So what kind of devices would you envision that run Linus? As he moves freely around (no wires or tubes) the only thing I could imagine runs him would be a pacemaker, but I've never heard of him having any heart problems
Labels for loops?. I don't think we're talking about the same language. In C (as it is in K&R2 not sure about what the C99 standard says) break stands alone (no way to specify a label).
Other languages may allow them (such as java and perl) and the syntax differs. In perl you would put the label on the loop (but use the statement 'last' instead of 'break') as you do, but in java you would put the label after the loop (or risk an infinite loop as it would just start over again, unless the compiler chokes on that).
Anyway my point is (and was) that somethimes there is no other way to break out of nested loops (when the language provides none) and you have to resort to goto (or a kludge)
Another exaample of situations when goto is appropriate is breaking out of nested loops. Instead of writing something simple like:
for (i = 0; i <= x, ++i){ for (j = 0; j <= y; ++j) { do_stuff(i,j); if (condition()) goto double_break; } } double_break:
They end up with some ugly cludge, probably checking the exit condition several times (which is bad if the check is expensive) instead of storing the result.
It sounds more than plasubile to me. So, I'm curious. You propose to try, by social pressure, to force *every single* domain to disallow non-SPF email?
Well not really social pressure. When enough people remove themselves as targets for having the from domain faked, the chances that the remaining domains will be targeted is greater. I wouldn't want to remain standing as all others drop to the floor when the bank robbers enter:)
It doesn't work. You must have a system that does not require Internet-wide perfect cooperation.
Again you're looking for that silver bullet. SPF can't be used alone (unless we lived in a perfect world, bet then there would be no spammers) SPF gives us one more thing to filter and score based on, but your filters have to be set up with the assumption that there are domains without SPF or with misconfigured SPF:
Mail from doman with SPF, sender is allowed by SPF record => low probability of spam
Mail from domain without SPF => medium probability of spam
Mail from domain with open SPF record => medium probability of spam
Mail from domain with SPF, sender disallowed by SPF record => high probability of spam
Obviously you have to filter/score on other things too
There are existing, workable systems that don't require an iota of effort on the part of the domain mail admin that work fine. One would be to slap a "X-Fromme:" header in all your emails with a secret in it, or hash of a tuple of the to address and a secret, or whatever makes you happy, and have procmail or whatever system floats your boat. It can all be done without leaving the client or screwing with existing infrastructure
I can't see how that is going to prevent anyone from faking the addresses, it would make it easier to filter out bounces to mail I didn't send if that was what you were thinking about. But how would it help with the bandwith cost of the bounces from a joe-job?
Users will *not* see less spam when they do this unless everyone implements.
You are correct, but only if you assume that the users won't be using additional ways of filtering, and feeds the result of the SPF check as input to that filtering
You must admit one of two things. Either (a) people don't have to deploy SPF records, and SPF is not an antispam system, or (b) SPF requires everyone to completely and fully deploy and it is not workable (no system requiring all nodes to be trusted and not screw up that I know of has ever worked).
(a2) people don't have to deploy SPF records, and SPF is not an antispam system by itself
Suppose you spoof a little DNS record or two, setting a high TTL on cacheable lifetime, and manage to make AOL's main mailserver think that MSN's SPF record says that the only legitimate mailserver is somewhere in Korea.
People that can't trust their DNS servers not to cache bogus responses to DNS queries shouldn't depend on DNS for anything, they certainly shouldn't be dumping incoming mail based on it.
You think it's "fun" getting off the blacklist for RBL because some dipshit on your network screwed up now, wait until everyone' using *domain-level* reputation, and any person at your enterprise-class company can screw your domain's reputation over severely, and kill your domain's mail privileges.
Not fun no, I've heard the stories
Obviously a company should have a policy that does everything to prevent this. But that can happen with or without SPF with todays IP blocklists
Especially nasty if that one person is completely innocent, but happens to be using a Windows laptop that picks up a worm...but *that* wouldn't ever happen, would it?
Not so innocent if that person broke company security policy by disabling virus checks, or installed downloaded software from shady sites. It won't happen again after you fire the first one.
Your ISP can't do a thing about what senders are valid for your work email address.
When i said ask them nicely I ment it. You just didn't realize what you're supposed to ask. You need to explain to them (politely) that you need to access port 25 on your work mailserver or they will lose you business for selling incomplete access to the internet. Depending on their policy they will let your traffic through or you'll have to look for other ISPs, if the terms and conditions you signed up for didn't say anything about sertain traffic beeing blocked you probably could get out of any contract you have with them easily
Unfortunately that's not an option for everyone so you could also try tunneling the traffic into your work server (ssh vpn whatever), or get the ISP mailserver added to the company SPF. Yet another possibility is to use dialup to connect to work, just for sending mail.
A zombie machine (infected through outlook or any other means) would have to send mail with addresses it is allowed to send from. That would be a domain controlled by the spammer (can be blacklisted), a domain with an open / nonexistant SPF record(can be filtered on), or a domain it's already allowed to send for (the ISP, which means chances that the machine would be stopped are far greater, or the ISP risks getting blacklisted).
I can imagine that spam filters like spamassassin could check if the mail came from a domain with an open SPF record, it would simply be a matter of retrieving the record, doing a little parsing and assigning a score.
If a spamer gets paid $5000 to send out a million messages, a $15 throwaway domain is nothing...
The cost is also time to get the domain in place, less time spent on defeating other anti spam measures. If that spammer is using zombies he'll have to use an open record that a spamfilter rule like the one above would detect. He must eiter accept that less of his spam will arrive or add each single sender machine to the SPF record. In addition I expect we'll soon see domain block lists in addition to IP block lists so each spammer domain will only have a lifited "shelf life".
As I said SPF is no silver bullet by itself, but I believe it will improve the situation, just avoiding joe jobs is worth it in itself and if it can make the spam flow a little slower that's good too.
some of them have my work from-address. Wouldn't this system obstruct that?
Only if you don't send them through your job email server
Also, many people use a different e-mail address from their ISP but are forced to route their mail through their ISP's SMTP server. How would they get around SPF?
Tunneling / Adding your ISPs mail server to your works SPF info / Asking your ISP nicely
Explain: how would you brute force it? One way would be to search until you find a domain without SPF information and fake addresses from that. That will reduce the pool of domains you can fake, and be an incentive for them to start using it. In a way it's shifting the damage over to those that doesn't try to help solving the problem, they decide to be easy targets they take the consequenses.
(x) It will stop spam for two weeks and then we'll be stuck with it
It will stop spam from beeing sent with faked addresses from a domain, if the owners of that domain wishes it. That means I will never se a bounce for spam using my address if the recieving end uses SPF, and the reciever willl not see spam that fakes my address as its sender
(x) Users of email will not put up with it
Why not, all I have to do is configure my mail program to use the correct mailserver for outgoing mail
(x) The police will not put up with it
The police has never cared about anything to do with spam, why should they care about this?
(x) Requires immediate total cooperation from everybody at once
Bull. Mail (allegedly) from domains that doesn't publish SPF information will get through, and mail to recievers that doesn't check SPF will come through. Domain owners will be encouraged to implement this because they will se fever (misdirected) abuse reports. Users will be encouraged to implement this because they will see less spam
(x) Lack of centrally controlling authority for email
The owner of a domain is the central controlling authority for email from that domain, that's all you need
(x) Ease of searching tiny alphanumeric address space of all email addresses
Eventually all spam will use a sender address from domains without SPF informations (or nonexistent domains), people will start dumping mail from domains without SPF (or give it a high spamassassin score) and those domains will effectively be forced to implement SPF or see their users unable to send email
(x) Asshats
Which is why you have to use additional measures, such as scoring mail without SPF low, blacklisting domains and ISPS that allow spammers and other kinds of filters. There is no tool that will block ALL spam, but the right combination will reduce it drastically
(x) Unpopularity of weird new taxes
No tax involved
(x) Huge existing software investment in SMTP
It's compatible (actually uses) SMTP, no software has to be replaced. (Unless it already sucks)
(x) Willingness of users to install OS patches received by email (x) Armies of worm riddled broadband-connected Windows boxes
And all the mail sent out to SPF using clients using from addresses with SPF domains will be dropped, eventually this number will rise as more people adopt SPF.
(x) Extreme profitability of spam
Making them work harder and reach less people will decrease the profitability, that will make the situation improve
(x) Extreme stupidity on the part of people who do business with spammers
(x) Dishonesty on the part of spammers themselves
Eventually the spammers will have fewer domains to use for sender addresses, they will have to buy domains (increasing cost) or use domains without SPF. Both can be blacklisted
(x) Outlook
This can be implemented serverside, outlook is not an issue
(x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
None has ever been standardised and tried large scale
(x) We should be able to talk about Viagra without being censored
You can as long as you don't forge the sender domain. But if you try to sell it to someone a complaint may well make you lose access to that domain
All current versions of windows support syml^h^h^h reparse points.
Well you can chalk that up to me not knowing windows as well as I know *nix
I knew I could mount a drive as part of another filesystem but had no idea it was possible to do the equivalent of symlinking. It certainly isn't a well advertised feature, I would have expected it to appear in a menu if windows supported it. Tanks for the info (all of you) it might come in handy
It's quite possible that L and I are so small that intelligence arose only once
I didn't say it wasn't. It may even be that the chance of life and civilisation (given a suitable planet) is huge, but that we're sitting on the only decent real estate (read: planet). But at least we know that the chances are above zero. Problem is the only way to get a decent data on the probability of life is to check out other suitable planets and see if there's any life there. That's one of the reasons mars exploration is so interesting since finding or not finding life can give us more clues to what the odds might actually be
there's exactly as much solid scientific evidence for extraterrestrial life as there is for the existence of God, which is to say there's absolutely none
Searching for extra terrestrial life is a numbers game, it's all about odds. We know life can start on a suitable planet, cause here we are. Then comes the unknown factors.
S = number of stars P = planets per star s = Average chance that a planet is suitable for life L = Average chance that life starts on suitable planets I = Chance that intelligent life evolves C = Chance that civilisation survives long enough to be able to communicate
S*P*s*L*I*C = Chance of ET
Point is that S is huge and L, I and C are big enough that it has happened here, so yes I believe there will be intelligent life out there, but I have my doubts that they will be close enough to find, or even exist at the same time as us
However, for most programming tasks, knowing the paging size or the clock cycle or the best algorithm at hand does not matter.
Paging size and clock cycle, fair enough. But not knowing the best algorithm can seriously bite you when your program that worked OK with 100 test entries is going to be run with 100000 real data entries. At the very least a programmer should have heard about big-O and know when it't time to look up those algorithms.
This is the Munich district court. Any precedent set by this case won't affect most Slashdotters anyway.
It will to some degree. For a company that wants to violate the GPL they would have to stay out of the german market. That's a competitive advantage to those that doesn't violate the GPL (either by using only non GPL code, or by honouring the lisence)
Overall that means a (somewhat) bigger chance of companies respecting the GPL than before
think they meant 'SMB share'. If not... DAMN I wanna work where that person works!
Won't be seeing you here then, if my boss wants to share any files he either puts em on the fileserver, sets up nfs himself, sets up ftp or adds the files to the CVS if suitable
Being elite means you're on top of the game, beeing 1337 means you want people to think you are on top of the game while in reality you are a thirteen year old kid that didn't realize that the cracking tool you just installed off kazaa actually installed a backdoor.
That should teach me to preview, mod down the direct parent of this post and leave this one standing, the post should have been:
There is still debate going on about whether to introduce a gender-neutral third-person singular term, or if "they" or "s/he" or something else is acceptable.
One probably doesn't need to do that as it already exists
There is still debate going on about whether to introduce a gender-neutral third-person singular term, or if "they" or "s/he" or something else is acceptable.
One probably doesn't need to do that as it already exists
Besides, are you really sure you want to tie the game's reputation to Microsoft's?;)
The computer fits very well with the Microsoft standards. They both want you to be happy. They both know what's best for you. And they both have the same exellent quality and stability. Obviously the computer is running some version of windows.
I'll just go terminate myself now for knowing that, goodbye friends and have a nice daycycle. By the way since you hearn me you might want to tag along with me to the food vats.
I did well to last almost one whole session before my guy was killed
Your DM was obviously not doing his job properly. Failure to report the commie is an act of treason. Please report to the nearest waste recycling center for human resource reintegration citizen. Have a nice daycycle.
Slashdot Mirror
That made my day, thanks.
doesnt even mention the devices that run Linus..
So what kind of devices would you envision that run Linus? As he moves freely around (no wires or tubes) the only thing I could imagine runs him would be a pacemaker, but I've never heard of him having any heart problems
Labels for loops?. I don't think we're talking about the same language. In C (as it is in K&R2 not sure about what the C99 standard says) break stands alone (no way to specify a label).
Other languages may allow them (such as java and perl) and the syntax differs. In perl you would put the label on the loop (but use the statement 'last' instead of 'break') as you do, but in java you would put the label after the loop (or risk an infinite loop as it would just start over again, unless the compiler chokes on that).
Anyway my point is (and was) that somethimes there is no other way to break out of nested loops (when the language provides none) and you have to resort to goto (or a kludge)
As a rule don't ever use goto
But know when to break the rules.
Another exaample of situations when goto is appropriate is breaking out of nested loops. Instead of writing something simple like:
They end up with some ugly cludge, probably checking the exit condition several times (which is bad if the check is expensive) instead of storing the result.
It sounds more than plasubile to me. So, I'm curious. You propose to try, by social pressure, to force *every single* domain to disallow non-SPF email?
Well not really social pressure. When enough people remove themselves as targets for having the from domain faked, the chances that the remaining domains will be targeted is greater. I wouldn't want to remain standing as all others drop to the floor when the bank robbers enter :)
It doesn't work. You must have a system that does not require Internet-wide perfect cooperation.
Again you're looking for that silver bullet. SPF can't be used alone (unless we lived in a perfect world, bet then there would be no spammers) SPF gives us one more thing to filter and score based on, but your filters have to be set up with the assumption that there are domains without SPF or with misconfigured SPF:
Mail from doman with SPF, sender is allowed by SPF record => low probability of spam
Mail from domain without SPF => medium probability of spam
Mail from domain with open SPF record => medium probability of spam
Mail from domain with SPF, sender disallowed by SPF record => high probability of spam
Obviously you have to filter/score on other things too
There are existing, workable systems that don't require an iota of effort on the part of the domain mail admin that work fine. One would be to slap a "X-Fromme:" header in all your emails with a secret in it, or hash of a tuple of the to address and a secret, or whatever makes you happy, and have procmail or whatever system floats your boat. It can all be done without leaving the client or screwing with existing infrastructure
I can't see how that is going to prevent anyone from faking the addresses, it would make it easier to filter out bounces to mail I didn't send if that was what you were thinking about. But how would it help with the bandwith cost of the bounces from a joe-job?
Users will *not* see less spam when they do this unless everyone implements.
You are correct, but only if you assume that the users won't be using additional ways of filtering, and feeds the result of the SPF check as input to that filtering
You must admit one of two things. Either (a) people don't have to deploy SPF records, and SPF is not an antispam system, or (b) SPF requires everyone to completely and fully deploy and it is not workable (no system requiring all nodes to be trusted and not screw up that I know of has ever worked).
(a2) people don't have to deploy SPF records, and SPF is not an antispam system by itself
Suppose you spoof a little DNS record or two, setting a high TTL on cacheable lifetime, and manage to make AOL's main mailserver think that MSN's SPF record says that the only legitimate mailserver is somewhere in Korea.
People that can't trust their DNS servers not to cache bogus responses to DNS queries shouldn't depend on DNS for anything, they certainly shouldn't be dumping incoming mail based on it.
You think it's "fun" getting off the blacklist for RBL because some dipshit on your network screwed up now, wait until everyone' using *domain-level* reputation, and any person at your enterprise-class company can screw your domain's reputation over severely, and kill your domain's mail privileges.
Not fun no, I've heard the stories
Obviously a company should have a policy that does everything to prevent this. But that can happen with or without SPF with todays IP blocklists
Especially nasty if that one person is completely innocent, but happens to be using a Windows laptop that picks up a worm...but *that* wouldn't ever happen, would it?
Not so innocent if that person broke company security policy by disabling virus checks, or installed downloaded software from shady sites. It won't happen again after you fire the first one.
All the people out there have to put in new,
Your ISP can't do a thing about what senders are valid for your work email address.
