Incidents
Massive SPAM Increase Oct 06 2006 11:02PM
Alex (incidents alex gotdns org) (2 replies)
Re: Massive SPAM Increase Oct 09 2006 05:01AM
jim barchuk (jb jbarchuk com) (1 replies)
Re: Massive SPAM Increase Oct 09 2006 11:00PM
Graeme Fowler (G E Fowler lboro ac uk)
Re: Massive SPAM Increase Oct 08 2006 09:30PM
Kurt Seifried (bt seifried org) (1 replies)
Re: Massive SPAM Increase {-2.6} Oct 09 2006 01:15AM
Vini Engel (vini fugspbr org) (1 replies)
Re: Massive SPAM Increase {-2.6} Oct 09 2006 04:06AM
Kurt Seifried (bt seifried org) (1 replies)
Re: Massive SPAM Increase {-2.6} {-2.6} Oct 09 2006 05:06AM
Vini Engel (vini fugspbr org) (1 replies)
Re: Massive SPAM Increase {-2.6} {-2.6} Oct 09 2006 06:33PM
Paul Schmehl (pauls utdallas edu) (3 replies)
Re: Massive SPAM Increase {-2.6} {-2.6} Oct 14 2006 02:46AM
Valdis Kletnieks vt edu (1 replies)
Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Oct 14 2006 03:52AM
Paul Schmehl (pauls utdallas edu) (3 replies)
Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Oct 17 2006 01:20AM
Jamie Riden (jamesr europe com)
Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Oct 16 2006 05:04PM
benfell raven cybernude org (2 replies)
Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Oct 16 2006 05:38PM
Paul Schmehl (pauls utdallas edu) (1 replies)
Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Oct 17 2006 01:44AM
gabriel rosenkoetter (gr eclipsed net)
Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Oct 16 2006 05:29PM
Valdis Kletnieks vt edu
Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Oct 14 2006 05:44AM
Valdis Kletnieks vt edu (1 replies)
Re: ***SPAM*** Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Oct 14 2006 05:17PM
Paul Schmehl (pauls utdallas edu) (2 replies)
Re: ***SPAM*** Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Oct 17 2006 01:59AM
Dude VanWinkle (dudevanwinkle gmail com)
Re: Massive SPAM Increase Oct 16 2006 03:57PM
gabriel rosenkoetter (gr eclipsed net) (1 replies)
Re: Massive SPAM Increase Oct 17 2006 01:33AM
Jamie Riden (jamesr europe com)
Re: Massive SPAM Increase {-2.6} {-2.6} Oct 09 2006 11:09PM
Graeme Fowler (G E Fowler lboro ac uk) (1 replies)
Re: Re: Massive SPAM Increase {-2.6} {-2.6} Oct 09 2006 11:43PM
Luke Burton (luke burton echidna id au) (1 replies)
Re: Massive SPAM Increase Oct 10 2006 07:44PM
Tillmann Werner (tillmann werner gmx de)
Re: Massive SPAM Increase {-2.6} {-2.6} Oct 09 2006 09:29PM
Tim (tim-forensics sentinelchicken org) (2 replies)
Re: Massive SPAM Increase {-2.6} {-2.6} Oct 09 2006 10:33PM
Paul Schmehl (pauls utdallas edu) (2 replies)
Re: Massive SPAM Increase {-2.6} {-2.6} Oct 09 2006 11:48PM
Tim (tim-forensics sentinelchicken org)
Re: Massive SPAM Increase {-2.6} {-2.6} Oct 09 2006 10:47PM
Nathaniel Hall (nathaniel d hall gmail com)
Re: Massive SPAM Increase {-2.6} {-2.6} Oct 09 2006 10:28PM
Brent Kearney (brent kearneys ca) (1 replies)
Re: Massive SPAM Increase {-2.6} {-2.6} Oct 09 2006 10:38PM
Paul Schmehl (pauls utdallas edu)
--On Monday, October 09, 2006 16:28:24 -0600 Brent Kearney
<brent (at) kearneys (dot) ca [email concealed]> wrote:
>
> Some university campuses maintain strict control over their reverse DNS
> entries, and so departments or on-campus organizations, research
> institutes, etc. that run their own mail servers will have non-matching
> forward and reverse DNS entries on their MX hosts. Blocking rules like
> this make life difficult for them as well.
>
I would submit to you that any university that doesn't reverse all
internet-facing hosts needs to hire new people to handle DNS. It doesn't
take a brain surgeon to write pointer records.

