Hello, boys and girls.
So, last week we had a bizarre incident where a spam email made it to the list, even though the list is subscriber-only and the email address used has never (at least as far as my logs can see, and I thought I logged everything) been a member of the list. Quite silly. The problem, however, is that one of you has flagged the list server with spamcop.
This is the FIRST and ONLY warning. We have had 1 fucking spam email go through this list since we set it up, and the one last week was a total mystery to all of us who are working on the server. Also, if a person ON the list had been responsible for sending it, there would have been NO way to catch it. In these cases, you do NOT flag a server as spam relay.
If I ever get a situation like this again, I will for ever stop hosting mailing lists for the Amiga "community", cause this is just pissing me off.
There's no point in replying to this email, unless the response is "that was me, and I'm never ever going to do that again. Me bad and will go sit in the corner". And even then I only want to see that reply if you're really going to sit in the corner. Wearing a funny hat.
Thanks in advance.
Ole-Egil Hvitmyren schreef:
Hello, boys and girls.
heya
If I ever get a situation like this again, I will for ever stop hosting mailing lists for the Amiga "community", cause this is just pissing me off.
Yea, it's freaking annoying, but this might actually be the result of software rather then the user, there are scripts, filters & whatnot out there that will automaticly (without user intervention) forward mail it considers as spam to spamcop.
Autoforwarding of mails to spamcop is *BAD*, as it can be rather disruptive for email services.
So, if any of us has some sort of spamfilter running (client side or server side) check your settings and make sure there is no autoforwarding of mails.
/me goes back to lurk mode
Hi Ochal,
On 22/08/2006, you wrote:
Autoforwarding of mails to spamcop is *BAD*, as it can be rather disruptive for email services.
I still don't understand what this is all about. Is the allegation that someone has somehow set Olegil's server into relay mode? How can forwarding mail to spamcop (which I assume is an address somewhere) end up spreading it via a subscriber-only server to an address that does not even remotely resemble "spamcop"?
I'm probably not the only one here who is mystified. Some explanation of the mechanism would be interesting, at least. It might even help the unfortunate infected clean their machines.
cheers
On 22/08/06, Tony Wyatt wyattaw@optushome.com.au wrote:
I still don't understand what this is all about. Is the allegation that someone has somehow set Olegil's server into relay mode? How can forwarding mail to spamcop (which I assume is an address somewhere) end up spreading it via a subscriber-only server to an address that does not even remotely resemble "spamcop"?
Nope. Spamcop is a spam-blacklisting service. As far as I can tell, when an e-mail is reported to them (be that by a person, or automatically by their spam-filter), it's originator (in this case, samfudnet.no) is added to their blacklist - which is then used by countless spam-blocking systems around the world. Obviously this can cause no end of problems if your domain is entirely innocent.
Hi Olly,
On 22/08/2006, you wrote:
I still don't understand what this is all about. Is the allegation that someone has somehow set Olegil's server into relay mode? How can forwarding mail to spamcop (which I assume is an address somewhere) end up spreading it via a subscriber-only server to an address that does not even remotely resemble "spamcop"?
Nope. Spamcop is a spam-blacklisting service. As far as I can tell, when an e-mail is reported to them (be that by a person, or automatically by their spam-filter), it's originator (in this case, samfudnet.no) is added to their blacklist - which is then used by countless spam-blocking systems around the world. Obviously this can cause no end of problems if your domain is entirely innocent.
Aha! So we are talking about TWO disasters - firstly, the spam mail getting through last week, and secondly, Olegil's server being blacklisted as a result, by some over-zealous filter program.
Now I understand why Olegil was angry. Thanks.
cheers
Tony Wyatt schreef:
Hi Ochal,
On 22/08/2006, you wrote:
Autoforwarding of mails to spamcop is *BAD*, as it can be rather disruptive for email services.
I still don't understand what this is all about. Is the allegation that someone has somehow set Olegil's server into relay mode? How can forwarding mail to spamcop (which I assume is an address somewhere) end up spreading it via a subscriber-only server to an address that does not even remotely resemble "spamcop"?
