At 01:47 AM 10/3/2008, you wrote:
On Thu, Oct 2, 2008 at 8:21 PM, Chris Boyd cboyd@gizmopartners.com wrote:
On Oct 2, 2008, at 3:17 PM, Vandaman wrote:
- Go to the eircom page or type abuse at eircom in google to get the web
form. The form looks like it goes direct to their tech support, they responded very fast.
Yes, but the trend is for the big ISPs to use ARF, which sort of
defeats the
idea of humans filling out forms.
This is getting WAY off topic, but:
ARF is really meant to be a format for ISPs to report abuse to one another. For example, when an AOLer clicks the "Report Spam" button, AOL pastes up an ARF format message and sends it to the entity who controls the IP address from which AOL received the original message. This only works if that entity has registered an email address with AOL's "feedback loop" service.
ARF is not intended for use by end users making spam complaints to abuse desks.
This is why the RFC clearly states that you must answer certain email addresses; abuse@ being one! If you don't follow the RFC's than how can anyone expect your protocols or operations to be compliant with any standards?
Now, someone decided, in their infinite wisdom, that if you send an auto-reply directing you to a web form, that this is compliant.. where as I read it as a cheat! That does not allow me to use the abuse@ address for the function it was intended and as stated earlier:
I DO NOT HAVE TIME IN A DAY TO GO REPORTING SOME ADMINISTRATOR'S DEFICIENCY IN POLICING HIS/HER OWN USERS THROUGH A PROPRIETARY WEB FORM.
Therefore, I have been given authority to block them, meeting my management's criteria.
Make sure your rules meet the RFCs and your management's criteria and you will make your life a whole lot simpler.. Oh, and argue the RFC's with management, in case they do not understand!
Cheers!
This is why the RFC clearly states that you must answer certain email addresses; abuse@ being one! If you don't follow the RFC's than how can anyone expect your protocols or operations to be compliant with any standards?
Now, someone decided, in their infinite wisdom, that if you send an auto-reply directing you to a web form, that this is compliant.. where as I read it as a cheat! That does not allow me to use the abuse@ address for the function it was intended and as stated earlier:
I DO NOT HAVE TIME IN A DAY TO GO REPORTING SOME ADMINISTRATOR'S DEFICIENCY IN POLICING HIS/HER OWN USERS THROUGH A PROPRIETARY WEB FORM.
Therefore, I have been given authority to block them, meeting my management's criteria.
Make sure your rules meet the RFCs and your management's criteria and you will make your life a whole lot simpler.. Oh, and argue the RFC's with management, in case they do not understand!
So, let's look at your stance.
abuse@yahoo.com would probably get millions of mails a day. Acting more as a spam trap more than anything else, and I don't think anyone would call them unreasonable for not reading each and every mail sent to it. If you think they should, perhaps you should volunteer.
The spirit of the RFC is that you could send mail to abuse@domain and get in touch with someone. When the RFC was written, the idea that someone will monitor this mailbox was reasonable. Today, it is not in all cases. So, in that spirit, some orgs have setup auto responders telling you how to get in touch with them. In my opinion, this is a perfectly reasonable solution that accomplishes the same goal. Why you feel like you are too good to communicate them in an effective manner is your own issue, not theirs or the RFC. They are obviously understanding the goal of the RFC and attempting to comply, where you are just blindly taking it literally.
My suggestion to you is to learn to think beyond the exact wording and look at the spirit of the RFC and apply it to the situation. In this case, you send mail to abuse, they reply with an effective way to communicate with the abuse contacts. How that is cheating is beyond me. They met your criteria given that "they must answer certain addresses", even if it was with an auto-reply. I don't know what is "proprietary" about a web form. They are based on RFCs as well and so long as it functions in your web browser, why would you care? To take it one step further, if you are having trouble communicating with them via e-mail, this may be an ideal way to reach them as e-mail may not be effective.
Basically, get off your holier than thou RFC high horse and at least make an attempt to work with people instead of just bitching and moaning that they don't do exactly what you think they should. Or, submit an updated RFC to update it to your opinion on this "cheating".
On Fri, Oct 03, 2008, Mark A. Lewis wrote:
This is why the RFC clearly states that you must answer certain email addresses; abuse@ being one! If you don't follow the RFC's than how can anyone expect your protocols or operations to be compliant with any standards?
Now, someone decided, in their infinite wisdom, that if you send an auto-reply directing you to a web form, that this is compliant.. where as I read it as a cheat! That does not allow me to use the abuse@ address for the function it was intended and as stated earlier:
I DO NOT HAVE TIME IN A DAY TO GO REPORTING SOME ADMINISTRATOR'S DEFICIENCY IN POLICING HIS/HER OWN USERS THROUGH A PROPRIETARY WEB FORM.
Therefore, I have been given authority to block them, meeting my management's criteria.
Make sure your rules meet the RFCs and your management's criteria and you will make your life a whole lot simpler.. Oh, and argue the RFC's with management, in case they do not understand!
So, let's look at your stance.
abuse@yahoo.com would probably get millions of mails a day. Acting more as a spam trap more than anything else, and I don't think anyone would call them unreasonable for not reading each and every mail sent to it. If you think they should, perhaps you should volunteer.
Male Bovine Defecation! If yahoo is going to provide mail services, they damn well should do it in a responsible manner. Just becaue they are big does not exempt them from this responsibility. On the contrary, the large free mail providers, yahoo, hotmail, gmail, etc. are frequently used by spammers, phishers, and other criminals for drop boxes to further their crimes.
As large as it is, AOL does a very good job of dealing with complaints and handling spam. They are also quite active in the anti-spam/anti-phishing community.
... Bill
Just the idea of a autoresponder for abuse mail account is dang scary. Would make a spammers job easy. I do not use autoresponders ever for any accounts. I have the server eat all mail that comes in and not bounce them off, Again, a good thing for a spammer to find.
With today's spoofing there is rarely a way to tell where soemthig actually came from. And complaining to anyone about it will get you nowhere but wasted time, in my opinion.
I wait until a legitimate company spams me...then I call them up and see if it was them....then I let years of spam aggression boil out to the company over the phone....and hope they take me off the list.
Now that is how to blow off spam steam.
Bob Hoffman wrote:
I wait until a legitimate company spams me...then I call them up and see if it was them....then I let years of spam aggression boil out to the company over the phone....and hope they take me off the list.
Now that is how to blow off spam steam.
Sadly you have a long way to go ... I'm willing to bet that the eircom.net spammer has spammed many on this list but due to no-one taking action he was still in business.
Regards, Vandaman.
Hi,
Here is a newbie to Xen and LVM on Centos. I've created a Logical Volumn(LV) in the domain 0. and then install a XenU on the LV. IN more details: The LV is exported to XenU as xvda, and default Centos disk Layout is accepted -- /dev/xvda1 for /boot, /dev/xvda2 as Physical Volumn).
Now my problem is: How to backup the Logical Volumn(LV) from Domain 0? I currently use dd to save it, is this the proper way? or can I create snapshot LV of the LV and 'dd' the snapshot LV? Because on the LV it is not a ext3/xfs file system, then I could not mount the LV, right?
Any one please shed a light onto this? What's the normal way to backup LVs which are exported to install XenU System?
Thanks a lot.
on 10-3-2008 9:57 AM Robinson Tiemuqinke spake the following:
Hi,
Here is a newbie to Xen and LVM on Centos.
Welcome to the CentOS list. Please follow the rules like not hijacking threads and wrapping long lines. See the bottom of this page;
http://www.centos.org/modules/tinycontent/index.php?id=16
At 12:34 PM 10/3/2008, you wrote:
Bob Hoffman wrote:
I wait until a legitimate company spams me...then I call them up and see if it was them....then I let years of spam aggression boil out to the company over the phone....and hope they take me off the list.
Now that is how to blow off spam steam.
Sadly you have a long way to go ... I'm willing to bet that the eircom.net spammer has spammed many on this list but due to no-one taking action he was still in business.
Regards, Vandaman.
I actually responded to their web form, just that once and notified them of my future intention of automatically blocking their individual offending IPs. I'm still reporting to their abuse address. If they want to ignore me.. fine. I've also reported to spam@uce.gov so that it is documented (not that anyone there pays attention either, but I hope that someone does a tally at the end of a day/week/month/quarter to see who is most misbehaved).