Having said that, read my response to Tim to see why that's not necessarily
a problem. Or better yet, read the link I sent rather than assuming how
the program works.

> Cases such as these raise the question, if the blocked mail never gets
> into your network, how would you know about the rate of false-positives?
>
Very simple. Anyone whose email bounces complains to me personally at a
known good address on a separate domain. So far I've had one complaint,
and I simply adjusted the scoring to overcome the stupidity of his ISP.

Obviously, my brief description wasn't meant to fully explain how
policyd-weight works. Read the docs. It's far from a brute-force tool to
reject email.

Paul Schmehl (pauls (at) utdallas (dot) edu [email concealed])
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
0?ñ *?H?÷
 ?â0?Þ1 0 +0  *?H?÷
 ? Þ0?÷0?` ú½?Íá^Á±ÀØÌ?þ0
 *?H?÷
0ê1'0%U
The University of Texas System10U VeriSign Trust Network1;09U 2Terms of use at https://www.verisign.com/rpa (c)991200U )Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CA0
060831000000Z
070831235959Z0ô1'0%U
The University of Texas System1-0+U $The University of Texas at Dallas CA1F0DU =www.verisign.com/repository/CPS Incorp. by Ref.,LIAB.LTD(c)9910U Mail Stop - UTD10U Paul Schmehl1!0 *?H?÷
 pauls (at) utdallas (dot) edu0 [email concealed]?"0
 *?H?÷
?0?
?Ów?|?9î±\<?R??$]Êa,ÌZ??h¾b""ØÉ???5w
õ&&²#?=é°?¦t
b¨hg6ÆØÁ<SWõúI?×UP+ ÓøhjËeDéû?¿f¹HÕMôèN4ÆÙE?Uc?l«p ~? N)r/á&bxÐÞn=Âë?U?K½H°ßIÂ-m*_¼_?/ÐÞ?¸aÛÜý!Ç?>?ø?YCs?vÎ?6#EËÛÐå
?Ó:­?Þ?lØ?)?G?Æ3?éæD}LÏüßÛ+?É`Ê?û¡k??Y®4§y¸zϐ?â\úºýë?£? 0?0 U00U0pauls (at) utdallas (dot) edu0 [email concealed]?$U ?0?0? `?H?øE0?0++https://www.verisign.com/rpa-
kr0Ò+0ÅÂNOTICE: Private key may be recovered by VeriSign's customer who may be able to decrypt messages you send to certificate holder. Use is subject to terms at https://www.verisign.com/rpa-kr (c)99.0 `?H?øB?0uUn0l0j h f?dhttp://onsitecrl.verisign.com/TheUnive
rsityofTexasSystemTheUniversityofTexasatDallasCA/LatestCRL.crl0 U
?0U%0++0
 *?H?÷
{yÙtÿà1aæ?GÄ MÍ]û÷¬MÕª?=ÀÒTPÍ´±Æà76e¾¥
¦^BäEß]_Úïjn@màïD¨ê?Ý%Ë¥ü`8í@ZñI¢?Bn °:ê­½?åA¦vSÙË^ºZA>É?t0îF?æOjÈ?¿Í¹°Q+mÓ0?Ø0?A Aì=§?ÄöÕ ÝÑe0
 *?H?÷
0Á1 0 UUS10U
VeriSign, Inc.1<0:U 3Class 2 Public Primary Certification Authority - G21:08U 1(c) 1998 VeriSign, Inc. - For authorized use only10U VeriSign Trust Network0
990331000000Z
090330235959Z0ê1'0%U
The University of Texas System10U VeriSign Trust Network1;09U 2Terms of use at https://www.verisign.com/rpa (c)991200U )Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CA0?0
 *?H?÷
0?¿êï?ë
Áù"ÁÑÁÌÛzÚ¾6Òp`0`åàS/5ôɨ)ÖÞ=ó?d}¾Ñ?Tx?ÿ¢xñû?«Ãü?LÂIA
áÀÒ¥×ü~ÿBQNtóÕhs¥]1øæ)%c¨#?Dj?°9ñïÛFXú¸ÏKózÁ¢I??#Cº?2?£¥0¢0
)U"0 ¤010UPrivateLabel1-1400 `?H?øB0DU =0;09 `?H?øE0*0(+https://www.verisign.com/RPA0U
0ÿ0 U0
 *?H?÷
S µÜ²¶?Ñ P?É8yÜȲI¿¸S?o?̲äz|ü£è_a^_??ZÒ?"ñ¼íñT¶T¦T¡T¼iÇ!7¢?9?§¬ ?è?]?
H9Y?$ C¼??Ü?táæã¾j¤?11#%?¯º,Q?Y¦£?Ò´ÎT0?0?l¹/`Ì??¡zF ¸[pl?¯0
 *?H?÷
0Á1 0 UUS10U
VeriSign, Inc.1<0:U 3Class 2 Public Primary Certification Authority - G21:08U 1(c) 1998 VeriSign, Inc. - For authorized use only10U VeriSign Trust Network0
980518000000Z
280801235959Z0Á1 0 UUS10U
VeriSign, Inc.1<0:U 3Class 2 Public Primary Certification Authority - G21:08U 1(c) 1998 VeriSign, Inc. - For authorized use only10U VeriSign Trust Network0?0
 *?H?÷
0?§?!t,çð?á?<!ñ?Û?é?ü¾_RÈÌ,V,¸i,Ì?­°?®yò9Á{?º
,èÂ?,ªié ôÇ©¤BÂ#OJØð¢û1lÉæo?'õæôLx?mëF?ú¹?ÉTò²Ä¯ÔFZÉ0ÿ
lõ-mÎw0
 *?H?÷
r.ùÑñqûÄ?öÅ^Q?@?¸hø??Ø❽ÿí¡æfê/ ôÊ×ê¥+?ö$`?MD.?¥Ä- Ó®xiorÚl®ðc?7æ»Ä0­wÌI5ªÏ؏Ѿ·?GsjT"4d-¶?Y[´QY:³ 
ôßg ô­2d^±Fr'?{ÅD´®1?Û0?×0ÿ0ê1'0%U
The University of Texas System10U VeriSign Trust Network1;09U 2Terms of use at https://www.verisign.com/rpa (c)991200U )Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CAú½?Íá^Á±ÀØÌ?þ0 + ±0 *?H?÷
 1  *?H?÷
0 *?H?÷
 1
061009223841Z0# *?H?÷
 1f?ïnÄX·vR#Ó?$Ù)Øñ?â0R *?H?÷
 1E0C0
*?H?÷
0*?H?÷
?0
*?H?÷
@0+0
*?H?÷
(0
 *?H?÷
?GÓ»a?|ÕÔ?Ã???)߬KT^1b<Nr?KÈ(ºÿZzþÛk^ ldh(4§£?6²bR¾t §Å¿!$ËqÉ ÷?fïAb­I]®N%¢
Qùà?ÐK6Ûp?>Ø-iF´ø¾Qñ?º@ÊÄ?ó%0ÆÆ q;ÁºµÎaSº¥?ÊïLÝ[ÝïÂ8ÇÂ??
?~t>Ñ ²µl©ÞóîGo?a·?ï-?Äký?#?éÊt_WïlN¯Ác²»hã^¨:³B$ãáûï?V8?oóª??@êÁ
ùm$¨Oºæqã·?¸Ú?zbG¸äÑ ÊE¸ÝÊ~?zëÆ
|09

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus