lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 21 Jan 2010 01:26:17 +0000
From: Jim Harrison <>
To: Marcello Magnifico <>,
	"" <>
Subject: RE: All China, All The Time

Your Italian ISP example is far from unique.
I've received plenty of "you're a spammer" bounce-back NDR mails from (of all places)
In fact, more than a few folks using that ISP must think I'm ignoring them because is considered a spam-source by this ISP.  Actually, I often respond from another address and exaplain why I'm not responding from the address where they initially contacted me. Sometimes they don't answer, and frankly, I don't blame them...

I have to wonder about the criteria used to make this determination in light of the amount of spam sourced from that network space..?

No; I don't determine where a mail came from based on the headers...
I have traffic logs, yano.. :-)

From: Marcello Magnifico []
Sent: Monday, January 18, 2010 2:54 AM
Subject: Re: All China, All The Time

> On 1/15/10 6:40 PM, Thor (Hammer of God) wrote:
> > [...] The other problem is that many people seem to think I'm saying
> > something against the Chinese *people* themselves

Unfortunately, such a security measure can be read that way, too.

> The solution of blocking China, however, is one which harms both
> outside of China, as well as those inside of China. Therefore, it
> translates into an attack on them.

Agree. This already happened in a different context.
About one year ago, a company in Italy couldn't write to another company
in the U.S., for shared business, only because the recipient's
postmaster (an ISP bragging around a lot about how efficient they were
in stopping spam) claimed (in the bounce message) to have cut off the
entire sender's country (Italy). Now, are Italian sysadmins also in
charge of teaching the many professionally unschooled ones in other
companies, they should not set up their SMTP servers open relay, and
why? Actually, I found myself doing that several times.

Given the mutual importance of economic relationships between Italy and
U.S., such a drastic measure (e-mail embargo?) was counterproductive, by
preventing off a U.S. company from dealing with another country.
Btw, in spite of some tries, no one in Iyaly was ever capable to contact
the U.S. ISP in order to solve the situation; so the Italian company,
already dealing mainly with electronic documents, had to slow down
communication by choosing means other than e-mail (fax or airmail), or
either change their partner in order to keep up with a strict rhythm
(dunno how exactly it ended).

As a general rule of thumb, drastic filtering criteria have blocking
consequences, especially on business. So, blocking a country may seem a
suitable measure for a home/club network where/if you know no local user
has (and will have) contacts with that country; not for business, as it
is already global and is going to be more and more alike.

        best regards

Powered by blists - more mailing lists