Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AOL block of Comcast residential IPs



On Tuesday 08 April 2003 03:39 pm, Derek Martin wrote:
> On Tue, Apr 08, 2003 at 02:37:33PM -0400, Rich Braun wrote:
> > No one here questioned the desirability of doing that, so I'm reiterating
> > my point.
>
> I questioned it at length, on GNHLUG.  You probably didn't see my
> posts, because as part of my own personal (highly successful, I must
> mention) anti-spam campaign, I set headers that tell polite list
> archive software not to archive my posts.  Many lists I'm on use

Is that the
x-no-archive: yes
x-no-productlinks: yes
lines in your headers?

> I maintain individual distinct (i.e. not simply username+detail)
> addresses for each mailing list I'm on, and the vast majority of the

I don't do that for EVERY list.  I do that when specifying an email address to 
some company I don't trust, etc.  It's fun to make them up, too.  For 
instance, I use experiment626@ (from Lino and Stitch), worker11811@ 
(Metropolis), scorpius@ (Farscape), etc.  Add to that that I have about six 
domain names running on my box...

> [For those who may be curious,  my minimalist spam filters catch maybe
> 4 spams a month; but I only receive maybe 20 spams a month, total, in

I get more than 4 a DAY.  That is, spamassassin gets more than 4 a day.  I 
peek in that folder every now and then for false positives, then feed the 
folder back to sa_learn.  The key to using spamassassin is having spam over a 
certain rating go to a separate folder (I use 14 as the cutoff), and another 
folder for stuff that MIGHT be spam, that you check more often.  I also 
supplement it with a couple of regular expression searches in procmail that 
dump into the same folders.

> > The reasons I have my own SMTP server, aside from the mere fact
> > that I've been running my own SMTP servers continuously since 1990, are:
> >
> > 1) My mail goes through directly point-to-point with minimal time lag.

Well, no.  It goes from one SMTP program to one SMTP program, but it's hitting 
a rather large number of routers, switches, and other doodads in the middle.  
An important distinction when you use your point-to-point theory as more 
secure.  Carnivore does not have to sit at an SMTP server, it can monitor at 
the packet level.

> > 2) There is a single point of failure at each end; the mail can't get
> >    tied up on a mail spool somewhere during a system crash, and doesn't
> >    get duplicated when something is buggy.

OTOH, when your machine is down, your mail bounces.  It's all about tradeoffs.

> > 3) There is minimal opportunity for eavesdropping; the "last mile" to my
> >    house is the only place where a wiretap can be installed.

See (1)

> > 4) Sendmail is the one piece of widely-used software which defies the
> > normal bell curve of bugs-found-per-month.  For over 20 years, it has
> > been necessary for network providers to update it at least twice a year. 
> > In fact two urgent CERT advisories were posted in March 2003.  That means
> > relay servers are prone to flakiness.

This sounds like an argument AGAINST sendmail.  In the past few years, there 
have been quite a few exploits against it.  This is not really a problem if 
you keep up with it (though up2date has been locked out for free users for 
about a week now.  I eventually ftp'd them myself.  Very annoying.)

> This is an excellent list, to which I would add one more:
>
> 5) I can maintain as many unique e-mail addresses as I like, which
> aids in identifying where spam is coming from, and in removing
> potential sources of spam.

He did mention that outside the list (before it), but it is an important 
feature for me.  Why both of my cats need email addresses, I'm not sure, but 
they did ask nicely.  Since I was able to snag the domain name 
thekramers.net, my wide, sister, parents etc all have email addresses on my 
box.

> > I still use sendmail myself (but at least the upgrades are done at the
> > time of *my* choosing).  My backup mail server went offline on the 4th of

I use sendmail because, besides needing a mail server, I need to keep 
experienced in the tools that are most commonly used with Linux and UNIX, and 
sendmail is one of them.  Other programs might suit my needs more, but not 
enough to justify not having the sendmail chops. 

----------------------------------------------------------------------------
DDDD   David Kramer         david at thekramers.net       http://thekramers.net
DK KD  
DKK D  "Put your hand on a hot stove for a minute and it seems like an hour.
DK KD  Sit with a pretty girl for an hour and it seems like a minute.
DDDD   That is relativity."                                - Albert Einstein




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org