It would be nice to have one XHTML file on disk that would be served as application/xhtml+xml to clients that Accept it and as text/html to the others. Guess that could be done with mod_rewrite. However, you'd also need not to include the <?xml... ?> declaration and processing instructions in that case, and for that you'd already need content handler (assuming Apache) that would work on the data in the stream, not just the meta information.
Just switching everything to application/xhtml+xml will not work if a reasonable percentage of user agents won't render it.
I see. Then you'll have to negotiate with your ISP to make the delay configurable on per-user basis and give you web interface to it. And switch it off for your sales@ and info@ addresses. It just stroke me that everyone started to be very excited about the one hour as if it was set in stone.
Yes, for me the one hour might be a nuisance as well if I just talked to someone over the phone and he said "I'm sending it right now" and it didn't arrive immediately. I'm used to instant deliveries.
On the other hand, I get about a hundred spams a day, of which 10 percent is not caught by SpamAssassin, and I still have to scan through the marked headers of them to see if no false positive slipped in. If this daily load was stopped right at the incoming relay and the extra delay caused other antispam measures to give better results because they already got the spam and analyzed it in the meantime, I will definitely live with the delay. The huge advangate of the greylisting approach is that there will never be any false positives.
It's all about how user friendly it will be for the end user to set the option "for 10 minutes, receive any email for me", "make the delay 5 minutes for me", or the like.
I can even think of reverse whitelisting: if you wrote to someone, that recipient would get to the database as a whitelist sender address for (let's say, not set in stone:-) a day, so when he responded to you, you'd get the response instantly.
It's just the details. Overall, I think it *could* work.
Why is everyone so wild with the one hour limit? Just make it 5 minutes for a start if one hour is too much for you. You'll see how it works and can adjust accordingly.
If you know some web site will be sending you email because you forgotten a password and had a new one generated, just click and whitelist your address for those couple of minutes.
(Then you'll forgot to remove it from the whitelist and when then next 20 spams lands in your mailbox, you'll be happy rushing to get the one hour delay protection again.)
I installed about 20 versions of various Wine products over the time in search for working internet banking solution (that needs MS Java or something like that) and had big troubles getting the thing installed and configured properly with each new version. Never did the previous ~/.wine/config work out of box, and the config that came with the distribution failed as well.
There are various things that need to be configured. Some of them I know best and they will never change between various wine versions (like where my Win ME partition is), about some I have no opinion (like whether for particular DLL the order is builtin, native or vice versa). The config should be split and the second part with the technical details should be autoconfigurable, ideally with a bunch of regression tests like Perl and Perl modules have, which would make it easier to check if the configuration and features supported matches ideas of Wine developers. I really do not know (or care) if the correct line is
"msvcrt" = "native, builtin"
or not and I believe I have no simple way of figuring it out (except trying all combinations at all lines, and even there my MS IE might fail because of MS or Wine bug, not because of misconfig).
.NET bytecode? What kind of bytecode does.NET have? Perhaps what you meant was CLI bytecode?
Anyway, why bother with this if you have Java, working fairly well? Yes, I hate Java/ActiveX/JavaScript/all the latest technology being used and abused in situations where simple CGI will do just fine, but sometimes its use is reasonable.
Signing doesn't solve the problem because there are buggy programs that are signed. So anybody can distribute them and you will happily run it. And revocation doesn't work because nobody really does it.
The only reasonable solution is to have an on-line repository of known checksums. And any time you'd need to run something unknown, you'd check the MD5 sum of the program against the database.
It could be used instead of rpm -Va as well. You wouldn't need to trust the (potential modified) rpm database on your disk, you'd check against central database.
The "upgrade" page crashed my NN 3.04, which is the only reasonable browser to run on my SGI Indy machine because of speed and memory requirements. And which still displays majority of sites I care about reasonable well.
I don't buy the "education" crap. It's the same as those sites that require you to use MS IE -- why don't they simply serve their standard page and let me decide if it is usable or not? Why do they think they know better than me what is good for me?
Even if on hacked machine or on Windows you can report any identity you want, it's one of the ways to tell that the visitor is coming from civilized part of the world. From a machine that tries to play nicely with others, and runs identd. Many sites or FTP servers refuse access if you don't have correct reverse DNS, again, not so much for security reasons as to enforce that administrators on the other end take elementary care for their machines.
Slashdot Mirror
It would be nice to have one XHTML file on disk that would be served as application/xhtml+xml to clients that Accept it and as text/html to the others. Guess that could be done with mod_rewrite. However, you'd also need not to include the <?xml ... ?> declaration and processing instructions in that case, and for that you'd already need content handler (assuming Apache) that would work on the data in the stream, not just the meta information.
Just switching everything to application/xhtml+xml will not work if a reasonable percentage of user agents won't render it.
I see. Then you'll have to negotiate with your ISP to make the delay configurable on per-user basis and give you web interface to it. And switch it off for your sales@ and info@ addresses. It just stroke me that everyone started to be very excited about the one hour as if it was set in stone.
:-) a day, so when he responded to you, you'd get the response instantly.
Yes, for me the one hour might be a nuisance as well if I just talked to someone over the phone and he said "I'm sending it right now" and it didn't arrive immediately. I'm used to instant deliveries.
On the other hand, I get about a hundred spams a day, of which 10 percent is not caught by SpamAssassin, and I still have to scan through the marked headers of them to see if no false positive slipped in. If this daily load was stopped right at the incoming relay and the extra delay caused other antispam measures to give better results because they already got the spam and analyzed it in the meantime, I will definitely live with the delay. The huge advangate of the greylisting approach is that there will never be any false positives.
It's all about how user friendly it will be for the end user to set the option "for 10 minutes, receive any email for me", "make the delay 5 minutes for me", or the like.
I can even think of reverse whitelisting: if you wrote to someone, that recipient would get to the database as a whitelist sender address for (let's say, not set in stone
It's just the details. Overall, I think it *could* work.
Why is everyone so wild with the one hour limit? Just make it 5 minutes for a start if one hour is too much for you. You'll see how it works and can adjust accordingly.
If you know some web site will be sending you email because you forgotten a password and had a new one generated, just click and whitelist your address for those couple of minutes.
(Then you'll forgot to remove it from the whitelist and when then next 20 spams lands in your mailbox, you'll be happy rushing to get the one hour delay protection again.)
By that time, the IP will be listed in most other spam fighting databases.
I installed about 20 versions of various Wine products over the time in search for working internet banking solution (that needs MS Java or something like that) and had big troubles getting the thing installed and configured properly with each new version. Never did the previous ~/.wine/config work out of box, and the config that came with the distribution failed as well.
There are various things that need to be configured. Some of them I know best and they will never change between various wine versions (like where my Win ME partition is), about some I have no opinion (like whether for particular DLL the order is builtin, native or vice versa). The config should be split and the second part with the technical details should be autoconfigurable, ideally with a bunch of regression tests like Perl and Perl modules have, which would make it easier to check if the configuration and features supported matches ideas of Wine developers. I really do not know (or care) if the correct line is
"msvcrt" = "native, builtin"
or not and I believe I have no simple way of figuring it out (except trying all combinations at all lines, and even there my MS IE might fail because of MS or Wine bug, not because of misconfig).
.NET bytecode? What kind of bytecode does .NET have? Perhaps what you meant was CLI bytecode?
Anyway, why bother with this if you have Java, working fairly well? Yes, I hate Java/ActiveX/JavaScript/all the latest technology being used and abused in situations where simple CGI will do just fine, but sometimes its use is reasonable.
And how about the buffer overrun in programs signed by Microsoft? See http://slashdot.org/articles/02/11/21/1317229.shtm l?tid=172
Signing doesn't solve the problem because there are buggy programs that are signed. So anybody can distribute them and you will happily run it. And revocation doesn't work because nobody really does it.
The only reasonable solution is to have an on-line repository of known checksums. And any time you'd need to run something unknown, you'd check the MD5 sum of the program against the database.
It could be used instead of rpm -Va as well. You wouldn't need to trust the (potential modified) rpm database on your disk, you'd check against central database.
Anybody upto building such a thing?
The "upgrade" page crashed my NN 3.04, which is the only reasonable browser to run on my SGI Indy machine because of speed and memory requirements. And which still displays majority of sites I care about reasonable well.
I don't buy the "education" crap. It's the same as those sites that require you to use MS IE -- why don't they simply serve their standard page and let me decide if it is usable or not? Why do they think they know better than me what is good for me?
Oh well.
The business harmed its competitors. Because if they have large ads about cheap stuff, it rides the mood of the buyers into those lower prices.
Even if on hacked machine or on Windows you can report any identity you want, it's one of the ways to tell that the visitor is coming from civilized part of the world. From a machine that tries to play nicely with others, and runs identd. Many sites or FTP servers refuse access if you don't have correct reverse DNS, again, not so much for security reasons as to enforce that administrators on the other end take elementary care for their machines.
And increasingly popular "... cannot be considered spam". It is enough to grep the last 10 or so lines of the mail for this phrase.