How many e-mail server admins here are running up to date anti-virus software so that they aren't contributing exponentially to this problem by allowing their clients to get these infected e-mails in the first place?
*raises hand*
Oh yes, and Hotmail over there.
These viruses can't infect Linux (yet) but that's no excuse not to run anti-virus software that kills off virus infected e-mails on your Linux servers so that they're not getting to "clueless Windows users" in the first place.
The problem is that very few people (especially IPSs) run mail servers on Windows. McAfee isn't a Linux product. Neither is Norton so knocking out viruses server side is impossible for them. At least if they're too lazy to grag the virus sigitures themselves (like I did) and use the mail server rule file.
"Filtering on the client side doesn't really address the larger problem of these scripts consuming *tremendous* amounts of bandwidth, network and system resources."
I'm not talking about filtering on the client side. READ the post you're responding to. I know it's nuts but Hotmail has the right idea. They also run McAfee on their systems. Hotmail users will never get this virus through their hotmail accounts as long as McAfee is up to date.
Either server admins can stop falling down and playing whiney little victim and start running anti-virus software like sensible people or viruses like these can propogate.
McAfee should release a version of their software for OpenSource platforms so that server admins can save themselves loads of bandwidth.
The more server admins that pull their heads out of their butts the fewer clueless EUs there are going to be opening up the viruses and causing even more bandwidth to be eaten up.
Let's see here, the virus laiden e-mails are going to get to my server. I can either whine like a little girl and let them go through to the client or suck it up, run some anti-virus software, delete the virus infected e-mails like an intelligent admin and save myself at least 50% of my bandwidth that would have been used had I let the e-mail pass through my system to its destination.
And since nobody whose using an IcarusIndie.com e-mail address is going to get a virus in that account if McAfee has anything to say about it, X users times Y addesses in their address book have no potential to get infected through those accounts to flood even more servers.
It's really not that hard to make these e-mail viruses go away. They can't progate if mail servers are killing them off before they get to their clients. Once again, this is only a problem because most server admins are lazy and/or apathetic.
There's no excuse for virus infected e-mails to ever make it to the user from the server. There will always be viruses. Feel free to stop pretending this is an MS problem at any time.
It's been known for a very long time you can rename JPG files to.txt on Geocities to get around their hotlinking rule.
Why is anyone shocked it works for exe's as well?
This is simply a problem with OSes that don't care what an extension is. If I put.txt on the end of a file the OS should open it like a plain text file.
I thought that was the whole concept behind extensions.
I updated McAfee which squishes the e-mails on sight at the mail server (Mercury Mail) level. I never get one of this virus laden e-mails in my e-mail anymore
I also found a string of text unique to the virus e-mails and put in a rule to delete any e-mails that contained it. So if McAfee doesn't get it, basic Virus fighting techniques applied to the standard rule file will. Most likely the rule file will be killing off this new version before McAfee has an update itself. Unless the new version has the same string I block from the previous version in which case I'm covered.
I got home yesterday and had a large quantity (dozens) of these virus e-mails and shortly after made it so I'd never get them again. I lot of mail servers bounce with the virus attachment. I don't recieve those anymore either.
Why is this so hard for other people to do that this virus is actually getting through to their clients?
I killed it in 15 minutes yesterday. Why is it taking everyone else days?
Just take a nice chunk of the 64-bit encoding of the virus to make sure it's unique and add it to a kill file rule. Done. Simple. When McAfee gets around to adding the signiture then it can take over for the killfile rules.
I think people are just thinking a little too hard about this problem.
until the environmentalists go wacko over this one?
GloFish couldn't reproduce either but that didn't stop them from getting pushed out of stores.
DDT in small not even remotly lethal doses sprayed on houses is enough to keep malaria ridden mosquitoes at bay for months.
That doesn't stop the evironmentalist wackos from forbidding that money be spent on DDT for that purpose. So the result is that millions are dying from malaria while a deterant is on the other side of a glass table that would buy time while a cure is developed.
