The fact that many people these days happen to use Windows boxes that aren't intelligent enough to run a mail server is a new phenomon. Since time out of mind, UNIX boxes have been happily running their own mail servers, and have had no need of a mail gateway. This is not "incorrect" behavior, as you seem to enjoy implying, this is more traditionally correct than *not* running a mail server. I'm sorry if your experience is with admining a Windows-only network, but you're simply not correct with respect to the entire Internet.
Just because the RFCs allow it, doesn't mean that it has to be considered "valid"
The RFCs define what is a valid email, so yes it does. No one can make you accept it, but if you do not do so you aren't denying an invalid piece of mail -- you're violating standards on your own.
And your "solutions" are not acceptable to many people.
get a static IP from your ISP which they have not listed on the DUL
Not acceptable in many cases. Many ISPs do not provide static IPs, at least without paying more. This also denies you the modicum of privacy that dynamic IPs allow.
relay thorugh a static IP which is not listed on the DUL
Denies the use of end-to-end mailserver encryption, opens you to easy Carnivore poking around, makes it a PITA to remember to change gateways if you move from ISP to ISP, locks you in to your local ISP's gateway's mail delivery failure policy, makes it take longer for delivery failures to reach you (next time you check your mail), prevents you whether the mail is actually in the other person's box or not -- there are *no* time guarantees on how long a gateway will hold on to an email.
I despise the DUL. Every single bounced email I get from the DUL results in a complaint to the offending postmaster.
If the DUL was the only way to block spam, perhaps you'd have some argument, but there are good, *RFC-compliant* alternatives.
Actually, you're wrong. I had false-positives all last summer.
Dial-up users should never run their own mailserver without smart-host
Why the hell not? By running their own mail server without a gateway, they get immediate information about mail sending failures (instead of waiting to check their mail). They can determine what mail-send-failure policies they want to apply (instead of being stuck with their ISP's mail server's policies). They can use mailserver-mailserver encryption over SSL without exposing their mail to the local Carnivore-using ISP.
It's this kind of thinking that's going to wind everyone up using a single (required) mail gateway with port 25 outbound/inbound to other hosts blocked using a propriatary Outlook protocol (if "most people" use Outlook, why not require it?), all web access *required* to go through a proxy ("it's good enough for most people, so why not require it?"), and no other services allowed ("most people just use the Web and email, so why not disallow everything else").
The Internet is a *peer to peer network*. It's not a network where some hosts are intended to have special rights. By using the DUL, you violate the free spirit of the Internet and piss the shit out of every UNIX user out there that can actually handle sendmail or postfix or whatever it is that they're using.
The most entertaining thing I've noticed is that a *mail admin* is the one deciding to go with the DUL. These are the sorts of people who can and do use sendmail without a gateway on their own box. So either they're screwing over people like themselves, the technically capable, or they're just setting up an Exchange server, don't have a clue what they're doing, and are following some web page that's telling them how to "reduce spam".
The DUL is a fecking stupid POS service set up primarily to screw over the sorts of people that don't use Windows, don't sit behind a corporate firewall and don't shove all their stuff through a corporate mail gateway using Outlook.
The DUL is a system designed so that any mail incoming from any IP know to be a dial-up address is immediately dropped. Needless to say, it's not tremendously popular with those of us who move around from Internet connection to Internet connection and would prefer to just use the mail server on our computer instead of having to remember to change the mail gateway each time we move.
I had a friend that worked at Compaq all summer. They used the DUL, and though I could send mail to *everyone else I knew*, sending mail to him was just throwing mail into a black hole, since I was on a modem and the DUL flagged me. Frankly, I find it tremendously amusing that Compaq is now going under.
The DUL is pretty much designed solely to destroy the peer-to-peer nature of the Internet and force everyone to have an ISP with a mail gateway if they want to even send mail. What's next, requiring Web connections to come from a proxy, because any "worthwhile users" use a proxy and someone else might be just a worm spreading around?
I *hate* the DUL. It's caused me far more misery than all the spam I've ever recieved put together. If MAPS is taking it in the ass, I'm just going to sit here and chortle about it.
UNIX isn't perfect (needs per-user/per-process network access settings, and limitable access to syscalls and the like that get info about your computer -- Linux can already limit access to some syscalls), but it beats the shit out of Windows in terms of sandboxing. A suid nobody, chroot jail is pretty safe to run stuff in.
You know, this is just stupid. One of two things would happen if software companies had *required* liability and couldn't disclaim it.
A) Users would pay enough to cover insurance for liability costs. I'm not all that excited about the idea of software prices jumping up to four or five times current prices.
B) Companies would spend an inordinate amount of time finding loopholes so that users couldn't win a lawsuit.
Let the market decide. If users are really willing to pay for a warranty, then they can purchase only software with a warranty. If they don't consider it worth it, then they don't have to. Software companies (and anyone, for that matter) are already liable for malicious software. Making them provide a warranty is just silly.
Remember how much those stupid "extended warranties" cost on computers? That's how much extra everyone has to pay for their software.
Finally, if commercial software houses (which include things like single-person shareware companies) are required to cover damages and are not allowed to set the terms of liability, then I feel that the GPL-using community should be required to do the same. Fair is fair.
I feel that the current solution is better. If you want a warranty on your software, inform the company that you are willing to pay far more for liability insurance, and I suspect that they'll handle it if enough people really do want this. The problem is that you don't really want liability -- you just want companies to be liable *without* you having to pay more, which isn't possible.
Unless you are absolutely wedded to Outlook, there are good alternative programs. Mind you, I've been happily using mutt on Linux for a while, so my suggestions may be out of date, but:
* Eudora: this is a nice (very configurable, for a Win/Mac GUI program) mail client. Good filtering capabilities. Has a commercial version and a free version (without filtering abilities) called Eudora Lite.
* Netscape Communicator: Well, I suppose it's okay. Everyone and their brother already has it installed. Has support for SSL certs, though I kind of think that PGP is the way to go instead.
* Pegasus Mail: supposedly good -- I didn't like the interface much. Free.
* Mulberry: Good client if you're into IMAP -- if you're on a always-on Internet connection and move from computer to computer, like a LAN environment. Good security features.
There are also a lot more Windows and the Mac. Honestly, I don't know why so many people use Outlook -- it isn't the fastest, most scalable, most secure, or most powerful. Its interface isn't that incredible. It *is* installed by default on a lot of systems, but that's about it.
Instead of "deleting" Klez on your system, try the following procmail recipe to wipe out incoming klez before your mail program ever sees it:
:0 B * ^135AAItEjhyJRI8ci0SOGIlEjxiLRI4UiUSPFItEjhCJRI8Qi 0SODIlEjwyLRI4IiUSPCItE$ /dev/null
I use klez instead of/dev/null so that it all goes to one big junk mailbox. That way, if someday someone base64 encodes a file that has *exactly* this same line and emails it to me, unlikely as it may be, I'll still get to see it eventually.
Anyway, at least you won't have to keep deleting stuff. Using Linux/UNIX and not having the computer automatically do stuff for you is silly.
I agree with your point, but this particular bit doesn't quite ring true to me:
Certification make sense in a very limited set of professions where the practictioner will be doing something life-critical like cutting you open, or defending your freedom in court, or designing a bridge for you...with a very few exceptions, programming and sysadmin are not like this
So the answer is smarter traffic lights, not more lawbreaking.
And the problem is that there has to be a dividing line somewhere. Some people *will* try to go through a red light on a dark, rainy night with hedges blocking their view of the intersecting road. It's better to draw the line well on the side of safety.
Bus or bicycle are both options I've seen used. I suppose if you lived in a city, subway would also be an option.
You can also reduce pollution and traffic congestion by doing so.
People that protest these fines are broken
on
Traffic Cameras in D.C.
·
· Score: 2, Insightful
People who run red lights risk my life, and yours, not just their own
I agree completely. The number of people protesting actual *punishment* for running red lights here on Slashdot is disgusting. This is something that's easily avoidable (yes, you may have to going back to not accelerating when you see a yellow light), potentially fatal, and has a picture to allow human review if necessary.
So far this is the best solution to the problem. I say apply it until something better (like computer-driven cars) can be widely deployed.
This isn't a freedom issue or a tech issue. This isn't a "should music copy protection be allowed?" question, where the consequences aren't that awful one way or the other. This is about preventing people from committing a potentially fatal crime.
Interesting point there where it was pointed out that closed-source software has a habit of screwing over third-world countries. Yes, they get jobs with closed-source software, but mostly just jobs in basic IT work maintaining the software. With open source, it's much easier for small software companies to spring up in third world countries. As a matter of fact, the only country with a real benefit in keeping with MS's products is the US, because of the export dollars (and even the US is starting to consider the fact that perhaps, just perhaps, the inefficiency of allowing MS to monopolize the whole country may cost more than the loss of the export, or the anti-trust folks wouldn't be out in force).
one of the government's main roles is to protect us from each other -- and I include the unborn in that protection.
The government's main roles is to protect us from each other *because doing so benefits society*. If police protection went away, we'd fall back to the Dark Ages.
Frankly, using the cells of an already-dead blob of cells that may or may not be considered a human being is not likely to have much negative impact on society.
Ignoring performance, things that piss me off about IDE are:
* Devices blocking the bus while waiting for a read to complete. Stupid, and wasteful. SCSI lets other devices use the bus while the original device isn't actually doing anything with it. * Two bloody devices per IDE channel, two channels in a typical computer. If you want more, buy a card. This is just dumb...Intel recently designed the next-gen ATA spec, and sure enough, same limitations. Lets them happily price-discriminate and charge more for expensive business servers. With SCSI, I can pop in 15 devices, no problems, just plug it in and run. * IDE has no standard for external cabling. Sometimes you Really Do want an external device. With SCSI, no biggie. USB is just awful for this, Firewire is a bit pricy and isn't on-motherboard on most PCs. If you're currently using IDE, you're up for getting either a Firewire or SCSI card. * Most crap consumer drives can't generate an event when the eject button is pushed, requring the ATAPI CD-ROM drive driver to poll the drive constantly. This is such idiotic design that Linux doesn't even have a driver capable of unmounting and ejecting a disc in a drive with a locked (in use) door on an eject button press. I have hopes that SCSI works differently.
If drives spit back useful geometry info for once, Linux could reorder commands too, and with its greater amount of info about the system, probably beat drive reordering in performance.
Nah. Sooner or later they'll hire the lowest bidder for some sort of networking work, who will build something on top of 802.11b, neatly connecting them.:-)
Well, if your workstation is a nice stable Linux box in an urban area (i.e. no pickup truck drivers ramming over the only power line) running emacs, I don't see much of a reason to save for days.
And Word has plain idiotic handling of temp files. Microsoft, who pushes everyone else to use the bloody TEMP directory, can't manage to do so themselves.
I'll trust emacs' auto-backed up plain text. I dunno about some semi-saved partly binary stuff.
Are there *any* GUI mail clients with *good* gpg integration?
I'm pretty happy with mutt and don't intend to change, but there are a *lot* of people out there that use GUI clients, and having both evolution and kmail users unable to do simple stuff like GUI generation of keys and *especially automatic key lookups* is pretty non-optimal for many users.
The fact that many people these days happen to use Windows boxes that aren't intelligent enough to run a mail server is a new phenomon. Since time out of mind, UNIX boxes have been happily running their own mail servers, and have had no need of a mail gateway. This is not "incorrect" behavior, as you seem to enjoy implying, this is more traditionally correct than *not* running a mail server. I'm sorry if your experience is with admining a Windows-only network, but you're simply not correct with respect to the entire Internet.
Just because the RFCs allow it, doesn't mean that it has to be considered "valid"
The RFCs define what is a valid email, so yes it does. No one can make you accept it, but if you do not do so you aren't denying an invalid piece of mail -- you're violating standards on your own.
And your "solutions" are not acceptable to many people.
get a static IP from your ISP which they have not listed on the DUL
Not acceptable in many cases. Many ISPs do not provide static IPs, at least without paying more. This also denies you the modicum of privacy that dynamic IPs allow.
relay thorugh a static IP which is not listed on the DUL
Denies the use of end-to-end mailserver encryption, opens you to easy Carnivore poking around, makes it a PITA to remember to change gateways if you move from ISP to ISP, locks you in to your local ISP's gateway's mail delivery failure policy, makes it take longer for delivery failures to reach you (next time you check your mail), prevents you whether the mail is actually in the other person's box or not -- there are *no* time guarantees on how long a gateway will hold on to an email.
I despise the DUL. Every single bounced email I get from the DUL results in a complaint to the offending postmaster.
If the DUL was the only way to block spam, perhaps you'd have some argument, but there are good, *RFC-compliant* alternatives.
Actually, you're wrong. I had false-positives all last summer.
Dial-up users should never run their own mailserver without smart-host
Why the hell not? By running their own mail server without a gateway, they get immediate information about mail sending failures (instead of waiting to check their mail). They can determine what mail-send-failure policies they want to apply (instead of being stuck with their ISP's mail server's policies). They can use mailserver-mailserver encryption over SSL without exposing their mail to the local Carnivore-using ISP.
It's this kind of thinking that's going to wind everyone up using a single (required) mail gateway with port 25 outbound/inbound to other hosts blocked using a propriatary Outlook protocol (if "most people" use Outlook, why not require it?), all web access *required* to go through a proxy ("it's good enough for most people, so why not require it?"), and no other services allowed ("most people just use the Web and email, so why not disallow everything else").
The Internet is a *peer to peer network*. It's not a network where some hosts are intended to have special rights. By using the DUL, you violate the free spirit of the Internet and piss the shit out of every UNIX user out there that can actually handle sendmail or postfix or whatever it is that they're using.
The most entertaining thing I've noticed is that a *mail admin* is the one deciding to go with the DUL. These are the sorts of people who can and do use sendmail without a gateway on their own box. So either they're screwing over people like themselves, the technically capable, or they're just setting up an Exchange server, don't have a clue what they're doing, and are following some web page that's telling them how to "reduce spam".
what is the DUL
The DUL is a fecking stupid POS service set up primarily to screw over the sorts of people that don't use Windows, don't sit behind a corporate firewall and don't shove all their stuff through a corporate mail gateway using Outlook.
The DUL is a system designed so that any mail incoming from any IP know to be a dial-up address is immediately dropped. Needless to say, it's not tremendously popular with those of us who move around from Internet connection to Internet connection and would prefer to just use the mail server on our computer instead of having to remember to change the mail gateway each time we move.
I had a friend that worked at Compaq all summer. They used the DUL, and though I could send mail to *everyone else I knew*, sending mail to him was just throwing mail into a black hole, since I was on a modem and the DUL flagged me. Frankly, I find it tremendously amusing that Compaq is now going under.
The DUL is pretty much designed solely to destroy the peer-to-peer nature of the Internet and force everyone to have an ISP with a mail gateway if they want to even send mail. What's next, requiring Web connections to come from a proxy, because any "worthwhile users" use a proxy and someone else might be just a worm spreading around?
I *hate* the DUL. It's caused me far more misery than all the spam I've ever recieved put together. If MAPS is taking it in the ass, I'm just going to sit here and chortle about it.
UNIX isn't perfect (needs per-user/per-process network access settings, and limitable access to syscalls and the like that get info about your computer -- Linux can already limit access to some syscalls), but it beats the shit out of Windows in terms of sandboxing. A suid nobody, chroot jail is pretty safe to run stuff in.
I dunno, ten years in the clink (at *least*) for doing Melissa seems pretty harsh already. Melissa wasn't even malicious.
You know, this is just stupid. One of two things would happen if software companies had *required* liability and couldn't disclaim it.
A) Users would pay enough to cover insurance for liability costs. I'm not all that excited about the idea of software prices jumping up to four or five times current prices.
B) Companies would spend an inordinate amount of time finding loopholes so that users couldn't win a lawsuit.
Let the market decide. If users are really willing to pay for a warranty, then they can purchase only software with a warranty. If they don't consider it worth it, then they don't have to. Software companies (and anyone, for that matter) are already liable for malicious software. Making them provide a warranty is just silly.
Remember how much those stupid "extended warranties" cost on computers? That's how much extra everyone has to pay for their software.
Finally, if commercial software houses (which include things like single-person shareware companies) are required to cover damages and are not allowed to set the terms of liability, then I feel that the GPL-using community should be required to do the same. Fair is fair.
I feel that the current solution is better. If you want a warranty on your software, inform the company that you are willing to pay far more for liability insurance, and I suspect that they'll handle it if enough people really do want this. The problem is that you don't really want liability -- you just want companies to be liable *without* you having to pay more, which isn't possible.
Unless you are absolutely wedded to Outlook, there are good alternative programs. Mind you, I've been happily using mutt on Linux for a while, so my suggestions may be out of date, but:
* Eudora: this is a nice (very configurable, for a Win/Mac GUI program) mail client. Good filtering capabilities. Has a commercial version and a free version (without filtering abilities) called Eudora Lite.
* Netscape Communicator: Well, I suppose it's okay. Everyone and their brother already has it installed. Has support for SSL certs, though I kind of think that PGP is the way to go instead.
* Pegasus Mail: supposedly good -- I didn't like the interface much. Free.
* Mulberry: Good client if you're into IMAP -- if you're on a always-on Internet connection and move from computer to computer, like a LAN environment. Good security features.
There are also a lot more Windows and the Mac. Honestly, I don't know why so many people use Outlook -- it isn't the fastest, most scalable, most secure, or most powerful. Its interface isn't that incredible. It *is* installed by default on a lot of systems, but that's about it.
Instead of "deleting" Klez on your system, try the following procmail recipe to wipe out incoming klez before your mail program ever sees it:
i 0SODIlEjwyLRI4IiUSPCItE$
/dev/null so that it all goes to one big junk mailbox. That way, if someday someone base64 encodes a file that has *exactly* this same line and emails it to me, unlikely as it may be, I'll still get to see it eventually.
:0 B
* ^135AAItEjhyJRI8ci0SOGIlEjxiLRI4UiUSPFItEjhCJRI8Q
/dev/null
I use klez instead of
Anyway, at least you won't have to keep deleting stuff. Using Linux/UNIX and not having the computer automatically do stuff for you is silly.
I agree with your point, but this particular bit doesn't quite ring true to me:
Certification make sense in a very limited set of professions where the practictioner will be doing something life-critical like cutting you open, or defending your freedom in court, or designing a bridge for you...with a very few exceptions, programming and sysadmin are not like this
How much software can we really afford to have fail? How many people that don't really know what they're doing can we handle. The Therac-25 incidents don't make me feel any happier -- programmers hack out something and then end users get the product and simply rely on it not to fail. In a lot of cases, this trust is not warranted.
now the whole thing's been plastered all over the New York Times
Yes, but some of us *don't like to read* the New York Times, due to a certain mandantory registration process.
Please avoid posting links to nytimes.com in story posts in the future. Thank you.
check filesearching.com for redhat 7.2 mirrors, and try 'em until you find one with 7.3
So the answer is smarter traffic lights, not more lawbreaking.
And the problem is that there has to be a dividing line somewhere. Some people *will* try to go through a red light on a dark, rainy night with hedges blocking their view of the intersecting road. It's better to draw the line well on the side of safety.
Bus or bicycle are both options I've seen used. I suppose if you lived in a city, subway would also be an option.
