Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Tuesday 08 April 2003 03:39 pm, Derek Martin wrote: > On Tue, Apr 08, 2003 at 02:37:33PM -0400, Rich Braun wrote: > > No one here questioned the desirability of doing that, so I'm reiterating > > my point. > > I questioned it at length, on GNHLUG. You probably didn't see my > posts, because as part of my own personal (highly successful, I must > mention) anti-spam campaign, I set headers that tell polite list > archive software not to archive my posts. Many lists I'm on use Is that the x-no-archive: yes x-no-productlinks: yes lines in your headers? > I maintain individual distinct (i.e. not simply username+detail) > addresses for each mailing list I'm on, and the vast majority of the I don't do that for EVERY list. I do that when specifying an email address to some company I don't trust, etc. It's fun to make them up, too. For instance, I use experiment626@ (from Lino and Stitch), worker11811@ (Metropolis), scorpius@ (Farscape), etc. Add to that that I have about six domain names running on my box... > [For those who may be curious, my minimalist spam filters catch maybe > 4 spams a month; but I only receive maybe 20 spams a month, total, in I get more than 4 a DAY. That is, spamassassin gets more than 4 a day. I peek in that folder every now and then for false positives, then feed the folder back to sa_learn. The key to using spamassassin is having spam over a certain rating go to a separate folder (I use 14 as the cutoff), and another folder for stuff that MIGHT be spam, that you check more often. I also supplement it with a couple of regular expression searches in procmail that dump into the same folders. > > The reasons I have my own SMTP server, aside from the mere fact > > that I've been running my own SMTP servers continuously since 1990, are: > > > > 1) My mail goes through directly point-to-point with minimal time lag. Well, no. It goes from one SMTP program to one SMTP program, but it's hitting a rather large number of routers, switches, and other doodads in the middle. An important distinction when you use your point-to-point theory as more secure. Carnivore does not have to sit at an SMTP server, it can monitor at the packet level. > > 2) There is a single point of failure at each end; the mail can't get > > tied up on a mail spool somewhere during a system crash, and doesn't > > get duplicated when something is buggy. OTOH, when your machine is down, your mail bounces. It's all about tradeoffs. > > 3) There is minimal opportunity for eavesdropping; the "last mile" to my > > house is the only place where a wiretap can be installed. See (1) > > 4) Sendmail is the one piece of widely-used software which defies the > > normal bell curve of bugs-found-per-month. For over 20 years, it has > > been necessary for network providers to update it at least twice a year. > > In fact two urgent CERT advisories were posted in March 2003. That means > > relay servers are prone to flakiness. This sounds like an argument AGAINST sendmail. In the past few years, there have been quite a few exploits against it. This is not really a problem if you keep up with it (though up2date has been locked out for free users for about a week now. I eventually ftp'd them myself. Very annoying.) > This is an excellent list, to which I would add one more: > > 5) I can maintain as many unique e-mail addresses as I like, which > aids in identifying where spam is coming from, and in removing > potential sources of spam. He did mention that outside the list (before it), but it is an important feature for me. Why both of my cats need email addresses, I'm not sure, but they did ask nicely. Since I was able to snag the domain name thekramers.net, my wide, sister, parents etc all have email addresses on my box. > > I still use sendmail myself (but at least the upgrades are done at the > > time of *my* choosing). My backup mail server went offline on the 4th of I use sendmail because, besides needing a mail server, I need to keep experienced in the tools that are most commonly used with Linux and UNIX, and sendmail is one of them. Other programs might suit my needs more, but not enough to justify not having the sendmail chops. ---------------------------------------------------------------------------- DDDD David Kramer david at thekramers.net http://thekramers.net DK KD DKK D "Put your hand on a hot stove for a minute and it seems like an hour. DK KD Sit with a pretty girl for an hour and it seems like a minute. DDDD That is relativity." - Albert Einstein
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |