Gee.. how did I possibly guess that? You're the hard-ass sysadmin that needs to control everything, and you get all uppity when you can't. Being a sysadmin is about managing risk, not control.
No, I'm not uppity and a control freak, I'm just sick of spam and viruses.:) I could care less if my customers run smtp servers, as long as they are responsible and have a static IP. I'll even do reverse DNS and such for them to help avoid problems with delivery. However, if they are on a dynamic IP, they are on their own. Thankfully our IP ranges haven't made it into any RBLs but I have considered submitting our dynamic ranges myself.
I still maintain that allowing dynamic IP ranges to connect to our mail servers *is* a risk.
Me running my own SMTP server has exactly zero impact on spam. I don't run an open relay, I run secure updated machines, and I don't get viruses.
Right, I never said you were contributing to the problem. I said the attitude that everyone should be free to mail directly to other mail servers is what contributes to spam. If you have a mail server "properly" setup (i.e. valid hostname, reverse resolves, etc) then that is not a problem. Unfortunately you are also in the minority because you run secure updated machines...
As I mentioned in a reply to a different person, if you were one of my customers and you (being in one of my netblocks) ended up in an RBL, it would be my responsibility to get that cleared as the netblock representative. If you have been listed, and servers are allowed in your netblock, make your ISP fight to get it delisted.
Bzzzzt. But thanks for playing..
Then you must have a very lenient ISP. From what I've seen, a lot of them ban servers in the ToS but never actually enforce it. That, or it's allowed due to the class of account you have.
Even if this works to some degree, I still think outright blocking is always a bad idea. There's probbably going to be almost no one running an SMTP server on dialup, but I also can't believe there's really much spam coming from a dialup modem either.
I posted the numbers from one of our mail servers in another reply, but in short: we block about 40,000 messages per day on dynamic IP RBLs alone, and I have yet to hear anyone complain. When we get false positive RBL hits, our customers tend to complain. We have had to drop a couple (the composite NJABL and SORBS lists in favor of certain sub-lists, and the Spamcop RBL) because of complaints.
I'm not sure what the breakdown is on those with respect to how much are spam vs how much are viruses, but it's probably weighted more heavily toward spam.
Ideally, we'd let all of the mail through and let SpamAssassin weight the RBLs, but that puts a much, much higher load on the servers and delays mail delivery even more with the kind of volume we have. And unfortunately it's not always in the budget to toss in more servers, or upgrade the current ones.
1) He mentioned a static setup. 2) His ToS with his ISP is of no relevance or importance to you, nor should it be to the decision to accept mail. 3) You're an optimist. I have watched many people try to have static IP addresses delisted from many RBLs with no success whatsoever (and not due to spam coming from them, but because the RBL administrators said "static or not, you're an ISP customer, use their server".
It's not really his place as the customer to deal with the blacklist, the ISP should be doing that. If I had a customer come to me and tell me they got blacklisted just because of their IP range, I would contact the RBL on their behalf. It's my netblock after all. At least with SORBS they require contact with the network owner. Also, the ISP should have something to the effect of '.static.' somewhere in the reverse DNS for the netblock containing static IPs to avoid this. I am an optimist, but I also have dealt with this on some occasions.
Also, if he has his own domain, the ISP could setup his static IP to reverse resolve to his own domain. Toss in an SPF record, and I find it hard to believe he couldn't get delisted.
He should be in contact with his ISP if he wants it to work. He's paying them to handle his mail, among other things, so why shouldn't they work with him? If they won't, then get another ISP that will.
Says who? Why? Clue: abuse by malcontents is not a legitimate reason.
Says just about every admin who is sick to death of spam from compromised zombie machines. Why should mail be allowed to flow from end users directly to mail servers? Why is it against the law in the US for anyone but a mail carrier to put things in a mailbox? Forcing people to go through proper mail servers provides an extra layer of protection and accountability. The ISP will likely see the spammers and cut them off (or at least raise flags when the ISPs server itself gets blacklisted!), and there is little to gain by allowing everyone access.
Here's the mail server stats from yesterday on one server: 108125 sbl-xbl.spamhaus.org
29350 dynablock.njabl.org
11938 dul.dnsbl.sorbs.net
1586 dsn.rfc-ignorant.org
1465 web.dnsbl.sorbs.net
181 rhsbl.sorbs.net
133 http.dnsbl.sorbs.net
108 cbl.abuseat.org
83 socks.dnsbl.sorbs.net
63 relays.ordb.org
2 misc.dnsbl.sorbs.net
1 smtp.dnsbl.sorbs.net
Over 40,000 rejected messages from dynamic IP ranges. (I can't use the SORBS composite list because of their RBLs has a habit of blocking yahoo, hotmail, etc. I'd love to block them but my customers don't agree...)
I have yet to hear a single solitary complaint from anyone who had a message rejected by a dynamic range RBL, though I have had complaints about several other RBLs. We stopped using Spamcop's RBL because of too many complaints from customers.
And since when is abuse not a reason to close something off? Let me paraphrase: "Why aren't all servers open relays? Abuse by malcontents is not a legitimate reason." or "Why should I validate the input in my web application? Abuse by malcontents is not a legitimate reason." - We're talking about a security hole here, not fair use rights.
Spam is, unfortunately, not going away anytime soon. So we have to do whatever we can to block it and keep customers happy.
Unfortunately, attitudes like that are the exact reason that spam continues to get worse and worse. The reason it's so bad is because smtp is so broken and free-flowing. You should care about my opinon because I'm a sysadmin at an ISP, and people like me are who decide if your mail actually gets out.
I bet if you checked the ToS, it does prohibit servers.
Unfortunately very few ISPs (not even the one I admin) block outgoing smtp from anything but known servers. That's the best way to go. If your ISP is fine with running a server on a static IP, then it's trivial to let it pass through, you just have to let them know. Meanwhile the rest of the zombie horde gets nowhere. And with a policy like that, I doubt any RBL would ban them outright.
We do use a couple different dial-up list RBLs, though, and it helps a lot. I can grep the mail server logs and get some numbers if you don't believe me.
And why would I want to have to rely on my ISPs mailserver to be up to send outgoing mail? I like reliability, I don't like outages. I also don't want to rely on them to route my mail properly, decide I'm a spammer and block me, or whatever. Also, why would I want to make it easier for my ISP to snoop on my mail? (who knows if they'll send targeted advertising, etc).
If you don't mind all those things, fine. But there's very good reasons to not use your ISPs mailserver.
Then you're probably violating your ToS, unless you've paid for a business account with a static IP in which case they can be de-listed from RBLs.
Mail should NOT be coming from end-user dynamic IPs directly. Period. No excuses. Your ISP's mail servers exist for a reason, and secure relays such as Gmail exist for a reason.
I know around here the cable provider has a TLS/SSL/SMTP Auth setup for their customers to use remotely, yours might have one as well.
While this doesn't help your SQL problem, there are some really nice Network/Security posters by Javvin. I have their Network Protocols map up in my office and I was considering getting the network Security poster as well.
Even if it did manage to boot (which it might, if you're lucky) it would probably trigger the product activation routine, since the hardware has changed so much. That is, unless you're using a volume license copy that doesn't require activation.
Since SP2, we've had a lot more luck swapping motherboards and such and having Windows installs survive without needing a repair install. Sometimes it works, sometimes it doesn't. The odds are better lately, but it's still a roll of the dice.
I agree, plus: it actually runs Java! Opera 8.x would never run Java for me, it would silently crash/terminate. Most likely due to the fact that it was compiled for an older FreeBSD version and was running using compatibility libs.
I loaded up the Java package from the FreeBSD Foundation, pointed Opera's Java path to it, and it Just Works (tm). I'm looking at weather.gov's Java radar loop as we speak.
Probably the most important "feature" you get with a (D)SLR is changeable lenses.
Sure, but it's also a huge expense, on top of the expensive body. Especially for a decent zoom or lens with a large focal length (and a good enough aperature that you don't have to be in pure sunlight to stop motion...). I know the versatility of lenses. I have 2 film SLRs (Canon AE-1 and a Canon EOS Rebel Ti) and several lenses, filters, etc. I've took a photography class in college, but I'm still just an amateur/hobbyist, of course.
I'm sure your camera is good though, high end P&S cameras typically are good enough for most people.
Did you even look at the camera I'm talking about? I have a hard time calling it a point and shoot. It's a viable alternative for people who want a great camera but don't want to to spend tons of money into lenses. For the money I saved in going that route, I could buy backdrops, a bench, some stands, flashes, etc and still come out ahead of a DSLR.
Don't get me wrong, if you're a pro and you have the money to spend on the equipment, by all means the DSLRs are the best. I wish I had the money to burn. I'm just saying even for most amateurs they have no need for it, unless they just want a DSLR so they can brag around that they have one.
I think we've strayed enough off-topic though, now back to the Dvorak bashing.
heh, not quite. It's just a damn good camera. Check the reviews on it anywhere. B&H: 4.7/5, 12 reviews. Newegg: 5/5, 26 reviews. C-Net 6.9/10. Nextag 4/5, 29 reviews, etc, etc, etc.
It's no DSLR, that's for sure, but it's close enough for a fraction of what you would pay for the equivalent features on a DSLR.
Do what I did and say "Screw the DSLR!" and get a Panasonic/Lumix FZ-30. 8MP, Full auto or manual controls, 12X OPTICAL zoom, LCD viewfinder and rear screen, more features that you can shake a stick at, and it's only about $500. Sure, you don't get interchangable lenses, but that's a money sinkhole I didn't need. You can control just about anything you can think of and more on this camera.
I love this camera, I can't say one bad thing about it. It puts my film SLR to shame most of the time.
I've got an e815 from Verizon and I love it too. Apparently if you want the full bluetooth functionality on a Mac though, you have to first hack it on a PC.
It's not against their ToS to use it as a modem to connect to a dialup ISP, it's just not very efficient, I haven't tried it myself but I've heard of people only getting 11k connections, with a theoretical max of 14.4k.
It is sort-of against their ToS to use it to connect to their high-speed (144k) service. You run the risk that you *may* incur by-the-byte usage fees if you don't subscribe to the data plan. Reports vary about whether or not you'll ever be charged for this. I know some people who use it sparingly and never get charged. Others report that this only uses cell minutes off a NationalAccess plan as long as you're on a 1x network and not evdo.
If you're feeling lucky: Use ##DIALUP on the phone to enable dial-up networking, and you can connect by dialing #777 - Username: yourcellnumber@vzw3g.com / password: vzw
Google already has a TV presence. There is a channel on DirecTV (Channel 366) called "Current TV" and Google has a presence on there multiple times per hour. See The Schedule.
Current is also carried in a couple of other major markets. I'm surprised this hasn't been brought up more often.
I remember when reporting a broken website was as simple as going to Fork in the Head. Alas, the site doesn't really exist any more, only an explanation of why it had to stop.
EditPlus is nice, but it's still a far cry from UltraEdit.
I just wish there were an open source editor (for Windows or *nix) that came close to its functionality and ease of use. I've come to depend on load/save directly to FTP/SFTP, great column editing, etc. Kate comes close, but not quite close enough...
If you require identical hardware, some might complain that it's more suited to a particular system. Give them a fixed amount of money for the server. Or a fixed amount of other resources that might be the bottleneck (power, floorspace, maintenance time/month,...)
... And then turn it into a reality competition TV show! Sounds like something for The Discovery Channel. (I'd say for G4, but G4 sucks.)
Maybe they'll issue them to copy/feds and they'll just walk around taking pictures of people looking for known felons. Sort of a mobile version of what they tried with closed-circuit video systems a couple years ago.
One of the funniest games I have played in recent memory is "Simpsons: Hit And Run", a GTA-like game in The Simpsons universe. It's nothing but comedy wall-to-wall, and it's great. I replayed it several times and, at least to me, the humor didn't lessen.
Of course the Lucasarts classics are still the best, but in today's age where mass appeal is crucial, it's hard to find jokes that everyone will get, let alone find humorous.
They already tried this before... There was the "Multimedia PC" (MPC) spec that had level 1, 2, 3, etc based on whether or not your PC had a CD-ROM, sound card, graphics capable of 800x600 and so on.
Slashdot Mirror
No, I'm not uppity and a control freak, I'm just sick of spam and viruses.
I still maintain that allowing dynamic IP ranges to connect to our mail servers *is* a risk.
Right, I never said you were contributing to the problem. I said the attitude that everyone should be free to mail directly to other mail servers is what contributes to spam. If you have a mail server "properly" setup (i.e. valid hostname, reverse resolves, etc) then that is not a problem. Unfortunately you are also in the minority because you run secure updated machines...
As I mentioned in a reply to a different person, if you were one of my customers and you (being in one of my netblocks) ended up in an RBL, it would be my responsibility to get that cleared as the netblock representative. If you have been listed, and servers are allowed in your netblock, make your ISP fight to get it delisted.
Then you must have a very lenient ISP. From what I've seen, a lot of them ban servers in the ToS but never actually enforce it. That, or it's allowed due to the class of account you have.
I posted the numbers from one of our mail servers in another reply, but in short: we block about 40,000 messages per day on dynamic IP RBLs alone, and I have yet to hear anyone complain. When we get false positive RBL hits, our customers tend to complain. We have had to drop a couple (the composite NJABL and SORBS lists in favor of certain sub-lists, and the Spamcop RBL) because of complaints.
I'm not sure what the breakdown is on those with respect to how much are spam vs how much are viruses, but it's probably weighted more heavily toward spam.
Ideally, we'd let all of the mail through and let SpamAssassin weight the RBLs, but that puts a much, much higher load on the servers and delays mail delivery even more with the kind of volume we have. And unfortunately it's not always in the budget to toss in more servers, or upgrade the current ones.
It's not really his place as the customer to deal with the blacklist, the ISP should be doing that. If I had a customer come to me and tell me they got blacklisted just because of their IP range, I would contact the RBL on their behalf. It's my netblock after all. At least with SORBS they require contact with the network owner. Also, the ISP should have something to the effect of '.static.' somewhere in the reverse DNS for the netblock containing static IPs to avoid this. I am an optimist, but I also have dealt with this on some occasions.
Also, if he has his own domain, the ISP could setup his static IP to reverse resolve to his own domain. Toss in an SPF record, and I find it hard to believe he couldn't get delisted.
He should be in contact with his ISP if he wants it to work. He's paying them to handle his mail, among other things, so why shouldn't they work with him? If they won't, then get another ISP that will.
Says just about every admin who is sick to death of spam from compromised zombie machines. Why should mail be allowed to flow from end users directly to mail servers? Why is it against the law in the US for anyone but a mail carrier to put things in a mailbox? Forcing people to go through proper mail servers provides an extra layer of protection and accountability. The ISP will likely see the spammers and cut them off (or at least raise flags when the ISPs server itself gets blacklisted!), and there is little to gain by allowing everyone access.
Here's the mail server stats from yesterday on one server:
108125 sbl-xbl.spamhaus.org
29350 dynablock.njabl.org
11938 dul.dnsbl.sorbs.net
1586 dsn.rfc-ignorant.org
1465 web.dnsbl.sorbs.net
181 rhsbl.sorbs.net
133 http.dnsbl.sorbs.net
108 cbl.abuseat.org
83 socks.dnsbl.sorbs.net
63 relays.ordb.org
2 misc.dnsbl.sorbs.net
1 smtp.dnsbl.sorbs.net
Over 40,000 rejected messages from dynamic IP ranges. (I can't use the SORBS composite list because of their RBLs has a habit of blocking yahoo, hotmail, etc. I'd love to block them but my customers don't agree...)
I have yet to hear a single solitary complaint from anyone who had a message rejected by a dynamic range RBL, though I have had complaints about several other RBLs. We stopped using Spamcop's RBL because of too many complaints from customers.
And since when is abuse not a reason to close something off? Let me paraphrase: "Why aren't all servers open relays? Abuse by malcontents is not a legitimate reason." or "Why should I validate the input in my web application? Abuse by malcontents is not a legitimate reason." - We're talking about a security hole here, not fair use rights.
Spam is, unfortunately, not going away anytime soon. So we have to do whatever we can to block it and keep customers happy.
Unfortunately, attitudes like that are the exact reason that spam continues to get worse and worse. The reason it's so bad is because smtp is so broken and free-flowing. You should care about my opinon because I'm a sysadmin at an ISP, and people like me are who decide if your mail actually gets out.
I bet if you checked the ToS, it does prohibit servers.
Unfortunately very few ISPs (not even the one I admin) block outgoing smtp from anything but known servers. That's the best way to go. If your ISP is fine with running a server on a static IP, then it's trivial to let it pass through, you just have to let them know. Meanwhile the rest of the zombie horde gets nowhere. And with a policy like that, I doubt any RBL would ban them outright.
We do use a couple different dial-up list RBLs, though, and it helps a lot. I can grep the mail server logs and get some numbers if you don't believe me.
Then you're probably violating your ToS, unless you've paid for a business account with a static IP in which case they can be de-listed from RBLs.
Mail should NOT be coming from end-user dynamic IPs directly. Period. No excuses. Your ISP's mail servers exist for a reason, and secure relays such as Gmail exist for a reason.
I know around here the cable provider has a TLS/SSL/SMTP Auth setup for their customers to use remotely, yours might have one as well.
Whoops, didn't catch in the preview that I messed up the link, that should go to:
http://www.javvin.com/
While this doesn't help your SQL problem, there are some really nice Network/Security posters by Javvin. I have their Network Protocols map up in my office and I was considering getting the network Security poster as well.
There, I fixed that for you.
Even if it did manage to boot (which it might, if you're lucky) it would probably trigger the product activation routine, since the hardware has changed so much. That is, unless you're using a volume license copy that doesn't require activation.
Since SP2, we've had a lot more luck swapping motherboards and such and having Windows installs survive without needing a repair install. Sometimes it works, sometimes it doesn't. The odds are better lately, but it's still a roll of the dice.
There is currently an open source project trying to recreate X-Com using modern graphics and technology, etc.
It looks promising, but there is quite a ways to go yet:
http://www.projectxenocide.com/
I agree, plus: it actually runs Java! Opera 8.x would never run Java for me, it would silently crash/terminate. Most likely due to the fact that it was compiled for an older FreeBSD version and was running using compatibility libs.
I loaded up the Java package from the FreeBSD Foundation, pointed Opera's Java path to it, and it Just Works (tm). I'm looking at weather.gov's Java radar loop as we speak.
So far, I'm very pleased.
Did you even look at the camera I'm talking about? I have a hard time calling it a point and shoot. It's a viable alternative for people who want a great camera but don't want to to spend tons of money into lenses. For the money I saved in going that route, I could buy backdrops, a bench, some stands, flashes, etc and still come out ahead of a DSLR.
Don't get me wrong, if you're a pro and you have the money to spend on the equipment, by all means the DSLRs are the best. I wish I had the money to burn. I'm just saying even for most amateurs they have no need for it, unless they just want a DSLR so they can brag around that they have one.
I think we've strayed enough off-topic though, now back to the Dvorak bashing.
heh, not quite. It's just a damn good camera. Check the reviews on it anywhere.
B&H: 4.7/5, 12 reviews. Newegg: 5/5, 26 reviews. C-Net 6.9/10. Nextag 4/5, 29 reviews, etc, etc, etc.
It's no DSLR, that's for sure, but it's close enough for a fraction of what you would pay for the equivalent features on a DSLR.
Do what I did and say "Screw the DSLR!" and get a Panasonic/Lumix FZ-30. 8MP, Full auto or manual controls, 12X OPTICAL zoom, LCD viewfinder and rear screen, more features that you can shake a stick at, and it's only about $500. Sure, you don't get interchangable lenses, but that's a money sinkhole I didn't need. You can control just about anything you can think of and more on this camera.
I love this camera, I can't say one bad thing about it. It puts my film SLR to shame most of the time.
I've got an e815 from Verizon and I love it too. Apparently if you want the full bluetooth functionality on a Mac though, you have to first hack it on a PC.
9 .php0 501151747917
It's not against their ToS to use it as a modem to connect to a dialup ISP, it's just not very efficient, I haven't tried it myself but I've heard of people only getting 11k connections, with a theoretical max of 14.4k.
It is sort-of against their ToS to use it to connect to their high-speed (144k) service. You run the risk that you *may* incur by-the-byte usage fees if you don't subscribe to the data plan. Reports vary about whether or not you'll ever be charged for this. I know some people who use it sparingly and never get charged. Others report that this only uses cell minutes off a NationalAccess plan as long as you're on a 1x network and not evdo.
If you're feeling lucky: Use ##DIALUP on the phone to enable dial-up networking, and you can connect by dialing #777 - Username: yourcellnumber@vzw3g.com / password: vzw
I have a PC, but I found this thread that talks about using Verizon dialup on a Mac:
http://forums.macnn.com/showthread.php?p=2614216
Which points to:
http://stevenfettig.com/mythoughts/archives/00018
and
http://www.macosxhints.com/article.php?story=2005
Both of which have more info on using an e815 (or a v710, the e815's even more crippled little sibling) on a Mac, and with Bluetooth.
What, you mean it's not pronounced SQuirreL?!
Google already has a TV presence. There is a channel on DirecTV (Channel 366) called "Current TV" and Google has a presence on there multiple times per hour. See The Schedule.
Current is also carried in a couple of other major markets. I'm surprised this hasn't been brought up more often.
I remember when reporting a broken website was as simple as going to Fork in the Head. Alas, the site doesn't really exist any more, only an explanation of why it had to stop.
EditPlus is nice, but it's still a far cry from UltraEdit.
I just wish there were an open source editor (for Windows or *nix) that came close to its functionality and ease of use. I've come to depend on load/save directly to FTP/SFTP, great column editing, etc. Kate comes close, but not quite close enough...
If you require identical hardware, some might complain that it's more suited to a particular system. Give them a fixed amount of money for the server. Or a fixed amount of other resources that might be the bottleneck (power, floorspace, maintenance time/month,...)
... And then turn it into a reality competition TV show! Sounds like something for The Discovery Channel. (I'd say for G4, but G4 sucks.)
See the SANS "Survival Time" data - It's currently at 21 minutes, but it has been 15 minutes in the past.
Maybe they'll issue them to copy/feds and they'll just walk around taking pictures of people looking for known felons. Sort of a mobile version of what they tried with closed-circuit video systems a couple years ago.
Well of course they do, but if I acknowledged that, there wouldn't have been a joke, would there?
But what if you have to call an ambulance after getting into a car accident that damaged your face? :)
One of the funniest games I have played in recent memory is "Simpsons: Hit And Run", a GTA-like game in The Simpsons universe. It's nothing but comedy wall-to-wall, and it's great. I replayed it several times and, at least to me, the humor didn't lessen.
Of course the Lucasarts classics are still the best, but in today's age where mass appeal is crucial, it's hard to find jokes that everyone will get, let alone find humorous.
They already tried this before... There was the "Multimedia PC" (MPC) spec that had level 1, 2, 3, etc based on whether or not your PC had a CD-ROM, sound card, graphics capable of 800x600 and so on.
This was back in the days of Windows 3.1, even.