You can also reduce pollution and traffic congestion by doing so.
People who run red lights risk my life, and yours, not just their own
I agree completely. The number of people protesting actual *punishment* for running red lights here on Slashdot is disgusting. This is something that's easily avoidable (yes, you may have to going back to not accelerating when you see a yellow light), potentially fatal, and has a picture to allow human review if necessary.
So far this is the best solution to the problem. I say apply it until something better (like computer-driven cars) can be widely deployed.
This isn't a freedom issue or a tech issue. This isn't a "should music copy protection be allowed?" question, where the consequences aren't that awful one way or the other. This is about preventing people from committing a potentially fatal crime.
Sad but true. This guy may be the most on-top-of-things tech legislator I've seen so far.
I'd be in favor of abducting him and making him a US president, not just a senator.
Hmm...and this guy has a doctorate. Let's compare that to Dubya...
Interesting point there where it was pointed out that closed-source software has a habit of screwing over third-world countries. Yes, they get jobs with closed-source software, but mostly just jobs in basic IT work maintaining the software. With open source, it's much easier for small software companies to spring up in third world countries. As a matter of fact, the only country with a real benefit in keeping with MS's products is the US, because of the export dollars (and even the US is starting to consider the fact that perhaps, just perhaps, the inefficiency of allowing MS to monopolize the whole country may cost more than the loss of the export, or the anti-trust folks wouldn't be out in force).
one of the government's main roles is to protect us from each other -- and I include the unborn in that protection.
The government's main roles is to protect us from each other *because doing so benefits society*. If police protection went away, we'd fall back to the Dark Ages.
Frankly, using the cells of an already-dead blob of cells that may or may not be considered a human being is not likely to have much negative impact on society.
Ignoring performance, things that piss me off about IDE are:
* Devices blocking the bus while waiting for a read to complete. Stupid, and wasteful. SCSI lets other devices use the bus while the original device isn't actually doing anything with it.
* Two bloody devices per IDE channel, two channels in a typical computer. If you want more, buy a card. This is just dumb...Intel recently designed the next-gen ATA spec, and sure enough, same limitations. Lets them happily price-discriminate and charge more for expensive business servers. With SCSI, I can pop in 15 devices, no problems, just plug it in and run.
* IDE has no standard for external cabling. Sometimes you Really Do want an external device. With SCSI, no biggie. USB is just awful for this, Firewire is a bit pricy and isn't on-motherboard on most PCs. If you're currently using IDE, you're up for getting either a Firewire or SCSI card.
* Most crap consumer drives can't generate an event when the eject button is pushed, requring the ATAPI CD-ROM drive driver to poll the drive constantly. This is such idiotic design that Linux doesn't even have a driver capable of unmounting and ejecting a disc in a drive with a locked (in use) door on an eject button press. I have hopes that SCSI works differently.
If drives spit back useful geometry info for once, Linux could reorder commands too, and with its greater amount of info about the system, probably beat drive reordering in performance.
Nah. Sooner or later they'll hire the lowest bidder for some sort of networking work, who will build something on top of 802.11b, neatly connecting them. :-)
Naw, they just contain IBM hard drives.
Regression tests are no fun. Open Source is about having fun writing software.
The easier the test-suite-making-tools are, the better.
Well, if your workstation is a nice stable Linux box in an urban area (i.e. no pickup truck drivers ramming over the only power line) running emacs, I don't see much of a reason to save for days.
And Word has plain idiotic handling of temp files. Microsoft, who pushes everyone else to use the bloody TEMP directory, can't manage to do so themselves.
I'll trust emacs' auto-backed up plain text. I dunno about some semi-saved partly binary stuff.
Maybe the number was cached.
Are there *any* GUI mail clients with *good* gpg integration?
I'm pretty happy with mutt and don't intend to change, but there are a *lot* of people out there that use GUI clients, and having both evolution and kmail users unable to do simple stuff like GUI generation of keys and *especially automatic key lookups* is pretty non-optimal for many users.