A lot of people post things on this group, a lot of links
are offered and a lot of official-looking headers.

Anyone can say anything on the Usenet, and anyone can put
anything on a website. The hosts of a large server or
server-farm simply cannot keep track of all the webpages
or other files on their server(s), and a very reputable
organization often has webpages (etc.) containing pure mis- and
dis- information.

So when you look at one of the articles posted here that looks
official and factual, take a real close look at the headers
and bear in mind that spammers can post here put up webpages too.
Check out the credentials of the person posting it.

Start with: http://groups.google.com/advanced_group_search

What do you imagine would inspire a spammer to do such a thing?

Why, a spam-filter that they can't beat.

They can't beat Challenge-Response systems, and they HATE them.

Google (this is a literal search-string):

"challenge response" OR "challenge-response"

and you will find many websites, controlled by those with a
vested interest in keeping the spam flowing, that contain nothing
but exagerrations and lies about Challenge-Response systems.

Again: Because the spammers (and trolls) can't beat them.

Anonymous mail does not get past a Challenge-Response System.

Spammers love to promote Bayesian and other popular (and
not very effective) spamfilters because they CAN beat them.

They are the world's foremost _experts_ in the use of such
filters. Of course. What else do they have to do?

Which is why you still get spam. (And lose important mail.)

You have been warned.
---------------------

Let the reader beware.


(now that troll is probably going to post the link to his
Alan Connor Hate Page. Yawn. There are thousands of sites
that claim to offer proof that people have been abducted by
little grey men from outer space)


AC


--
Pro-Active Spam Fighter
Pass-list --> Spam-Filter --> Challenge-Response
http://tinyurl.com/2t5kp

Alan Connor wrote:
>Challenge-Response System.

Misdirected challenges are spamcop reportable

http://www.spamcop.net/fom-serve/cache/14.html Messages which may be
reported: -- Misdirected challenges from challenge/response spam
filtering systems


--
Mike Easter

Please ignore this k00k. He passes HIS spam onto others.

Mike Easter wrote:
> Alan Connor wrote:
>> Challenge-Response System.
>
> Misdirected challenges are spamcop reportable
>
> http://www.spamcop.net/fom-serve/cache/14.html Messages which may be
> reported: -- Misdirected challenges from challenge/response spam
> filtering systems

Wow thats cool. I didnt know that. :)

In article <LSLGd.9859$Ii4.7068 [at] newsread3.news.pas.earthlink.net>,
"Mike Easter" <MikeE [at] ster.invalid> wrote:

> Misdirected challenges are spamcop reportable
>
> http://www.spamcop.net/fom-serve/cache/14.html Messages which may be
> reported: -- Misdirected challenges from challenge/response spam
> filtering systems

Most interesting.

I haven't kept up to date with what is and isn't reportable with
SpamCop. After reading this, it'll make my daily chore of sorting
through my spam and removing stuff that isn't reportable much less of a
task. Many thanks for pointing this out.

--
Pete Stephenson
HeyPete.com

On Mon, 17 Jan 2005 08:34:05 GMT, Alan Connor <zzzzzz [at] xxx.yyy> wrote:

>They can't beat Challenge-Response systems, and they HATE them.

I have the proof they can beat those systems in my mailbox.

Person A (let's call him Willy) sends a complaint because he got some
spam in his mailbox. He uses software that that fires complaints to any
and all addresses he can find for any and all IP-addresses (including
10.0.0.0/8) and domains. And all addresses are put in the To: header.

Ofcourse our IP address is in a forged header so I kindly tell Willy to
use other software. And what do I get back? Yes, your are right. A
challenge pointing to spamarrest.

So Willy uses a C-R system and he gets spam in his mailbox.

The next complaint from Willy will be converted to a complaint to his
provider. Just like the guy who had over 40 addresses in his To: when
using the same complaint software.

--
Peter Peters, senior netwerkbeheerder
Dienst Informatietechnologie, Bibliotheek en Educatie (ITBE)
Universiteit Twente

"Mike Easter" <MikeE [at] ster.invalid> wrote in message
news:LSLGd.9859$Ii4.7068 [at] newsread3.news.pas.earthlink.net...
> Alan Connor wrote:
>>Challenge-Response System.
>
> Misdirected challenges are spamcop reportable
>
> http://www.spamcop.net/fom-serve/cache/14.html Messages which may be
> reported: -- Misdirected challenges from challenge/response spam
> filtering systems
>
>
> --
> Mike Easter
>

What about misdirected newgroup postings? This is a welcome to
comp.mail.mis, not nanae. I'd sure think twice about a newsgroup if the
welcome to it was from the OP.

Alan Connor wrote:
[snip]
> They can't beat Challenge-Response systems, and they HATE them.
[more snip]
> Pass-list --> Spam-Filter --> Challenge-Response

I'm not sure why you'd need a spam filter if spammers cannot beat the
Challange-Response system.

In article <1MKGd.9842$Ii4.6299 [at] newsread3.news.pas.earthlink.net>,
Alan Connor <xxxx [at] yyy.zzz> wrote:
>They can't beat Challenge-Response systems, and they HATE them.

So do non-spammers. Remember:

* If the message is forged, the challenge is spam.
* Those who emit spam are spammers.
* If the pre-filtering system is perfect, there's no need for
challenges.
* If it isn't perfect, it drops real email or causes spam to be
emitted.
* It's good to reject suspected spam with a bypass method in the
rejection; but that must be done by the MTA, not a user's delivery
agent.

(borrowed from Seth Briedbart)

Only clueless twits think C-R is a solution.
-A

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-19223-1105980574-0004
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

This is a canonical list of questions that Beavis never answers. This FAQ is
posted on a semi-regular schedule, as circumstances warrant.

For more information on Beavis, see:

http://angel.1jh.com/nanae/kooks/alanconnor.shtml

Although Beavis has been posting for a long time, he always remains silent
on the subjects enumerated below. His response, if any, usually consists of
replying to the parent post with a loud proclamation that his Usenet-reading
software runs a magical filter that automatically identifies anyone who's
making fun of him, and hides those offensive posts. For more information
see question #9 below.

============================================================ ================

1) If spammers avoid forging real E-mail addresses on spam, then where do
all these bounces everyone reports getting (for spam with their return
address was forged onto) come from?

2) If your Challenge-Response filter is so great, why do you still munge
when posting to Usenet?

3) Do you still believe that rsh is the best solution for remote access?
(http://tinyurl.com/5qqb6)

4) What is your evidence that everyone who disagrees with you, and thinks
that you're a moron, is a spammer?

5) How many different individuals do you believe really post to
comp.mail.misc? What is the evidence for your paranoid belief that everyone,
except you, who posts here is some unknown arch-nemesis of yours?

6) How many times, or how often, do you believe is necessary to announce
that you do not read someone's posts? What is your reason for making these
regularly-scheduled proclamations? Who do you believe is so interested in
keeping track of your Usenet-reading habits?

7) When was the last time you saw Bigfoot (http://tinyurl.com/23r3f)?

8) If your C-R system employs a spam filter so that it won't challenge spam,
then why does any of the mail that passes the filter, and is thusly presumed
not to be spam, need to be challenged?

9) You claim that the software you use to read Usenet magically identifies
any post that makes fun of you. In http://tinyurl.com/3swes you explain
that "What I get in my newsreader is a mock post with fake headers and no
body, except for the first parts of the Subject and From headers."

Since your headers indicate that you use slrn and, as far as anyone knows,
the stock slrn doesn't work that way, is this interesting patch to slrn
available for download anywhere?



--=_mimegpg-commodore.email-scan.com-19223-1105980574-0004
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBB6+yex9p3GYHlUOIRAtPuAJ94Q2Ne4IKa6HdnSjF6Nbe+zDOGkQCf SXWB
G8qObjeTV0rRSIONm3qZyUs=
=jTC0
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-19223-1105980574-0004--

* Robert Moir wrote:
> Alan Connor wrote:
> [snip]
>> They can't beat Challenge-Response systems, and they HATE them.
> [more snip]
>> Pass-list --> Spam-Filter --> Challenge-Response
>
> I'm not sure why you'd need a spam filter if spammers cannot beat the
> Challange-Response system.

To filter out obvious spam, and greatly reduce the number of challenges
sent out to minimise the impact on forged email From:'s
--
T R O Y P I G G I N S
e : usenet [at] piggo.com

Alan Connor wrote:

> A lot of people post things on this group, a lot of links
> are offered and a lot of official-looking headers.
>
> Anyone can say anything on the Usenet, and anyone can put
> anything on a website. The hosts of a large server or
> server-farm simply cannot keep track of all the webpages
> or other files on their server(s), and a very reputable
> organization often has webpages (etc.) containing pure mis- and
> dis- information.
>
> So when you look at one of the articles posted here that looks
> official and factual, take a real close look at the headers
> and bear in mind that spammers can post here put up webpages too.
> Check out the credentials of the person posting it.
>
> Start with: http://groups.google.com/advanced_group_search
>
> What do you imagine would inspire a spammer to do such a thing?
>
> Why, a spam-filter that they can't beat.
>
> They can't beat Challenge-Response systems, and they HATE them.
>
> Google (this is a literal search-string):
>
> "challenge response" OR "challenge-response"
>
> and you will find many websites, controlled by those with a
> vested interest in keeping the spam flowing, that contain nothing
> but exagerrations and lies about Challenge-Response systems.
>
> Again: Because the spammers (and trolls) can't beat them.
>
> Anonymous mail does not get past a Challenge-Response System.
>
> Spammers love to promote Bayesian and other popular (and
> not very effective) spamfilters because they CAN beat them.
>
> They are the world's foremost _experts_ in the use of such
> filters. Of course. What else do they have to do?
>
> Which is why you still get spam. (And lose important mail.)
>
> You have been warned.
> ---------------------
>
> Let the reader beware.
>
>
> (now that troll is probably going to post the link to his
> Alan Connor Hate Page. Yawn. There are thousands of sites
> that claim to offer proof that people have been abducted by
> little grey men from outer space)
>
>
> AC
>
>

also bear in mind Allan is a troll and a bad one at that. He eats poopy off
the ground as well.

axlq <axlq [at] spamcop.net> wrote:
> In article <1MKGd.9842$Ii4.6299 [at] newsread3.news.pas.earthlink.net>,
> Alan Connor <xxxx [at] yyy.zzz> wrote:
> >They can't beat Challenge-Response systems, and they HATE them.
>
> So do non-spammers. Remember:
[deleted]
> * It's good to reject suspected spam with a bypass method in the
> rejection; but that must be done by the MTA, not a user's delivery
> agent.

No, it isn't ("good to reject suspected spam with a bypass method in
the rejection; ... done by the MTA"). This fallacy has been debunked
many times in this group. See the recent (January 15) article
<news:41e8e7dd$0$53818$abc4f4c3 [at] news.wanadoo.nl> and the pointers in
there.

> (borrowed from Seth Briedbart)

I don't think that Seth said that (or at least it was debunked later).
Do you have a cite (i.e. (archived) Message-ID)?

On second thought, perhaps Seth Briedbart *has* said it, but not Seth
Breidbart! :-)

"Alan Connor" <zzzzzz [at] xxx.yyy> wrote in message
news:1MKGd.9842$Ii4.6299 [at] newsread3.news.pas.earthlink.net...
>A lot of people post things on this group, a lot of links
> are offered and a lot of official-looking headers.
>
> Anyone can say anything on the Usenet, and anyone can put
> anything on a website.

Thanks for proving that once again, and thanks for the laugh :)

In article <1MKGd.9842$Ii4.6299 [at] newsread3.news.pas.earthlink.net>, Alan
Connor says...

> A lot of people post things on this group, a lot of links
> are offered and a lot of official-looking headers.

I am certainly glad that you are not in the artillery. How did a "Welcome to
Comp Mail Misc" article land in "news.admin.net-abuse.email"? Incompetence
comes to mind...

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint

In article <slrncup0g9.3j9.usenet [at] piggo.com>, Troy Piggins says...

> * Robert Moir wrote:
> > Alan Connor wrote:
> > [snip]
> >> They can't beat Challenge-Response systems, and they HATE them.
> > [more snip]
> >> Pass-list --> Spam-Filter --> Challenge-Response

> > I'm not sure why you'd need a spam filter if spammers cannot beat the
> > Challange-Response system.

> To filter out obvious spam, and greatly reduce the number of challenges
> sent out to minimise the impact on forged email From:'s

It seems to me that the best way to minimize the impact of challenges to
forged email accounts is to not send them at all. Apparently the number of
misdirected challenges has risen to a level of abuse that SpamCop now allows
their users to report them; see Mike Easter's post announcing that change.

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint

In article <41ed0818$0$51058$cd19a363 [at] news.wanadoo.nl>,
Frank Slootweg <this [at] ddress.is.invalid> wrote:
>axlq <axlq [at] spamcop.net> wrote:
>> In article <1MKGd.9842$Ii4.6299 [at] newsread3.news.pas.earthlink.net>,
>> Alan Connor <xxxx [at] yyy.zzz> wrote:
>> >They can't beat Challenge-Response systems, and they HATE them.
>>
>> So do non-spammers. Remember:
>[deleted]
>> * It's good to reject suspected spam with a bypass method in the
>> rejection; but that must be done by the MTA, not a user's delivery
>> agent.
>
> No, it isn't ("good to reject suspected spam with a bypass method in
>the rejection; ... done by the MTA"). This fallacy has been debunked
>many times in this group. See the recent (January 15) article
><news:41e8e7dd$0$53818$abc4f4c3 [at] news.wanadoo.nl> and the pointers in
>there.

That's wrong. If I do the right thing, and someone else does the
wrong thing because of it, that isn't my fault. (E.g. 55x response
for "no such user" could also cause the sender's MTA to generate a DSN
to a forged address; does that mean no 55x should ever be given, or
that sending MTAs should have reason to believe the address they send
DSNs to?)

>> (borrowed from Seth Briedbart)
>
> I don't think that Seth said that (or at least it was debunked later).
>Do you have a cite (i.e. (archived) Message-ID)?

Yes, I did say it.

> On second thought, perhaps Seth Briedbart *has* said it, but not Seth
>Breidbart! :-)

Nice try :-)

Seth

Seth Breidbart <sethb [at] panix.com> wrote:
> In article <41ed0818$0$51058$cd19a363 [at] news.wanadoo.nl>,
> Frank Slootweg <this [at] ddress.is.invalid> wrote:
> >axlq <axlq [at] spamcop.net> wrote:
> >> In article <1MKGd.9842$Ii4.6299 [at] newsread3.news.pas.earthlink.net>,
> >> Alan Connor <xxxx [at] yyy.zzz> wrote:
> >> >They can't beat Challenge-Response systems, and they HATE them.
> >>
> >> So do non-spammers. Remember:
> >[deleted]
> >> * It's good to reject suspected spam with a bypass method in the
> >> rejection; but that must be done by the MTA, not a user's delivery
> >> agent.
> >
> > No, it isn't ("good to reject suspected spam with a bypass method in
> >the rejection; ... done by the MTA"). This fallacy has been debunked
> >many times in this group. See the recent (January 15) article
> ><news:41e8e7dd$0$53818$abc4f4c3 [at] news.wanadoo.nl> and the pointers in
> >there.
>
> That's wrong. If I do the right thing, and someone else does the
> wrong thing because of it, that isn't my fault. (E.g. 55x response
> for "no such user" could also cause the sender's MTA to generate a DSN
> to a forged address; does that mean no 55x should ever be given, or
> that sending MTAs should have reason to believe the address they send
> DSNs to?)

(IMO) The consensus was that "someone else" is *not* doing "the wrong
thing", but is actually doing the *right* thing (see, for *example*
(there were many more), the pointers I gave in the above referenced
article). (Assuming that with "someone else", you mean the sending
MTA which, when it gets a 55x return code, will (have to) send the DSN
(email) message to the (possibly forged) sender.)

As to "does that mean ... that sending MTAs should have reason to
believe the address they send DSNs to?", the answer is yes. It would be
*nice* if MTAs tried to prevent sending to forged addresses as much as
possible, but since it is impossible to always detect all forgeries,
that can only be a want, never a must.

In any case, may I suggest to be very careful with your "that isn't my
fault" reasoning? Because it means that you would also (have to) agree
with AC's approach. I.e. there is no real difference between a
misdirected challenge caused by a 55x return and one caused by a bounce.
Either both are spam (which, IMO, is the consensus) or both are not
spam. You can't define one as non-spam and the other as spam.

> >> (borrowed from Seth Briedbart)
> >
> > I don't think that Seth said that (or at least it was debunked later).
> >Do you have a cite (i.e. (archived) Message-ID)?
>
> Yes, I did say it.

Yes, I seem to remember that and that we 'disagreed' initially, but
after some more discussion, (mostly) agreed. If anyone is interested,
then searching cmm for the last 6 to 9 months on your and my name should
reveal what was really said. Alternatively, posters *could* read/browse/
search/<whatever> past discussions, so that we don't have to repeat them
every few months, or, in this case, days! :-(

[deleted]

On 18 Jan 2005 20:25:40 GMT, Frank Slootweg
<this [at] ddress.is.invalid> wrote:

> Seth Breidbart <sethb [at] panix.com> wrote:
>
>> In article <41ed0818$0$51058$cd19a363 [at] news.wanadoo.nl>, Frank
>> Slootweg <this [at] ddress.is.invalid> wrote:
>>
>> >axlq <axlq [at] spamcop.net> wrote:
>> >
>> >> In article
>> >> <1MKGd.9842$Ii4.6299 [at] newsread3.news.pas.earthlink.net>,
>> >> Alan Connor <xxxx [at] yyy.zzz> wrote:
>> >>
>> >> >They can't beat Challenge-Response systems, and they HATE
>> >> >them.
>> >>
>> >> So do non-spammers. Remember:
>> >
>> >[deleted]
>> >
>> >> * It's good to reject suspected spam with a bypass method
>> >> in the rejection; but that must be done by the MTA, not a
>> >> user's delivery agent.
>> >
>> > No, it isn't ("good to reject suspected spam with
>> >a bypass method in the rejection; ... done by the
>> >MTA"). This fallacy has been debunked many times in
>> >this group. See the recent (January 15) article
>> ><news:41e8e7dd$0$53818$abc4f4c3 [at] news.wanadoo.nl> and the
>> >pointers in there.
>>
>> That's wrong. If I do the right thing, and someone else does
>> the wrong thing because of it, that isn't my fault. (E.g. 55x
>> response for "no such user" could also cause the sender's MTA
>> to generate a DSN to a forged address; does that mean no 55x
>> should ever be given, or that sending MTAs should have reason
>> to believe the address they send DSNs to?)
>
> (IMO) The consensus was that "someone else" is *not* doing
> "the wrong thing", but is actually doing the *right* thing
> (see, for *example* (there were many more), the pointers I
> gave in the above referenced article). (Assuming that with
> "someone else", you mean the sending MTA which, when it gets a
> 55x return code, will (have to) send the DSN (email) message to
> the (possibly forged) sender.)
>
> As to "does that mean ... that sending MTAs should have
> reason to believe the address they send DSNs to?", the answer
> is yes. It would be *nice* if MTAs tried to prevent sending
> to forged addresses as much as possible, but since it is
> impossible to always detect all forgeries, that can only be a
> want, never a must.
>
> In any case, may I suggest to be very careful with your
> "that isn't my fault" reasoning? Because it means that you
> would also (have to) agree with AC's approach. I.e. there is
> no real difference between a misdirected challenge caused by a
> 55x return and one caused by a bounce. Either both are spam
> (which, IMO, is the consensus) or both are not spam. You can't
> define one as non-spam and the other as spam.
>

