next message in archive
next message in thread
previous message in archive
previous message in thread
Index of Subjects
Index of Subjects
On Jun 19, 12:54am, "David L. Potter" wrote:
} On Fri, 18 Jun 1999, John Nemeth wrote:
} > On May 28, 2:08pm, "David L. Potter" wrote:
} >
} > } Anyone who is using zmailershould start thinking abou upgrading. There
} > } are problems associated with relaying that are currently being worked on
} > } and which should be out within a day or two.
} >
} > As I understand it, the version of zmailer supplied with CSuite is
} > heavily customised. Dropping in the standard distribution will most
} > likely break mailing lists. Unless somebody is desperate for an
} > upgrade, they should wait for a member of the development team to port
} > the latest version. This should happen in about a month.
}
} Unhappily, the urgency/desperation will likely come in the form of a
} CSuite site suddenly being blacklisted by ORBS because the (CSuite) site
} permits mail relaying. We were on the blacklist for about 4-5 days (over a
Personally, I don't care about ORBS, nor does a significant
portion of the net. For an ISP, dropping your customer's important
business e-mail on the floor because the sender is using a system that
is blacklisted by ORBS is not exactly good PR. ORBS is way too
aggressive.
If I were to use any blacklist, it would be the original RBL.
This is only one with who's policies I'm even remotely comfortable.
They only list a site as a very last resort, and genuinely try to be
helpful. The rest, "shoot (to kill) first, ask questions second."
They are all overly aggressive. Some of them go way beyond the point
of good net decorum, by doing things like port-scanning, which is
considered to be a hostile action by just about everybody with a clue.
Anyways, having said all that, relaying is generally considered to
be a bad thing today. It wasn't very many years ago that just about
every mail server on the net was an open relay. However, life on the
net has changed (not all of it for the better) now that the masses are
here.
There are two reasons that relaying is bad. From a given site's
viewpoint, the first reason that relaying is bad is that spammers will
tend to relay many thousands of messages through your server in a short
period of time, overloading it or your network connection, and killing
your server. This is officially known as a "Denial Of Service" attack
and is highly illegal in many countries. You could easily have
criminal charges laid against the perpetrator if you can produce
sufficient evidence. Unfortunately (depending on how you look at it)
most perpetrators won't be located in Canada, making for additional
complications in dealing with an international situation. The second
reason that relaying is bad, is of course, things like ORBS.
} ORBS is testing for a couple of (esoteric?) relaying cases that at
} that time (a week or so ago) zmailer was still allowing.
ORBS does something like 17 tests (all in a row). For many people,
this is bordering on hostile activity.
} Chebucto has made several changes to the standard CSuite 1.0
} zmailer/majordomo configuration to reduce the number of customizations
} we need to make to the zmailer distribution. This makes it easier to
Good. I'm just about finished with the web server upgrade.
zmailer is the second item remaining on my list. However, I don't
personally have any experience with zmailer (I use sendmail), so I will
probably be looking for guidance, but we can discuss that off the
list. If somebody from back East wants to do the upgrade, that would
be fine with me.
} upgrade zmailer and as the spammer - anti-spammer war escalates the
} ability to upgrade to the latest version is likely to become more and more
} important.
Yes, zmailer is a big package to have to maintain local patches.
Although, CVS if properly used, would help a lot here. Unfortunately,
it seems that MTA's get rather frequent upgrades for a number of
reasons (i.e. the antispam war, MIME, new tricks for relay
authentication, protection for poorly written MUA'a, bugs, etc.).
} Our new majordomo configuration now uses standard zmailer aliases for the
} list-owner, list-approval, etc.. We've made associated changes to the
} mailing list creation scripts and as part of our changes we converted
} all our old majordomo aliases to zmailer aliases...
This should make things easier in the future.
} Unfortunately we haven't (yet) upgraded the 'mailing list update' script
} yet. (I've been changing the list-owner aliases, etc. manually (using root
} privileges to edit the aliase file))
Take a look at my sendmail patches that I sent to the list some time
ago. They do basically the same thing. Although, I think I did punt on
one of the scripts.
} At this moment it's unclear (to me at least) whether:
}
} - we'll apply the CSuite 1.0 customization/patches to a new version of
} zmailer (short term solution and probably easiest for a CSuite site to
} install..?) or whether...
This could be a very short term solution, but it is more work for
the developement team.
} - we'll put together the necessary information/tools to upgrade existing
} sites to the current Chebucto zmailer/majordomo configuration. This will
} likely be part of CSuite 1.1 and may be more manageable as part of a
} general upgrade CSuite....(?)
I would favour this solution. It is most likely the more viable
solution in the long run. Something will be needed in order for sites
to do an upgrade to CSuite 1.1 any ways. Once all the bits are in
place, it shouldn't be too hard to extract the relevent parts and place
them in a tarball along with a README for sites that need an immedidate
solution.
}-- End of excerpt from "David L. Potter"
next message in archive
next message in thread
previous message in archive
previous message in thread
Index of Subjects