-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi,
Was this spammer shut down and the problem with the leak in the mailinglist fixed?
----8<---- Return-Path: centos-devel-bounces@centos.org Received: from mail.centos.org (mail.centos.org [72.26.200.202]) by balin.waakhond.net (Postfix) with ESMTP id 3F38417E8069 for hvdkooij@vanderkooij.org; Wed, 28 Jan 2009 15:18:48 +0100 (CET) Received: from mail.centos.org (voxeldev.centos.org [127.0.0.1]) by mail.centos.org (Postfix) with ESMTP id 13D4AC03F30; Wed, 28 Jan 2009 09:14:02 -0500 (EST) X-Original-To: centos-devel@centos.org Delivered-To: centos-devel@centos.org Received: from fed1rmmtao105.cox.net (fed1rmmtao105.cox.net [68.230.241.41]) by mail.centos.org (Postfix) with ESMTP id A792CC03F30 for centos-devel@centos.org; Wed, 28 Jan 2009 09:14:00 -0500 (EST) Received: from fed1rmimpo03.cox.net ([70.169.32.75]) by fed1rmmtao105.cox.net (InterMail vM.7.08.02.01 201-2186-121-102-20070209) with ESMTP id 20090128141356.XSZI8485.fed1rmmtao105.cox.net@fed1rmimpo03.cox.net for centos-devel@centos.org; Wed, 28 Jan 2009 09:13:56 -0500 Received: from 5rpet ([68.7.178.36]) by fed1rmimpo03.cox.net with bizsmtp id 92Db1b00C0nWD44042Dh5d; Wed, 28 Jan 2009 09:13:55 -0500 X-Authority-Analysis: v=1.0 c=1 p=6gryP8oqIuwA:10 a=bV-dpsDMpf4A:10 a=dW_v_Nl1Vn4A:10 a=cizR2TMVYBQA:10 a=SWy5f4BVAAAA:8 a=6eRGdbthAAAA:8 a=dcxsrVAq5ZBOyax7pk4A:9 a=eu0mfjibJjdHvw6Ie4YA:7 a=Z8026VRy3j1okLEr-27pHnQvgJEA:4 a=HeoGohOdMD0A:10 a=-ZQhYGXY2L8A:10 a=sh6PArqQtYdngLzxv5aEQJAsMbE=:19 X-CM-Score: 98.00 From: "Lawrence Auster" lance@centos.org To: centos-devel@centos.org Date: Wed, 28 Jan 2009 15:13:35 +0100 X-Priority: 3 Message-Id: 20090128141356.XSZI8485.fed1rmmtao105.cox.net@fed1rmimpo03.cox.net Subject: [CentOS-devel] =?iso-8859-1?q?For_Whom_the_Gaza_Bell_Tolls_--_Par?= =?iso-8859-1?q?t_1_and_2_--_Obama=92s_Mideast_Jewish_Wet_Dream_Team?= X-BeenThere: centos-devel@centos.org X-Mailman-Version: 2.1.9 Precedence: list Reply-To: "The CentOS developers mailing list." centos-devel@centos.org List-Id: "The CentOS developers mailing list." <centos-devel.centos.org> List-Unsubscribe: http://lists.centos.org/mailman/listinfo/centos-devel, mailto:centos-devel-request@centos.org?subject=unsubscribe List-Archive: http://lists.centos.org/pipermail/centos-devel List-Post: mailto:centos-devel@centos.org List-Help: mailto:centos-devel-request@centos.org?subject=help List-Subscribe: http://lists.centos.org/mailman/listinfo/centos-devel, mailto:centos-devel-request@centos.org?subject=subscribe Content-Type: multipart/mixed; boundary="===============0369068545==" Sender: centos-devel-bounces@centos.org Errors-To: centos-devel-bounces@centos.org
- --===============0369068545== Content-Type: text/plain; charset="US-ASCII"
For Whom the Gaza Bell Tolls -- Part 1 By Edmund Connelly for The Occidental Observer ----8<----
- -- hvdkooij@vanderkooij.org http://hugo.vanderkooij.org/ PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc
A: Yes. >Q: Are you sure? >>A: Because it reverses the logical flow of conversation. >>>Q: Why is top posting frowned upon?
Bored? Click on http://spamornot.org/ and rate those images.
Nid wyf yn y swyddfa ar hyn o bryd. Anfonwch unrhyw waith i'w gyfieithu.
Hugo van der Kooij wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi,
Was this spammer shut down and the problem with the leak in the mailinglist fixed?
At the moment his mailserver is blocked (which isn't ideal). But there is no way to shut down leaks like that without moderating the mailing lists completely.
Ralph
on 1-28-2009 10:28 AM Ralph Angenendt spake the following:
Hugo van der Kooij wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi,
Was this spammer shut down and the problem with the leak in the mailinglist fixed?
At the moment his mailserver is blocked (which isn't ideal). But there is no way to shut down leaks like that without moderating the mailing lists completely.
Ralph
But it also made the announce-list. I assumed the announce list was only writable by a select few.
Scott Silva wrote:
on 1-28-2009 10:28 AM Ralph Angenendt spake the following:
At the moment his mailserver is blocked (which isn't ideal). But there is no way to shut down leaks like that without moderating the mailing lists completely.
But it also made the announce-list. I assumed the announce list was only writable by a select few.
That was(!) part of the problem, yes.
Ralph
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
seth vidal wrote:
On Wed, 2009-01-28 at 10:45 -0800, Scott Silva wrote:
But it also made the announce-list. I assumed the announce list was only writable by a select few.
and the email came from lance@centos.org
lance@centos.org was one of the select few.