You can't define either as spam. Spam is un-solicited, bulk,
commercial email.

First-of-all, "mis-directed challenges" are extraordinarily
rare, (unless deliberately solicited by some spammer/troll) given
that spammers go out of their way to avoid using false return
addresses that might belong to someone and thus anger people and
invite investigation and prosecution.

Try hitting "Reply" to the next hundred spams you receive, and
the odds are that all of those mails will bounce.

In order to be classified as spam, the "mis-directed challenge"
would have to contain an advertisement/solicitation, and they
don't: Challenges don't include the body of the mail that
triggered them, spam or otherwise. And, it would have to be
replicated, with each copy going to a different address.

Which doesn't happen. Challenges go to one specific address.

But you know this, and the spammer/troll hiding behind all of
these aliases knows this.

And so does everyone else likely to read these groups, so I
really do wonder just who you and "Seth" think you are fooling.

Morons can't operate computers.

AC


--
Pro-Active Spam Fighter
Pass-list --> Spam-Filter --> Challenge-Response
http://tinyurl.com/2t5kp

Alan Connor <zzzzzz [at] xxx.yyy> wrote:
> On 18 Jan 2005 20:25:40 GMT, Frank Slootweg
> <this [at] ddress.is.invalid> wrote:
>
> > Seth Breidbart <sethb [at] panix.com> wrote:
[deleted]
> > In any case, may I suggest to be very careful with your
> > "that isn't my fault" reasoning? Because it means that you
> > would also (have to) agree with AC's approach. I.e. there is
> > no real difference between a misdirected challenge caused by a
> > 55x return and one caused by a bounce. Either both are spam
> > (which, IMO, is the consensus) or both are not spam. You can't
> > define one as non-spam and the other as spam.
>
> You can't define either as spam. Spam is un-solicited, bulk,
> commercial email.

No. Guess why "UBE" doesn't have a "C" in it? The "commercial" bit is
not required/relevant. A message can be totally non-commercial and still
be spam (if it is U, B and E).

(And yes, *sometimes* people will use the term "UCE" if they mean
*commercial* spam. I.e. UCE is a subset of UBE.)

[More misconceptions deleted.]

cantspam20041216nanaeuser [at] aosake.net writes:
>I am certainly glad that you are not in the artillery. How did a "Welcome to
>Comp Mail Misc" article land in "news.admin.net-abuse.email"? Incompetence
>comes to mind...

It's from Alan Connor, so by definition it's wrong in as many ways as
possible, and in some other ways not previously thought possible. *
--
* PV something like badgers--something like lizards--and something
like corkscrews.
------------------------------------------------------------ --------
Free ipod? http://www.freeiPods.com/default.aspx?referer=10031125

On 18 Jan 2005 21:20:19 GMT, Frank Slootweg
<this [at] ddress.is.invalid> wrote:


> Alan Connor <zzzzzz [at] xxx.yyy> wrote:
>
>> On 18 Jan 2005 20:25:40 GMT, Frank Slootweg
>> <this [at] ddress.is.invalid> wrote:
>>
>> > Seth Breidbart <sethb [at] panix.com> wrote:
>
> [deleted]
>
>> > In any case, may I suggest to be very careful with your
>> > "that isn't my fault" reasoning? Because it means that you
>> > would also (have to) agree with AC's approach. I.e. there is
>> > no real difference between a misdirected challenge caused
>> > by a 55x return and one caused by a bounce. Either both
>> > are spam (which, IMO, is the consensus) or both are not
>> > spam. You can't define one as non-spam and the other as
>> > spam.
>>
>> You can't define either as spam. Spam is un-solicited, bulk,
>> commercial email.
>
> No. Guess why "UBE" doesn't have a "C" in it? The
> "commercial" bit is not required/relevant. A message can be
> totally non-commercial and still be spam (if it is U, B and E).
>
> (And yes, *sometimes* people will use the term "UCE" if they
> mean *commercial* spam. I.e. UCE is a subset of UBE.)
>

The vast majority of people consider spam to be of a commercial
nature.

Certainly most of the UBE that bothers people is of a commercial
nature, so I don't know who you think you are fooling with
these silly word games.

http://dictionary.reference.com/search?q=spam&db=%2A

spam Audio pronunciation of "Spam" ( P )
Pronunciation Key (sp*m)
n.

Unsolicited e-mail, often of a commercial
nature, sent indiscriminately to multiple
mailing lists, individuals, or newsgroups;
junk e-mail.


Never-the-less, an un-solicited Challenge is not "bulk".
It *was* solicited by the spammer; and it is *not*
"indiscriminate". It is deliberately sent to a single
address.

DUH.

A Challenge-Response System receives one of the very rare spams
that contain some innocent person's or organization's return
address, and a single, tiny mail is sent to that address.

> [More misconceptions deleted.]

Considering that you don't even know that a single mail is not
bulk mail, I really doubt that anyone gives your opinions here
any credence.

Like I said: 'Morons can't operate computers'.

Listen: Everyone here knows that spammers and trolls hate
Challenge-Response Systems because these criminals/headcases
can't beat them.

You want people to think you are a spammer or a headcase, Frank?

Just keep it up.


