Where does 95% of spam come from?
Depends on the time of year - Lately, 80% of the spam attempts our system is rejecting come from U.S.-based broadband connections, using proxy connections. I've added over 20,000 new proxies to our local block list in the last 3 weeks.
Pricing problem
on
Kylix in Limbo
·
· Score: 2, Insightful
I see the failure of Kylix to sell as one of pricing, as do many others. Sure, there's a free "open edition", but it is limited in what it can do. If you want to do development work for apache, though, you need the "Enterprise" edition... Pro won't do.
We do a lot of work with Delphi. We are accustomed to the prices of their "Pro" editions, and they've always done what we needed to do... "Enterprise" was a waste of money for us. Now, though, to do the same development work under Linux as we do in Windows, the cost would be doubled, JUST because we're developing database applications for a web site, instead of a Win32 desktop.
So, we'll continue to use Delphi for Windows work, and PHP for Linux/apache. It's worked well. Kylix became a non-issue, because essential-to-us features were picked by some marketing type to be "Enterprise" level.
Oh, so it was OK when Saddam's people tortured and killed civilians, but it's bad that we're trying to kill and capture the ones who did it?
Someone called me a deluded fool... I guess those of us who aren't blinded to the facts by a deep-seated hatred of George Bush for beating Al Gore are all fools in your world...
If you control an MX, please configure it to issue a 550 error during the connection if you can't deliver the message instead of accepting it and then bouncing to what you almost certainly know is an innocent party.
In other words, do NOT attach a Microsoft Exchange Server to internet!
[actually, Exchange is just the most popular MTA that has no easy way to stop this behaviour, but there are others. Any MTA that doesn't have access to the a local delivery list will do it.]
Then his father needs to step up to the plate and get the guy some help.
In today's world, it is virtually impossible to force someone to get help. Courts no longer order even psych exams, let alone confinement, unless someone has demonstrated violence towards others. It no longer matters that forcing such help might cure the person, or help them maintain what sanity they retain...
I don't call anti-war people traitors. I just ask them if their reasons for opposing the war is because they support the oppression, murder, and general mayhem being purpetrated in Iraq, or is it just because they hate people named George Bush?
So far, I've been told that it is because Bush lied about everything, even though they believed the same "lies" when Bill Clinton announced them 5 years ago. And that, if we'd only continued the U.N. inspections and embargo, Saddam would have relented and freed his people without violence.
They cite the news about "no WMDs found!", while ignoring the news about finding the labs to develop them, the people who worked on them, and the documentation of their development. They also ignore the fact that Iraq admitted to the U.N. that they had biological weapons, had previously used bio- and chemical-weapons on their own people, and publicly promised to use them on U.S. troops if we invaded...
Some say we can't show a connetion between Iraq and terrorist attacks against the U.S. I disagree with that assertion, but let's ignore it for now - and ask, "How many countries have people with liberal agendas DEMANDED we send troups into to stamp out human rights abuses far less severe than Saddam committed against the people of Iraq over the last 30 years?" I can think of several this year!
Iraq is poised to experience freedoms that have been denied them for decades - some say centuries. The people over there appreciate this... Many here, though, do not!
I don't think it is the learning curve, per se... I made the change-over to 2.x with few problems, other than some security issues that are outside of apache's control (Mandrake 9.x won't allow apache to run CGI without as-yet-unfound configuration changes).
The main problem is that some things written for apache 1.x do not work under 2.x, or have significant problems. PHP was one of them; other modules have been problematic, too. Once PHP ran acceptably, we switched...
This is a problem I've had with biofuels... There really isn't as much "agricultural waste" as many people seem to think.
In modern farming, much of what is thought to be "waste" is reused already. Most silage gets re-incorporated into the soil, to replace or reduce the need for chemical fertilizers. Other silage is used as animal bedding (as is used paper, in some cases), and the "soiled" bedding gets used as fertilizer. Many other forms of "waste" are find their way back into the soil.
Take away this "waste" to make biofuels, and it has to be replaced. That means chemical fertilizers which can run off more easily, and cause problems downstream.
I guess this is just restating that there is no such thing as a "free lunch". Biofuels are likely the most efficient way to utilize solar power for the foreseable future, but fossil fuels (which will still be fossil fuels, even if we don't burn them) are an important part of our lives today.
Plus, just think - burning fossil fuels is returning to the atmosphere all that CO2 that those prehistoric plants scrubbed out eons ago; we're just returning earth to where it was a few million years ago!
... when you're dealing with people who don't take email seriously. We just got acknowledgement of an email request on a show-stopping problem, as it worked its way up the corporate ladder; it's already 5 business days old, and JUST reached the boss of the person who may have the information we need, even though the server delivered it to his mailbox within minutes of it being sent.
How hard would it be to allow volunteers, preferably at large corporates and ISPs to download the entire zonefile contents via DNS AXFR (or whatever), in return for hosting a mirror server complete with another A record for "bl.dnsblacklist.com"?
Most popular ones are mirrored. But, the distributed attacks can be mounted from MILLIONS of machines, based upon the number of SOBIG infections... how can a few dozen mirrors protect against that?
... for people like you, who complain about collateral damage. With RBLs, you DO have a central place to contact for complaints. However, as they are forced out of existance, guess what replaces them?
If you came up with "private ISP antispam lists", you win a cookie... which expires in July 2038. I have over 70,000 IPs and subnets, up to/8's, in our private list. Currently, it traps more spammers than the RBLs do.
If your subnet gets in it, which is getting easier to do as the onslaught of proxies on DSLs (thanks to SOBIG.x), you don't even KNOW who I am to get off of it, or who I might share it with, or what domains are covered by it, and how many thousand others there are to figure out how to contact when your mail stops going through.
Today, I added nearly 600 proxies to our list; it was a relatively slow day. It's not all that likely that YOU personally will be blocked by MY list, but there are thousands of them out there, and it's likely that you'll hit one in the near future. We never thought of having our own lists before ORBS was taken out; now, we wouldn't be without them!
Any company that has a former SCO or Caldera programmer on staff has an open vulnerability on all projects those employees work on, in that SCO just might decide to sue them on the basis that the former employee may have tainted their code with SCO IP...
You have the right to speak your opinion. You do not have the right to force anyone else to listen to you. It is my right to block what I don't want to read... which includes spam, as I define it.
The PRC does not have our Constitution. Their government plays by different rules. They've decided to take a stand against having their country blocked (nearly) universally by people like myself. It's not going to help, since most of the traffic from China is going through mismanaged net-connected computers, rather than specially set up "spam ISPs"...
Re:Thats how you pay for "products"
on
Mandrake 9.2 RC1
·
· Score: 1
How is it NOT helping the open-source movement when we buy products through retail outlets, even though we buy direct from Mandrake?
Subscribing to Mandrake Club benefits ONLY Mandrake. Buying Mandrake at Best Buy or Borders or ??? may not bring as much revenue to Mandrake, but it makes them more willing to put other open-source products on their shelves.
BEING on shelves in a retail store gives a heck of a lot more exposure to OS projects than SlashDot stories could ever hope to give, with the people we're trying to convince OS is a "good thing". How many MSOffice users even considered StarOffice when it was just something to download, as opposed to being available when you walk into Best Buy, complete with a printed manual?
Don't disregard the retail channel just because Mandrake only gets half the money!
Re:Thats how you pay for "products"
on
Mandrake 9.2 RC1
·
· Score: 1
Strange... the invoices say Mandrake on it, and it arrived from France... we pay list price, directly to Mandrake (no middle people), meaning they get it all. In fact, they get the money in advance, because we pre-order.
Re:Please join the mandrake club.
on
Mandrake 9.2 RC1
·
· Score: 1
Dont just "steal" Linux, join the club and help pay for development of future versions of Linux Mandrake.
Um, I thought our practice of buying the top-of-the-line retail package was the proper way to "pay for development" of Mandrake?
I dumped sendmail and my unsuccessful attempts to compile qmail (no binary distributions allowed) when I "accidentally" discovered that one of my Mandrake installs had a working, non-relaying mail server running, without my having to configure it... it was postfix.
Subsequently, our shop has standardized on postfix for the MTA, but not for deliverying mail to users. For that, we use dbmail, which uses either MySQL or PostGres as the mail storage handler.
As part of building postfix and dbmail to work together, I found that a LOT of things become easier with postfix when it has SQL support... using MySQL to host the transport table (doubles as the mydestination table), virtual domains can be added without even restarting the daemons; just add them to the table.
dbmail makes it possible to have overlapping user namespaces, if your users will tolerate login IDs of 'user@domain.tld' instead of juse 'user'. Postfix uses dbmail's alias table to determine if an address is local, so that it won't accept mail for non-existant addresses (one of the popular ways to bypass anti-relaying in Exchange and other MTAs that don't vet the destination address when accepting mail).
All of my postfix non-regexp spam filters are stored in MySQL, so that I never have to run postmap.
All in all, postfix was a good choice for me. Even though I can't use the default binary distribution anymore, it's been pretty easy to deal with. Wish I could have said the same about qmail... never did get that to compile to a usable configuration, despite the book...
One of the problems with open source packages are dependencies... One program I used to keep track of requires you download and install, from various sources, at least three and up to over a dozen other packages to install it. Many of the required packages are already installed on my system as part of the Mandrake or RedHat install... but not the source code for them, so I can't install the desired program until I gather the other parts.
Ever try to gather all the parts needed to compile PHP? I have - we needed the calendar functions which, for some reason, aren't included in most Linux binaries. It didn't complile properly, though; we ended up implementing the needed functionality as part of the scripts themselves, rather than relying upon the "buildable-in" versions.
Binary distributions aren't evil, just because they're binary. If you feel this way, I hope you don't accept those binary installation disks for Linux, since the only safe way to install it is to compile it completely from source, and hand-copy it to a virgin hard drive...
We have several specially-encoded email addresses on our web pages, and they started getting spam 2 weeks after we implemented them. Not nearly as much as the "spike" addresses (like discussed in the article) that we've inserted for well over 18 months, but 5 or 6 per week.
We started encoding the date/time/IP into spike addresses in August of 2001, and we still get hits on addresses from that month. We started obscuring contact addresses in January of this year, and those addresses get less spam than the unencoded addresses they replaced, but they do get spammed.
... that a "caldera" is what is left after a volcano explodes?
Quoting from the Miriam Webster Website:
"a volcanic crater that has a diameter many times that of the vent and is formed by collapse of the central part of a volcano or by explosions of extraordinary violence."
They bought SCO, and are now living up to their name...
Unfortunately, the Knowledge Base article isn't currently available... But, I did manage to find a copy of it in the GOOGLE cache.
However, it wouldn't apply to my situation, because it's patching Win2K clients, and we're dealing with Win9x clients on the data files. Drat! I really want to get that NT4 box out of my hair!
When I was in school, we didn't have an affliction named "ADHD", or its predecessor, "ADD". Looking back, if I were in school now, I'd be on prescribed medication, based upon my behaviour; then, teachers simply tried to find ways to keep me interested.
How do I deal with this "problem" now? To be honest, it's become one of the things that keeps me in demand with my customers! It's called "multitasking" by some - the ability to seemingly work on several things at once.
Tech support call coming in while I'm coding? Hey - that's what being able to open multiple windows are for! If I were on the drugs to "fix" this problem, would I still be able to code a graphics application while explaining the inner workings of an industrial washing machine to a customer in Canada? No? Oh, my... have to close one business...
Personal opinion - too many people are far too willing to through chemicals at perceived problems, be they doctors and parents dealing with a kid they've tagged as "ADHD", or that kid taking "recreational drugs" to deal with his/her stupid parents trying to dope them up.
Personal observation - a friend recently put his daughter on ADHD medication. It has helped a lot with her school work. But, they have to be careful about the dosage and timing; if they give it to her too early, she's a terror before bed, but too late, and she can't sleep.
Which is a better situation? I don't know. Part of what channeled my "energy" into productive enterprises was parental discipline ("This looks like a good MILITARY ACADEMY for you to go to IF YOU DON'T START DOING YOUR SCHOOL WORK!") and expectations. And, frankly, work. If I didn't complete my homework and get good grades, I didn't get to do things to make money, which meant that I didn't get to do FUN things, like going to movies. Being sent to my room was punishment, because there was NOTHING TO DO; today, it's just isolation from the noisy parents while you play with your 2,000 toys... Punishment is limiting them to 1 hour of internet a day!
On the lighter side, have you noticed that those of us who are ADHD and Obsessive Compulsive can be OC about a lot more things than the average OC? B=)
I can see where a more efficient directory structure might be helpful, but... will they continue to sacrifice file access speed for file search speed?
I recently installed a Win2K server that is blindingly fast at finding documents and such... but horridly slow at serving up portions of files, for things like legacy database programs. Three of the customer's applications started running at 1/4 speed.
It got so bad, even after all the "fix win2k speed" patches, that we re-introduced the 200MHz NT4 server to feed the database apps, and the dual-processor 2GHz system just serves up documents!
Slashdot Mirror
Where does 95% of spam come from? Depends on the time of year - Lately, 80% of the spam attempts our system is rejecting come from U.S.-based broadband connections, using proxy connections. I've added over 20,000 new proxies to our local block list in the last 3 weeks.
We do a lot of work with Delphi. We are accustomed to the prices of their "Pro" editions, and they've always done what we needed to do... "Enterprise" was a waste of money for us. Now, though, to do the same development work under Linux as we do in Windows, the cost would be doubled, JUST because we're developing database applications for a web site, instead of a Win32 desktop.
So, we'll continue to use Delphi for Windows work, and PHP for Linux/apache. It's worked well. Kylix became a non-issue, because essential-to-us features were picked by some marketing type to be "Enterprise" level.
Someone called me a deluded fool... I guess those of us who aren't blinded to the facts by a deep-seated hatred of George Bush for beating Al Gore are all fools in your world...
In other words, do NOT attach a Microsoft Exchange Server to internet!
[actually, Exchange is just the most popular MTA that has no easy way to stop this behaviour, but there are others. Any MTA that doesn't have access to the a local delivery list will do it.]
In today's world, it is virtually impossible to force someone to get help. Courts no longer order even psych exams, let alone confinement, unless someone has demonstrated violence towards others. It no longer matters that forcing such help might cure the person, or help them maintain what sanity they retain...
So far, I've been told that it is because Bush lied about everything, even though they believed the same "lies" when Bill Clinton announced them 5 years ago. And that, if we'd only continued the U.N. inspections and embargo, Saddam would have relented and freed his people without violence.
They cite the news about "no WMDs found!", while ignoring the news about finding the labs to develop them, the people who worked on them, and the documentation of their development. They also ignore the fact that Iraq admitted to the U.N. that they had biological weapons, had previously used bio- and chemical-weapons on their own people, and publicly promised to use them on U.S. troops if we invaded...
Some say we can't show a connetion between Iraq and terrorist attacks against the U.S. I disagree with that assertion, but let's ignore it for now - and ask, "How many countries have people with liberal agendas DEMANDED we send troups into to stamp out human rights abuses far less severe than Saddam committed against the people of Iraq over the last 30 years?" I can think of several this year!
Iraq is poised to experience freedoms that have been denied them for decades - some say centuries. The people over there appreciate this... Many here, though, do not!
The main problem is that some things written for apache 1.x do not work under 2.x, or have significant problems. PHP was one of them; other modules have been problematic, too. Once PHP ran acceptably, we switched...
In modern farming, much of what is thought to be "waste" is reused already. Most silage gets re-incorporated into the soil, to replace or reduce the need for chemical fertilizers. Other silage is used as animal bedding (as is used paper, in some cases), and the "soiled" bedding gets used as fertilizer. Many other forms of "waste" are find their way back into the soil.
Take away this "waste" to make biofuels, and it has to be replaced. That means chemical fertilizers which can run off more easily, and cause problems downstream.
I guess this is just restating that there is no such thing as a "free lunch". Biofuels are likely the most efficient way to utilize solar power for the foreseable future, but fossil fuels (which will still be fossil fuels, even if we don't burn them) are an important part of our lives today.
Plus, just think - burning fossil fuels is returning to the atmosphere all that CO2 that those prehistoric plants scrubbed out eons ago; we're just returning earth to where it was a few million years ago!
If I find Gator on a system, it's zapped!
... when you're dealing with people who don't take email seriously. We just got acknowledgement of an email request on a show-stopping problem, as it worked its way up the corporate ladder; it's already 5 business days old, and JUST reached the boss of the person who may have the information we need, even though the server delivered it to his mailbox within minutes of it being sent.
Most popular ones are mirrored. But, the distributed attacks can be mounted from MILLIONS of machines, based upon the number of SOBIG infections... how can a few dozen mirrors protect against that?
If you came up with "private ISP antispam lists", you win a cookie... which expires in July 2038. I have over 70,000 IPs and subnets, up to /8's, in our private list. Currently, it traps more spammers than the RBLs do.
If your subnet gets in it, which is getting easier to do as the onslaught of proxies on DSLs (thanks to SOBIG.x), you don't even KNOW who I am to get off of it, or who I might share it with, or what domains are covered by it, and how many thousand others there are to figure out how to contact when your mail stops going through.
Today, I added nearly 600 proxies to our list; it was a relatively slow day. It's not all that likely that YOU personally will be blocked by MY list, but there are thousands of them out there, and it's likely that you'll hit one in the near future. We never thought of having our own lists before ORBS was taken out; now, we wouldn't be without them!
Any company that has a former SCO or Caldera programmer on staff has an open vulnerability on all projects those employees work on, in that SCO just might decide to sue them on the basis that the former employee may have tainted their code with SCO IP...
The PRC does not have our Constitution. Their government plays by different rules. They've decided to take a stand against having their country blocked (nearly) universally by people like myself. It's not going to help, since most of the traffic from China is going through mismanaged net-connected computers, rather than specially set up "spam ISPs"...
Subscribing to Mandrake Club benefits ONLY Mandrake. Buying Mandrake at Best Buy or Borders or ??? may not bring as much revenue to Mandrake, but it makes them more willing to put other open-source products on their shelves.
BEING on shelves in a retail store gives a heck of a lot more exposure to OS projects than SlashDot stories could ever hope to give, with the people we're trying to convince OS is a "good thing". How many MSOffice users even considered StarOffice when it was just something to download, as opposed to being available when you walk into Best Buy, complete with a printed manual?
Don't disregard the retail channel just because Mandrake only gets half the money!
Strange... the invoices say Mandrake on it, and it arrived from France... we pay list price, directly to Mandrake (no middle people), meaning they get it all. In fact, they get the money in advance, because we pre-order.
Um, I thought our practice of buying the top-of-the-line retail package was the proper way to "pay for development" of Mandrake?
I dumped sendmail and my unsuccessful attempts to compile qmail (no binary distributions allowed) when I "accidentally" discovered that one of my Mandrake installs had a working, non-relaying mail server running, without my having to configure it... it was postfix. Subsequently, our shop has standardized on postfix for the MTA, but not for deliverying mail to users. For that, we use dbmail, which uses either MySQL or PostGres as the mail storage handler. As part of building postfix and dbmail to work together, I found that a LOT of things become easier with postfix when it has SQL support... using MySQL to host the transport table (doubles as the mydestination table), virtual domains can be added without even restarting the daemons; just add them to the table. dbmail makes it possible to have overlapping user namespaces, if your users will tolerate login IDs of 'user@domain.tld' instead of juse 'user'. Postfix uses dbmail's alias table to determine if an address is local, so that it won't accept mail for non-existant addresses (one of the popular ways to bypass anti-relaying in Exchange and other MTAs that don't vet the destination address when accepting mail). All of my postfix non-regexp spam filters are stored in MySQL, so that I never have to run postmap. All in all, postfix was a good choice for me. Even though I can't use the default binary distribution anymore, it's been pretty easy to deal with. Wish I could have said the same about qmail... never did get that to compile to a usable configuration, despite the book...
Ever try to gather all the parts needed to compile PHP? I have - we needed the calendar functions which, for some reason, aren't included in most Linux binaries. It didn't complile properly, though; we ended up implementing the needed functionality as part of the scripts themselves, rather than relying upon the "buildable-in" versions.
Binary distributions aren't evil, just because they're binary. If you feel this way, I hope you don't accept those binary installation disks for Linux, since the only safe way to install it is to compile it completely from source, and hand-copy it to a virgin hard drive...
... is that I can never get it back from people who "borrow it for a few days".
We started encoding the date/time/IP into spike addresses in August of 2001, and we still get hits on addresses from that month. We started obscuring contact addresses in January of this year, and those addresses get less spam than the unencoded addresses they replaced, but they do get spammed.
Quoting from the Miriam Webster Website:
"a volcanic crater that has a diameter many times that of the vent and is formed by collapse of the central part of a volcano or by explosions of extraordinary violence."
They bought SCO, and are now living up to their name...
However, it wouldn't apply to my situation, because it's patching Win2K clients, and we're dealing with Win9x clients on the data files. Drat! I really want to get that NT4 box out of my hair!
How do I deal with this "problem" now? To be honest, it's become one of the things that keeps me in demand with my customers! It's called "multitasking" by some - the ability to seemingly work on several things at once.
Tech support call coming in while I'm coding? Hey - that's what being able to open multiple windows are for! If I were on the drugs to "fix" this problem, would I still be able to code a graphics application while explaining the inner workings of an industrial washing machine to a customer in Canada? No? Oh, my... have to close one business...
Personal opinion - too many people are far too willing to through chemicals at perceived problems, be they doctors and parents dealing with a kid they've tagged as "ADHD", or that kid taking "recreational drugs" to deal with his/her stupid parents trying to dope them up.
Personal observation - a friend recently put his daughter on ADHD medication. It has helped a lot with her school work. But, they have to be careful about the dosage and timing; if they give it to her too early, she's a terror before bed, but too late, and she can't sleep.
Which is a better situation? I don't know. Part of what channeled my "energy" into productive enterprises was parental discipline ("This looks like a good MILITARY ACADEMY for you to go to IF YOU DON'T START DOING YOUR SCHOOL WORK!") and expectations. And, frankly, work. If I didn't complete my homework and get good grades, I didn't get to do things to make money, which meant that I didn't get to do FUN things, like going to movies. Being sent to my room was punishment, because there was NOTHING TO DO; today, it's just isolation from the noisy parents while you play with your 2,000 toys... Punishment is limiting them to 1 hour of internet a day!
On the lighter side, have you noticed that those of us who are ADHD and Obsessive Compulsive can be OC about a lot more things than the average OC? B=)
I recently installed a Win2K server that is blindingly fast at finding documents and such... but horridly slow at serving up portions of files, for things like legacy database programs. Three of the customer's applications started running at 1/4 speed.
It got so bad, even after all the "fix win2k speed" patches, that we re-introduced the 200MHz NT4 server to feed the database apps, and the dual-processor 2GHz system just serves up documents!