (and the first book, too) Harry doesn't really do anything, he just gets towed through the events by the plot and by the people around him. He doesn't really make any difficult decisions which define his character.
But the second movie hits the ground running. All the messy exposition is out of the way; the characters are already established, so Columbus can start doing things with them right away. And there are plenty of times when the secondary characters leave the limelight for a little while, giving Harry the chance to show what he's made of.
The computer graphics are really well done. The flying car is terrific. Dobby is rendered well. The only thing they've still got to work on is movement: Dobby shouldn't bob and weave like a Don Bluth character every time the camera's on him, and birds have short quick motions, not smooth fluid motions.
There's one scene with Dobby where he looks like he's trying really hard to be Episode II Yoda.
So this film was fun, and I hope the other four I'll be seeing in the next few weeks (Treasure Planet, Die Another Day, LotR: The Two Towers, ST: Nemesis) are as good. This is a great movie season.
P.S.: I was surprised there was no 'In Memory of Richard Harris' dedication anywhere to be seen.
P.P.S.: Stay 'til the end of the credits for another laugh.
Doesn't anyone remember Electronic Fun with Computers and Games? There was a classic magazine!
"The mime's opinion was a mute point."
Well, that goes without saying.
Okay, granted. I forgot that the Centris 610 and the Quadra 610 were available with internal CD-ROM's.
But it's not an LC.
The computer is a Power Macintosh 6100-class, probably a 6115CD because the 6100 didn't come with a CD-ROM drive.
There's a slim possibility that the computer could be a Power Macintosh 6100/66 DOS Compatible with a 486/66 card inside it, running Windows 95, but that only matches the photo if they added an internal CD-ROM drive to the stock machine.
So we'll be able to make complicated things happen just by waving our hands in the air?
I guess Arthur C. Clarke *was* right -- any sufficiently advanced technology *is* indistinguishable from magic.
Those are the same reasons why I never went with a GM EV1 even though they had plenty of recharging stations in Silicon Valley. They even had four recharging stations in front of Fry's Electronics, right up as close as you could park to the front doors of the store! It was always amusing to see big SUV's ignore the 'Electric Car Only' signs in those spaces and park there anyway.
The only hybrid that's really useable right now is the Honda Civic hybrid; the Prius is too bare-bones to be an enjoyable car. But even the Civic has really terrible pickup.
I'm in the market for a new car, and I want something geek-approved. By this I mean I'm not looking for the latest Honda Accord clone or a big fat engine or airbags on every exposed surface. I want something a little further away from mainstream. I want a hybrid engine with more horsepower. I want plastic sidepanels that don't dent. I want a car radio that loads new mp3's from my home computer over wireless every time I park in the garage. I want to be able to talk with my car like KITT. I want a car with high tail lights and a snub nose and aggressive curves like something out of Ridge Racer.
But most of the cars out there on the road are still big hulks of metal that are trying to look just like each other so they can avoid being unpopular, and they still think a CD changer is primo technology, and they're still using engine technology from forty years ago. Le sigh.
Mozilla doesn't feel like a Mac OS X application, either. Sure, if you set the theme to 'Classic' then it fakes having Aqua scrollbars and buttons, but set the theme to 'Modern' and the generic interface elements return.
It just lacks the spit-and-polish that other Mac OS X applications have. Mozilla doesn't get the text navigation shortcuts (option- and command-arrowing through text) quite right, it doesn't get the 'new document' behavior quite right (if it has no windows open and I click on the 'M' icon in the dock then it should create a window), the pulldown menus don't look quite right, it shouldn't hijack Command-W to close tabs instead of windows... sure, there's another project ('Chimera') to create a Mac OS X-friendly version of Mozilla, but there shouldn't *have* to be; the original Mozilla shouldn't be such a Frankenstein's monster on Mac OS X in the first place.
IMHO, the Mozilla developers made a very bad decision when they decided to create their own GUI toolkit from scratch rather than rely on the interface of each operating system Mozilla ran on. Sure, Mozilla's controls look the same on Mac OS X as they do on Windows and Linux and Be and OS/2 and OpenVMS... but who cares? I don't want it to look like a Windows application on my Mac. And having to reinvent the wheel and get all the buttons and scrollbars and pulldowns working right must have added at least a year or two to Mozilla's schedule, and they still need work.
Only until we broke off and formed our own tribe! ;-)
Tribes 2 is an *excellent* game. After a year, I'm still addicted to Siege, which is a capture-the-flag variation where one team is entirely on defense and the other team is entirely on offense (and then when D captures the flag, they swap places).
It's got great balance to it; there are no powerups or BFG's or invincibility to mess up the game dynamics. And people who focus on deploying and repairing equipment can make as much or more difference than people who act like cowboys.
And the 3-D nature of the game, the ability to fly around with a jetpack and head as far as I want in any direction across the terrain, means I'll never again play one of those games where I'm stuck to the ground in a claustrophobic dungeon.
Tribes 2 is a terrific game. I'm really disappointed Dynamix was scuttled. I'm ticked at Sierra in general for lots of other bad decisions, such as killing off the Mac versions of Tribes 2 and Half-Life when they were all but ready to ship, and also for cancelling Babylon 5: Into The Fire.
(If you play Tribes 2, look for me! I'm 'wow! scotfox'. My tribe, 'wow!' aka Wookies Of War, has been the #1 ranked Siege tribe for most of the time since T2 was released.)
Sure, the ATI web page says that, but the card doesn't have component output and neither the software nor the documentation mentions anything about HDTV output.
;-)
Marketing hype lies.