[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Good Day -- RR and rbl

On Tue, Jul 02, 2002 at 12:13:30PM -0700, Rafael wrote:

> > It sure will, but being this the security list, let's say someone
> > found a root crack in let's say, the inetd server. And their post
> > gets thrown out because no RR. Hmmm, no one gets warned and some
> > worm starts going around and their goes the internet. Well, alright,
> > an extreme example, but that's one reason of not using RR for mail.
> That's too silly a reason to take it seriously.

No, it's a perfectly valid reason.  Just because other admins do not
perfectly mirror your opinions does not mean that they are stupid.  Not only
that, but there are a number of Debian users and developers that, for
various reasons, find themselves listed in things like DUL or rfc-ignorant,
despite the fact that they are using services for legitimate purposes.

Debian mail servers are secure and accept standard e-mail via SMTP.

The lists are run on the assumption that readers are intelligent.  Perhaps
you seek to disprove this assumption, but that is not our problem. 
Filtering mail going into lists is a dangerous proposition, and doubly so
with this list.  No spam filter is perfect, and false positives are
inevitable.  Thus it is improper to blanket spam-filter a list such as this.

However, you are welcome to install tools like procmail and use it for

> You just want to come up with all kinds of excuses for lame (email) users. 
> If the guys finds a serious security problem he'll be able to send the 
> message one way or the other. No need to do it from unprofessionaly setup 
> MTAs.

Perhaps if the problem is serious enough, yes.  But what if the person
doesn't even know that his message hasn't gotten through?  The sender might
never retry, never knowing some ignorant admin set up the Debian lists to
automatically blackhole spam.

> I know you won't lose much when I get tired of spam [1] and unsubscribe
> from debian lists. Being a long time Redhat admin I wanted to "switch" to
> debian for some time.

We will lose a lot more if we try to force thousands of readers to accept
your definition of spam than we will if you spare us your ranting for lack
of ability to install procmail and leave.

> Since I do not tolerate any level of spam I consider it immature to run a

If you do not tolerate any level of spam, you are not using e-mail.  Sorry,
but spam exists.  I hate it, you hate it, we all hate it.  But it's a fact
of life with e-mail.  If you go into a nervous breakdown everytime you get a
spam because you just can't emotionally cope with another unsolicited e-mail
today, then seek therapy.  Really.

> "professional mailing list" like debian security so that it can be abused
> by the most stupid script kiddie.  Sorry but the impression I got so far

There is no security breach involved here.  Please watch what you say.

> is "semiprofessional". Cannot recommend it for use at work when people
> don't want to run serious/professional mailing lists.

That is the stupidest thing I've ever seen.  What exactly is the correlation
between quality of the code and the configuration of the mailing lists, when

> This is getting too silly so I'll stop here.

Thanks, I was feeling the same.  Maybe you'd like to avail yourself of the

> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: