list managemnt issue

Angel Rivera angel at wolf.com
Thu Nov 13 22:00:36 EST 2003


Gerry Creager N5JXS writes: 

> Count to 10.  Don't respond initially with what you wanted to say... 
> Okay, I've followed the advice.

Good. Perhaps I should have done that too-I am very passionate about spam 
and fighting all forms of network abuse.  But: *timeout here* I was not 
talking about "you" as in you or the beowulf list.  It was a generic "you." 

> <RANT>
> Reread the initial portion of my e-mail.  I *DO* keep my system tight. 
> The last known compromise was a buffer overflow in apache, exploited 
> before it was announced by apache or bugtraq.  And fixed appropriately as 
> soon as a patch was available (within hours).  Because of system configs and 
> safeguards, no spam emitted from the site.  The one previous to that was 
> caused by a buffer overflow exploit in wuftpd.  That represents the last 
> time wuftpd ran on one of my systems.  It also resulted in forensics 
> running back thru 3 other compromised systems in the US, and to 2 
> originating machines in Germany.  And some detentions (I never got final 
> word on arrests/convictions, if any).

This is not what I would consider an open system. I certainly spend an awful 
lot of time keeping and eye on my system and fighting all of the slick ways 
they find to get spam through all my rbl, filters and avs. 

I stopped a hacker from UPenn (I think it was) as he was hacking. When they 
got to his house he was asleep with his girlfriend-someone had hacked into 
this linux box that was wide open. That I do consider negligent. 

> I've not had a documented case of an open relay.  I've not been 
> appropriately accused of having spam transit any of my systems.  I perform 
> periodic security audits.  I no longer run honey-pots and tarpits because 
> of an Attorney General's opinion on their legality, but I have. 
> 
> AND YOU ARE GOING TO TELL ME TO TIGHTEN UP MY SYSTEM?

See above.  I am not sure they wouldn't pass muster. if someone is not 
predisposed to being a criminal and tresspassing and stealing from you-then 
having them is of no negative value. 

I am not Don Quixote. I am not trying to track down and chase spammers to 
ground.I do not run them. I do not smtp scan other boxes.  All I am trying 
to do is keep spam out my box and those of my 2000 or so email users and 
when it does, I log it, keep a copy of the spam (kinda hard to protest one's 
innocent under those conditions)and RBL them until they get it fixed and 
hades freezes over-which ever comes first. 

I have been subject to one semi-spam complaint. Years ago. You can find it 
in NANE.  It was a camera company that used my domain name internally and 
they spammed. 

> </RANT>

Sorry about your <RANT/> 
_______________________________________________
Beowulf mailing list, Beowulf at beowulf.org
To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf



More information about the Beowulf mailing list