[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: recent spam to this list

On Mon, Oct 13, 2003 at 12:34:46AM +0200, Tollef Fog Heen wrote:
> * Riku Voipio 
> I have mail-followup-set for a reason.  In addition, it is normal
> policy on Debian lists not to Cc people unless explicitly requested.

Hmm. my mutt setup appears to be b0rken then. sorry about that.
need to look that.

> I don't want my bounces to go to the wrong place.  I don't have root
> at all the places I send mail from, nor do I trust all those who have
> root there.  So, I don't want my mail bounced to the wrong place.

So then use a envelope-from from a domain you trust? You said that you
use a specific relay to relay your mail already, so you could setup
your domain (raw.no) so that only that specific IP is allowed 
to send mail to the world using raw.no domain?

You can still put your university address in the "From: " field like 
you do right now.

> | Second hint: If you insist on your right to forge your email address, 
> | anyone else can forge your address as well. Is that a right you really
> | need?
> Uhm, how would you forge your own mail address?  It's like forging
> your own signature, something which is, by definition not possible:

To quote dark: A bad analogy is like an leaky screwdriver.

If you have two IP's, one at home ISP and another at work, and
you send packets from your home IP using the work IP, you are
forging the sender IP, even if you happen to be affiliated with both

> No, I can't.  I don't control the DNS of my University, a few of my
> ISPs and so on.  Nor do I control Debian's DNS.

And you don't need to, unless you want to send your bounces to your
university or debian servers. Why would you want to do that?

One could also argue, that since the university/debian owns the domain,
they can setup whatever policy they want on what IP's can send mail 
in the name of their domain. Lots of opposers seem to assume that 
domain owners will immediately apply an policy that will force 
senders to use their mail relays for outgoing mail, without 
consulting their users first.

> | The antipathy against the a POSSIBILITY of a domain owner to restrict
> | sending mail in name of his own domain to few IP's is what is silly,
> | not the proposal...
> It's the wrong solution.

And what is the right solution? One that even the blondes using hotmail
can use? Just accept it as fact of life that viruses and spam use every
now and then your domains?

Riku Voipio  	       |    riku.voipio@iki.fi         |
kirkkonummentie 33     |    +358 40 8476974          --+--
02140 Espoo            |                               |
dark> A bad analogy is like leaky screwdriver          |

Reply to: