real-time content filtering _before_ mail is accepted
About time. I've been doing this with Exim and Exiscan for almost 2 years now. It's nice to see other MTA's begin to incorporate this functionality. Now, if everyone upgrades and takes advantage of this wonderful feature, maybe the number of false NDR's I receive due to forged senders will start to go down...
We use Google as our home page exclusivly for student accounts. I'll be firing up my group policy editor Wednesday night. Now I just have to decide between Elmur Fudd, Bork bork bork, or Pig latin!
The option should at least be disabled by default.
It is with most newer versions of products (Trend, Sophos, Sybari, to name a few). Older versions had this on by default, but when they were released, viruses weren't forging FROM headers the way they are now. Additionally, when upgrading versions, the old settings tend to get preserved, thus perpetuating the problem.
I also wouldn't go so far as to call this a dangerous feature. It was designed to be a useful tool to help STOP the spread of viruses. I think a better compromise would be to enable notification back to the sender only if the detected virus is know NOT to be a FROM forger, with the option to disable it completely.
The author of this article seems to think that the AV companies are the one to blame for this. In fact, every AV product I've ever worked with at the mail server level has allowed you to turn this functionality off. Any decent mail server admin should be doing this themselves. It's the same kind of ignorance and stupidity that allows 3 year old exploits to continue to propagate.
These kinds of problems are most certainly related to file and/or registry permissions. Working at a K-12, I'm often troubleshooting software that won't run as a normal user. I've found the majority of the problems are related to poorly written software trying to add and modify files to the SYSTEMROOT directory (usually c:\windows or c:\winnt). The rest are usually solved by opening up permissions on the applications registry keys under HKLM.
Get yourself a copy of RegMon and FileMon from Sysinternals. You'll need to logon as an Administrator, start up reg or filemon, then do a RunAs on the application to run it as a normal user. You'll probably want to filter the output of reg/filemon to only show activity of the app itself, otherwise you'll be looking at all activity on the system. Look for ACCESS DENIED errors in places where normal users can't usually write. Slowly open up those areas to modify access until you've found a solution.
If you intend on making this a life-long hobby, I would seriously consider this from the perspective of building your equipment base. You don't want to start with a Pentax and find that in 2 years you want something better and have to scrap everything and start from scratch. In my mind, there are only two choices: Nikon or Canon. I'd go with Nikon.
Pickup a used Nikon FE or FE2 off of eBay (I've also had several good experiences with KEH), get yourself a 50mm 1.4/f or 1.8/f lense and go to it. I spent a year learning with an FE2 and a 50mm before I even considered another lense. I fell in love with manual focus and match-needle metering.
The nice thing about a Nikon system is that you can use all of their AI lenses developed since the 70's with just about any of their bodies, including some of their digital SLRs. So when you decide you're ready for a more automatic camera, including one of with autofocus, you can still use your manual kit with it. You can't do that with a Canon. Don't get me wrong, Canon's USM lenses are the bomb, and their digital gear is simply amazing, but you can't use their older (thus, cheaper) manual kit with their newer automatic cameras. This puts you in the position of either starting with an automatic system and possibly not learning as much, or starting with manual gear, and then having to buy everything again when you go automatic.
Finally, stop over to Photo.net and start reading. Phillip's a bit of a zealot, but he gives excellent advice with a solid foundation of knowledge.
Find someone who does HR consulting, and have them give you a resume structure for your type of work experience, including NDAs. You may have to disassociate actual projects with the employers, but I don't see why you couldn't list your employers in one section, and general project details in another. Again, an HR/Resume consultant can help you structure this much better than Slashdot.
They have come down in price. I paid upwards of $350 for my USR Sportster 28.8 modem when v.34 was first approved back in 1994. If I could have bought even a 28.8 for $120 back in 1994, I would have bought two, and sold the other through a BBS for a tidy profit (ah, the days before eBay).
DSL / Broadband reports is not a DSL provider. They are a website devoted to issues surrounding broadband Internet access. While I fail to see any real useful information in the post (or the thread), I also fail to see how this is advertisting. Their site doesn't even contain ads.
They don't have access to your TV viewing habits. They have access to your zip code's TV viewing habits, which happens to include you. This should hardly upset you, as it doesn't really concern you, as an individual.
I use this extensively with my Lucent/Orinoco wireless APs. Been doing it for about 2 years now. It's also part of 3Com's Ethernet switch/jack technology, and has been implemented for VoIP.
