Monthly Archives: July 2006

SPAM

Posted on by
Reply

Recently there was a post to an email list I’m on for Chatham county that I responded to, and I thought I’d include it here too:

> Hey all y’all savvy folk.
> I have been getting hit by unwanted, unsolicited, and
> apparently, untraceable emails from accounts that appear to
> be randomly generated.

Multiple layers of defense are needed. I run my own server so I have an advantage over using an ISP or free mail account in that I can tweak things in many ways, but I’ll run through my list anyway and say what ISPs/free mail folks are likely also doing. If you don’t have your own server, look at the last item to get the most bang for your buck. For those that run your own servers, I’ll include my postfix set up for spam at the bottom.

The latest big trick is sending emails with just 1 image, but altering the size, color, etc, so that it is not easy to detect. See #9 below for one way to handle these and other spam.

1. On the server, set up the mail system to reject mail from bad from/reply to addresses, ill-formed domains, etc. Most mail providers also do this.

2. Subscribe to free “real time blacklist” services. These list IP’s known to be sending spam, and the server rejects mail from those IP’s right way. Most mail providers do something like this.

3. On the server, set up greylisting. These means you reject all incoming mail the 1st time you see the sender. Real mail systems will attempt to re-send within a minute or two, and once that happens, the sender is validated. This catches a huge amount of current spam since much of it comes from compromised hosts (bot nets) that just send mail but never listen for incoming messages (such as rejects). Some mail providers do this.

4. On the server, set up a spam analyzing program that uses baseyan filters, such as spam assassin. Have it put headers in the mail before it puts them in the inbox that identify it as spam. Many mail providers do this, and they take the additional step of putting it in a spam folder. But then take the next step of having your mail client, which you said was thunderbird, “listen to spam headers from your server.” This is under tools -> junk mail controls -> trust mail from spam assassin.

5. As a final trick on the server side, I run postfix, which lets me use addresses like “sean+business@” That way whenever I sign up for something or order something from “business” I use that address. If I ever get spam to that address, I know which business gave out my email, and I can stop doing busines with them.

—- From here on you can do things like this on your mail client, this is specific to thunderbird since that is what I use for personal email, but I have similar items in place for outlook at work. —-

6. Set up thunderbird’s adaptive junk mail detection. Tools -> junk mail controls -> adaptive filter. And then train it! Every time a junk mail shows up in your inbox, tag it as junk.

7. I also like to have thunderbird just delete things when i mark them as junk. tools -> junk mail controls -> handling -> when I manually mark messages as junk -> delete them.

8. For mail that thunderbird tags as junk, I have it place it in the junk mail folder and automatically delete it after 3 days. Tools -> junk mail controls -> handling -> move incoming messages determined to be junk -> other -> junk mail -> delete after 3 days.

9. Configure your mail client to not display html emails, but to let you have it show html once you open the email only if you want to. And then tell it not to load images unless you want to.

—- postfix settings —-

For anyone that runs your own server and postfix, here are my settings. Some of these can just be turned on with no set up, while some do need other apps to be installed and running.

smtpd_recipient_restrictions =
permit_mynetworks,
check_client_access hash:/etc/postfix/db/pop-smtp,
check_recipient_access hash:/etc/postfix/db/access,
reject_unauth_destination
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_destination,
reject_unauth_pipelining,
reject_invalid_hostname
reject_rbl_client relays.ordb.org,
reject_rbl_client sbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client dul.dnsbl.sorbs.net,
reject_rbl_client opm.blitzed.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client sbl-xbl.spamhaus.org
check_policy_service inet:127.0.0.1:xxxxx

HuckaBuck Mountain Bike Race

Posted on by
1

huckabuck.gif

This was my 1st race in way tooo long… I knew I missed racing — racing of any kind — but I didn’t know how much until I did this! It was a 12 mile course, 2 loops of 6 miles, and relatively flat for this area. It had been a couple years since I rode these trails so it was all new to me.

I signed up for Begginer Men, and ended up in 22nd out of about 40. But if you look at the times, it was less than 5 minutes slower than the winner. Overall not that bad considering almost all of my biking has been on paved roads or fire roads as I’ve worked on re-habing my knee post surgery. In fact, the knee did great — no discomfort the entire race, and here it is the next day and it is still fine. I was actually worse off cardiovasculalry, and even more than that, the hands, wrists, and forearms were dead after the 1st lap. I guess the lack of single track was really showing there.

Looking at the splits, I was just about even at 36 minutes per loop. The 1st 10 minutes or so was pretty slow, as I started near the rear of the pack as I wasn’t sure how I would do and I’ve never done a mass start for a mountain bike race where there was only 100 feet to the single track. So I had to work my way up as I figured out who was slow, and as others crashed. Then after that I was pretty much able to ride my own pace for the next 60 minutes, though whenever I heard someone trying to catch up, I was motivated to push it. I think I was passed only three times total, and probably passed about 20 or 25 riders.

So, overall I am happy. The knee handled it very well, and now I know I can at least bike at a decent clip. I have a ways to go on running before I can do even a short AR, though hiking is going really well so for a long AR, where there’s more hiking than running, I may be ok.

Now I need to find the next race to put on my calendar so I continue to train! 🙂