"All email that gets forwarded out gets full draconian spam protection or stays local"
2 - Precision targetting
Prevention:
ISP's maintain comprehensive whitelists of proven responsible reliable and clean mailhosts...blacklisting based on spam reports nails the spammer BEHIND the whitelisted server.
ISP's who repeatedly generate high ratio spam lose whitelisted status. Deservedly so.
3 - Appeals Process
Mitigation:
ISP maintain an effective and quick mechanism for appeals to be received handled and investigated
If you do none of the above you are absolutely correct. AOL is out to get you! After-all, YOU are the ISP TFA is describing.
Without source code your SOL. As you deserve to be. Call it an expensive lesson, pick up the phone and pay for a real coder who gives you real code.
Outsourcing programming tasks without receiving the programming just the program, is similar to purchasing a book and instead of getting it, having someone call you up and read it you over the phone, real quick-like.
Whats better? To lose access for a bit until corrective measures can be taken or have that not so super random and long account password be brute forced overnight?
Doing this by host ip may be more granular however.
The less of these people on my net, the happier I will be. These are the spam zombies, html email senders, top posters, microserf addicts. WHo needs them? We will all be better off.
This is only a problem for those of us who like to see open source software become part of a proprietary commercial software offering. IOW, noone who agrees with RMS's views on the issue.
So they will get what they asked for by not copylefting the software.
I for one think that much more important would be an update to the APT system that did these things much smoother than gets done today:
- Selection and failover (possibly using multiples) of different mirrors, automatically. I would rather not have to manage the source.list and I am quite sure no newb wants to, even from synaptic.
Settings up bittorrent trackers or gnuttella networks for this might be worthwhile as well.
- Dependency resolution has started to see some cracks. Virtual packages that force you to choose one manually and so on so forth.
- More cryptography signing and verification for packages.
- An easier way to search for available packages based upon filename, title, description, man pages provided so on so forth.
- a mode whereby you can safely schedule apt-get upgrade to run from cron. Currently thats not completely safe to do without any human interaction. Call it apt-get computer-upgrade.
- single step update and upgrade (apt-get update upgrade)
APT while revolutionary in its time is starting to show its age relative to what we should be able to expect today.
The last time a customer of mine turned that on, it generated double bounces up the wazoo for ME and forged headers and all kinds of nasty stuff.
I denied him outbound email till he swore never to turn it on again.
Dont attempt to fight abuse with more. Your abuse does not matter to the spackers and annoys the crap out of people who keep your email flowing.
This fellow hasnt gotten any spam since Dec 5? Strange that he attributes that the system being down for two days instead of to Exchanges 2003's (the version I presume he got upgraded to) improved anti-spam capabilities (read RBLs [which are extremely effective if you use enough of them]).
Those capabilities while nowhere near the flexibility of sendmail/milter/spamassasin/procmail or whatever else your OSS mix is are good enough that plenty of mail admins are now using it.
I find the talk of "bounce id" "message id" "email id" very naive. Spammers dont prune their email lists faithfully and they dont care about your bounces. (Even "legitimate" email lists often care nothing about bounces).
Lets here back from this fellow after he talks to his email admins (did not sound as if he is one) before he spins theories on why he has less spam.
I just hooked up my LG vx6000 phone to an updated Debian Sarge with a usb cable. I had to download, compile and load the 2.6 kernel module cdc-acm but after that the going was easy. #777 myphonenumber@vzw3g.com vzw and I am in.
Actually, everyone with experience on ms software knows two things:
Reinstalling OS puts non corrupt versions of files on the system and hopefully fixes the so-complex-you-might-as-well-call-it-magic registry soup of interlocking relationships.
Service Packs do much of the same.
So yes, it is magic dust. Sometimes it works good and sometimes it works bad.
Seems to me (strictly from what I just read) that these changes will lead to users who just want their kernel to work will either either use their distro's or stay on 2.4
Seems to me that planning on NOT offering a usuable stable product and relying on significant and independant effort by third parties is not the way to go about keeping your users happy.
Seems to me that this will cause way more forking pressure. This may even open the possibility for a new vanilla stable kernel fork, not distro specific. Perhaps called 2.6-Stable?
When you have a bad feeling after reading the news, that usualy means the news was not good.
I have followed your work and online "publications". Kudos to you and your work. The ignorant among here cam flame off all they want. "But But But you Cant BLOCK them!!!!"
Well you have my vote. Keep up the good work. Personally I think AHBL has to much patience. The less patience you have, the less stress. I live in fear of a time when blocklists admins throw in the towel, disgusted with the whole mess and lack of cooperation and appreciation. Its in my best for that not to happen.
Nobody want to take any responsibility for their own needs. You cant send mail because your ISP is on a list? That means that the destination has chosen a standard that YOU DONT MEET. DO SOMETHING about it, like complain to your ISP and stop supporting (indirectly) the breakage of the net.
The net as we knew it is gone. The time for tolerance is gone. We are facing a inevitable future where the net splits into factions. My vote will be for the faction that does not tolerate any abuse from anyone else.
There will emerge to parts of the net. Those that only communicate with the parts that are unabusive and themselves do not communicate with the abusive parts and the rest of the net which does.
Eventualy, everyone tired of the bird crap raining down on their network will cross over into the white.
The ignorant users living in (sofar) mostly blissfull protection by their overworked and underappreciated admins will be dragged kicking and screaming into this future, but there will be no choice.
Did you ever think you would see the day where claiming the source of an email address that did not happen to be yours would be a crime?
SMTP has no concept of authenticating the source email address of an email message.
There are already laws on the books for all material crimes and damages that happen to be performed using the net as the medium.
Libel if you use the source address to libel people. Fraud if you use it to defraud people. Monetary damages if you intentionaly reverse-triggered a DDOS on someone.
AND the rest? Thats the price you pay for being on a network where convenience is the goal. Dont like it, get off. Everyone knows convenience and security do not mix well.
But 471 years on hacking charges?
This goes to underscore that the net is not some magical new world that needs new laws. What it needs is everyday laws being better enforced.
Technicaly speaking, rate-limiting bounces in mail servers would probaly prevent massive attacks like this.
Where is the class action suit by users and distributors of Linux against SCO for libel and FUD?
Why are we not seeing "shit or get off the pot" legal action by any major US players?
I dont get it. Its perfectly legit for my server smtp.example.com to ehlo/helo to you as smtp.example.com and say mail from: me@example.net
In fact most ISP's would not be able to send any mail anywhere unless they had a seperate system for each senders domain. Which when you consider that idealy your ISP should provide smtp relay services to you @ at whatevervaliddomainyouhave.com - since they control your net connection and can enforce an Acceptable Use Policy. Furthermore, if this became prevalent I would look up at hacking sendmail to ehlo as sender domain if it matched in class w so as to send to all the idiots out there my lusers want to talk to.
You dont understand SMTP
The methods you ask for all currently exist in current smtp implementations. STARTTLS, SMTPAUTH and the like are all fairly prevalent in most MTA's. What you are really asking is for people to throw the switch and refuse to accept mail unless its been properly certified and authenticated with these methods. Considering how much agony goes into closing open relays the short answer is that it won't happen before Linux achieves World Domination
Everyone needs to learn that the world does not revolve around them. Respecting your elders and for that matter anyone else helps that.
Idealy the explanation would be something offered to your child, but never demanded by your child.
Sure performance can be a bit rocky and one crash wipes the whole thing out - but I have been using this suite for years and I don't think I want to see it change this way.
And what I would like is a system which judges the songs you like by how often you listen to the ( entire | majority ) of the song before skipping/jumping elsewhere. Included in this calculation would be 'mood' determination based on your actions for the past x compared to what you did say yesterday - whihc you could then label what mood is what. Furthermore a system like should be able to statistacly realize when you ran to the john and left the thing playing or were in DHM and didnt realize how bad the crap playing in your ears actualy was.
Use this to match up to others playlists, make shuffle mode more intelligent etc....
Sure they have a reason. Digital Rights Management. Statistics. Directed Marketing. Enforcing Kiddie Porn.
When you have all the technical pieces fitting together, whats to stop them from doing what they want with submitted data and unique ID? I am sure you realize its a simple matter of OK we can get away with it now, press the record button on the admin page.
As if you would be able to tell the difference with your network sniffer?
I see no basis for us as end users to have any sort of faith in the 'Well sure we collect data on you. But we dont DO anything with it...let me sell you a fine bridge
pursuant to our current policy set by us, which may be changed at any point. This is not a guarantee. No goods and services were exchanged
Slashdot Mirror
Free But Shackled - The Java Trap
Three things to handle this problem...
1 - Good neighbor policy
Prevention:
"All email that gets forwarded out gets full draconian spam protection or stays local"
2 - Precision targetting
Prevention:
ISP's maintain comprehensive whitelists of proven responsible reliable and clean mailhosts...blacklisting based on spam reports nails the spammer BEHIND the whitelisted server.
ISP's who repeatedly generate high ratio spam lose whitelisted status. Deservedly so.
3 - Appeals Process
Mitigation:
ISP maintain an effective and quick mechanism for appeals to be received handled and investigated
If you do none of the above you are absolutely correct. AOL is out to get you! After-all, YOU are the ISP TFA is describing.
Without source code your SOL. As you deserve to be.
Call it an expensive lesson, pick up the phone and pay for a real coder who gives you real code.
Outsourcing programming tasks without receiving the programming just the program, is similar to purchasing a book and instead of getting it, having someone call you up and read it you over the phone, real quick-like.
Whats better? To lose access for a bit until corrective measures can be taken or have that not so super random and long account password be brute forced overnight?
Doing this by host ip may be more granular however.
The less of these people on my net, the happier I will be. These are the spam zombies, html email senders, top posters, microserf addicts. WHo needs them? We will all be better off.
This is only a problem for those of us who like to see open source software become part of a proprietary commercial software offering. IOW, noone who agrees with RMS's views on the issue. So they will get what they asked for by not copylefting the software.
I for one think that much more important would be an update to the APT system that did these things much smoother than gets done today:
- Selection and failover (possibly using multiples) of different mirrors, automatically. I would rather not have to manage the source.list and I am quite sure no newb wants to, even from synaptic.
Settings up bittorrent trackers or gnuttella networks for this might be worthwhile as well.
- Dependency resolution has started to see some cracks. Virtual packages that force you to choose one manually and so on so forth.
- More cryptography signing and verification for packages.
- An easier way to search for available packages based upon filename, title, description, man pages provided so on so forth.
- a mode whereby you can safely schedule apt-get upgrade to run from cron. Currently thats not completely safe to do without any human interaction. Call it apt-get computer-upgrade.
- single step update and upgrade (apt-get update upgrade)
APT while revolutionary in its time is starting to show its age relative to what we should be able to expect today.
The last time a customer of mine turned that on, it generated double bounces up the wazoo for ME and forged headers and all kinds of nasty stuff.
I denied him outbound email till he swore never to turn it on again.
Dont attempt to fight abuse with more. Your abuse does not matter to the spackers and annoys the crap out of people who keep your email flowing.
This fellow hasnt gotten any spam since Dec 5? Strange that he attributes that the system being down for two days instead of to Exchanges 2003's (the version I presume he got upgraded to) improved anti-spam capabilities (read RBLs [which are extremely effective if you use enough of them]).
Those capabilities while nowhere near the flexibility of sendmail/milter/spamassasin/procmail or whatever else your OSS mix is are good enough that plenty of mail admins are now using it.
I find the talk of "bounce id" "message id" "email id" very naive. Spammers dont prune their email lists faithfully and they dont care about your bounces. (Even "legitimate" email lists often care nothing about bounces).
Lets here back from this fellow after he talks to his email admins (did not sound as if he is one) before he spins theories on why he has less spam.
I just hooked up my LG vx6000 phone to an updated Debian Sarge with a usb cable. I had to download, compile and load the 2.6 kernel module cdc-acm but after that the going was easy. #777 myphonenumber@vzw3g.com vzw and I am in.
Actually, everyone with experience on ms software knows two things: Reinstalling OS puts non corrupt versions of files on the system and hopefully fixes the so-complex-you-might-as-well-call-it-magic registry soup of interlocking relationships. Service Packs do much of the same. So yes, it is magic dust. Sometimes it works good and sometimes it works bad.
Seems to me (strictly from what I just read) that these changes will lead to users who just want their kernel to work will either either use their distro's or stay on 2.4
Seems to me that planning on NOT offering a usuable stable product and relying on significant and independant effort by third parties is not the way to go about keeping your users happy.
Seems to me that this will cause way more forking pressure. This may even open the possibility for a new vanilla stable kernel fork, not distro specific. Perhaps called 2.6-Stable?
When you have a bad feeling after reading the news, that usualy means the news was not good.
Brian,
I have followed your work and online "publications". Kudos to you and your work. The ignorant among here cam flame off all they want. "But But But you Cant BLOCK them!!!!"
Well you have my vote. Keep up the good work. Personally I think AHBL has to much patience. The less patience you have, the less stress. I live in fear of a time when blocklists admins throw in the towel, disgusted with the whole mess and lack of cooperation and appreciation. Its in my best for that not to happen.
Nobody want to take any responsibility for their own needs. You cant send mail because your ISP is on a list? That means that the destination has chosen a standard that YOU DONT MEET. DO SOMETHING about it, like complain to your ISP and stop supporting (indirectly) the breakage of the net.
The net as we knew it is gone. The time for tolerance is gone. We are facing a inevitable future where the net splits into factions. My vote will be for the faction that does not tolerate any abuse from anyone else.
There will emerge to parts of the net. Those that only communicate with the parts that are unabusive and themselves do not communicate with the abusive parts and the rest of the net which does.
Eventualy, everyone tired of the bird crap raining down on their network will cross over into the white.
The ignorant users living in (sofar) mostly blissfull protection by their overworked and underappreciated admins will be dragged kicking and screaming into this future, but there will be no choice.
He seems to be MIA from where I am sitting.
Your rules were a nice start. You however need to enforce them. Taking away computer priveleges for a week is a good start.
Did you ever think you would see the day where claiming the source of an email address that did not happen to be yours would be a crime?
SMTP has no concept of authenticating the source email address of an email message.
There are already laws on the books for all material crimes and damages that happen to be performed using the net as the medium.
Libel if you use the source address to libel people. Fraud if you use it to defraud people. Monetary damages if you intentionaly reverse-triggered a DDOS on someone.
AND the rest? Thats the price you pay for being on a network where convenience is the goal. Dont like it, get off. Everyone knows convenience and security do not mix well.
But 471 years on hacking charges?
This goes to underscore that the net is not some magical new world that needs new laws. What it needs is everyday laws being better enforced.
Technicaly speaking, rate-limiting bounces in mail servers would probaly prevent massive attacks like this.
Where is the class action suit by users and distributors of Linux against SCO for libel and FUD? Why are we not seeing "shit or get off the pot" legal action by any major US players?
I dont get it. Its perfectly legit for my server smtp.example.com to ehlo/helo to you as smtp.example.com and say mail from: me@example.net In fact most ISP's would not be able to send any mail anywhere unless they had a seperate system for each senders domain. Which when you consider that idealy your ISP should provide smtp relay services to you @ at whatevervaliddomainyouhave.com - since they control your net connection and can enforce an Acceptable Use Policy. Furthermore, if this became prevalent I would look up at hacking sendmail to ehlo as sender domain if it matched in class w so as to send to all the idiots out there my lusers want to talk to. You dont understand SMTP
The methods you ask for all currently exist in current smtp implementations. STARTTLS, SMTPAUTH and the like are all fairly prevalent in most MTA's. What you are really asking is for people to throw the switch and refuse to accept mail unless its been properly certified and authenticated with these methods. Considering how much agony goes into closing open relays the short answer is that it won't happen before Linux achieves World Domination
Everyone needs to learn that the world does not revolve around them. Respecting your elders and for that matter anyone else helps that. Idealy the explanation would be something offered to your child, but never demanded by your child.
Sure performance can be a bit rocky and one crash wipes the whole thing out - but I have been using this suite for years and I don't think I want to see it change this way.
And what I would like is a system which judges the songs you like by how often you listen to the ( entire | majority ) of the song before skipping/jumping elsewhere. Included in this calculation would be 'mood' determination based on your actions for the past x compared to what you did say yesterday - whihc you could then label what mood is what. Furthermore a system like should be able to statistacly realize when you ran to the john and left the thing playing or were in DHM and didnt realize how bad the crap playing in your ears actualy was. Use this to match up to others playlists, make shuffle mode more intelligent etc....
NEWSFLASH: They are all data cdr's. They are all music cdr's
Sure they have a reason. Digital Rights Management. Statistics. Directed Marketing. Enforcing Kiddie Porn.
When you have all the technical pieces fitting together, whats to stop them from doing what they want with submitted data and unique ID? I am sure you realize its a simple matter of OK we can get away with it now, press the record button on the admin page.
As if you would be able to tell the difference with your network sniffer?
I see no basis for us as end users to have any sort of faith in the 'Well sure we collect data on you. But we dont DO anything with it...let me sell you a fine bridge
pursuant to our current policy set by us, which may be changed at any point. This is not a guarantee. No goods and services were exchanged