| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <m3lkovs3vv.fsf@defiant.localdomain> Date: Fri, 08 Sep 2006 00:33:56 +0200 From: Krzysztof Halasa <khc@...waw.pl> To: Chase Venters <chase.venters@...entec.com> Cc: ellis@...nics.net, w@....eu (Willy Tarreau), linux-kernel@...r.kernel.org Subject: Re: bogofilter ate 3/5 Chase Venters <chase.venters@...entec.com> writes: > The problem with trying to stop forgery is that there is not yet a > foolproof or reasonably foolproof method of doing so. The first important point here is that vger rejects mail in SMTP DATA phase, thus making the forgery irrelevant WRT such bounces. Second, being on the list isn't enough for the message to go through, it has to pass the filters as everyone else. Third, while I think "normal" autoresponders (vacation etc.) are perfectly reasonable (not in mailing list context of course), ones which by design respond mostly to forged addresses (do you think antivirus and antispam qualify?) are aimed at the wrong, innocent person. -- Krzysztof Halasa - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists