5 Mar
2005
5 Mar
'05
2:19 a.m.
Jay West <jwest at classiccmp.org> wrote:
2) I changed the max time in queue for any message
(outbound) to 35 minutes.
This means the server will try to send email to you once, then again 30
minutes later, and then it will just give up on you.
I think this is totally unfair and unacceptable. This means that if a mail
server is having even a slightest bit of downtime (hardware failure, scheduled
maintenance, whatever) that lasts more than 35 min, then all users of that
mail server lose their mail?!
MS
5 Mar
5 Mar
7:11 p.m.
MS wrote...
I think this is totally unfair and unacceptable. This
means that if a
mail
server is having even a slightest bit of downtime (hardware failure,
scheduled
maintenance, whatever) that lasts more than 35 min, then all users of that
mail server lose their mail?!
<Extreme rant mode>
Anyone who runs a mail server in a serious capacity has no business being
down for extended periods of time (well, unless it's a HOBBY of course).
One of the problems mail server admins face, are people who throw up their
own mailserver at home. You don't have gobs of bandwidth, you don't have
multiple backup servers, and you don't have diesel generators and online
UPS. If you don't, you have no business running a public mailserver. Most of
the time I see this it's because someone wants some kinda juvenile bragging
rights about "Ohhh I run a my own K00L server". Geeze. I have seen a few
people who do it for good reason, but, if you run a mail server you need to
be a good net citizen about it.
What does being a good net citizen admin entail? Well, for starters, it
means that you don't expect other mail servers to pick up YOUR SLACK.
</Extreme rant mode>
Anyways.... as I said, once the subscriber list is cleaned up a bit, I'll be
more gracious about the timeout settings for people who run (or have)
unreliable servers.
Jay
7:19 p.m.
Jay West wrote:
MS wrote...
I wouldn't. Anybody who has access to the skills and time to run a
mail server most likely has access to a *Tah-Dah* backup server. It's
trivial if you have nameservice control of your domain. If you don't,
you shouldn't be running your own mail at all.
A bunch of the *nix consultants I know run their own domains and
their own mail, and we serve each other as backup servers.
Doc
I think this is totally unfair and unacceptable.
This means that if a
mail
server is having even a slightest bit of downtime (hardware failure,
scheduled
maintenance, whatever) that lasts more than 35 min, then all users of
that
mail server lose their mail?!
<Extreme rant mode>
Anyone who runs a mail server in a serious capacity has no business
being down for extended periods of time (well, unless it's a HOBBY of
course).
One of the problems mail server admins face, are people who throw up
their own mailserver at home. You don't have gobs of bandwidth, you
don't have multiple backup servers, and you don't have diesel generators
and online UPS. If you don't, you have no business running a public
mailserver. Most of the time I see this it's because someone wants some
kinda juvenile bragging rights about "Ohhh I run a my own K00L server".
Geeze. I have seen a few people who do it for good reason, but, if you
run a mail server you need to be a good net citizen about it.
What does being a good net citizen admin entail? Well, for starters, it
means that you don't expect other mail servers to pick up YOUR SLACK.
</Extreme rant mode>
Anyways.... as I said, once the subscriber list is cleaned up a bit,
I'll be more gracious about the timeout settings for people who run (or
have) unreliable servers. 
8:53 p.m.
Doc wrote:
Anybody who has access to the skills and time to run
a
mail server most likely has access to a *Tah-Dah* backup server. It's
trivial if you have nameservice control of your domain. If you don't,
you shouldn't be running your own mail at all.
I did away with my backup server. Spamming software often seems to
ignore precedence, though I'm not sure whether that's deliberate or
sloppiness. But there's no easy way for my backup server to have a
list of valid email addresses on the primary, so the backup will accept
anything for the local domains. The backup kept falling over because
its queue was growing faster than it could process the entries.
Eric
6 Mar
6 Mar
9:59 p.m.
On Sat, 5 Mar 2005, Eric Smith wrote:
I did away with my backup server. Spamming software
often seems to
ignore precedence, though I'm not sure whether that's deliberate or
sloppiness. But there's no easy way for my backup server to have a
list of valid email addresses on the primary, so the backup will accept
anything for the local domains. The backup kept falling over because
its queue was growing faster than it could process the entries.
The exploit is based upon the fact that the destination host
rejects unknown users; MX backups, not having that information,
generally accept *@domain, so the spammer hack is to find the
n>0th MX host, and queue it all up there. SPreads the load.
What we did was simply use virtusertable on the MX host to list
each and every single valid user. CLearly this doesn't scale for
many users but for the dozen or so we have it's fine.
/etc/mail/virtusertable also handles all the virtual domains etc
all i one place.
10:31 p.m.
Tom wrote...
The exploit is based upon the fact that the
destination host
rejects unknown users; MX backups, not having that information,
generally accept *@domain, so the spammer hack is to find the
n>0th MX host, and queue it all up there. SPreads the load.
What we did was simply use virtusertable on the MX host to list
each and every single valid user. CLearly this doesn't scale for
many users but for the dozen or so we have it's fine.
/etc/mail/virtusertable also handles all the virtual domains etc
all i one place.
There's a little better way to handle this....I do have a direct line to one
of the programmers inside Sendmail.org. Their internal direction is all LDAP
based for local user tests, replacement of getuserinfo, etc. There's
obviously a noticeable trend towards this in the released code as well.
So, long story short, put all your users in LDAP for sendmail. Then you
don't run the security risk of having local user accounts for email
customers, AND all your MX hosts have access to the LDAP database to prevent
the exploit you mentioned above.
Regards,
Jay West
7 Mar
7 Mar
5:47 a.m.
I wrote:
I did away with my backup server. Spamming software
often seems to
ignore precedence, though I'm not sure whether that's deliberate or
sloppiness.
Tom wrote:
The exploit is based upon the fact that the
destination host
rejects unknown users; MX backups, not having that information,
generally accept *@domain, so the spammer hack is to find the
n>0th MX host, and queue it all up there. SPreads the load.
I don't see how it "spreads the load" or how the spammer benefits
in any way. The spammer wants to get the spam to as many valid
email addresses as possible, but sending to the backup MX doesn't
get it to more valid email addresses, and it doesn't reduce the
load on the spammer's sending machine.
Eric
8:27 a.m.
At 04:47 AM 3/7/2005, Eric Smith wrote:
I don't see how it "spreads the load" or
how the spammer benefits
in any way. The spammer wants to get the spam to as many valid
email addresses as possible, but sending to the backup MX doesn't
get it to more valid email addresses, and it doesn't reduce the
load on the spammer's sending machine.
Were they talking about relaying and authenticating senders, or
about sending to a user at the MX[n] host?
- John
3:27 p.m.
I wrote:
I don't see how it "spreads the load" or
how the spammer benefits
in any way. The spammer wants to get the spam to as many valid
email addresses as possible, but sending to the backup MX doesn't
get it to more valid email addresses, and it doesn't reduce the
load on the spammer's sending machine.
John wrote:
Were they talking about relaying and authenticating
senders, or
about sending to a user at the MX[n] host?
Talking about spamming software that ignores the MX precedence and
sends to backup MX hosts even though the primary is online. I said
that I wasn't sure if that was deliberate or just sloppy. I can't
see any reason for it to be deliberate, unless it's intentionally
malicious.
Eric
noon
Tom wrote:
> The exploit is based upon the fact that the destination host
> rejects unknown users; MX backups, not having that information,
> generally accept *@domain, so the spammer hack is to find the
> n>0th MX host, and queue it all up there. SPreads the load.
On Mon, 7 Mar 2005, Eric Smith wrote:
I don't see how it "spreads the load" or
how the spammer benefits
in any way. The spammer wants to get the spam to as many valid
email addresses as possible, but sending to the backup MX doesn't
get it to more valid email addresses, and it doesn't reduce the
load on the spammer's sending machine.
I believe spammers get paid to deliver N messages, where N is as
large as possible. The accuracy of spam email lists is probably
low; I doubt the deliverers are in the business of vetting quality
and it would take too long. Getting a connection open and the mail
sent and themselves paid is the short-term goal.
With one connection to an MX>1, they can deliver *@domain mail to
that MX host then drop the connection. That MX host will then bang
at the MX=1 host on it's own dime, and the spammer is off to the
next.
It's the open-waits that eat the time, once you're in it's just
data transfer. Dequeueing is the goal, not accuracy.
My experience in this area is limited to managing systems all
around a company that did mass-mailing to anyone who had visited
their site (and provided email) via one of those default-clicked
"SEND ME MAIL!" things. Ethically light/medium gray to me, but
they at least did enter their email address somewhere...
I didn't run the mailers, but did networking and security (like a
lot of older sysadmins I'm "security expert" only by default;
1000% better than what they had... open mail relays, company name
as border router password, CEO desktop back doors...) By the time
I left it was pushing a few hundred-K email per batch. 1999.
5 Mar
5 Mar
8:02 p.m.
<Extreme rant mode>
Okay, I'll rant a little myself.
[...], if you run a mail server you need to be a good
net citizen
about it.
What does being a good net citizen admin entail?
Well, for starters,
it means that you don't expect other mail servers to pick up YOUR
SLACK.
Anyone who thinks that downtime exceeding 35 minutes is unreasonable is
living in a fantasy world. That's probably true for Road Runner or
Telus or their ilk, but for a corporation, a small ISP, or even a
medium ISP, manning infrastructure 24x7 is often Just Not On; as little
as half an hour to roust someone out of bed and into the machine room
is actually pretty good.
There's a reason 1123 says that "the give-up time generally needs to be
at least 4-5 days".
</rant>
The above is a rant. It is only a rant. If this had been a serious
message, the attitude presented would have been drastically different.
This concludes our test of the Rant Line. We now return you to your
regularly scheduled list.
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML mouse at rodents.montreal.qc.ca
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
10:01 p.m.
Der Mouse wrote...
Anyone who thinks that downtime exceeding 35 minutes
is unreasonable is
living in a fantasy world.
Let me introduce you to the majority of my customers ;)
There's a reason 1123 says that "the give-up
time generally needs to be
at least 4-5 days".
Yeah, you're right. My actions were driven by being up very late, and very
fed up with WHY I had to be up late. *sigh* I know better.
Regards,
Jay
6 Mar
6 Mar
3:37 p.m.
On Sat, 5 Mar 2005, Jay West wrote:
One of the problems mail server admins face, are
people who throw up their
own mailserver at home. You don't have gobs of bandwidth, you don't have
multiple backup servers, and you don't have diesel generators and online UPS.
If you don't, you have no business running a public mailserver.
Damn straight! This isn't 1996 any more! At least use multiple and actual
real and available and well-connected MX backups.
What does being a good net citizen admin entail? Well,
for starters, it means
that you don't expect other mail servers to pick up YOUR SLACK.
</Extreme rant mode>
It's not extreme at all.
If this is your "grouch mode" you're a better person than I!
4:13 p.m.
New subject: Wycat Keyboard available.
I have a hard to find Wycat keyboard I found at goodwill. It is a BTC
5151, early PC compatable? Missing two keytops but the keys seem to
work.
Available to anyone on the list for the $2 cost plus shipping.
--
Paxton Hoag
Astoria, OR
USA
7073
days inactive
7075
days old
13 comments
8 participants
participants (8)
-
doc@mdrconsult.com -
eric@brouhaha.com -
innfoclassics@gmail.com -
jfoust@threedee.com -
jwest@classiccmp.org -
mouse@Rodents.Montreal.QC.CA -
msokolov@ivan.Harhan.ORG -
tomj@wps.com