MAPS changes (was RE: trapdoor.merit.edu and other...etc)
Yes, you can lookup contact information for IP blocks. However, we all know how up-to-date that is, and the person listed there may or may not be involved with the mail server.
The spammers seem to think its OK. Seems like anti-spammers could give it a try.
If there had been a notice here, would you have been as unhappy? Remember this was a free service. If I decided I could no longer make chess endgame databases available for free, I would not feel inclined to look up everyone who had been using them and notify them.
At first cut, I could not agree more. But at second and third thought when I realized that just yanking the thing would have, you might say, unanticipated consequences, I would try to find a way of (think of imploding a building) firing the trigger without having it fall in on me.
As I recall, the first modifications to use RBL in sendmail were done elsewhere, eventually a link was included on the sendmail site, and then it was part of the configuration.
We are sort of minimalist when it comes to modifying mainstream code, so I betting we got it of the box and plugged it. But that would have been on my watch, and I don't remember for sure.
I can see you are bitter about the impact on your mailservers. I am not happy about the way it was done as well, but assuming it was malacious seems excessive.
I don't think bitter is right--and I did in fact get wind of this in the anti-spam community several weeks ago so we had actually pulled the code out last week, I think. I'm just really tired of the cult-of-personality stuff. Lots of us are just trying to keep our tiny corner of the world running for reasons that do not glorify bits and bit-fiddlers against a growing tide of bad guys. Having trouble telling who is on your side and who isn't does not enhance the experience. And if I can figure out what IP addresses to block, I will try to ensure that we are not now part of their problem--self imposed it might be.
On Thu, 2 Aug 2001, Larry Sheldon wrote:
The spammers seem to think its OK. Seems like anti-spammers could give it a try.
The spammers are happy with .1% hit rate and 50% pissed-off rate when it costs them essentially $20.
As I recall, the first modifications to use RBL in sendmail were done elsewhere, eventually a link was included on the sendmail site, and then it was part of the configuration.
We are sort of minimalist when it comes to modifying mainstream code, so I betting we got it of the box and plugged it. But that would have been on my watch, and I don't remember for sure.
You have to build a configuration file for sendmail, and there are no defaults that work out of the box. When I built my config file, I went through the documentation saying "yes, I will take that feature, and that one, ..." and one of them was the DNS RBL interface. In another message you mention that you use HP's sendmail so I have no idea how that process works, but I rarely use any vendor's shipping version of important code like BIND, sendmail, ssh, etc as they are almost always out of date.
At first cut, I could not agree more. But at second and third thought when I realized that just yanking the thing would have, you might say, unanticipated consequences, I would try to find a way of (think of imploding a building) firing the trigger without having it fall in on me.
...
I'm just really tired of the cult-of-personality stuff. Lots of us are just trying to keep our tiny corner of the world running for reasons that do not glorify bits and bit-fiddlers against a growing tide of bad guys. Having trouble telling who is on your side and who isn't does not enhance the experience.
Other than better notification and spamming whois contacts for every netblock that accesses your DNS server, how do you propose they change a mostly-unknown customer base of freeloaders into a commercially sustainable venture? We may disagree on the viability of notifying everyone through DNS logs and whois data, but surely you would not argue that after whatever steps are taken there will continue to be people that didn't hear about it or make any changes. Eventually you have to do something that will get their attention. All I wanted was a post here about it, especially considering all the discussion that has gone on over the years and the operational implications. John A. Tamplin jat@jaet.org 770/436-5387 HOME 4116 Manson Ave 770/431-9459 FAX Smyrna, GA 30082-3723
participants (2)
-
John A. Tamplin
-
Larry Sheldon