|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Security-Discuss] Re: [Security Discuss] this list has gone bad
From: Vincent Danen (vdanen
mandrakesoft.com)
Date: Wed May 26 2004 - 10:11:01 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On May 26, 2004, at 8:31 AM, Matt Parker wrote:
>>> first a crap load of spam and now virus'
>>>
>>> so long listies i wont stay -- was beter before the switch but i
>>> have no
>>> time for this crap.
>>>
>>> bye and good luck
>>
>> You do have A/V and spam protection on your own systems, yes?
>>
>
> I can't speak for Scott, but my spam protection is to use various RBLs
> (I find SpamAssasin and the like OK, but nowhere near as effective).
> Mandrake isn't on any of the RBLs that I use so spam for the list
> sneaks
> through. However, it's only a matter of time before SpamCop or someone
> else gets notified and then this list will be up sh*t creek...
>
> This situation is preventable (there was no spam before the "upgraded"
> system) so what's going wrong? It simply isn't good enough to blame it
> on the software "No... this is just the joys of having sympa handling
> things again". If sympa can't handle it, why move to it? This is a
> security list, and the operators really *should* no better...
Well, before, when MandrakeSecure was operating, I had 100% control of
the machine (well, close enough to 100% considering it was 8 timezones
away). At that point, I had full discretion and setup ezmlm-idx
running under qmail with TMDA for the frontend. There was, as a
result, 0 spam (and better for me, 0 moderator requests for it).
Unfortunately, the good was also the bad... I was the only person
working on MandrakeSecure and if anyone has looked at it recently, it's
showing it's age and my severe lack of time to work on it. So instead
of keeping the site up looking extremely dated, we decided to move the
pertinent stuff (a few of the info pages, the advisories, and the
CVE-related stuff) to www.mandrakesoft.com/security instead. As a
result, MandrakeSecure is being shut down and to keep things
consistent, the mailing lists are being moved to be handled the same
way as the rest of the Mandrake mailing lists... namely sympa+postfix
on a machine I have absolutely no access to.
That's the long and short of things. I dislike it as well, but the
alternative was... well... embarrassing. So now the powers that be who
handle the other lists also handle this one (and the firewall list
which has moved over as well, and the announce list which should be ok
because that one is 100% moderated).
I'm sorry that the list has all of a sudden turned to crap as a result
of the change... I suggest if you really feel strongly about it, email
isteammandrakesoft.com and ask them to implement some appropriate
anti-spam/anti-virus measures. I've already asked a few times.
--
"lynx -source http://linsec.ca/vdanen.asc | gpg --import"
{FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (Darwin)
iD8DBQFAtLOFIEPQ5f5vKv0RAs8/AKCPjc0W/w1/7qG+fh6Hp5qoB0d/TQCfWqn/
FNdXs5/VhYUPblLkQIg+nxU=
=4ory
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]