Erm, no, by submitting a mailserver to spamcop you can have it entered in the RBL, these are widely used blacklists that list known spamservers. By adding Olegil's server, one could disrupt his email traffic because it's listed in the RBLs, and as such, rejected by other mailservers.
The presence of that one spam message isn't the problem, it's reporting Olegil's server to spamcop that's bad.
I'm probably not the only one here who is mystified. Some explanation of the mechanism would be interesting, at least. It might even help the unfortunate infected clean their machines.
Ok, i'll try ;)
My mailserver (the one for .kefren.be ) will take the following actions when mail is sent to kefren.be:
- The mailserver checks with reverse DNS if the mail is coming from where it claims to come - The mailserver then checks to see if the origin is know with the various RBL's configured on my machine - The mailserver checks the mail for known spam/virusses/etc - The mailserver delivers the mail to my account
Now the mail is ready for retreaval, so i open up thunderbird, and download the mail. If i were to be running spam identification software/filters/scripts, these might recognise the mail on the ML as spam, and (this is bad design in my opinion) pass the mail on to spamcop (although i thought you needed an account with them to do this? don't recall), who then examines the mail again, and possibly flags the origin (Olegil's mailserver) on the RBLs, thus preventing Olegil mailing ex. me. (since the origin is in the RBLs)
This is an example of doing it client side, the server could probably also be configured to do this at step 3 with various scripts & plugins.
Now, i hope this made sense (and that it's somewhat accurate) haven't been sleeping much lately ;)
On Mer 23 août 2006 0:18, Tony Wyatt a écrit :
Hi Ochal,
On 22/08/2006, you wrote:
Autoforwarding of mails to spamcop is *BAD*, as it can be rather disruptive for email services.
I still don't understand what this is all about. Is the allegation that someone has somehow set Olegil's server into relay mode? How can forwarding mail to spamcop (which I assume is an address somewhere) end up spreading it via a subscriber-only server to an address that does not even remotely resemble "spamcop"?
I'm probably not the only one here who is mystified. Some explanation of the mechanism would be interesting, at least. It might even help the unfortunate infected clean their machines.
Seconded.
I would also add this:
1 I probably sent a report. I get literally hundreds of spams a day and I don't waste time looking for open relays or other security holes just because they may be run by friends.
2 It certainly wasn't the first spam via this list, and I certainly can't have been the only person to report it. Spamcop cop doesn't blacklist on the basis on one report, AFAIK.
Tighten up the list security, Olegil, and watch your language. I know it's annoying, but please save the profanity for the bastards that exmploit the tiniest security holes to send spam.
On Mer 23 août 2006 9:52, Amont - ML Amiga a écrit :
2 It certainly wasn't the first spam via this list, and I certainly can't have been the only person to report it. Spamcop cop doesn't blacklist on the basis on one report, AFAIK.
Replying to myself: Spamcop does NOT blacklist on the basis of one report.
Deatils here: http://mailsc.spamcop.net/fom-serve/cache/297.html
And don't relay spam.
Amont - ML Amiga wrote:
Tighten up the list security
The only thing we can do at the moment is to 1: make the list invite-only (because anyone can join, send spam, then leave) 2: shut down the list (because there must be a bug in mailman which allowed that email through, and I'm not going to host this list other than through mailman).
I'm leaning towards the latter. As it is, we have almost a hundred people here, and still NO work gets done. This leads me to conclude that this list does not fulfill the needs, that programmers could have a place to get together to discuss OO.org. We obviously did not catch enough active programmers to reach critical mass.
The question is, do we really have a way forward, or are we just grasping at straws?
If there was ANY interest, I would start by finishing off the dependency database I started on, but after a year of no activity I have yet to see a single request for updates... Even though I specifically asked for feedback.
And even if I finish the database, data still needs to be entered. Would we do that? Do we know what needs doing without such a tool?
Ole-Egil
Ole-Egil,
I too am tempted to close down the project, there has been no activity for several months really (other than some work identifying a JVM to use), attempts to get completed code out of a few people who have said they have completed bits of work seems fruitless, although I do apologise for not following up on the dependancy DB with you.
Mark
On 23/08/2006, you wrote:
Amont - ML Amiga wrote:
Tighten up the list security
The only thing we can do at the moment is to 1: make the list invite-only (because anyone can join, send spam, then leave) 2: shut down the list (because there must be a bug in mailman which allowed that email through, and I'm not going to host this list other than through mailman).
I'm leaning towards the latter. As it is, we have almost a hundred people here, and still NO work gets done. This leads me to conclude that this list does not fulfill the needs, that programmers could have a place to get together to discuss OO.org. We obviously did not catch enough active programmers to reach critical mass.
The question is, do we really have a way forward, or are we just grasping at straws?
If there was ANY interest, I would start by finishing off the dependency database I started on, but after a year of no activity I have yet to see a single request for updates... Even though I specifically asked for feedback.
And even if I finish the database, data still needs to be entered. Would we do that? Do we know what needs doing without such a tool?
Ole-Egil
Regards
All,
As a bit of a last ditch effort I'm going to try to put together a press release, to try and drum up some more help, below is a start:
------ OpenOffice.org Amiga OS4 Port.
Development on the Amiga OS4 port of OpenOffice.org requires some assistance.
We have currently completed some dependancies including libusb, aspell, neon and some work has been done on porting csh.
We need people to produce us a complete dependancy database as well as further the csh port all of this needs doing prior to starting the port of the actual OpenOffice.org code.
To join our discussions/offer help please join the list at:
https://lists.samfundet.no/mailman/listinfo/openoffice-os4 -----
any thoughts of anything else that needs to go in?
Regards
Mark
On 23/08/2006, you wrote:
Ole-Egil,
I too am tempted to close down the project, there has been no activity for several months really (other than some work identifying a JVM to use), attempts to get completed code out of a few people who have said they have completed bits of work seems fruitless, although I do apologise for not following up on the dependancy DB with you.
Mark
On 23/08/2006, you wrote:
Amont - ML Amiga wrote:
Tighten up the list security
The only thing we can do at the moment is to 1: make the list invite-only (because anyone can join, send spam, then leave) 2: shut down the list (because there must be a bug in mailman which allowed that email through, and I'm not going to host this list other than through mailman).
I'm leaning towards the latter. As it is, we have almost a hundred people here, and still NO work gets done. This leads me to conclude that this list does not fulfill the needs, that programmers could have a place to get together to discuss OO.org. We obviously did not catch enough active programmers to reach critical mass.
The question is, do we really have a way forward, or are we just grasping at straws?
If there was ANY interest, I would start by finishing off the dependency database I started on, but after a year of no activity I have yet to see a single request for updates... Even though I specifically asked for feedback.
And even if I finish the database, data still needs to be entered. Would we do that? Do we know what needs doing without such a tool?
Ole-Egil
Regards
Openoffice-os4 mailing list Openoffice-os4@samfundet.no https://lists.samfundet.no/mailman/listinfo/openoffice-os4
Regards
On 23/08/06, Ole-Egil Hvitmyren olegil@samfundet.no wrote:
feedback.
Comic Sans!? You want people to use this without going blind, right? ;-)
Olly Hodgson said:
On 23/08/06, Ole-Egil Hvitmyren olegil@samfundet.no wrote:
feedback.
Comic Sans!? You want people to use this without going blind, right? ;-)
Not really, no.
Could those of us who are using earthlink.net to receive mail here possibly use a different mail account for this list? We have some theories here in the server admin group which would be nice to check up on.
Plenty of spam from earthlink.net is caught, but some emails now and then come through, and we don't like it one bit...
Ole-Egil
-
Amont - ML Amiga -
Mark Bond -
Mark Bond -
Ochal Christophe -
Ole-Egil Hvitmyren -
Olegil webmail
-
Olly Hodgson -
Tony Wyatt