FAQ

[CentOS-devel] Spammer: Did we shut him down?

Hugo van der Kooij
Jan 28, 2009 at 5:40 pm
Hi,

Was this spammer shut down and the problem with the leak in the
mailinglist fixed?

----8<----
Return-Path: <centos-devel-bounces at centos.org>
Received: from mail.centos.org (mail.centos.org [72.26.200.202])
by balin.waakhond.net (Postfix) with ESMTP id 3F38417E8069
for <hvdkooij at vanderkooij.org>; Wed, 28 Jan 2009 15:18:48 +0100 (CET)
Received: from mail.centos.org (voxeldev.centos.org [127.0.0.1])
by mail.centos.org (Postfix) with ESMTP id 13D4AC03F30;
Wed, 28 Jan 2009 09:14:02 -0500 (EST)
X-Original-To: centos-devel at centos.org
Delivered-To: centos-devel at centos.org
Received: from fed1rmmtao105.cox.net (fed1rmmtao105.cox.net [68.230.241.41])
by mail.centos.org (Postfix) with ESMTP id A792CC03F30
for <centos-devel at centos.org>; Wed, 28 Jan 2009 09:14:00 -0500 (EST)
Received: from fed1rmimpo03.cox.net ([70.169.32.75]) by
fed1rmmtao105.cox.net
(InterMail vM.7.08.02.01 201-2186-121-102-20070209) with ESMTP
id <20090128141356.XSZI8485.fed1rmmtao105.cox.net at fed1rmimpo03.cox.net>
for <centos-devel at centos.org>; Wed, 28 Jan 2009 09:13:56 -0500
Received: from 5rpet ([68.7.178.36]) by fed1rmimpo03.cox.net with bizsmtp
id 92Db1b00C0nWD44042Dh5d; Wed, 28 Jan 2009 09:13:55 -0500
X-Authority-Analysis: v=1.0 c=1 p=6gryP8oqIuwA:10 a=bV-dpsDMpf4A:10
a=dW_v_Nl1Vn4A:10 a=cizR2TMVYBQA:10 a=SWy5f4BVAAAA:8 anRGdbthAAAA:8
aÜxsrVAq5ZBOyax7pk4A:9 a=eu0mfjibJjdHvw6Ie4YA:7
a=Z8026VRy3j1okLEr-27pHnQvgJEA:4 a=HeoGohOdMD0A:10 a=-ZQhYGXY2L8A:10
a=sh6PArqQtYdngLzxv5aEQJAsMbE=:19
X-CM-Score: 98.00
From: "Lawrence Auster" <lance at centos.org>
To: centos-devel at centos.org
Date: Wed, 28 Jan 2009 15:13:35 +0100
X-Priority: 3
Message-Id:
<20090128141356.XSZI8485.fed1rmmtao105.cox.net at fed1rmimpo03.cox.net>
Subject: [CentOS-devel] =?iso-8859-1?q?For_Whom_the_Gaza_Bell_Tolls_--_Par? =?iso-8859-1?q?t_1_and_2_--_Obama’s_Mideast_Jewish_Wet_Dream_Team?X-BeenThere: centos-devel at centos.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: "The CentOS developers mailing list." <centos-devel at centos.org>
List-Id: "The CentOS developers mailing list." <centos-devel.centos.org>
List-Unsubscribe: <http://lists.centos.org/mailman/listinfo/centos-devel>,
<mailto:centos-devel-request at centos.org?subject=unsubscribe>
List-Archive: <http://lists.centos.org/pipermail/centos-devel>
List-Post: <mailto:centos-devel at centos.org>
List-Help: <mailto:centos-devel-request at centos.org?subject=help>
List-Subscribe: <http://lists.centos.org/mailman/listinfo/centos-devel>,
<mailto:centos-devel-request at centos.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="==============69068545=="
Sender: centos-devel-bounces at centos.org
Errors-To: centos-devel-bounces at centos.org

- --==============69068545=Content-Type: text/plain;
charset="US-ASCII"

For Whom the Gaza Bell Tolls -- Part 1
By Edmund Connelly for The Occidental Observer
----8<----


- --
hvdkooij at vanderkooij.org http://hugo.vanderkooij.org/
PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc

A: Yes.
Q: Are you sure?
A: Because it reverses the logical flow of conversation.
Q: Why is top posting frowned upon?
Bored? Click on http://spamornot.org/ and rate those images.

Nid wyf yn y swyddfa ar hyn o bryd. Anfonwch unrhyw waith i'w gyfieithu.
reply

Search Discussions

13 responses

  • Ralph Angenendt at Jan 28, 2009 at 6:28 pm

    Hugo van der Kooij wrote:
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Hi,

    Was this spammer shut down and the problem with the leak in the
    mailinglist fixed?
    At the moment his mailserver is blocked (which isn't ideal). But there is no
    way to shut down leaks like that without moderating the mailing lists
    completely.

    Ralph
    -------------- next part --------------
    A non-text attachment was scrubbed...
    Name: not available
    Type: application/pgp-signature
    Size: 194 bytes
    Desc: not available
    Url : http://lists.centos.org/pipermail/centos-devel/attachments/20090128/36ac3d15/attachment.bin
  • Scott Silva at Jan 28, 2009 at 6:45 pm

    on 1-28-2009 10:28 AM Ralph Angenendt spake the following:
    Hugo van der Kooij wrote:
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Hi,

    Was this spammer shut down and the problem with the leak in the
    mailinglist fixed?
    At the moment his mailserver is blocked (which isn't ideal). But there is no
    way to shut down leaks like that without moderating the mailing lists
    completely.

    Ralph
    But it also made the announce-list. I assumed the announce list was only
    writable by a select few.


    --
    MailScanner is like deodorant...
    You hope everybody uses it, and
    you notice quickly if they don't!!!!

    -------------- next part --------------
    A non-text attachment was scrubbed...
    Name: signature.asc
    Type: application/pgp-signature
    Size: 258 bytes
    Desc: OpenPGP digital signature
    Url : http://lists.centos.org/pipermail/centos-devel/attachments/20090128/bb13997e/attachment.bin
  • Ralph Angenendt at Jan 28, 2009 at 6:54 pm

    Scott Silva wrote:
    on 1-28-2009 10:28 AM Ralph Angenendt spake the following:
    At the moment his mailserver is blocked (which isn't ideal). But
    there is no way to shut down leaks like that without moderating the
    mailing lists completely.
    But it also made the announce-list. I assumed the announce list was
    only writable by a select few.
    That was(!) part of the problem, yes.

    Ralph
    -------------- next part --------------
    A non-text attachment was scrubbed...
    Name: not available
    Type: application/pgp-signature
    Size: 194 bytes
    Desc: not available
    Url : http://lists.centos.org/pipermail/centos-devel/attachments/20090128/7d3db87b/attachment.bin
  • Seth vidal at Jan 28, 2009 at 8:00 pm

    On Wed, 2009-01-28 at 10:45 -0800, Scott Silva wrote:
    But it also made the announce-list. I assumed the announce list was only
    writable by a select few.
    and the email came from lance at centos.org

    lance at centos.org was one of the select few.

    -sv
  • Hugo van der Kooij at Jan 28, 2009 at 8:55 pm

    seth vidal wrote:
    On Wed, 2009-01-28 at 10:45 -0800, Scott Silva wrote:
    But it also made the announce-list. I assumed the announce list was only
    writable by a select few.
    and the email came from lance at centos.org

    lance at centos.org was one of the select few.
    There is no SPF record for centos.org

    If one can be added then this sort of fakes can be prevented. Anyone
    using the centos.org domain in email should login to a centos.org server
    to send out email that way.

    I know it works because that is how I send out email from my own domain.
    All family members need to use the central server as relay to send out
    email with the family domain. And they can only authenticate using TLS
    and SASL.

    Hugo.


    - --
    hvdkooij at vanderkooij.org http://hugo.vanderkooij.org/
    PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc

    A: Yes.
    Q: Are you sure?
    A: Because it reverses the logical flow of conversation.
    Q: Why is top posting frowned upon?
    Bored? Click on http://spamornot.org/ and rate those images.

    Nid wyf yn y swyddfa ar hyn o bryd. Anfonwch unrhyw waith i'w gyfieithu.
  • Seth vidal at Jan 28, 2009 at 9:03 pm

    On Wed, 2009-01-28 at 21:55 +0100, Hugo van der Kooij wrote:
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    seth vidal wrote:
    On Wed, 2009-01-28 at 10:45 -0800, Scott Silva wrote:
    But it also made the announce-list. I assumed the announce list was only
    writable by a select few.
    and the email came from lance at centos.org

    lance at centos.org was one of the select few.
    There is no SPF record for centos.org

    If one can be added then this sort of fakes can be prevented. Anyone
    using the centos.org domain in email should login to a centos.org server
    to send out email that way.

    I know it works because that is how I send out email from my own domain.
    All family members need to use the central server as relay to send out
    email with the family domain. And they can only authenticate using TLS
    and SASL.

    -1 to SPF.

    Don't rely on technologies not everyone is using.

    -sv
  • Alan Hodgson at Jan 28, 2009 at 9:29 pm

    On Wednesday 28 January 2009, seth vidal wrote:
    -1 to SPF.

    Don't rely on technologies not everyone is using.
    Well, by definition, any "new" technology is one that not everyone is using.

    SPF is actually very good at preventing forgeries of your own domains in
    mail sent to your own servers. I find it useful enough for that alone.

    --
    Current Peeve: The mindset that the Internet is some sort of school for
    novice sysadmins and that everyone -not- doing stupid dangerous things
    should act like patient teachers with the ones who are. -- Bill Cole, NANAE
  • Charlie Brady at Jan 31, 2009 at 5:37 pm
    Did you also shut the lists down? I've received no mail from centos-qa or
    centos-devel for quite some time.
  • Ralph Angenendt at Feb 2, 2009 at 9:44 am

    Charlie Brady wrote:
    Did you also shut the lists down? I've received no mail from centos-qa or
    centos-devel for quite some time.
    No. There just wasn't any mails on there :)

    Ralph
    -------------- next part --------------
    A non-text attachment was scrubbed...
    Name: not available
    Type: application/pgp-signature
    Size: 189 bytes
    Desc: not available
    Url : http://lists.centos.org/pipermail/centos-devel/attachments/20090202/45dae164/attachment.bin
  • John Summerfield at Feb 5, 2009 at 12:47 pm

    Hugo van der Kooij wrote:

    Q: Why is top posting frowned upon?
    Bored? Click on http://spamornot.org/ and rate those images.
    1,
    I get quite a few of those, at another address. It's sent "from" me.

    2.
    There's nothing to prevent anyone from subcsribing to this list and
    harvesting addresses of all contributors.

    3.
    Before implementing SPF, google for and join some antispam lists. I did
    so, and the consensus on one of them was that SPF isn't a good answer.
    CSV was regarded as preferable.
    Here's the first hit when I asked google "why not spf."
    http://72.14.235.132/search?q=cache:YNZEP38CoFEJ:david.woodhou.se/why-not-spf.html+why+not+SPF&hl=en&ct=clnk&cd=1&lr=lang_en

    I'm using google's cache because the original site's not available atm.



    --

    Cheers
    John

    -- spambait
    1aaaaaaa at coco.merseine.nu Z1aaaaaaa at coco.merseine.nu
    -- Advice
    http://webfoot.com/advice/email.top.php
    http://www.catb.org/~esr/faqs/smart-questions.html
    http://support.microsoft.com/kb/555375

    You cannot reply off-list:-)
  • Scott Silva at Feb 5, 2009 at 7:39 pm

    on 2-5-2009 4:47 AM John Summerfield spake the following:
    Hugo van der Kooij wrote:
    Q: Why is top posting frowned upon?
    Bored? Click on http://spamornot.org/ and rate those images.
    1,
    I get quite a few of those, at another address. It's sent "from" me.

    2.
    There's nothing to prevent anyone from subcsribing to this list and
    harvesting addresses of all contributors.

    3.
    Before implementing SPF, google for and join some antispam lists. I did
    so, and the consensus on one of them was that SPF isn't a good answer.
    CSV was regarded as preferable.
    A consensus of one?
    What if the other lists had a consensus that it was good?

    Here's the first hit when I asked google "why not spf."
    http://72.14.235.132/search?q=cache:YNZEP38CoFEJ:david.woodhou.se/why-not-spf.html+why+not+SPF&hl=en&ct=clnk&cd=1&lr=lang_en

    I'm using google's cache because the original site's not available atm.

    I want to invent something like BFR (big freaking rock) that you hit the
    spammer over the head with! The more spam he sends, the more rocks. Sooner or
    later he will stop from either negative reinforcement or a concussion.

    Either way, I win!






    --
    MailScanner is like deodorant...
    You hope everybody uses it, and
    you notice quickly if they don't!!!!

    -------------- next part --------------
    A non-text attachment was scrubbed...
    Name: signature.asc
    Type: application/pgp-signature
    Size: 258 bytes
    Desc: OpenPGP digital signature
    Url : http://lists.centos.org/pipermail/centos-devel/attachments/20090205/f49da5c1/attachment.bin
  • John Summerfield at Feb 6, 2009 at 8:25 am

    Scott Silva wrote:
    on 2-5-2009 4:47 AM John Summerfield spake the following:
    Hugo van der Kooij wrote:
    Q: Why is top posting frowned upon?
    Bored? Click on http://spamornot.org/ and rate those images.
    1,
    I get quite a few of those, at another address. It's sent "from" me.

    2.
    There's nothing to prevent anyone from subcsribing to this list and
    harvesting addresses of all contributors.

    3.
    Before implementing SPF, google for and join some antispam lists. I did
    so, and the consensus on one of them was that SPF isn't a good answer.
    CSV was regarded as preferable.
    A consensus of one?
    A consensus of those on the particular list. Just reading it was enough
    for me.

    Do some research.


    --

    Cheers
    John

    -- spambait
    1aaaaaaa at coco.merseine.nu Z1aaaaaaa at coco.merseine.nu
    -- Advice
    http://webfoot.com/advice/email.top.php
    http://www.catb.org/~esr/faqs/smart-questions.html
    http://support.microsoft.com/kb/555375

    You cannot reply off-list:-)
  • Jerry Amundson at Feb 6, 2009 at 3:54 pm

    On Fri, Feb 6, 2009 at 2:25 AM, John Summerfield wrote:
    Scott Silva wrote:
    on 2-5-2009 4:47 AM John Summerfield spake the following:
    Hugo van der Kooij wrote:
    Q: Why is top posting frowned upon?
    Bored? Click on http://spamornot.org/ and rate those images.
    1,
    I get quite a few of those, at another address. It's sent "from" me.

    2.
    There's nothing to prevent anyone from subcsribing to this list and
    harvesting addresses of all contributors.

    3.
    Before implementing SPF, google for and join some antispam lists. I did
    so, and the consensus on one of them was that SPF isn't a good answer.
    CSV was regarded as preferable.
    A consensus of one?
    A consensus of those on the particular list. Just reading it was enough
    for me.

    Do some research.
    That's just rude.
    Spam prevention isn't a battle, it's a war, and SPF *is* a viable
    weapon in spite of your bias against it. I *have* done the research,
    not that it's any business of yours. As admin of mail servers for a
    couple high-profile domain names, I see all the tricks spammers use,
    and thus need all possible tools to use against them.
    But, being off topic, this is it from me.

    jerry

Related Discussions