AC


--
Pro-Active Spam Fighter
Pass-list --> Spam-Filter --> Challenge-Response
http://tinyurl.com/2t5kp

sethb [at] panix.com (Seth Breidbart) wrote in news:csjmu7$o38$1
[at] panix5.panix.com:

> (E.g. 55x response
> for "no such user" could also cause the sender's MTA to generate a DSN
> to a forged address;

About the only way I can figure an 55x being sent to a forged address is if
it's done post smtp chat.

During chat, sorce port forging won't do it, the TCP sequence will be wrong
and the session won't be established on the forged source IP. The 55x will
be sent down the exsisting connection so the envelope sender's ID isn't
used, it's sent to the connecting server via the exsisting connection.

Isn't sending a 5xx (hard fail) frowned upon if done post chat? Or is it
that is't just an increadablly stupid idea, that I just think it's frowned
upon?

Or am I missing something and being stupid all at once?

As far as the sender doing something with a DSN to somewhere it shouldn't,
well, that's their problem to fix.

In article <41ed70c3$0$42202$1b2cd167 [at] news.wanadoo.nl>,
Frank Slootweg <this [at] ddress.is.invalid> wrote:
>Seth Breidbart <sethb [at] panix.com> wrote:
>> In article <41ed0818$0$51058$cd19a363 [at] news.wanadoo.nl>,
>> Frank Slootweg <this [at] ddress.is.invalid> wrote:
>> >axlq <axlq [at] spamcop.net> wrote:
>> >> In article <1MKGd.9842$Ii4.6299 [at] newsread3.news.pas.earthlink.net>,

>> >> * It's good to reject suspected spam with a bypass method in the
>> >> rejection; but that must be done by the MTA, not a user's delivery
>> >> agent.
>> >
>> > No, it isn't ("good to reject suspected spam with a bypass method in
>> >the rejection; ... done by the MTA"). This fallacy has been debunked
>> >many times in this group. See the recent (January 15) article
>> ><news:41e8e7dd$0$53818$abc4f4c3 [at] news.wanadoo.nl> and the pointers in
>> >there.
>>
>> That's wrong. If I do the right thing, and someone else does the
>> wrong thing because of it, that isn't my fault.
.. . .
> (IMO) The consensus was that "someone else" is *not* doing "the wrong
>thing", but is actually doing the *right* thing (see, for *example*
>(there were many more), the pointers I gave in the above referenced
>article).

I did.

> (Assuming that with "someone else", you mean the sending
>MTA which, when it gets a 55x return code, will (have to) send the DSN
>(email) message to the (possibly forged) sender.)

As I wrote, it isn't my problem if I tell someone else "I'm not
accepting that" and as a result he spams. (Suppose he tried a machine
that isn't running a mailswerver; should I be accepting email there
just in case he might otherwise spam?)

> As to "does that mean ... that sending MTAs should have reason to
>believe the address they send DSNs to?", the answer is yes. It would be
>*nice* if MTAs tried to prevent sending to forged addresses as much as
>possible, but since it is impossible to always detect all forgeries,
>that can only be a want, never a must.

While it's impossible to detect all forgeries, it's possible to limit
yourself to stuff you know is not forged (e.g. only allowed logged-in
users to send, and the DSN goes back to them; or at least, if it goes
to the wrong person, you know who to lart).

> In any case, may I suggest to be very careful with your "that isn't my
>fault" reasoning? Because it means that you would also (have to) agree
>with AC's approach. I.e. there is no real difference between a
>misdirected challenge caused by a 55x return and one caused by a bounce.
>Either both are spam (which, IMO, is the consensus) or both are not
>spam. You can't define one as non-spam and the other as spam.

They're both spam. They both make the machine that sent them the
guilty party. If machine A tries to send to my machine B, and B says
"550", and as a result A send a DSN (spam) to Z, then A is guilty, and
B is not. If machine A tries to send to Alan's machine C, and C sends
a challenge (spam) to Y, then C is guilty. See the difference?

>> Yes, I did say it.
>
> Yes, I seem to remember that and that we 'disagreed' initially, but
>after some more discussion, (mostly) agreed.

I don't think my stand (as above) has changed. The guilt falls on the
(controller of the) machine that sends the spam. The fact that it
sends spam because I said "not interested" or someone he didn't know
sent something to Alan or my machine said "that IP address is prime"
doesn't matter.

Seth

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-7077-1106091720-0001
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Frank Slootweg writes:

> with AC's approach. I.e. there is no real difference between a
> misdirected challenge caused by a 55x return and one caused by a bounce.
> Either both are spam (which, IMO, is the consensus) or both are not
> spam. You can't define one as non-spam and the other as spam.

Both are spam. The difference is that in one case it's your mail servers
that generates the spam; in the other case it's someone else's mail server.

It's not my problem if as a result of me refusing to accept spam, some other
mail server ends up generating spam.



--=_mimegpg-commodore.email-scan.com-7077-1106091720-0001
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBB7Z7Ix9p3GYHlUOIRAhSlAJ0cAc81/+sw4QKZFUtJG1UaXz//9ACe Kprt
01kadQT3ddxT2werBzff4PM=
=oVWk
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-7077-1106091720-0001--

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-7077-1106091857-0002
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Beavis writes:

> On 18 Jan 2005 21:20:19 GMT, Frank Slootweg
> <this [at] ddress.is.invalid> wrote:
>
>> (And yes, *sometimes* people will use the term "UCE" if they
>> mean *commercial* spam. I.e. UCE is a subset of UBE.)
>>
>
> The vast majority of people consider spam to be of a commercial
> nature.
>
> Certainly most of the UBE that bothers people is of a commercial
> nature, so I don't know who you think you are fooling with
> these silly word games.
>
> http://dictionary.reference.com/search?q=spam&db=%2A
>
> spam Audio pronunciation of "Spam" ( P )
> Pronunciation Key (sp*m)
> n.
>
> Unsolicited e-mail, often of a commercial

See that word "often" there, Beavis? You need to mouth it slowly, one
syllable at a time: of-ten. "Of-ten". Look up what it means in a
dictionary.

Now re-read what Frank wrote, put on your dunce cap, then go sit in a
corner. Here, take this lollipop.


--=_mimegpg-commodore.email-scan.com-7077-1106091857-0002
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBB7Z9Rx9p3GYHlUOIRAgI4AJ9kfqVdLl3oDVrTjaJQGM4Tu90BigCf WKUE
TBoBgvM3CKPrIz5IkyyfhME=
=81U4
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-7077-1106091857-0002--

In article <XMeHd.1411$Ju1.13 [at] newsread3.news.pas.earthlink.net>,
Alan Connor <xxxx [at] yyy.zzz> wrote:
>On 18 Jan 2005 20:25:40 GMT, Frank Slootweg
><this [at] ddress.is.invalid> wrote:

>> In any case, may I suggest to be very careful with your
>> "that isn't my fault" reasoning? Because it means that you
>> would also (have to) agree with AC's approach. I.e. there is
>> no real difference between a misdirected challenge caused by a
>> 55x return and one caused by a bounce. Either both are spam
>> (which, IMO, is the consensus) or both are not spam. You can't
>> define one as non-spam and the other as spam.
>
>You can't define either as spam. Spam is un-solicited, bulk,
>commercial email.

No, it doesn't have to be commercial. God-bothering spam is well
known, albeit a small fraction of the total. So is political spam.

>First-of-all, "mis-directed challenges" are extraordinarily
>rare,

So you claim. Other people find otherwise. By the standards of total
amount of spam, they're rare. By the standards of winning the
lottery, they're a dime a dozen.

> (unless deliberately solicited by some spammer/troll) given
>that spammers go out of their way to avoid using false return
>addresses that might belong to someone and thus anger people and
>invite investigation and prosecution.

That's quite false. Sometimes, spammers go out of their way to forge
the email address of somebody who complained about them. I'm not the
only one in nanae who has had that experience several times.

Other times, spammers use "nearby" addresses in their lists as the
sender, in the hopes that it will be whitelisted by their victim.

And sometimes it seems they just make up addresses.

I've never known them to take any effort to remove real addresses from
their false sender lists (and I've seen analysis of a lot of
spamware).

>Try hitting "Reply" to the next hundred spams you receive, and
>the odds are that all of those mails will bounce.

You lose. (The second one in my spambox that I just looked at is a
419 whose sender's address hadn't been cancelled yet when I checked.)

>In order to be classified as spam, the "mis-directed challenge"
>would have to contain an advertisement/solicitation,

No, it doesn't. Spam is UBE, no requirement for advertisements.

> and they
>don't: Challenges don't include the body of the mail that
>triggered them, spam or otherwise. And, it would have to be
>replicated, with each copy going to a different address.

Well, if they don't include the body, they all look very similar,
sufficiently so to make them bulk.

>Which doesn't happen. Challenges go to one specific address.

Each one does. If all of them did, there's be less of a problem.
(The owner of that address would be sol, but he could just reject
them.)

>And so does everyone else likely to read these groups, so I
>really do wonder just who you and "Seth" think you are fooling.

Do those scare quotes mean you think my parents were lying to me?

>Morons can't operate computers.

But they can click and drool.

Seth

On Tue, 18 Jan 2005 21:54:17 GMT, Alan Connor <zzzzzz [at] xxx.yyy> wrote:
>
>
> On 18 Jan 2005 21:20:19 GMT, Frank Slootweg
><this [at] ddress.is.invalid> wrote:
>
>
>> Alan Connor <zzzzzz [at] xxx.yyy> wrote:
>>
>>> On 18 Jan 2005 20:25:40 GMT, Frank Slootweg
>>> <this [at] ddress.is.invalid> wrote:
>>>
>>> > Seth Breidbart <sethb [at] panix.com> wrote:
>>
>> [deleted]
>>
>>> > In any case, may I suggest to be very careful with your
>>> > "that isn't my fault" reasoning? Because it means that you
>>> > would also (have to) agree with AC's approach. I.e. there is
>>> > no real difference between a misdirected challenge caused
>>> > by a 55x return and one caused by a bounce. Either both
>>> > are spam (which, IMO, is the consensus) or both are not
>>> > spam. You can't define one as non-spam and the other as
>>> > spam.
>>>
>>> You can't define either as spam. Spam is un-solicited, bulk,
>>> commercial email.
>>
>> No. Guess why "UBE" doesn't have a "C" in it? The
>> "commercial" bit is not required/relevant. A message can be
>> totally non-commercial and still be spam (if it is U, B and E).
>>
>> (And yes, *sometimes* people will use the term "UCE" if they
>> mean *commercial* spam. I.e. UCE is a subset of UBE.)
>>
>
> The vast majority of people consider spam to be of a commercial
> nature.
>
> Certainly most of the UBE that bothers people is of a commercial
> nature, so I don't know who you think you are fooling with
> these silly word games.
>
> http://dictionary.reference.com/search?q=spam&db=%2A
>
> spam Audio pronunciation of "Spam" ( P )
> Pronunciation Key (sp*m)
> n.
>
> Unsolicited e-mail, often of a commercial
> nature, sent indiscriminately to multiple
> mailing lists, individuals, or newsgroups;
> junk e-mail.
>

The vast majority of UBE is also *anonymous*, which
in this context means that the return address on the
mail, whether in the From:, Reply-To:, or Return-Path:
headers, is not the real return address of the party
that sent the UBE.

(Usually, it is an address that belongs to no one, by
design: Using someone's address is a good way to bring
on some real negative attention, and people fairly
frequently get pissed off at spam and hit 'Reply' and
send a nasty note off. Fortunately, 9,999 times out
of 10,000, that attempted reply just bounces.)

Challenge-Responses are NOT anonymous.

The anonymity of UBE (and trollmail) is the weakness that a
Challenge-Response System exploits: If the Challenge is not
returned because the address was bogus (ususally) or the address
is just a dump, then it isn't returned and the mail that elicited
it is deleted without the C-R user even knowing it arrived in the
first place.

A real live human being has to be reading the mail there, and
they have to paste an included password on the Subject line and
send it back. (5 seconds)

Trolls and spammers, criminals by definition, do not like to
use their real return addresses, so their mail is never seen
by the C-R user.

>
> Never-the-less, an un-solicited Challenge is not "bulk".
> It *was* solicited by the spammer; and it is *not*
> "indiscriminate". It is deliberately sent to a single
> address.
>
> DUH.
>
> A Challenge-Response System receives one of the very rare spams
> that contain some innocent person's or organization's return
> address, and a single, tiny mail is sent to that address.
>

<snip>

AC


--
Pro-Active Spam Fighter
Pass-list --> Spam-Filter --> Challenge-Response
http://tinyurl.com/2t5kp

On Tue, 18 Jan 2005, Alan Connor wrote:
[snip]
> First-of-all, "mis-directed challenges" are extraordinarily
> rare, (unless deliberately solicited by some spammer/troll) given
> that spammers go out of their way to avoid using false return
> addresses that might belong to someone and thus anger people and
> invite investigation and prosecution.
>
> Try hitting "Reply" to the next hundred spams you receive, and
> the odds are that all of those mails will bounce.
[snip]

If spammers never forge others' real addresses, please explain why I get
bounces for email I never sent, why the user-support mailing list here
gets bounces for email it never sent, and why even my ISP's abuse address
has received bounces for messages it never sent?

(Yes, you read that correctly. The Chebucto Community Net's abuse address
has been forged more than once as the alleged sender of spam.)

--
Norman De Forest http://www.chebucto.ns.ca/~af380/Profile.html
af380 [at] chebucto.ns.ca [=||=] (A Speech Friendly Site)
My Usenet 2005 calendar: http://www.chebucto.ns.ca/~af380/Year-2005.txt
For explanation: http://www.chebucto.ns.ca/~af380/Links.Books.html#TandD

This is a MIME GnuPG-signed message. If you see this text, it means that
your E-mail or Usenet software does not support MIME signed messages.

--=_mimegpg-commodore.email-scan.com-3539-1106099661-0001
Content-Type: text/plain; format=flowed; charset="US-ASCII"
Content-Disposition: inline
Content-Transfer-Encoding: 7bit

Norman L. DeForest writes:

>
> On Tue, 18 Jan 2005, Beavis wrote:
> [snip]
>> First-of-all, "mis-directed challenges" are extraordinarily
>> rare, (unless deliberately solicited by some spammer/troll) given
>> that spammers go out of their way to avoid using false return
>> addresses that might belong to someone and thus anger people and
>> invite investigation and prosecution.
>>
>> Try hitting "Reply" to the next hundred spams you receive, and
>> the odds are that all of those mails will bounce.
> [snip]
>
> If spammers never forge others' real addresses, please explain why I get
> bounces for email I never sent, why the user-support mailing list here
> gets bounces for email it never sent, and why even my ISP's abuse address
> has received bounces for messages it never sent?

This is one of the Frequently Asked Questions that Beavis never answers.
See the regularly-posted FAQ to this newsgroup.



--=_mimegpg-commodore.email-scan.com-3539-1106099661-0001
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQBB7b3Nx9p3GYHlUOIRAia2AJ9ewOY3KYCaqgP15ZQjrQQGbW89VQCf f/d/
J8Ogb2qzlrngBxOgLxeCuq8=
=Xdyp
-----END PGP SIGNATURE-----

--=_mimegpg-commodore.email-scan.com-3539-1106099661-0001--

In article <kniHd.10195$pZ4.4916 [at] newsread1.news.pas.earthlink.net>,
Alan Connor <xxxx [at] yyy.zzz> responded to himself, there being nobody
else he can win an argument with:
>On Tue, 18 Jan 2005 21:54:17 GMT, Alan Connor <zzzzzz [at] xxx.yyy> wrote:
>> On 18 Jan 2005 21:20:19 GMT, Frank Slootweg
>><this [at] ddress.is.invalid> wrote:
>>> Alan Connor <zzzzzz [at] xxx.yyy> wrote:

>>>> You can't define either as spam. Spam is un-solicited, bulk,
>>>> commercial email.
>>>
>>> No. Guess why "UBE" doesn't have a "C" in it? The
>>> "commercial" bit is not required/relevant. A message can be
>>> totally non-commercial and still be spam (if it is U, B and E).
>>>
>>> (And yes, *sometimes* people will use the term "UCE" if they
>>> mean *commercial* spam. I.e. UCE is a subset of UBE.)
>>
>> The vast majority of people consider spam to be of a commercial
>> nature.

The vast majority of people are idiots.

>> Certainly most of the UBE that bothers people is of a commercial
>> nature, so I don't know who you think you are fooling with
>> these silly word games.

"Most of" doesn't mean "all of". You're the one trying to play word
games, saying that since C/R spam doesn't have the same
characteristics as most other spam, it isn't spam. Would you say the
same about god-bothering spam? How about political spam?

>The vast majority of UBE is also *anonymous*,

So you admit that something can be UBE and not be anonymous.

>(Usually, it is an address that belongs to no one, by
>design: Using someone's address is a good way to bring
>on some real negative attention, and people fairly
>frequently get pissed off at spam and hit 'Reply' and
>send a nasty note off. Fortunately, 9,999 times out
>of 10,000, that attempted reply just bounces.)

Want to bet? I'll bet that at least 1% of the return addresses on my
next 500 spams are replyable, at least until I lart them.

>Challenge-Responses are NOT anonymous.

So they're in the remaining fraction of UBE after the vast majority
that is anonymous is removed.

>The anonymity of UBE (and trollmail) is the weakness that a
>Challenge-Response System exploits: If the Challenge is not
>returned because the address was bogus (ususally) or the address
>is just a dump, then it isn't returned and the mail that elicited
>it is deleted without the C-R user even knowing it arrived in the
>first place.

And if the forged sender is a real account, an innocent victim gets
spammed by the C/R system.

>A real live human being has to be reading the mail there, and
>they have to paste an included password on the Subject line and
>send it back. (5 seconds)

Which is 5 seconds wasted of the innocent's victim time.

>Trolls and spammers, criminals by definition,

Trolls aren't criminals by definition. Neither are spammers,
unfortunately.

> do not like to use their real return addresses,

One of us, Mr. xxxx [at] yyy.zzz, is using his real email address here.

>> Never-the-less, an un-solicited Challenge is not "bulk".

A single one isn't. So a C/R system that shuts itself off
permanently after the first failure to confirm isn't spamming.

>> It *was* solicited by the spammer;

So what? All spam is solicited by the spammer. If the C/R system
sends to me because the spammer forged my email address, then the C/R
system is spamming me.

>> and it is *not* "indiscriminate". It is deliberately sent to a
>> single address.

Which is all too often that of an innocent victim.

>> A Challenge-Response System receives one of the very rare spams
>> that contain some innocent person's or organization's return
>> address, and a single, tiny mail is sent to that address.

All spammers whine that their spam isn't so bad.