I also email anyone else who will listen, like phishing@. Maybe their lawyers will take head.
Just the idea of a autoresponder for abuse mail account is dang scary. Would make a spammers job easy. I do not use autoresponders ever for any accounts. I have the server eat all mail that comes in and not bounce them off, Again, a good thing for a spammer to find.
And what are they going to do, spam people with Yahoo's auto reply? It's not like it's an open relay. Possible it could be used for a DOS attack, but not for spamming.
And what are they going to do, spam people with Yahoo's auto reply? It's not like it's an open relay. Possible it could be used for a DOS attack, but not for spamming.
Spoof the return headers and send a million or two mails to abuse@yahoo just for fun....if the responder also includes the message then the spam is done as a million autoreplies are sent out to people who never sent them..
Male Bovine Defecation! If yahoo is going to provide mail services, they damn well should do it in a responsible manner. Just becaue they are big does not exempt them from this responsibility. On the contrary, the large free mail providers, yahoo, hotmail, gmail, etc. are frequently used by spammers, phishers, and other criminals for drop boxes to further their crimes.
As large as it is, AOL does a very good job of dealing with complaints and handling spam. They are also quite active in the anti-spam/anti-phishing community.
What are they doing that is not responsible other than not doing thing the way YOU think they should? As I pointed out, they accept abuse complaints, just not in the way the YOU think they should.
I would have to read the RFC, but I assume it does not specify that all abuse correspondence must be done via e-mail using the abuse address, only that they have to accept mail for that address. Which, they do. They are playing 100% by the RFC, just not in the way you want them to.
At 11:56 AM 10/3/2008, you wrote:
On Fri, Oct 03, 2008, Mark A. Lewis wrote:
This is why the RFC clearly states that you must answer certain email addresses; abuse@ being one! If you don't follow the RFC's than how can anyone expect your protocols or operations to be compliant with any standards?
Now, someone decided, in their infinite wisdom, that if you send an auto-reply directing you to a web form, that this is compliant.. where as I read it as a cheat! That does not allow me to use the abuse@ address for the function it was intended and as stated earlier:
I DO NOT HAVE TIME IN A DAY TO GO REPORTING SOME ADMINISTRATOR'S DEFICIENCY IN POLICING HIS/HER OWN USERS THROUGH A PROPRIETARY WEB FORM.
Therefore, I have been given authority to block them, meeting my management's criteria.
Make sure your rules meet the RFCs and your management's criteria and you will make your life a whole lot simpler.. Oh, and argue the RFC's with management, in case they do not understand!
So, let's look at your stance.
abuse@yahoo.com would probably get millions of mails a day. Acting more as a spam trap more than anything else, and I don't think anyone would call them unreasonable for not reading each and every mail sent to it. If you think they should, perhaps you should volunteer.
Male Bovine Defecation! If yahoo is going to provide mail services, they damn well should do it in a responsible manner. Just becaue they are big does not exempt them from this responsibility. On the contrary, the large free mail providers, yahoo, hotmail, gmail, etc. are frequently used by spammers, phishers, and other criminals for drop boxes to further their crimes.
As large as it is, AOL does a very good job of dealing with complaints and handling spam. They are also quite active in the anti-spam/anti-phishing community.
Agreed! AOL does do a fine job at policing their users.
And for that matter when I report these zombied users (mostly) or rampant criminals (rare) to a large ISP, usually 10x+ the size of my organization, I am already working for them; policing users they should have caught! If they are on their network spewing port 25 packets in large volumes, with no authentication to their mail gateway, then they are not effectively policing their users! I can and will catch anyone doing so, because I am a very small organization with no political clout and have a reputation to maintain!
Why don't you go work for them? Sounds like you already do and are in CYA-mode. I already report their abusive, zombied customers.
These organizations can filter all the incoming for their users. They've left it to you and I to clean up after their users shortcomings on outgoing. Lazy? Profits? Both?
On Fri, 2008-10-03 at 11:43 -0400, Mark A. Lewis wrote: <snippity, snippity - irrelevant text, not irrelevant attitude issues>
The spirit of the RFC is that you could send mail to abuse@domain and get in touch with someone. When the RFC was written, the idea that someone will monitor this mailbox was reasonable. Today, it is not in all cases. So, in that spirit, some orgs have setup auto responders telling you how to get in touch with them. In my opinion, this is a perfectly reasonable solution that accomplishes the same goal.
Well, there are ways and there are ways. An e-mail that allows a single reply to confirm an abuse report (avoiding spurious reports/spams) could be sent to the original reporter. Have a single change needed, varied with an arbitrary value to avoid mechanical responses, could accomplish the same thing with less time/effort on the part of the original reporter.
What we see implemented is really more of an "offload effort from us to them" solution. That is not contained in the intent of the RFC. So, the real rant comes not against the RFC intent, but against the implementation which forces more workload onto a well-intentioned reporter of abuse.
Sad that so many high-priced folks couldn't do something better when it is so easy to find better ways that are more "user" (us, not them) friendly.
Why you feel like you are too good to communicate them in an effective manner is your own issue, not theirs or the RFC.
One hell of an assumption on your part there.
<snip>
MHO
Well, there are ways and there are ways. An e-mail that allows a single reply to confirm an abuse report (avoiding spurious reports/spams) could be sent to the original reporter. Have a single change needed, varied with an arbitrary value to avoid mechanical responses, could accomplish the same thing with less time/effort on the part of the original reporter.
Or, a web form. What is the difference?
What we see implemented is really more of an "offload effort from us to them" solution. That is not contained in the intent of the RFC. So, the real rant comes not against the RFC intent, but against the implementation which forces more workload onto a well-intentioned reporter of abuse.
So, your complaint is with who is doing it, not how they are doing it? Workload? Cut and paste the original mail into the web form. And, in the future, you can bypass the initial e-mail.
Why you feel like you are too good to communicate them in an effective manner is your own issue, not theirs or the RFC.
One hell of an assumption on your part there.
There is no assumption. You are the one who was ranting about not being able to communicate with them on your terms. The RFC does not specify that all communication must be by SMTP, only that they must reply to the abuse address. You just don't like it for whatever reason.
Hello? This is way off topic for the CentOS list.
Enough already.
mhr
Toby Bluhm wrote:
MHR wrote:
Hello? This is way off topic for the CentOS list.
Enough already.
The audience groans with dismay. We shuffle off, looking for a Springer inspired Reality Internet Game Show.
Dang, and I had money on this being October's useless thread with (what seems like) 1000 or more responses!
Maybe CentOS needs an O/T or social mailing list (like IRC and the forum channels) to save my bulging inbox!
Bob Hoffman wrote:
Dang, and I had money on this being October's useless thread with (what seems like) 1000 or more responses!
\ Naw, someones gonna go into the bailout rep vs dem thing and that will be the winner....
I hope you guys realise that you are not really helping the cause much with these posts.
And yea, working on setting up a sort of list to handle much of this semi OT traffic. More news on that around Wed next week, dont ask about it now.
On Fri, 2008-10-03 at 19:36 +0100, Karanbir Singh wrote:
Bob Hoffman wrote:
Dang, and I had money on this being October's useless thread with (what seems like) 1000 or more responses!
\ Naw, someones gonna go into the bailout rep vs dem thing and that will be the winner....
I hope you guys realise that you are not really helping the cause much with these posts.
And yea, working on setting up a sort of list to handle much of this semi OT traffic. More news on that around Wed next week, dont ask about it now.
JohnStanley Writes: Ugghh, why you post that? You know we will ask about it!?!
On Fri, 2008-10-03 at 14:31 -0400, Bob Hoffman wrote:
Dang, and I had money on this being October's useless thread with (what seems like) 1000 or more responses!
\ Naw, someones gonna go into the bailout rep vs dem thing and that will be the winner....
I wouldn't think so, as the situation doesn't compute. :) Ric
On Fri, 2008-10-03 at 19:25 +0100, Ned Slider wrote:
Toby Bluhm wrote:
MHR wrote:
Hello? This is way off topic for the CentOS list.
Enough already.
The audience groans with dismay. We shuffle off, looking for a Springer inspired Reality Internet Game Show.