When i said ask them nicely I ment it. You just didn't realize what you're supposed to ask. You need to explain to them (politely) that you need to access port 25 on your work mailserver or they will lose you business for selling incomplete access to the internet. Depending on their policy they will let your traffic through or you'll have to look for other ISPs, if the terms and conditions you signed up for didn't say anything about sertain traffic beeing blocked you probably could get out of any contract you have with them easily
Unfortunately that's not an option for everyone so you could also try tunneling the traffic into your work server (ssh vpn whatever), or get the ISP mailserver added to the company SPF. Yet another possibility is to use dialup to connect to work, just for sending mail.
You can't do this if your ISP is blocking port 25 out and forcing you to go through its own mailrouters.
See the last paragraph of the post you replied to, and add the option "Changing ISP"
It does NOT account for Outlook.
A zombie machine (infected through outlook or any other means) would have to send mail with addresses it is allowed to send from. That would be a domain controlled by the spammer (can be blacklisted), a domain with an open / nonexistant SPF record(can be filtered on), or a domain it's already allowed to send for (the ISP, which means chances that the machine would be stopped are far greater, or the ISP risks getting blacklisted).
People are already scaning for open SPF records.
I can't say that I'm surprised
I can imagine that spam filters like spamassassin could check if the mail came from a domain with an open SPF record, it would simply be a matter of retrieving the record, doing a little parsing and assigning a score.
If a spamer gets paid $5000 to send out a million messages, a $15 throwaway domain is nothing...
The cost is also time to get the domain in place, less time spent on defeating other anti spam measures. If that spammer is using zombies he'll have to use an open record that a spamfilter rule like the one above would detect. He must eiter accept that less of his spam will arrive or add each single sender machine to the SPF record. In addition I expect we'll soon see domain block lists in addition to IP block lists so each spammer domain will only have a lifited "shelf life".
As I said SPF is no silver bullet by itself, but I believe it will improve the situation, just avoiding joe jobs is worth it in itself and if it can make the spam flow a little slower that's good too.
some of them have my work from-address. Wouldn't this system obstruct that?
Only if you don't send them through your job email server
Also, many people use a different e-mail address from their ISP but are forced to route their mail through their ISP's SMTP server. How would they get around SPF?
Tunneling / Adding your ISPs mail server to your works SPF info / Asking your ISP nicely
(x) It is defenseless against brute force attacks
Explain: how would you brute force it? One way would be to search until you find a domain without SPF information and fake addresses from that. That will reduce the pool of domains you can fake, and be an incentive for them to start using it. In a way it's shifting the damage over to those that doesn't try to help solving the problem, they decide to be easy targets they take the consequenses.
(x) It will stop spam for two weeks and then we'll be stuck with it
It will stop spam from beeing sent with faked addresses from a domain, if the owners of that domain wishes it. That means I will never se a bounce for spam using my address if the recieving end uses SPF, and the reciever willl not see spam that fakes my address as its sender
(x) Users of email will not put up with it
Why not, all I have to do is configure my mail program to use the correct mailserver for outgoing mail
(x) The police will not put up with it
The police has never cared about anything to do with spam, why should they care about this?
(x) Requires immediate total cooperation from everybody at once
Bull. Mail (allegedly) from domains that doesn't publish SPF information will get through, and mail to recievers that doesn't check SPF will come through. Domain owners will be encouraged to implement this because they will se fever (misdirected) abuse reports. Users will be encouraged to implement this because they will see less spam
(x) Lack of centrally controlling authority for email
The owner of a domain is the central controlling authority for email from that domain, that's all you need
(x) Ease of searching tiny alphanumeric address space of all email addresses
Eventually all spam will use a sender address from domains without SPF informations (or nonexistent domains), people will start dumping mail from domains without SPF (or give it a high spamassassin score) and those domains will effectively be forced to implement SPF or see their users unable to send email
(x) Asshats
Which is why you have to use additional measures, such as scoring mail without SPF low, blacklisting domains and ISPS that allow spammers and other kinds of filters. There is no tool that will block ALL spam, but the right combination will reduce it drastically
(x) Unpopularity of weird new taxes
No tax involved
(x) Huge existing software investment in SMTP
It's compatible (actually uses) SMTP, no software has to be replaced. (Unless it already sucks)
(x) Willingness of users to install OS patches received by email
(x) Armies of worm riddled broadband-connected Windows boxes
And all the mail sent out to SPF using clients using from addresses with SPF domains will be dropped, eventually this number will rise as more people adopt SPF.
(x) Extreme profitability of spam
Making them work harder and reach less people will decrease the profitability, that will make the situation improve
(x) Extreme stupidity on the part of people who do business with spammers
(x) Dishonesty on the part of spammers themselves
Eventually the spammers will have fewer domains to use for sender addresses, they will have to buy domains (increasing cost) or use domains without SPF. Both can be blacklisted
(x) Outlook
This can be implemented serverside, outlook is not an issue
(x) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
None has ever been standardised and tried large scale
(x) We should be able to talk about Viagra without being censored
You can as long as you don't forge the sender domain. But if you try to sell it to someone a complaint may well make you lose access to that domain
(x) Countermeasures must work if phased in grad
All current versions of windows support syml^h^h^h reparse points.
Well you can chalk that up to me not knowing windows as well as I know *nix
I knew I could mount a drive as part of another filesystem but had no idea it was possible to do the equivalent of symlinking. It certainly isn't a well advertised feature, I would have expected it to appear in a menu if windows supported it. Tanks for the info (all of you) it might come in handy
One word: symlink.
What if he uses an inferior OS that doesn't have symlinks?
Copyrighs on books published on the web is unconstitutional
It's quite possible that L and I are so small that intelligence arose only once
I didn't say it wasn't. It may even be that the chance of life and civilisation (given a suitable planet) is huge, but that we're sitting on the only decent real estate (read: planet). But at least we know that the chances are above zero. Problem is the only way to get a decent data on the probability of life is to check out other suitable planets and see if there's any life there. That's one of the reasons mars exploration is so interesting since finding or not finding life can give us more clues to what the odds might actually be
there's exactly as much solid scientific evidence for extraterrestrial life as there is for the existence of God, which is to say there's absolutely none
Searching for extra terrestrial life is a numbers game, it's all about odds. We know life can start on a suitable planet, cause here we are. Then comes the unknown factors.
Point is that S is huge and L, I and C are big enough that it has happened here, so yes I believe there will be intelligent life out there, but I have my doubts that they will be close enough to find, or even exist at the same time as us
Development Status: 3 - Alpha
However, for most programming tasks, knowing the paging size or the clock cycle or the best algorithm at hand does not matter.
Paging size and clock cycle, fair enough. But not knowing the best algorithm can seriously bite you when your program that worked OK with 100 test entries is going to be run with 100000 real data entries. At the very least a programmer should have heard about big-O and know when it't time to look up those algorithms.
This is the Munich district court. Any precedent set by this case won't affect most Slashdotters anyway.
It will to some degree. For a company that wants to violate the GPL they would have to stay out of the german market. That's a competitive advantage to those that doesn't violate the GPL (either by using only non GPL code, or by honouring the lisence)
Overall that means a (somewhat) bigger chance of companies respecting the GPL than before
think they meant 'SMB share'. If not... DAMN I wanna work where that person works!
Won't be seeing you here then, if my boss wants to share any files he either puts em on the fileserver, sets up nfs himself, sets up ftp or adds the files to the CVS if suitable
Being elite means you're on top of the game, beeing 1337 means you want people to think you are on top of the game while in reality you are a thirteen year old kid that didn't realize that the cracking tool you just installed off kazaa actually installed a backdoor.
That should teach me to preview, mod down the direct parent of this post and leave this one standing, the post should have been:
There is still debate going on about whether to introduce a gender-neutral third-person singular term, or if "they" or "s/he" or something else is acceptable.
One probably doesn't need to do that as it already exists
There is still debate going on about whether to introduce a gender-neutral third-person singular term, or if "they" or "s/he" or something else is acceptable.
One probably doesn't need to do that as it already exists
Besides, are you really sure you want to tie the game's reputation to Microsoft's? ;)
The computer fits very well with the Microsoft standards. They both want you to be happy. They both know what's best for you. And they both have the same exellent quality and stability. Obviously the computer is running some version of windows.
I'll just go terminate myself now for knowing that, goodbye friends and have a nice daycycle. By the way since you hearn me you might want to tag along with me to the food vats.
I did well to last almost one whole session before my guy was killed
Your DM was obviously not doing his job properly. Failure to report the commie is an act of treason. Please report to the nearest waste recycling center for human resource reintegration citizen. Have a nice daycycle.