In case any of you were wondering if the human life cost benefit had anything to do with what environmentalists forbid being used in an effort to save lives.
This will be cool as soon as they start using it. In the mean time I'm going to assume the wackos are going to pull another DDT stunt.
if your solution involves invading my pocketbook or my privacy, it's not a solution at all.
I simply filter based on links that e-mails contain and I get virtually no spam. And new spam domains that manage to get through are quickly added to the rule file.
The header doesn't matter. Who sent it doesn't matter. Nobody gets any bounces. The server just eats it.
Because it's a shitty idea. E-mail is free. Deal with it. If you want to have some moronic pay to send system feel free to set it up and watch as no one in their right mind uses it.
SMTP is so easy and open that it's not going away. If asshats like yourself want to set up a fee based e-mail system. That's fine. My SMTP server will remain under the current free system. If the rest of the internet switches to something incompatible and retarded, I guess I'll just have to start handing out accounts to people so they can circumvent the idiocy. It's not challenging at all to run multiple mail servers if needed.
The problem of SPAM is not worth sacrificing free and privacy over as some nerds have decided.
Maybe you would like to discuss Mars 24 hours a day but I don't. Other things do happen you know that are interesting to talk about as well.
MOLA->BT Everything you need to know to get MOLA data converted over to the BT format to be loaded into a terrain engine.
It's quite facinating when you realize the entire city of Phoenix could fit into one of those larger craters. Many people find it hard to fathom just how bad it would be if Earth got hit by a decent sized asteroid.
But, this is a topic about Legos. I don't know of any forums dedicated to talking about Mars, but I bet Google does.
That quote is in context about the first 8088 or 8086 chip. The manufactures we debating how much of the 1MB addressable memory should be allocated for what.
*at the time* 640K should have been enough for anybody so they went with that and dedicated the other 384KB for other things.
And this has been addressed on Slashdot before. But the existance of facts has never stopped anybody from perpetuating myths if they think it proves a point they'd like to make.
It's not surprising that 64-bit processors are rated much slower than 32-bit ones. The fastest 64-bit AMD is rated 2.0ghz while the fastest AMD 32-bit is 2.2ghz.
If you use a shovel you can move it very fast to dig a hole. If you use a backhoe you're going to move much slower but remove more dirt at a time.
Using modern technology to build a 386 chip would result in one of the highest clock speeds ever but it would be practically useless. Using 386 era technology to build a 64 bit chip would be possible but it'd be massive and horribly slow.
I'm still debating whether or not to go with 64-bit for my next system. I'd rather not spend $700 on a new system so I can have a better graphics card and then have to spend several hundred more shortly after to replace the CPU and MB again. But then again, 64-bit prices are still quite high and I'd probably be able to be productive on 32-bit for several more years before 32-bit goes away.
When you're working on a problem you come across a lot of wrong solutions and tend to get hung up on them. It's not until you get off work, go to sleep or whatever that you let them go and your mind is free to consider other options.
I recently had a problem with A* knotting up in spots before continuing along the path. It was suggested I see where the path crosses itself and work from there. There's actually an easier solution. Instead of assuming the next node is the next step, you look for the node farthest down the line from it who's distance is within the per node limit and ignore everything in between. You basically take all the shortcuts.
when you loan a drunk friend your car and they get into legal trouble.
Whoever is paying for the connection is responsible for all the activity that goes on with it.
If you have a friend downloading child porn using your connection, you're the one who will get a nasty gram from the police. Your best option is to "rat" out your friend.
Likewise, if someone is downloading MP3s on your connection enough to get noticed by the RIAA you better hand over their name when the authorities ask for it or you will be held responsible.
At least the RIAA is going through the proper legal channels now. That's one less thing to complain about them doing wrong.
That would explain why you're such a blind fan of it. Or maybe you just enjoy the power of it. Hooray for nuclear weapons, huh?
"He has a new domain name for shilling his fraudulent goods every week."
So? Filtering out his domains is as good as blocking him. And you don't have to napalm a village in the process to do it. Blocking a Ralsky domain == 100% accurate filter. Blocking an IP of his is 0% accurate and results in collateral damage. Why do you think SPEWS has to napalm an ISP to claim any sort of effectivness?
But, apparently you prefer to napalm villages. Reason isn't up your alley.
so since *you* don't have legitimate customers that happen to have signed on to an ISP that got a spammer onboard, nobody should.
Punish all the customers of an ISP for the actions of a single spammer who no longer is using their services.
I can't think of any other way to point out how retarded this is.
"Until the spammer morphs their domain name, as they have been doing constantly for the past five years."
And? A spammer gets new IPs constantly. countless thousands of spammers use the same domains to send their crap. Block one URL and you block countless spammers. Block one IP and you miss the spammer entirely and solve nothing. I've blocked far more spams than there are URLs in my rule file.
"'Probably?' Citation, please."
I realize you're too dense to get it through your skull that napalming a village to get a single target is not effective and does more damage than good.
"Odd, it seems to be working so far."
So does napalming a village but it's a retarded way to go about getting someone.
You have a very twisted definition of "works" if you think SPEWS works. It's lazy, ineffective, and counter productive.
"We're all eagerly awaiting your solution to this problem, since you seem to think that it's so easy."
Click on the link in my sig.
"Effective methods for blocking spam that don't require you to waste CPU cycles by processing spammer messages?"
You can be lazy and ineffective (use SPEWS) or be intelligent and effective.
I don't consider it a waste of CPU cycles to get rid of spam without losing a single legitimate e-mail.
I see you've chosen the lazy, ineffective, "napalm the village" method of SPEWS. SPEWS is braindead. No thought goes into their method. It's kneejerk bullying.
"Uh, no, it's blame the spam-friendly ISP"
Okay, so blame the terrorist friendly nation for the need to nuke the citizens. It's retarded reasoning. One day you'll get a clue.
If you put the names of people who didn't shoplift you can be sued for defamation among other things. I'd really hate to show up at a store only to find out I can't go in because some asshat like SPEWS falsly accused me of shoplifting. If I couldn't sue the person who made the list, then I'd sue the store that used it. This is what SPEWS is counting on. By hiding, they can't be sued and so you're forced to move. If they're ever found, SPEWS will be gone very fast.
Seriously PAY ATTENTION. You act like SPEWS only blocks spammers. They are blocking far more innocent people than spammers and they admit this.
And it's not illegal for an ISP to host a spammer so there's nothing to sue them about. They didn't do anything wrong. The ISP can report the spammer to the government under the CAN-SPAM act and or drop their account.
So yes, suing SPEWS is the way to go. If my ISP ever gets blacklisted, I'll suggest legal action against SPEWS or even possibly those who utilize their lists. It's moronic the way they go about "blocking" spam.
Slashdot Mirror
is not the same as being more secure. IIS does way too much which is why I don't use it. Apache does one thing really well.
If Apache could do everything IIS can do and was still secure, then it would be a valid comparison.
Ben
How many e-mail server admins here are running up to date anti-virus software so that they aren't contributing exponentially to this problem by allowing their clients to get these infected e-mails in the first place?
*raises hand*
Oh yes, and Hotmail over there.
These viruses can't infect Linux (yet) but that's no excuse not to run anti-virus software that kills off virus infected e-mails on your Linux servers so that they're not getting to "clueless Windows users" in the first place.
Ben
The problem is that very few people (especially IPSs) run mail servers on Windows. McAfee isn't a Linux product. Neither is Norton so knocking out viruses server side is impossible for them. At least if they're too lazy to grag the virus sigitures themselves (like I did) and use the mail server rule file.
"Filtering on the client side doesn't really address the larger problem of these scripts consuming *tremendous* amounts of bandwidth, network and system resources."
I'm not talking about filtering on the client side. READ the post you're responding to. I know it's nuts but Hotmail has the right idea. They also run McAfee on their systems. Hotmail users will never get this virus through their hotmail accounts as long as McAfee is up to date.
Either server admins can stop falling down and playing whiney little victim and start running anti-virus software like sensible people or viruses like these can propogate.
McAfee should release a version of their software for OpenSource platforms so that server admins can save themselves loads of bandwidth.
The more server admins that pull their heads out of their butts the fewer clueless EUs there are going to be opening up the viruses and causing even more bandwidth to be eaten up.
Let's see here, the virus laiden e-mails are going to get to my server. I can either whine like a little girl and let them go through to the client or suck it up, run some anti-virus software, delete the virus infected e-mails like an intelligent admin and save myself at least 50% of my bandwidth that would have been used had I let the e-mail pass through my system to its destination.
And since nobody whose using an IcarusIndie.com e-mail address is going to get a virus in that account if McAfee has anything to say about it, X users times Y addesses in their address book have no potential to get infected through those accounts to flood even more servers.
It's really not that hard to make these e-mail viruses go away. They can't progate if mail servers are killing them off before they get to their clients. Once again, this is only a problem because most server admins are lazy and/or apathetic.
There's no excuse for virus infected e-mails to ever make it to the user from the server. There will always be viruses. Feel free to stop pretending this is an MS problem at any time.
Ben
It's been known for a very long time you can rename JPG files to .txt on Geocities to get around their hotlinking rule.
.txt on the end of a file the OS should open it like a plain text file.
Why is anyone shocked it works for exe's as well?
This is simply a problem with OSes that don't care what an extension is. If I put
I thought that was the whole concept behind extensions.
Ben
I updated McAfee which squishes the e-mails on sight at the mail server (Mercury Mail) level. I never get one of this virus laden e-mails in my e-mail anymore
I also found a string of text unique to the virus e-mails and put in a rule to delete any e-mails that contained it. So if McAfee doesn't get it, basic Virus fighting techniques applied to the standard rule file will. Most likely the rule file will be killing off this new version before McAfee has an update itself. Unless the new version has the same string I block from the previous version in which case I'm covered.
I got home yesterday and had a large quantity (dozens) of these virus e-mails and shortly after made it so I'd never get them again. I lot of mail servers bounce with the virus attachment. I don't recieve those anymore either.
Why is this so hard for other people to do that this virus is actually getting through to their clients?
I killed it in 15 minutes yesterday. Why is it taking everyone else days?
Just take a nice chunk of the 64-bit encoding of the virus to make sure it's unique and add it to a kill file rule. Done. Simple. When McAfee gets around to adding the signiture then it can take over for the killfile rules.
I think people are just thinking a little too hard about this problem.
Ben
"alledgedly"
Ben
until the environmentalists go wacko over this one?
GloFish couldn't reproduce either but that didn't stop them from getting pushed out of stores.
DDT in small not even remotly lethal doses sprayed on houses is enough to keep malaria ridden mosquitoes at bay for months.
That doesn't stop the evironmentalist wackos from forbidding that money be spent on DDT for that purpose. So the result is that millions are dying from malaria while a deterant is on the other side of a glass table that would buy time while a cure is developed.
In case any of you were wondering if the human life cost benefit had anything to do with what environmentalists forbid being used in an effort to save lives.
This will be cool as soon as they start using it. In the mean time I'm going to assume the wackos are going to pull another DDT stunt.
Ben
but if I'm ever in an accident there's a very good change you'll read about it in the obituary.
Ben
All those warnings are just there because the government doesn't want super humans crushing them out of existance.
apparently isn't aware that video cameras have a "zoom" button.
But then the thing is so shaky I'd hate to think what would have happened if he had zoomed in.
Ben
if your solution involves invading my pocketbook or my privacy, it's not a solution at all.
I simply filter based on links that e-mails contain and I get virtually no spam. And new spam domains that manage to get through are quickly added to the rule file.
The header doesn't matter. Who sent it doesn't matter. Nobody gets any bounces. The server just eats it.
Write up and souce/binaries to automate yanking out links for consideration for filtering.
"so why wouldn't idea this work?"
Because it's a shitty idea. E-mail is free. Deal with it. If you want to have some moronic pay to send system feel free to set it up and watch as no one in their right mind uses it.
SMTP is so easy and open that it's not going away. If asshats like yourself want to set up a fee based e-mail system. That's fine. My SMTP server will remain under the current free system. If the rest of the internet switches to something incompatible and retarded, I guess I'll just have to start handing out accounts to people so they can circumvent the idiocy. It's not challenging at all to run multiple mail servers if needed.
The problem of SPAM is not worth sacrificing free and privacy over as some nerds have decided.
Ben
Gates is being rewarded for his contributions to society as a whole with all that money he gives to charity.
Linus has just built an OS.
When it boils down to it, it's just an OS. If Gates were getting the prize because of Windows then this would be a valid argument. But he's not.
Lots of people give their lifework. But not all lifework is worthy of being recognized as nobel.
Linux could die tommorrow and it wouldn't matter. There are dozens of alternatives like FreeBSD, OpenBSD, OS X, Windows, etc.
The money Bill Gates has poured into medical research to cure the world's most deadly diseases produced results that will last forever.
You don't get knighted because you're rich. You get knighted because you've contributed to society in a meaningful way. Linus hasn't. It's just an OS.
Ben
I didn't realize the world stopped revolving.
Maybe you would like to discuss Mars 24 hours a day but I don't. Other things do happen you know that are interesting to talk about as well.
MOLA->BT Everything you need to know to get MOLA data converted over to the BT format to be loaded into a terrain engine.
It's quite facinating when you realize the entire city of Phoenix could fit into one of those larger craters. Many people find it hard to fathom just how bad it would be if Earth got hit by a decent sized asteroid.
But, this is a topic about Legos. I don't know of any forums dedicated to talking about Mars, but I bet Google does.
Ben
I delete any e-mails that contain those escape characters server side with a filter rule.
Ben
That quote is in context about the first 8088 or 8086 chip. The manufactures we debating how much of the 1MB addressable memory should be allocated for what.
*at the time* 640K should have been enough for anybody so they went with that and dedicated the other 384KB for other things.
And this has been addressed on Slashdot before. But the existance of facts has never stopped anybody from perpetuating myths if they think it proves a point they'd like to make.
The WHOLE story
A whole two second search on Google cleared that up.
Ben
can't go 5 minutes without someone saying some racist remark.
*notes that probably five people caught that on "The Apprentice"*
Ben
between precision and speed.
It's not surprising that 64-bit processors are rated much slower than 32-bit ones. The fastest 64-bit AMD is rated 2.0ghz while the fastest AMD 32-bit is 2.2ghz.
If you use a shovel you can move it very fast to dig a hole. If you use a backhoe you're going to move much slower but remove more dirt at a time.
Using modern technology to build a 386 chip would result in one of the highest clock speeds ever but it would be practically useless. Using 386 era technology to build a 64 bit chip would be possible but it'd be massive and horribly slow.
I'm still debating whether or not to go with 64-bit for my next system. I'd rather not spend $700 on a new system so I can have a better graphics card and then have to spend several hundred more shortly after to replace the CPU and MB again. But then again, 64-bit prices are still quite high and I'd probably be able to be productive on 32-bit for several more years before 32-bit goes away.
Ben
You just needed to buy one DVD player per region you wanted to watch.
I don't think any DVD players are incapable of playing DVDs from other regions. They just lock you into a region after certain criteria are met.
So really, this whole exercise didn't prevent anything it was intended to prevent and just lined the pockets of DVD player manufacturers.
With players comming down to $50 or less, there's less and less incentive to not purchase an additional player for other regions.
And there already are DVD players out there that can be hacked to be region free. You just have to hunt for them.
Ben
Think one thing. Think it well.
Ben
When you're working on a problem you come across a lot of wrong solutions and tend to get hung up on them. It's not until you get off work, go to sleep or whatever that you let them go and your mind is free to consider other options.