There is no SPF record for centos.org
If one can be added then this sort of fakes can be prevented. Anyone using the centos.org domain in email should login to a centos.org server to send out email that way.
I know it works because that is how I send out email from my own domain. All family members need to use the central server as relay to send out email with the family domain. And they can only authenticate using TLS and SASL.
Hugo.
- -- hvdkooij@vanderkooij.org http://hugo.vanderkooij.org/ PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc
A: Yes. >Q: Are you sure? >>A: Because it reverses the logical flow of conversation. >>>Q: Why is top posting frowned upon?
Bored? Click on http://spamornot.org/ and rate those images.
Nid wyf yn y swyddfa ar hyn o bryd. Anfonwch unrhyw waith i'w gyfieithu.
On Wed, 2009-01-28 at 21:55 +0100, Hugo van der Kooij wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
seth vidal wrote:
On Wed, 2009-01-28 at 10:45 -0800, Scott Silva wrote:
But it also made the announce-list. I assumed the announce list was only writable by a select few.
and the email came from lance@centos.org
lance@centos.org was one of the select few.
There is no SPF record for centos.org
If one can be added then this sort of fakes can be prevented. Anyone using the centos.org domain in email should login to a centos.org server to send out email that way.
I know it works because that is how I send out email from my own domain. All family members need to use the central server as relay to send out email with the family domain. And they can only authenticate using TLS and SASL.
-1 to SPF.
Don't rely on technologies not everyone is using.
-sv
On Wednesday 28 January 2009, seth vidal skvidal@fedoraproject.org wrote:
-1 to SPF.
Don't rely on technologies not everyone is using.
Well, by definition, any "new" technology is one that not everyone is using.
SPF is actually very good at preventing forgeries of your own domains in mail sent to your own servers. I find it useful enough for that alone.
Did you also shut the lists down? I've received no mail from centos-qa or centos-devel for quite some time.
Hugo van der Kooij wrote:
Q: Why is top posting frowned upon?
Bored? Click on http://spamornot.org/ and rate those images.
1, I get quite a few of those, at another address. It's sent "from" me.
2. There's nothing to prevent anyone from subcsribing to this list and harvesting addresses of all contributors.
3. Before implementing SPF, google for and join some antispam lists. I did so, and the consensus on one of them was that SPF isn't a good answer. CSV was regarded as preferable. Here's the first hit when I asked google "why not spf." http://72.14.235.132/search?q=cache:YNZEP38CoFEJ:david.woodhou.se/why-not-sp...
I'm using google's cache because the original site's not available atm.
on 2-5-2009 4:47 AM John Summerfield spake the following:
Hugo van der Kooij wrote:
Q: Why is top posting frowned upon?
Bored? Click on http://spamornot.org/ and rate those images.
1, I get quite a few of those, at another address. It's sent "from" me.
There's nothing to prevent anyone from subcsribing to this list and harvesting addresses of all contributors.
Before implementing SPF, google for and join some antispam lists. I did so, and the consensus on one of them was that SPF isn't a good answer. CSV was regarded as preferable.
A consensus of one? What if the other lists had a consensus that it was good?
Here's the first hit when I asked google "why not spf." http://72.14.235.132/search?q=cache:YNZEP38CoFEJ:david.woodhou.se/why-not-sp...
I'm using google's cache because the original site's not available atm.
I want to invent something like BFR (big freaking rock) that you hit the spammer over the head with! The more spam he sends, the more rocks. Sooner or later he will stop from either negative reinforcement or a concussion.
Either way, I win!
Scott Silva wrote:
on 2-5-2009 4:47 AM John Summerfield spake the following:
Hugo van der Kooij wrote:
Q: Why is top posting frowned upon?
Bored? Click on http://spamornot.org/ and rate those images.
1, I get quite a few of those, at another address. It's sent "from" me.
There's nothing to prevent anyone from subcsribing to this list and harvesting addresses of all contributors.
Before implementing SPF, google for and join some antispam lists. I did so, and the consensus on one of them was that SPF isn't a good answer. CSV was regarded as preferable.
A consensus of one?
A consensus of those on the particular list. Just reading it was enough for me.
Do some research.
On Fri, Feb 6, 2009 at 2:25 AM, John Summerfield debian@herakles.homelinux.org wrote:
Scott Silva wrote:
on 2-5-2009 4:47 AM John Summerfield spake the following:
Hugo van der Kooij wrote:
>>>Q: Why is top posting frowned upon?Bored? Click on http://spamornot.org/ and rate those images.
1, I get quite a few of those, at another address. It's sent "from" me.
There's nothing to prevent anyone from subcsribing to this list and harvesting addresses of all contributors.
Before implementing SPF, google for and join some antispam lists. I did so, and the consensus on one of them was that SPF isn't a good answer. CSV was regarded as preferable.
A consensus of one?
A consensus of those on the particular list. Just reading it was enough for me.
Do some research.
That's just rude. Spam prevention isn't a battle, it's a war, and SPF *is* a viable weapon in spite of your bias against it. I *have* done the research, not that it's any business of yours. As admin of mail servers for a couple high-profile domain names, I see all the tricks spammers use, and thus need all possible tools to use against them. But, being off topic, this is it from me.
jerry
-
Alan Hodgson -
Charlie Brady -
Hugo van der Kooij -
Jerry Amundson -
John Summerfield -
Ralph Angenendt -
Scott Silva -
seth vidal