Or unless you're a horse. Our 4-legged friend can readily indicate that it's not feeling well to its handlers, unless of course its handlers are worth their salt and then will of course know the horse feels ill before it does.
Would someone who knows the deceased set up a fund for the family so we/.ers can actually do something useful? At least start a pot for flowers or funeral expenses or something.
BTW, does anyone know whether they were wearing seatbelts? Just just curious.
LOL. What the AC said.;-) Seriously though there aren't exactly an abundance of people that have enough clue to secure a mail server. If Sendmail 8.8 was the current version today and was wide open by default, a teeny tiny fraction of the total install base would actually secure themselves. The rest would bork the rest of us with their incompotence.
It wouldn't surprise me if they do block it. However I will say that few if any ISPs specifically limit the number of BCC recipients. Speaking as a mail admin myself I can say that it is far from a trivial task to limit only BCC recipients with Sendmail. It's quite a CF hack.
"Soon it will be all but impossible to operate a local mail server due to blocked ports on your providers end."
As I've said many times, unless you're paying for that kind of access you shouldn't be running a MTA to begin with. The days of open and free can no longer exist on the Internet, people. I wish ya'll figure that out, stop bitching about it and move on. When 99.9999999% of the people on Internet are too incompotent to secure a mail server (mail as an example; all others servers can be inserted here) and keep it secure then they absolutely no justification for those ports to be kept open. We're far and away in the minority when it comes to compotent computer administrators. ISPs should not be expected to cater to the advanced skills and desires of 0.0000001 % of their possible customer base. If we want that level of service then we should have to pay for it.
This is what BCC is for. The receiving MTA doesn't have a clue that there were a grand total of 200 recipients. All it knows is that it's receiving a message destined for 2 (exp) users on its system. BCC is only known by the sending MUA and the MTA that MUA uses. Beyond that it's not transmitted.
You can't even disclose directory information such as the student's name or personal identification number (even if it's randomly assigned). You've never worked in education, have you?
School administrators will provide a list of students, with their ages and genders...
Schools can't do that. That would be a FERPA violation and the penalties are extremely severe including but not limited to the loss of all Federal funding including grants and financial aide. That's not something a public school with a limited budget wants to have happen. FERPA is not one of those laws you fuck around with.
Me thinks it's time for that bastard of a state we call California to firewall itself off from the rest of us. If not them then maybe we should do it for them.
Well, yeah. That's the point. Have you ever watched any documentary on the mob and organized crime? They didn't bust mob bosses on murder and extortion. They busted them on tax evasion for not paying taxes on the profits from their illegal entreprises (bootlegging, numbers rackets, prostitution, etc..).
GoDaddy actually has a good domain "whois" information protection built in - by making you type in a random password to continue to get to the information.
IMHO what GoDaddy does with the image verification should violate the ICANN regs. It does stop bots from working but I do think it should break ICANN's rules.
I think what you do is a little overkill.
Some of it could be. I don't have to separate my mailing list account from my other domains. It just worked out that way when I only had a few domains to use. The practice still continues out of habit. I do think participating in the anti-spam community with a dedicated domain has been useful. That domains gets junk mail of all sorts. Rumplestiltskin attack flourish on that domain. Fortunately there's only one valid address for that domains (besides the RFC-required postmaster and abuse of course). That lets me filter all the other crap straight into a spamtrap. Handy.
Can you confirm though that your speaking out against spammers has actually increased your junk email? I have been tracking a spammer in my home state and I have suspected the same.
I received a number of phone calls from spammers and companies sending spam before I started using an alias to hide my identity in NANAE. Not that I'm afraid of a spammer BUT if they know who I am, my address, telephone number, etc they can easily stoop a little bit lower and steal my identity. They could mess with my credit or cause me hassles at work (call up pretending to be detectives from some sex crimes against minors unit or something and start the gossip train rollin'). I now take measures to protect my identity. As far as spam goes, the address I post to in NANAE gets tons. I'm sure it's being picked up by bots. Then again it's in NANAE. I'm sure the more advanced spammers are whitelisting addresses it finds in NANA*. One thing I did notice is that when I made references in NANAE to a Google Groups archived posting, saying that this message was one sent to me and I posted it, I found that many spammers took it upon themselves to pull your address out of that piece of spam and whitelist it. For a long time my spam was kepy unusually low because of that. I've used my one main address for 9 years so far. I post with it everywhere. Up until a few years ago I only posted it rather than the alias I use nowadays. Surprisingly it didn't get that much spam. Now it looks like the spammers don't care about spamming anti-spammers. ISPs are a dime a dozen so when we get one of themt o boot a spammer, they have a dozen more lined up and ready to go. Now they seem to spam me out of spite.
The most fun I had anti-spamming was when I took one of my unused domains, a list of 525,000 proper pronouns, curl, and wget and stuffed 2 dozen spammer's "remove" forms with email addresses based on those 525k pronouns. Before I was finished I was getting a couple thousand pieces of spam per hour. When I changed the MX to 127.0.0.1 I was getting over a hundred thousand a day. I was using procmail to munge the spam, post a copy to NANAS, and forward a copy to the FTC's spambox. The only problem happened when viruses and spammers started joe-jobbing my domain. I couldn't strip the bounces out of the influx of spam reliably, thus flooding NANAS and the FTC with crap. If only it'd worked though...:-)
I don't use valid records in most of my WHOIS records. I use one domain for posting to usenet, talking mainly about anti-spam stuff. I have another for mailing lists subscriptions. Yet another couple for seeding to spammer's "remove" forms. Then I have a number of personal domains. They all have common DNS records. I don't want spammers getting ahold of my personal information via my other domains. Spammers have a bad habit of attacking anti-spammers. I have also used the proxy registration options of my registrar, Godaddy. Unfortunately that doubles the cost of my domains and isn't very practical. Is there a solution that doesn't cut into your wallet?
Someone already did this IIRC. I forget the specifics. Maybe it was a bunch of empty files with conflicting names. Or maybe the files contained the copyright law or something like that. Heck I think I've even seen a CGI that printed out names that conflict to bots. I don't remember where I saw this at though.
I don't want Safari quite frankly. What I want is for O'Reilly's to include a HTML/PDF version of the book inside the actual dead tree version. I don't want to haul 5 books back and forth from home to work every day and I'm sure as hell not going to buy two sets of the same damned books. I should be able to get an electronic copy to benefit me when I'm away from my dead tree racks. Safari just doesn't cut it. I need more.
Since your site is more of a niche site, I think you members would be willing to pay for it at least in the form of time and a little delay. Consider using a credit-card verification system that charges new users a couple bucks to verify their identity (keep it confidential). That way if they do become abusive and violate your TOS/AUP you at least have information the authorities could trace if the matter every came up. If you pick your billing system correctly, you'll also have a way to block future "subscriptions" from abusive people either by name, CC number, address, phone #, etc. Blocking netblocks or IPs is not feasible. It simply won't work. If your niche customers are as fed up with the crap in the messageboards as I'd imagine they are, I don't think they'd mind one bit spending a couple bucks to keep the boards relatively clean. Charge $2-3 once to cover the cost of the billing service.
The other option is to hand pick trusted members to act as moderators. Give them the power to completely negate the abusers' posts. Delegate the task down to the actual members and let them help keep their community boards clean. You'll have to hand pick them from the people posting to your boards. Simple moderation probably won't work because you probably won't have enough valid members visit the site quickly enough to get a post modded down to hell. Whereas the abusers (if they earned mod points) would probably band together to get their abusive posts modded up by themselves.
That's what I'd recommend. Verify that a person actually exists, gaining valuable contact information in case the law ever needs to get involved and giving you a way to block the actual person behind the abuse, OR let you members help keep their community boards clean with self-moderation. Either or both would be helpful I'm sure. Best of luck.
That's a good idea. And you can always crank it back up at a later date to something faster if you need. Still though I don't think they'd really even need to slow it down. The power consumption, even with a brandnew P4 however-fast-they're-running-now doesn't consume all that much power. Even with an optical (they don't need it), a HD, floppy, and el-cheapo ATI video card they still aren't looking at anything close to 100w. Add in a couple case fans at a couple watts each and they're still sitting pretty. They could get as much onboard as they can and do alright I think. Something I've always wanted to try is putting a 120mm fan on a CPU. The RPM is much lower and the fan is much quieter but the CFM is much greater. I bought one of those ducts that sits between the CPU fan anc CPU a year or so ago. You could easily make something simliar to put a 120mm fan on a 80cm heatsink. Mold the duct slightly around the heatsink and slot the bottoms to give the air a place to go. I think it'd work slick, move more air, and be much quietr. The only downside is you'll use an extra watt or two on the bigger fan. I think it would be cool though. Use a larger rear fan as well to make the box quieter and increase airflow. I'm gonna have to try that one of these days.
I'm running Canit Pro, the big bro to MD. Clam, SA, and friends are in use on all of my boxes. I love it. Yeah, you'll need the RAM to pull that off. I don't think they need to skimp out on the RAM. Power-wise it won't add much to the consumption. Heat-wise the increase would be negligible. I'd definitely go with a computer solution.
True but a more complete quote would in fact indicate that he didn't mean "like" the WRT54G but in fact the WRT54G itself.
...our ideal box would be something like a Linksys WRT45G with one of the open source firmwares...
The open source firmware upgrades are what's available for the WRT54G. Nevertheless I like the idea of using the laptop. I'm not a big Via fan but hey, they're hard to get away from. Someone else mentioned a Sparc IPX or IPC. I really like that idea. I own 4 or 5 IPCs myself. Another good one would be a SparcStation/Server 20 or an Ultra 1. I can pick up any of those for under $50 at Boeing Surplus. They even had Indigo2's for $40. That's another good one. What's the SGI model that was used in that cartoon with the Russian guy, the marketing guy, the chick, the hair ball, and a few other characters I can't recall. Boeing Surplus had one of those too. It can't pull much or be too loud. That would be a sweet firewall/personal server. I think this guy is going to find that in a few months to a year, his needs will change and he'll need something like more drive space or RAM and won't be able to do it for a reasonable price with a laptop or a WRT54G. I'm still a fan of the actual computer personally. He's going to be really pissed off one of these days when his HD crashes in his laptop and he lost all his data (websites, email, etc..). He'll then wish he'd built his setup using a real computer so he could have done some simple RAID. That's how I got to the point I'm at now. I lost 4 drives in 3 machines in under a year. I wasn't a happy serial killer.:-{}
Don't use a device like a LinkSys or some other device that requires a flash card for storage if you're planning on serving web pages or handling email. Proper handling of email is not simply take the incoming message and write it to disk once. Do you realize that Sendmail writes a transcript file (xf) that exists during the life of a session showing everything that happens during that session? Few people realize that. Spam and AV checking will also likely require at least part of the message to be written to disk prior to scanning. Now you can do a lot of this in memory but the memory in a WRT45G is going to be too limited to have a decent tmpfs partition to handle this.
No offense, but what you need to use is something that's meant to handle the job: a real computer. You can build a low cost, quiet, power conservative computer for not that much money. The average computer consumes less than 100 watts of power when performing basic tasks. This review gives you lots of details. So really the power consumption won't be a problem. Keep the number of internal devices low and you won't have much heat build up. Keep the heat low and you can do all sorts of fancy things with sound panels to absorb sound, thus fixing that problem. You sound like a person that really does need a home server, like myself and my servers. You can't go wrong with a real computer. Plus when something breaks (and of course it will) you have warranties to fall back on. You can also hop on newegg or run down to the corner Crap Shack and buy replacement parts. Try doing that with your jerry-rigged WRT54G.;-)
Is experience good enough for you? Almost every bug I've ever found and reported was either fixed within minutes, hours or days or was a trivial bug that only affected unusual users like myself (Mac users for example). Many of the bug reports I submitted included my own fix.
Slashdot Mirror
Or unless you're a horse. Our 4-legged friend can readily indicate that it's not feeling well to its handlers, unless of course its handlers are worth their salt and then will of course know the horse feels ill before it does.
BTW, does anyone know whether they were wearing seatbelts? Just just curious.
Personally I use MIMEDefang. I bet it could be done with it though. If MailScanner is half as good as MD I imagine it could do it too.
LOL. What the AC said. ;-) Seriously though there aren't exactly an abundance of people that have enough clue to secure a mail server. If Sendmail 8.8 was the current version today and was wide open by default, a teeny tiny fraction of the total install base would actually secure themselves. The rest would bork the rest of us with their incompotence.
It wouldn't surprise me if they do block it. However I will say that few if any ISPs specifically limit the number of BCC recipients. Speaking as a mail admin myself I can say that it is far from a trivial task to limit only BCC recipients with Sendmail. It's quite a CF hack.
In fact not all messages require To or CC. Mail from must be accepted by RFC standards.
As I've said many times, unless you're paying for that kind of access you shouldn't be running a MTA to begin with. The days of open and free can no longer exist on the Internet, people. I wish ya'll figure that out, stop bitching about it and move on. When 99.9999999% of the people on Internet are too incompotent to secure a mail server (mail as an example; all others servers can be inserted here) and keep it secure then they absolutely no justification for those ports to be kept open. We're far and away in the minority when it comes to compotent computer administrators. ISPs should not be expected to cater to the advanced skills and desires of 0.0000001 % of their possible customer base. If we want that level of service then we should have to pay for it.
This is what BCC is for. The receiving MTA doesn't have a clue that there were a grand total of 200 recipients. All it knows is that it's receiving a message destined for 2 (exp) users on its system. BCC is only known by the sending MUA and the MTA that MUA uses. Beyond that it's not transmitted.
Does this mean all those lonely college bachelors have to stop downloading porn until MS patches the hole?
You can't even disclose directory information such as the student's name or personal identification number (even if it's randomly assigned). You've never worked in education, have you?
Schools can't do that. That would be a FERPA violation and the penalties are extremely severe including but not limited to the loss of all Federal funding including grants and financial aide. That's not something a public school with a limited budget wants to have happen. FERPA is not one of those laws you fuck around with.
Me thinks it's time for that bastard of a state we call California to firewall itself off from the rest of us. If not them then maybe we should do it for them.
Well, yeah. That's the point. Have you ever watched any documentary on the mob and organized crime? They didn't bust mob bosses on murder and extortion. They busted them on tax evasion for not paying taxes on the profits from their illegal entreprises (bootlegging, numbers rackets, prostitution, etc..).
IMHO what GoDaddy does with the image verification should violate the ICANN regs. It does stop bots from working but I do think it should break ICANN's rules.
I think what you do is a little overkill.
Some of it could be. I don't have to separate my mailing list account from my other domains. It just worked out that way when I only had a few domains to use. The practice still continues out of habit. I do think participating in the anti-spam community with a dedicated domain has been useful. That domains gets junk mail of all sorts. Rumplestiltskin attack flourish on that domain. Fortunately there's only one valid address for that domains (besides the RFC-required postmaster and abuse of course). That lets me filter all the other crap straight into a spamtrap. Handy.
Can you confirm though that your speaking out against spammers has actually increased your junk email? I have been tracking a spammer in my home state and I have suspected the same.
I received a number of phone calls from spammers and companies sending spam before I started using an alias to hide my identity in NANAE. Not that I'm afraid of a spammer BUT if they know who I am, my address, telephone number, etc they can easily stoop a little bit lower and steal my identity. They could mess with my credit or cause me hassles at work (call up pretending to be detectives from some sex crimes against minors unit or something and start the gossip train rollin'). I now take measures to protect my identity. As far as spam goes, the address I post to in NANAE gets tons. I'm sure it's being picked up by bots. Then again it's in NANAE. I'm sure the more advanced spammers are whitelisting addresses it finds in NANA*. One thing I did notice is that when I made references in NANAE to a Google Groups archived posting, saying that this message was one sent to me and I posted it, I found that many spammers took it upon themselves to pull your address out of that piece of spam and whitelist it. For a long time my spam was kepy unusually low because of that. I've used my one main address for 9 years so far. I post with it everywhere. Up until a few years ago I only posted it rather than the alias I use nowadays. Surprisingly it didn't get that much spam. Now it looks like the spammers don't care about spamming anti-spammers. ISPs are a dime a dozen so when we get one of themt o boot a spammer, they have a dozen more lined up and ready to go. Now they seem to spam me out of spite.
The most fun I had anti-spamming was when I took one of my unused domains, a list of 525,000 proper pronouns, curl, and wget and stuffed 2 dozen spammer's "remove" forms with email addresses based on those 525k pronouns. Before I was finished I was getting a couple thousand pieces of spam per hour. When I changed the MX to 127.0.0.1 I was getting over a hundred thousand a day. I was using procmail to munge the spam, post a copy to NANAS, and forward a copy to the FTC's spambox. The only problem happened when viruses and spammers started joe-jobbing my domain. I couldn't strip the bounces out of the influx of spam reliably, thus flooding NANAS and the FTC with crap. If only it'd worked though... :-)
I don't use valid records in most of my WHOIS records. I use one domain for posting to usenet, talking mainly about anti-spam stuff. I have another for mailing lists subscriptions. Yet another couple for seeding to spammer's "remove" forms. Then I have a number of personal domains. They all have common DNS records. I don't want spammers getting ahold of my personal information via my other domains. Spammers have a bad habit of attacking anti-spammers. I have also used the proxy registration options of my registrar, Godaddy. Unfortunately that doubles the cost of my domains and isn't very practical. Is there a solution that doesn't cut into your wallet?
We have more than one tractor with propane in its tires. It keeps one from smoking while working, that's for sure. :-)
Someone already did this IIRC. I forget the specifics. Maybe it was a bunch of empty files with conflicting names. Or maybe the files contained the copyright law or something like that. Heck I think I've even seen a CGI that printed out names that conflict to bots. I don't remember where I saw this at though.
I don't want Safari quite frankly. What I want is for O'Reilly's to include a HTML/PDF version of the book inside the actual dead tree version. I don't want to haul 5 books back and forth from home to work every day and I'm sure as hell not going to buy two sets of the same damned books. I should be able to get an electronic copy to benefit me when I'm away from my dead tree racks. Safari just doesn't cut it. I need more.
The other option is to hand pick trusted members to act as moderators. Give them the power to completely negate the abusers' posts. Delegate the task down to the actual members and let them help keep their community boards clean. You'll have to hand pick them from the people posting to your boards. Simple moderation probably won't work because you probably won't have enough valid members visit the site quickly enough to get a post modded down to hell. Whereas the abusers (if they earned mod points) would probably band together to get their abusive posts modded up by themselves.
That's what I'd recommend. Verify that a person actually exists, gaining valuable contact information in case the law ever needs to get involved and giving you a way to block the actual person behind the abuse, OR let you members help keep their community boards clean with self-moderation. Either or both would be helpful I'm sure. Best of luck.
That's a good idea. And you can always crank it back up at a later date to something faster if you need. Still though I don't think they'd really even need to slow it down. The power consumption, even with a brandnew P4 however-fast-they're-running-now doesn't consume all that much power. Even with an optical (they don't need it), a HD, floppy, and el-cheapo ATI video card they still aren't looking at anything close to 100w. Add in a couple case fans at a couple watts each and they're still sitting pretty. They could get as much onboard as they can and do alright I think. Something I've always wanted to try is putting a 120mm fan on a CPU. The RPM is much lower and the fan is much quieter but the CFM is much greater. I bought one of those ducts that sits between the CPU fan anc CPU a year or so ago. You could easily make something simliar to put a 120mm fan on a 80cm heatsink. Mold the duct slightly around the heatsink and slot the bottoms to give the air a place to go. I think it'd work slick, move more air, and be much quietr. The only downside is you'll use an extra watt or two on the bigger fan. I think it would be cool though. Use a larger rear fan as well to make the box quieter and increase airflow. I'm gonna have to try that one of these days.
I'm running Canit Pro, the big bro to MD. Clam, SA, and friends are in use on all of my boxes. I love it. Yeah, you'll need the RAM to pull that off. I don't think they need to skimp out on the RAM. Power-wise it won't add much to the consumption. Heat-wise the increase would be negligible. I'd definitely go with a computer solution.
The open source firmware upgrades are what's available for the WRT54G. Nevertheless I like the idea of using the laptop. I'm not a big Via fan but hey, they're hard to get away from. Someone else mentioned a Sparc IPX or IPC. I really like that idea. I own 4 or 5 IPCs myself. Another good one would be a SparcStation/Server 20 or an Ultra 1. I can pick up any of those for under $50 at Boeing Surplus. They even had Indigo2's for $40. That's another good one. What's the SGI model that was used in that cartoon with the Russian guy, the marketing guy, the chick, the hair ball, and a few other characters I can't recall. Boeing Surplus had one of those too. It can't pull much or be too loud. That would be a sweet firewall/personal server. I think this guy is going to find that in a few months to a year, his needs will change and he'll need something like more drive space or RAM and won't be able to do it for a reasonable price with a laptop or a WRT54G. I'm still a fan of the actual computer personally. He's going to be really pissed off one of these days when his HD crashes in his laptop and he lost all his data (websites, email, etc..). He'll then wish he'd built his setup using a real computer so he could have done some simple RAID. That's how I got to the point I'm at now. I lost 4 drives in 3 machines in under a year. I wasn't a happy serial killer. :-{}
No offense, but what you need to use is something that's meant to handle the job: a real computer. You can build a low cost, quiet, power conservative computer for not that much money. The average computer consumes less than 100 watts of power when performing basic tasks. This review gives you lots of details. So really the power consumption won't be a problem. Keep the number of internal devices low and you won't have much heat build up. Keep the heat low and you can do all sorts of fancy things with sound panels to absorb sound, thus fixing that problem. You sound like a person that really does need a home server, like myself and my servers. You can't go wrong with a real computer. Plus when something breaks (and of course it will) you have warranties to fall back on. You can also hop on newegg or run down to the corner Crap Shack and buy replacement parts. Try doing that with your jerry-rigged WRT54G. ;-)
Dead or alive? Do I get to pick?
Is experience good enough for you? Almost every bug I've ever found and reported was either fixed within minutes, hours or days or was a trivial bug that only affected unusual users like myself (Mac users for example). Many of the bug reports I submitted included my own fix.