Dang, and I had money on this being October's useless thread with (what seems like) 1000 or more responses!
Maybe CentOS needs an O/T or social mailing list (like IRC and the forum channels) to save my bulging inbox!
Ha! You shoulda seen the thread over on the Fedora List over if SELinux was infiltration into our systems by the FBI and if it could be safely removed. Wow, that one went on for a month. We had Karl there for a few months and that sparked all sorts of audience participation. :) Ric
On Fri, 2008-10-03 at 12:42 -0400, Mark A. Lewis wrote:
Well, there are ways and there are ways. An e-mail that allows a single reply to confirm an abuse report (avoiding spurious reports/spams) could be sent to the original reporter. Have a single change needed, varied with an arbitrary value to avoid mechanical responses, could accomplish the same thing with less time/effort on the part of the original reporter.
Or, a web form. What is the difference?
As mentioned, workload. I'm sure I need not detail the differences, as small as they may be.
What we see implemented is really more of an "offload effort from us to them" solution. That is not contained in the intent of the RFC. So, the real rant comes not against the RFC intent, but against the implementation which forces more workload onto a well-intentioned reporter of abuse.
So, your complaint is with who is doing it, not how they are doing it? Workload? Cut and paste the original mail into the web form. And, in the future, you can bypass the initial e-mail.
I was not the OP, nor do I care. I have no complaint. Who vs how? I can't see how you reached that conclusion. Observing that the methodology chosen may be less than optimal, for those that have to use it (always dependent on individual situations, of course), and commenting that they should have been able to do better has only the most tenuous connection to your statement "So, your complaint is with who is doing it...".
Why you feel like you are too good to communicate them in an effective manner is your own issue, not theirs or the RFC.
One hell of an assumption on your part there.
There is no assumption. You are the one who was ranting about not being able to communicate with them on your terms. The RFC does not specify that all communication must be by SMTP, only that they must reply to the abuse address. You just don't like it for whatever reason.
Wrong! I was nbot the complainant. ADD at work here? :-)
For you to state "Why you feel like you are too good to communicate..." can only come from assumption as nothing in the OPs statements implied or overtly indicated such. Ergo: assumption or deduction on your part. If deduction, certainly flawed.
<snip>
Just an FYI: my particular background leads me to make statements such as "they could've done better", or similar. It is backed by long experience in diverse related areas. That does not give my opinions any more (or less) weight than those of others. Nor does it enhance nor debase my right to hold and express an opinion, regardless of the "Little Tyrants" that may frequent lists such as this.
'Nuff said
On Fri, 2008-10-03 at 11:43 -0400, Mark A. Lewis wrote:
So, in that spirit, some orgs have setup auto responders telling you how to get in touch with them. In my opinion, this is a perfectly reasonable solution that accomplishes the same goal. Why you feel like you are too good to communicate them in an effective manner is your own issue, not theirs or the RFC. They are obviously understanding the goal of the RFC and attempting to comply, where you are just blindly taking it literally.
Mark,
Consider the case where you have logs from dozens of servers, routers, etc. Whois the offending IP, find the abuse contact (if there is one), copy the address, open an email, paste the address, copy and paste the appropriate bits of log data or the spam message, include a line with your GMT offset, hit send. Done in 10-15 seconds.
Now, try to do that with a web form. It takes a lot longer, since they usually make you type in lots more info, you have to read the form to make sure that you set all the right radio buttons for spam, brute force, etc. Find the timezone field, get it set correctly, etc. Takes way longer.
By reporting network abuse, I'm doing you a favor; being neighborly. Getting an autoreply (that usually doesn't include what I sent in) to go to a web form means that I have to go and spend more of _my_ time to do you a favor. Kind of like trying to tell your neighbor that their house is on fire, and they give you the finger.
Web forms aren't bad if you only send one or two a day, but if you had to fill out hundreds of them you'd quickly become tired and frustrated.
--Chris
-
Bill Campbell -
Bob Hoffman -
Chris Boyd -
Glenn -
John -
Karanbir Singh -
Mark A. Lewis -
MHR -
Ned Slider -
Ric Moore -
Robinson Tiemuqinke -
Scott Silva -
Toby Bluhm -
Vandaman -
William L. Maltby