The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Is Your Web Site A Secret?

On Wed, 9 Jul 1997, Thomas Koenig wrote:

> I would suggest adding Paul Vixie's blackhole list. It's quite
> effective at filtering spam at the IP level. All he asks for is not to
> be held responsible for any consequences (which we can do, I think).
>
> The blackhole list is an IBGP feed, so either we'd need to run gated
> on the mail machine(s), or feed this to the routers.

Is it possible/feasible to convert this blacklist into a set of
network/mask pairs?

If so, then it could be fed into a script like the following:

    #! /bin/sh

    # uncomment the following to enable ip packet logging
    #$LOG="-o"

    # read in /etc/mail/SpamNets for host/network addresses to firewall,
    # ignoring comments.
    JUNKMAIL=`sed -e '/^#/d' -e 's/#.*$//' /etc/mail/SpamNets`

    # block out junkmailing scumbags
    for i in $JUNKMAIL ; do
        /sbin/ipfwadm -I -a reject $LOG -P tcp -S $i -D 0.0.0.0/0 smtp
    done

my /etc/mail/SpamNets currently looks like:

    208.9.64.0/24				# Cyber Promotions (Sprint)
    207.14.212.0/24				# Financial Connections, Inc
    208.1.117.0/24				# 
    205.199.212.0/24			# Cyber Promotions (AGIS)
    205.199.2.0/24				# Cyber Promotions (AGIS)
    208.12.112.0/23				# MakeItSo, Inc
    205.199.4.0/24				# nancynet - added 970529

(I am seriously considering adding all of AGIS' netblocks to my SpamNets
file....at least on my own network. I probably wont do it on the
machines at my various places of work but i'm sorely tempted to)

this file is automatically copied using ssh/scp to various mail servers
and routers on the networks I administer, preventing these vermin
from delivering their garbage to around 60 networks. I estimate that
this blocks about 80+% of spam - it certainly blocks out the repeat
offenders.

Most of what gets through the IP filtering is caught by sendmail 8.8.5
anti-spam hacks (the DNS check for valid hostname works wonders). My
SpamDomains and Spammer files are also auto-copied to the same mail
servers.

Anyone who gets through that level either gets added to
/etc/mail/Spammers, or (if the domain looks like it was set up purely to
facilitate spamming) it gets added to /etc/mail/SpamDomains.

i get a kick out of doing this - it's about the only effective way
of fighting back against the bastards. Complaint messages and even
mailbombs are either useless or counterproductive. Complaints either
get ignored or just result in them spamming people using your email
address in the From line (you can block relaying but there's absolutely
nothing you can do to prevent someone from forging your email address).
Mailbombs dont work and generally cause problems for people who had
nothing to do with the spam.

But then, i also get a kick out of adding ad banner URLs to my squid
redirection filter - every time i get a new ad banner in my web browser, i
look at the page/frame source and create a new regexp rule to block it :-) 
see http://www.taz.net.au/block for a HOWTO. 

Craig

--
craig sanders
networking consultant                  Available for casual or contract
temporary autonomous zone              system administration tasks.


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .