What are your thoughts on.....

In article , Peter Duniho wrote:
snip: only 2 legitimate emails a day/why email?
I only get a couple of phone calls a day. I still have a phone.
Difference is my phone doesn't get spammed. Even on days where I get ten
or eleven legitimate emails, having to pick them out from over 100 spam
emails is not feasable so filtering has to be employed.

I don't know why this is so hard for you guys to grasp. You keep claiming
that the service isn't doing what I say that it does do. I know what it
does, I spent a huge amount of time learning about it (when the bounces
first started happening, I didn't have any idea why), and I know for a fact
that it is blocking perfectly legitimate email for absolutely no good
reason.

No, I'm not. I don't make any claims as to what your ISP does. My
article was about a particular approach with RBLs, and that was to use a
combination of the SBL-XBL and SpamAssassin. The former does not block
ISPs smart hosts. The SBL-XBL is one of the more conservative RBLs -
it's not SPEWS.

The whole concept is paternalistic crap. It punishes ISPs, especially the
largest ones (since they have the most exposure)

The SBL-XBL doesn't list any of the large ISP's smarthosts. AOL et al.
get delivered fine. AOL is also doing useful things like putting SPF
(http://spf.pobox.com) records in their DNS zones so I can tell if mail
claiming to be from AOL really is from AOL before I accept it (a lot of
spam comes with forged AOL headers. SpamAssassin can score against
forged headers).

Spam filtering is well and good but any proper solution will NEVER EVER
block legitimate email. One single false positive is simply unacceptable.

This is impossible. If you get a lot of spam, even filtering by hand still
gets false positives - either that or you spend several hours a day
making doubly sure you're not going to hand-filter ham as spam, in which
case email becomes cost-ineffective. I know that before SA/SBL-XBL I
accidentally deleted emails because they looked to me like spam.

To be honest, I wouldn't consider email a reliable method of
communication thanks to the spammers. Things like SPF will help as it
will mean we can tell if From: headers are forged from the get-go, but
unless ISPs get more agressive about stopping the spam problem (giving
users firewalled access by default instead of anything goes - definitely
blocking outbound port 25, rate limiting their smart hosts so
residential users are limited on how many emails they can send per day
etc.) it's only going to get worse.

--
Dylan Smith, Castletown, Isle of Man
Flying: http://www.dylansmith.net
Frontier Elite Universe: http://www.alioth.net
"Maintain thine airspeed, lest the ground come up and smite thee"

Dylan Smith wrote:

I only get a couple of phone calls a day. I still have a phone.
Difference is my phone doesn't get spammed.

One of the advantages of living in Britain. If I get only two calls a day, I'm
lucky. Most of the calls are spam. I pay an extra $7.50 a month for "caller ID"
to allow me to avoid most of it, and we're on the national "don't call" list,
which is supposed to stop most of it (and which the telemarketers simply ignore).
One of the most annoying things about it is that, if you *do* answer the phone,
many of these guys have software that delays the response (to avoid answering
macines, I expect), and they don't even answer until you've said "Hello" three
or four times. I've gotten to the point that I say "Hello" once and, if nobody
replies, I hang up.

George Patterson
Battle, n; A method of untying with the teeth a political knot that would
not yield to the tongue.

In article , Roger Halstead
wrote:

I find it surprising that a dial-up would even bother trying to be
their own server except for strictly educational means. For that
matter, why would a cable user bother to do so when they can use the
provider and it's so much simpler.

some reasons:

because the provider has proven to be unreliable.

because it is really to change email addresses.

because I'm a geek.


I can think of no reason not to block mail from dynamic IP hosts.

that doesn't mean there are any valid reasons to block all
email from dynamic IP hosts.


Yet, I do know of one person who insists on using his own server and
mail server on cable. Never have figured out why.

see above.

--
Bob Noel

In article , Dylan Smith
wrote:

There is no legitimate reason why a *.client.comcast.net address should
be emailing me - anyone on cable/DSL etc. should send their mail through
their ISP's smart host (which are NOT blocked by the SBL-XBL).

"no legitimate reason"? huh?

--
Bob Noel

(Ben) wrote in message . com...
Would an
airplane owner ever offer to share operating expenses for payment to
share a plane?

A lot of airplane owners do this.

To simplify, they calculate the cost per hour based on the hourly
operating cost and the fixed cost (stuff like insurance, oil changes,
etc) per expected number of hours used, and use that calculated hourly
cost as a basis for collecting payments.

This arrangement is usually called "renting."

In article , Bob Noel
wrote:
In article , Dylan Smith
wrote:

There is no legitimate reason why a *.client.comcast.net address should
be emailing me - anyone on cable/DSL etc. should send their mail through
their ISP's smart host (which are NOT blocked by the SBL-XBL).

"no legitimate reason"? huh?

If you want to run servers at home, get a proper business account
instead of using a consumer account. Or get a virtual private server
somewhere (they aren't expensive, especially when you consider the
electricity costs of leaving a server-class machine on 24x7) The amount of
legitimate email vs Windows worms and spam I get from dynamic IP ranges
is so tiny that it doesn't even register as noise. During the Swen
outbreak, I was getting a couple of Swen emails per minute. Frankly, I'm
fed up with it. Use your ISP's smarthost or if you really insist on
running your own mailserver, pony up for a business account, or get a
VPS and run your own SMTP server there.

Still, I use the SBL-XBL because it doesn't just indiscriminately block
all ranges, just the ones that are particular problems.

I also reject any email with a Windows executable at the DATA stage.

--
Dylan Smith, Castletown, Isle of Man
Flying: http://www.dylansmith.net
Frontier Elite Universe: http://www.alioth.net
"Maintain thine airspeed, lest the ground come up and smite thee"

On Sat, 20 Mar 2004 03:19:24 GMT, Bob Noel
wrote:

In article , Roger Halstead
wrote:

I find it surprising that a dial-up would even bother trying to be
their own server except for strictly educational means. For that
matter, why would a cable user bother to do so when they can use the
provider and it's so much simpler.

some reasons:

because the provider has proven to be unreliable.

If the provider has proven unreliable it is highly unlikely their dial
up service used as a server is going to be more so.


because it is really to change email addresses.

I can change e-mail addresses on my ISPs server in a matter of
seconds. I log in, go to the proper URL, create and or delete
addresses. It doesn't take much longer than that.


because I'm a geek.

That's legit.



I can think of no reason not to block mail from dynamic IP hosts.

that doesn't mean there are any valid reasons to block all
email from dynamic IP hosts.

The reason for blocking dynamic IPs is they keep changing. Some one
spamming, logs out, and back in. Instant new address. When you have
hundreds of thousands of users, let alone just a few thousand it takes
a whole staff to keep users in line. Sure they can be traced using
the logs (if the ISP keeps good longs), but a dynamic IP would make
them easily traceable.

Let one of those dynamic IPs get infected with a trojan and become a
slave server and it's instant mayhem.



Yet, I do know of one person who insists on using his own server and
mail server on cable. Never have figured out why.

see above.

Nah, it's gotta be more than that. His server is less reliable, he
moved to cable and although he claims it's static, the IP changes
every time he reboots. He has to feed all his machines through one on
a different NIC so he can get away with using a server on the cable.

Yes, the cable is cheaper and faster than DSL. OTOH, I use web
hosting, I pay about $40 a month more than he does, I don't have to
service the equipment, I don't have to keep backups, I don't have to
do the many things the ISP does to deal with the whole wide world, and
my server is legal. Still I have firewalls, virus checkers, spam
bots, and the like.

Roger Halstead (K8RI & ARRL life member)
(N833R, S# CD-2 Worlds oldest Debonair)
www.rogerhalstead.com

In article , Roger Halstead wrote:
because I'm a geek.

That's legit.

It's also legit for private networks to not accept mail from dynamic IP
ranges. For every geek who runs a legitimate mail server on a dynamic
range, there are probably a thousand more machines spewing trojans and
spam. The reality of the situation is if the geek wants to run a mail
server, they need to do it on a static IP range using a provider who
doesn't harbour spammers.

I run a small email/webhosting service. It's only got a dozen
users. In the last 24 hours, Exim rejected 676 emails for containing
either Microsoft executables or being in the SBL-XBL, and SpamAssassin
flagged 1660 emails as being spam. For a dozen users! Whilst the risk of
false positives is highly undesirable, it's the lesser evil of having to
collectively go through the 2336 spam message haystack by hand to find the
few 'ham' needles - every day! You should have seen the rejectlog when
Swen was at its height. If that server had been on my home DSL
connection, it would have been saturated by Swen alone. My own personal
mailbox of Swen alone would have tied up my DSL connection for a long
time had I not been able to filter it at the server.

--
Dylan Smith, Castletown, Isle of Man
Flying: http://www.dylansmith.net
Frontier Elite Universe: http://www.alioth.net
"Maintain thine airspeed, lest the ground come up and smite thee"

On Fri, 19 Mar 2004 23:42:47 GMT, G.R. Patterson III wrote:

I pay an extra $7.50 a month for "caller ID"

*whow* I pay EUR 7,- [1] [2] for the whole service, including mailbox,
caller ID, etc. etc.

#m

[1] well, this is not much, therefore I have to pay higher rates for calls.
20 eurocent per minute - no matter where I call to within the country,
billed in 30 second increments. No passive fees for receiving calls, but
this is standard.
[2] about EUR 20,- per month brings you rates down to 1 eurocent per minute
within the same network and to land based phones.

--
A far-reaching proposal from the FBI (...) would require all broadband
Internet providers, including cable modem and DSL companies, to rewire
their networks to support easy wiretapping by police.
http://news.com.com/2100-1028-5172948.html

In article , Dylan Smith
wrote:

because I'm a geek.

That's legit.

It's also legit for private networks to not accept mail from dynamic IP
ranges.

nope. That approach is just "shoot em all, sort em later." The
"effectiveness" of it doesn't make it legit.

iow - since so much email is spam/uce, just delete them all.

--
Bob Noel