I've found it to be a godsend for my wireless APs, as I can mount my APs near the ceiling (away from students), and not have to worry about finding an outlet, or having them unplugged by the cleaning crew!
Plus, can you imagine a potential client of your company e-mailing for information, only be sent a TDMA message? I'd bet money that person would either not no what to do, or just ignore the message and think you never got back to them.
When you hire the person, make them sign something saying that any proprietary code they develop for the company becomes the property of the company.
This is unncessary. Any code developed by a company employee as paid work is automatically the property of the company. Not so with contractors, but definitly with employees. I just went to a conference on this.
Did you consider interest? Add in the interest (ammortize it, not flat) at 4% (a good rate these days) and then calculate how much it costs you. It's not that simple.
Any decent financial planner should be able to put together a simple investment plan for your for about $400. I had an American Express advisor do it for me. We met in person, exchanged information, filled out some forms. Over a few weeks of e-mails and simple questions, I had a solid plan to follow for several years. It was a good idea, as he knew way more than I did, and I could spend my time learning Python instead of every nook and cranny of the finance world.
Oh, I'm not saying it couldn't be done, I was just flashing back to the days when juggling IRQ's via dipswitches or jumpers was an art. Nothing like interupting your music playback everytime you moved your mouse!
I guess, though, you also have to take into account everything else a system would have. A standard, onboard IDE controller uses 2 IRQ's. Onboard and add-in RAID uses 1, NIC, USB, firewire, sound, legacy ports, all use 'em. Thank god for IRQ sharing.
Anyone that actually saw the site know how he hooked up all those drives? I'm guessing motherboard IDE, motherboard RAID, and three PCI IDE cards. Wow, talk about IRQ hell.
Slashdot Mirror
I think some of the guys at Microsoft may have used this at some point, also. Odd numbered NT service packs were a nightmare.
In particular, NT4 SP5 was about as stable as Windows ME on a Cyrix chip...
About time. I've been doing this with Exim and Exiscan for almost 2 years now. It's nice to see other MTA's begin to incorporate this functionality. Now, if everyone upgrades and takes advantage of this wonderful feature, maybe the number of false NDR's I receive due to forged senders will start to go down...
Is it already April 1st somewhere?
Best, idea, ever.
We use Google as our home page exclusivly for student accounts. I'll be firing up my group policy editor Wednesday night. Now I just have to decide between Elmur Fudd, Bork bork bork, or Pig latin!
It is with most newer versions of products (Trend, Sophos, Sybari, to name a few). Older versions had this on by default, but when they were released, viruses weren't forging FROM headers the way they are now. Additionally, when upgrading versions, the old settings tend to get preserved, thus perpetuating the problem.
I also wouldn't go so far as to call this a dangerous feature. It was designed to be a useful tool to help STOP the spread of viruses. I think a better compromise would be to enable notification back to the sender only if the detected virus is know NOT to be a FROM forger, with the option to disable it completely.
The author of this article seems to think that the AV companies are the one to blame for this. In fact, every AV product I've ever worked with at the mail server level has allowed you to turn this functionality off. Any decent mail server admin should be doing this themselves. It's the same kind of ignorance and stupidity that allows 3 year old exploits to continue to propagate.
...idiots. RTFP.
Suits up fireproof jacket...
These kinds of problems are most certainly related to file and/or registry permissions. Working at a K-12, I'm often troubleshooting software that won't run as a normal user. I've found the majority of the problems are related to poorly written software trying to add and modify files to the SYSTEMROOT directory (usually c:\windows or c:\winnt). The rest are usually solved by opening up permissions on the applications registry keys under HKLM.
Get yourself a copy of RegMon and FileMon from Sysinternals. You'll need to logon as an Administrator, start up reg or filemon, then do a RunAs on the application to run it as a normal user. You'll probably want to filter the output of reg/filemon to only show activity of the app itself, otherwise you'll be looking at all activity on the system. Look for ACCESS DENIED errors in places where normal users can't usually write. Slowly open up those areas to modify access until you've found a solution.
If you intend on making this a life-long hobby, I would seriously consider this from the perspective of building your equipment base. You don't want to start with a Pentax and find that in 2 years you want something better and have to scrap everything and start from scratch. In my mind, there are only two choices: Nikon or Canon. I'd go with Nikon.
Pickup a used Nikon FE or FE2 off of eBay (I've also had several good experiences with KEH), get yourself a 50mm 1.4/f or 1.8/f lense and go to it. I spent a year learning with an FE2 and a 50mm before I even considered another lense. I fell in love with manual focus and match-needle metering.
The nice thing about a Nikon system is that you can use all of their AI lenses developed since the 70's with just about any of their bodies, including some of their digital SLRs. So when you decide you're ready for a more automatic camera, including one of with autofocus, you can still use your manual kit with it. You can't do that with a Canon. Don't get me wrong, Canon's USM lenses are the bomb, and their digital gear is simply amazing, but you can't use their older (thus, cheaper) manual kit with their newer automatic cameras. This puts you in the position of either starting with an automatic system and possibly not learning as much, or starting with manual gear, and then having to buy everything again when you go automatic.
Finally, stop over to Photo.net and start reading. Phillip's a bit of a zealot, but he gives excellent advice with a solid foundation of knowledge.
Resume expert.
Find someone who does HR consulting, and have them give you a resume structure for your type of work experience, including NDAs. You may have to disassociate actual projects with the employers, but I don't see why you couldn't list your employers in one section, and general project details in another. Again, an HR/Resume consultant can help you structure this much better than Slashdot.
Ugh, the main site is swamped, and none of the mirrors have been updated yet.
Anyone have a .torrent link for these?
They have come down in price. I paid upwards of $350 for my USR Sportster 28.8 modem when v.34 was first approved back in 1994. If I could have bought even a 28.8 for $120 back in 1994, I would have bought two, and sold the other through a BBS for a tidy profit (ah, the days before eBay).
DSL / Broadband reports is not a DSL provider. They are a website devoted to issues surrounding broadband Internet access. While I fail to see any real useful information in the post (or the thread), I also fail to see how this is advertisting. Their site doesn't even contain ads.
When they get to some MP3 or Vorbis streaming, let me know.
WAMU, the Washington D.C. NPR station does MP3 streaming.
They don't have access to your TV viewing habits. They have access to your zip code's TV viewing habits, which happens to include you. This should hardly upset you, as it doesn't really concern you, as an individual.
I use this extensively with my Lucent/Orinoco wireless APs. Been doing it for about 2 years now. It's also part of 3Com's Ethernet switch/jack technology, and has been implemented for VoIP.
I've found it to be a godsend for my wireless APs, as I can mount my APs near the ceiling (away from students), and not have to worry about finding an outlet, or having them unplugged by the cleaning crew!
There are better methods. Message analysis (ala SpamAssassin), spam clearing houses (ala Razor), RBLs, bayesian filters, and sender address verification. I use all five at my site, and my users are happy.
Plus, can you imagine a potential client of your company e-mailing for information, only be sent a TDMA message? I'd bet money that person would either not no what to do, or just ignore the message and think you never got back to them.
When you hire the person, make them sign something saying that any proprietary code they develop for the company becomes the property of the company. This is unncessary. Any code developed by a company employee as paid work is automatically the property of the company. Not so with contractors, but definitly with employees. I just went to a conference on this.
Did you consider interest? Add in the interest (ammortize it, not flat) at 4% (a good rate these days) and then calculate how much it costs you. It's not that simple.
Any decent financial planner should be able to put together a simple investment plan for your for about $400. I had an American Express advisor do it for me. We met in person, exchanged information, filled out some forms. Over a few weeks of e-mails and simple questions, I had a solid plan to follow for several years. It was a good idea, as he knew way more than I did, and I could spend my time learning Python instead of every nook and cranny of the finance world.
Oh, haven't you heard?
They've delayed DNF due to a platform switch. This one looks REALLY good!
however if you turn on the Themes service in win2003, they come right back.
Why in god's name would you turn on the Themes service on a server?
Take WinXP, and set the visual effects to "Best Performance", and you'll see what the interface for Win2k3 looks like.
Oh, I'm not saying it couldn't be done, I was just flashing back to the days when juggling IRQ's via dipswitches or jumpers was an art. Nothing like interupting your music playback everytime you moved your mouse!
I guess, though, you also have to take into account everything else a system would have. A standard, onboard IDE controller uses 2 IRQ's. Onboard and add-in RAID uses 1, NIC, USB, firewire, sound, legacy ports, all use 'em. Thank god for IRQ sharing.
Damn, /.'ed already...
Anyone that actually saw the site know how he hooked up all those drives? I'm guessing motherboard IDE, motherboard RAID, and three PCI IDE cards. Wow, talk about IRQ hell.
Not as many helloworld.pl's!