Re: Unusual spam recently - hummm - postprocess

To: Debian Security <debian-security@lists.debian.org>
Subject: Re: Unusual spam recently - hummm - postprocess
From: Rick Moen <rick@linuxmafia.com>
Date: Fri, 4 Jun 2004 11:50:09 -0700
Message-id: <[🔎] 20040604185009.GM12051@linuxmafia.com>
Mail-followup-to: Debian Security <debian-security@lists.debian.org>
In-reply-to: <[🔎] 20040604024654.GB16032@zionlth.org>
References: <[🔎] Pine.LNX.3.96.1040603130402.18430A-100000@Maggie.Linux-Consulting.com> <[🔎] 13E4163A-B5AA-11D8-98A5-0003930FDAB2@stanaway.net> <[🔎] 20040603222351.GC12051@linuxmafia.com> <[🔎] 20040603232509.GP15598@mathom.us> <[🔎] 20040603233444.GE12051@linuxmafia.com> <[🔎] 20040604002244.GQ15598@mathom.us> <[🔎] 20040604003217.GG12051@linuxmafia.com> <[🔎] 20040604005618.GU15598@mathom.us> <[🔎] 20040604011157.GK12051@linuxmafia.com> <[🔎] 20040604024654.GB16032@zionlth.org>

Quoting Phillip Hofmeister (plhofmei@zionlth.org):

> While I am sure finding out whose is bigger is exciting to you.  I
> feel comfortable in speaking for the rest of the list when I say this
> thread has become WAY OT.  

I'm surprised that an allegation that SPF -- highly relevant to SMTP
security -- is "vapourware", not to mention refutations of that
assertion, are off-topic.  Nonetheless, I apologise for reacting with
irritation to Michael's claim to that effect:  It's just that I expected
better from a Security Team member.  Much better.

Why is SPF important?  Because it eliminates joe-jobs.  That is, it
allows mail admins to absolutely validate the envelope return path --
significant because spammers have recently gotten around to forging
sender envelope information, allowing forged mail that appears to be
credibly "from" your domain or mine, etc. -- and as such began defeating
even quite good security regimes.

Why is it not "vapourware"?  Because prepackaged kits exist to trivially add
support to -=all=- of common MTAs:  Postfix, Exim, sendmail, qmail,
Courier-MTA, and MS-Exchange Server.  I posted the link twice earlier in
the conversation, well before Michael dismissed it as "vapourware".
Here it is again:  

http://spf.pobox.com/downloads.html

If using Exim4 on Debian, the required daemon (perl module
Mail::SPF::Query) is available as Debian package libmail-spf-query-perl .
The Exim4 ACL that invokes it can be found on the above-cited page, and
a SysVInit script can be pulled down from http://www.jcdigita.com/eximconfig/ .

If all that's vapourware, then it's amazing how much functional and
well-debugged vapourware can be located in three minutes of googling.

Reply to:

Follow-Ups:
- Re: Unusual spam recently - hummm - postprocess
  - From: Michael Stone <mstone@debian.org>
- Re: Unusual spam recently - hummm - postprocess
  - From: Bernd Eckenfels <ecki-news2004-05@lina.inka.de>

References:
- Re: Unusual spam recently - hummm - postprocess
  - From: Alvin Oga <aoga@ns.Linux-Consulting.com>
- Re: Unusual spam recently - hummm - postprocess
  - From: David Stanaway <david@stanaway.net>
- Re: Unusual spam recently - hummm - postprocess
  - From: Rick Moen <rick@linuxmafia.com>
- Re: Unusual spam recently - hummm - postprocess
  - From: Michael Stone <mstone@debian.org>
- Re: Unusual spam recently - hummm - postprocess
  - From: Rick Moen <rick@linuxmafia.com>
- Re: Unusual spam recently - hummm - postprocess
  - From: Michael Stone <mstone@debian.org>
- Re: Unusual spam recently - hummm - postprocess
  - From: Rick Moen <rick@linuxmafia.com>
- Re: Unusual spam recently - hummm - postprocess
  - From: Michael Stone <mstone@debian.org>
- Re: Unusual spam recently - hummm - postprocess
  - From: Rick Moen <rick@linuxmafia.com>
- Re: Unusual spam recently - hummm - postprocess
  - From: Phillip Hofmeister <plhofmei@zionlth.org>

Prev by Date: Re: Unusual spam recently - hummm - postprocess
Next by Date: Re: Unusual spam recently - hummm - postprocess
Previous by thread: Re: Unusual spam recently - hummm - postprocess
Next by thread: Re: Unusual spam recently - hummm - postprocess
Index(es):
- Date
- Thread