I recently had a problem with A* knotting up in spots before continuing along the path. It was suggested I see where the path crosses itself and work from there. There's actually an easier solution. Instead of assuming the next node is the next step, you look for the node farthest down the line from it who's distance is within the per node limit and ignore everything in between. You basically take all the shortcuts.
Ben
when you loan a drunk friend your car and they get into legal trouble.
Whoever is paying for the connection is responsible for all the activity that goes on with it.
If you have a friend downloading child porn using your connection, you're the one who will get a nasty gram from the police. Your best option is to "rat" out your friend.
Likewise, if someone is downloading MP3s on your connection enough to get noticed by the RIAA you better hand over their name when the authorities ask for it or you will be held responsible.
At least the RIAA is going through the proper legal channels now. That's one less thing to complain about them doing wrong.
Ben
you have no idea how SPEWS works.
That would explain why you're such a blind fan of it. Or maybe you just enjoy the power of it. Hooray for nuclear weapons, huh?
"He has a new domain name for shilling his fraudulent goods every week."
So? Filtering out his domains is as good as blocking him. And you don't have to napalm a village in the process to do it. Blocking a Ralsky domain == 100% accurate filter. Blocking an IP of his is 0% accurate and results in collateral damage. Why do you think SPEWS has to napalm an ISP to claim any sort of effectivness?
But, apparently you prefer to napalm villages. Reason isn't up your alley.
Ben
so since *you* don't have legitimate customers that happen to have signed on to an ISP that got a spammer onboard, nobody should.
Punish all the customers of an ISP for the actions of a single spammer who no longer is using their services.
I can't think of any other way to point out how retarded this is.
"Until the spammer morphs their domain name, as they have been doing constantly for the past five years."
And? A spammer gets new IPs constantly. countless thousands of spammers use the same domains to send their crap. Block one URL and you block countless spammers. Block one IP and you miss the spammer entirely and solve nothing. I've blocked far more spams than there are URLs in my rule file.
"'Probably?' Citation, please."
I realize you're too dense to get it through your skull that napalming a village to get a single target is not effective and does more damage than good.
"Odd, it seems to be working so far."
So does napalming a village but it's a retarded way to go about getting someone.
You have a very twisted definition of "works" if you think SPEWS works. It's lazy, ineffective, and counter productive.
Ben
"We're all eagerly awaiting your solution to this problem, since you seem to think that it's so easy."
Click on the link in my sig.
"Effective methods for blocking spam that don't require you to waste CPU cycles by processing spammer messages?"
You can be lazy and ineffective (use SPEWS) or be intelligent and effective.
I don't consider it a waste of CPU cycles to get rid of spam without losing a single legitimate e-mail.
I see you've chosen the lazy, ineffective, "napalm the village" method of SPEWS. SPEWS is braindead. No thought goes into their method. It's kneejerk bullying.
"Uh, no, it's blame the spam-friendly ISP"
Okay, so blame the terrorist friendly nation for the need to nuke the citizens. It's retarded reasoning. One day you'll get a clue.
Ben
If you put the names of people who didn't shoplift you can be sued for defamation among other things. I'd really hate to show up at a store only to find out I can't go in because some asshat like SPEWS falsly accused me of shoplifting. If I couldn't sue the person who made the list, then I'd sue the store that used it. This is what SPEWS is counting on. By hiding, they can't be sued and so you're forced to move. If they're ever found, SPEWS will be gone very fast.
Seriously PAY ATTENTION. You act like SPEWS only blocks spammers. They are blocking far more innocent people than spammers and they admit this.
And it's not illegal for an ISP to host a spammer so there's nothing to sue them about. They didn't do anything wrong. The ISP can report the spammer to the government under the CAN-SPAM act and or drop their account.
So yes, suing SPEWS is the way to go. If my ISP ever gets blacklisted, I'll suggest legal action against SPEWS or even possibly those who utilize their lists. It's moronic the way they go about "blocking" spam.
Ben