OK, I'm worried; unless I've completely missed something here, it seems as though the 'little guy' could get hit quite badly by SPF.
If you have no SPF records published , your email will continue to be treated as it is now (heavily checked for spaminess), so you should be no worse off.
I use the SMTP relay service provided by my ADSL provider.
You can publish this information in an SPF record.
If you trust the relay service to only relay your domain for you, ie an authorised login, with your domain allowed for you but no other users, then it's very easy to setup, and SPF aware servers will be confident whether your mail is from you (via your secure providers relay) or a forgery.
However reality is very different, providers relays do not normally limit the domain of users, even when authorised, so there is a risk of of users of your providers relay forging your domain.
Because of this you can publish an SPF record that states your domain policy, with the providers relay being "neutral" (? prefix). The effect of this is not as good as the secure example, but considerably better than nothing.
Any mail coming from your domain, through the providers relay being considered neutral, therefore as if no SPF, so you may think no apparent gain, why bother. However, any email using your domain, but not from your providers relay would be treated as a "FAIL", so there is a significant benefit.
Yes, a "clever" spammer could use a zombie within your providers network send mail using your domain through the providers relay, but it would only score a "Neutral", so normal spam filtering would apply, as it would for you.
It's not perfect, but since you are not able to secure the providers relay for your domain, its still a pretty good outcome.
FWIW the 0.9.1 upgrade may help convert a few more Invariably Exploited (IE) users.
The phrase "Invariably Exploited (IE)" is patent pending, though infractions won't be dealt with until SCO's lawyers have a bit more time on their hands
Fair comments on the method, which was why the last comment about
I would think this would be very difficult to trace without social engineering
As has been pointed out several times, the hardest part is getting hold of the money
As for web bugs etc, not a problem if the IP can't be traced. after all the WLAN part is only the "belt", the "braces" comes from using (possibly cascaded) proxies.
An encrypted email service may be a good idea, just in case the authorities put something into the replies that could be sniffed at the router level.
At the end of the day, the money is the hardest part, and social engineering your weakest link, unless you count luck (good or bad is a point of view)
1. Dedicated firewalled Linux Laptop with WLAN, and changing MAC
2. WarDrive around for a unsecure internet connection.
3. Use proxies from unsecured PC's, lists available from DBL providers, or you Email server logs.
4. Setup up a web mail account, and send business proposal.
5. WarDrive to other access poiunt for continuing dialog
6. Travel around a bit to avoid setting a Wardrive pattern
I would think this would be very difficult to trace without social engineering
Slashdot Mirror
OK, I'm worried; unless I've completely missed something here, it seems as though the 'little guy' could get hit quite badly by SPF.
If you have no SPF records published , your email will continue to be treated as it is now (heavily checked for spaminess), so you should be no worse off.
I use the SMTP relay service provided by my ADSL provider.
You can publish this information in an SPF record.
If you trust the relay service to only relay your domain for you, ie an authorised login, with your domain allowed for you but no other users, then it's very easy to setup, and SPF aware servers will be confident whether your mail is from you (via your secure providers relay) or a forgery.
However reality is very different, providers relays do not normally limit the domain of users, even when authorised, so there is a risk of of users of your providers relay forging your domain.
Because of this you can publish an SPF record that states your domain policy, with the providers relay being "neutral" (? prefix). The effect of this is not as good as the secure example, but considerably better than nothing.
Any mail coming from your domain, through the providers relay being considered neutral, therefore as if no SPF, so you may think no apparent gain, why bother. However, any email using your domain, but not from your providers relay would be treated as a "FAIL", so there is a significant benefit.
Yes, a "clever" spammer could use a zombie within your providers network send mail using your domain through the providers relay, but it would only score a "Neutral", so normal spam filtering would apply, as it would for you.
It's not perfect, but since you are not able to secure the providers relay for your domain, its still a pretty good outcome.
"Gee I'm glad I use Firefox on Windows"
FWIW the 0.9.1 upgrade may help convert a few more Invariably Exploited (IE) users.
The phrase "Invariably Exploited (IE)" is patent pending, though infractions won't be dealt with until SCO's lawyers have a bit more time on their hands
Most laptop instruction books I've read (not too many though), say the laptop should be used on a flat surface that does not block the ventalition.
An insulator may just help the laptop fry itself more, a piece of laptop sized wood is probably more helpful, though not "cool" to be seen with.
I sure someone must have posted this, but here goes anyway
Shame this firmware also has a backdoor also, all they did was change the account to superman and the password to 21241036
Let's hope the winner know's someone with a driving licence...
I can do McDonalds Drive Thru, without the effort of getting my wallet out.
I can get petrol without getting my wallet out.
Damn still had to walk to the car though...
These ideas need more work if I'm to become a total slob
I can see my house...
I know I shouldn't post after too much beer and wine (and a lot of whine...)
Probably get flamed as well, Oh well here goes nothing...
Most (if not all) contracts have a notice period on both sides.
A CAP warning is an ISP's way of saying, you have a month (or whatever the period is) to mend your ways, or take your unprofitable business elsewhere.
For those wanting to get out of their contract, possibly without penalty, this may be a good way to do it.
Just going to get my asbestos underpants...
I would think this would be very difficult to trace without social engineering
As has been pointed out several times, the hardest part is getting hold of the money
As for web bugs etc, not a problem if the IP can't be traced. after all the WLAN part is only the "belt", the "braces" comes from using (possibly cascaded) proxies.
An encrypted email service may be a good idea, just in case the authorities put something into the replies that could be sniffed at the router level.
At the end of the day, the money is the hardest part, and social engineering your weakest link, unless you count luck (good or bad is a point of view)
and few other ways of hiding yourself, as below
1. Dedicated firewalled Linux Laptop with WLAN, and changing MAC
2. WarDrive around for a unsecure internet connection.
3. Use proxies from unsecured PC's, lists available from DBL providers, or you Email server logs.
4. Setup up a web mail account, and send business proposal.
5. WarDrive to other access poiunt for continuing dialog
6. Travel around a bit to avoid setting a Wardrive pattern
I would think this would be very difficult to trace without social engineering
Our latest success story,... On July 26, 2002...
Looks like it been a bit lean for them recently
From http://www.fax.com/Company_profile/our_business.as p
Fax.com has identified over 30 million untouched fax numbers
What ever that means (aside from how they may have accidentally found them)