Seth

In article <Pine.GSO.3.95.iB1.0.1050118211429.27668B-100000 [at] halifax.chebucto.ns.ca>,
Norman L. DeForest <af380 [at] chebucto.ns.ca> wrote:
>On Tue, 18 Jan 2005, Alan Connor wrote:

>> First-of-all, "mis-directed challenges" are extraordinarily
>> rare, (unless deliberately solicited by some spammer/troll) given
>> that spammers go out of their way to avoid using false return
>> addresses that might belong to someone and thus anger people and
>> invite investigation and prosecution.
>>
>> Try hitting "Reply" to the next hundred spams you receive, and
>> the odds are that all of those mails will bounce.
>
>If spammers never forge others' real addresses, please explain why I get
>bounces for email I never sent, why the user-support mailing list here
>gets bounces for email it never sent, and why even my ISP's abuse address
>has received bounces for messages it never sent?

Or just look at the return addresses on all the phishing spam.

Seth

In article <Xns95E2AEFD2A24Bbusserroryahoocom318 [at] 130.133.1.4>,
Buss Error <buss_error [at] yahoo.com> wrote:
>sethb [at] panix.com (Seth Breidbart) wrote in news:csjmu7$o38$1
> [at] panix5.panix.com:
>
>> (E.g. 55x response
>> for "no such user" could also cause the sender's MTA to generate a DSN
>> to a forged address;
>
>About the only way I can figure an 55x being sent to a forged address is if
>it's done post smtp chat.

The 55x isn't sent to a forged address; rather, it causes the sender's
MTA to send a DSN to a forged address.

>Isn't sending a 5xx (hard fail) frowned upon if done post chat? Or is it
>that is't just an increadablly stupid idea, that I just think it's frowned
>upon?

It's impossible once the mail is accepted.

>Or am I missing something and being stupid all at once?

Apparently. :-)

>As far as the sender doing something with a DSN to somewhere it shouldn't,
>well, that's their problem to fix.

But now you have my point precisely. The _sender_ (MTA) is sending
the DSN to the wrong place, as a result of my 55x.

Seth

sethb [at] panix.com (Seth Breidbart) wrote in news:cskgu7$nde$1
[at] panix5.panix.com:

> But now you have my point precisely. The _sender_ (MTA) is sending
> the DSN to the wrong place, as a result of my 55x.

But...but... (sputter) that's a problem with someone else's MTA!

As far as accepting the email then getting a hard fail, well, that's my
point too. It "shouldn't" happen that way. Once accepted, there simply
isn't a reliable way to report an error, therefore, no error should be
reported to any envelope address, only the postmaster of the system with
the hard fail. Unfortunately, that answer doesn't scale. Godlings, does it
NOT scale....

On Tue, 18 Jan 2005, Sam wrote:

> Norman L. DeForest writes:
>
> >
> > On Tue, 18 Jan 2005, Beavis wrote:
> > [snip]
> >> First-of-all, "mis-directed challenges" are extraordinarily
> >> rare, (unless deliberately solicited by some spammer/troll) given
> >> that spammers go out of their way to avoid using false return
> >> addresses that might belong to someone and thus anger people and
> >> invite investigation and prosecution.
> >>
> >> Try hitting "Reply" to the next hundred spams you receive, and
> >> the odds are that all of those mails will bounce.
> > [snip]
> >
> > If spammers never forge others' real addresses, please explain why I get
> > bounces for email I never sent, why the user-support mailing list here
> > gets bounces for email it never sent, and why even my ISP's abuse address
> > has received bounces for messages it never sent?
>
> This is one of the Frequently Asked Questions that Beavis never answers.
> See the regularly-posted FAQ to this newsgroup.

*I* know that. *You* know that. AC, himself knows that.
I just want to make sure that newbies to comp.mail.misc see
that for themselves.

--
Norman De Forest http://www.chebucto.ns.ca/~af380/Profile.html
af380 [at] chebucto.ns.ca [=||=] (A Speech Friendly Site)
My Usenet 2005 calendar: http://www.chebucto.ns.ca/~af380/Year-2005.txt
For explanation: http://www.chebucto.ns.ca/~af380/Links.Books.html#TandD

Alan Connor <zzzzzz [at] xxx.yyy> wrote:

>>>A Challenge-Response System receives one of the very rare spams
>>>that contain some innocent person's or organization's return
>>>address, and a single, tiny mail is sent to that address.

And there's the heart of the problem right there.

I've received thousands of bounces from badly configured systems when a
forged address at my domain is used in spam headers. (They're far from
"very rare.") FEWER badly configured systems are needed; your tool
instead creates more of them.

"A single, tiny mail" to an innocent person's forged address is a
concept that doesn't scale.

--
u wi zat clue stick dotorg

In article <dAfHd.1446$Ju1.494 [at] newsread3.news.pas.earthlink.net>, Alan
Connor says...

> Like I said: 'Morons can't operate computers'.

Ah. But you, yourself, prove the contrary!

--
Norman
~Win dain a lotica, En vai tu ri, Si lo ta
~Fin dein a loluca, En dragu a sei lain
~Vi fa-ru les shutai am, En riga-lint

Alan Connor wrote:

>
>>
>>
>
>
>Morons can't operate computers.
>
>AC
>
>

They can.You are incontrovertible proof of that.

>
>
>
>

Alan Connor wrote:

>
>
>You want people to think you are a spammer or a headcase, Frank?
>
>Just keep it up.
>
>
>AC
>
>
>
>

A lunatic worrying about whether someone else is perceived as a
'headacase'. How quirky!

In article <Xns95E2E3F5CD10Ebusserroryahoocom318 [at] 130.133.1.4>,
Buss Error <buss_error [at] yahoo.com> wrote:
>sethb [at] panix.com (Seth Breidbart) wrote in news:cskgu7$nde$1
> [at] panix5.panix.com:
>
>> But now you have my point precisely. The _sender_ (MTA) is sending
>> the DSN to the wrong place, as a result of my 55x.
>
>But...but... (sputter) that's a problem with someone else's MTA!

That was my point all along.

>As far as accepting the email then getting a hard fail, well, that's my
>point too. It "shouldn't" happen that way. Once accepted, there simply
>isn't a reliable way to report an error, therefore, no error should be
>reported to any envelope address, only the postmaster of the system with
>the hard fail. Unfortunately, that answer doesn't scale. Godlings, does it
>NOT scale....

The bigger your setup, the more accurate you need your acceptances to
be. Then it scales.

Seth