|
Home > Archive > Anonymous Servers > January 2006 > Remailer Fan Question
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Remailer Fan Question
|
|
| TwistyCreek 2006-01-27, 9:03 pm |
|
First of all, my thanks to all of the remailer operators who run this
wonderful service using their own equipment, spending their time and money
to allow the rest of us to post anonymously.
My question is about some of the filtering that is done. I believe that
most or all exit remailers filter spam messages.
That's good. But if it is ok to filter spam, is it also ok to filter other
things? If a remailer operator filtered spam, maybe he would also think it
was ok to filter racist comments, for example.
Spam is illegal, but so are racist comments in some countries. Some
countries have laws against 'false news', so if you say that Indians were
bad people, maybe that is illegal and a remailer operator should be
filtering such comments. Or maybe somebody says Jews were not put into gas
chambers and that is illegal so it gets filtered.
It seems that once you start blocking spam, you are on a slippery slope to
blocking lots of other things that most people do not think should be
blocked.
| |
| Thrasher Remailer 2006-01-27, 9:03 pm |
| In article <Y9TUVNRZ38744.8156481481@twistycreek.com>
TwistyCreek <anon@comments.header> wrote:
>
>
> First of all, my thanks to all of the remailer operators who run this
> wonderful service using their own equipment, spending their time and money
> to allow the rest of us to post anonymously.
>
> My question is about some of the filtering that is done. I believe that
> most or all exit remailers filter spam messages.
>
> That's good. But if it is ok to filter spam, is it also ok to filter other
> things? If a remailer operator filtered spam, maybe he would also think it
> was ok to filter racist comments, for example.
>
> Spam is illegal, but so are racist comments in some countries. Some
> countries have laws against 'false news', so if you say that Indians were
> bad people, maybe that is illegal and a remailer operator should be
> filtering such comments. Or maybe somebody says Jews were not put into gas
> chambers and that is illegal so it gets filtered.
>
> It seems that once you start blocking spam, you are on a slippery slope to
> blocking lots of other things that most people do not think should be
> blocked.
I have not heard that spam is a problem for remailers and I can't remember
coming across any real spam that has been sent through a remailer so your
comments are based on a false assumption.
| |
| Anonymous via the Cypherpunks Tonga Remailer 2006-01-29, 8:49 pm |
| In article <4XHESLG438745.3986574074@reece.net.au>
Thrasher Remailer <thrasher@reece.net.au> wrote:
>
> I have not heard that spam is a problem for remailers and I can't remember
> coming across any real spam that has been sent through a remailer so your
> comments are based on a false assumption.
The original post was from Eelbash. Making comments based on false
assumption are pretty much a requirement for him.
| |
| Anonymous 2006-01-29, 8:49 pm |
| TwistyCreek wrote:
>
> First of all, my thanks to all of the remailer operators who run this
> wonderful service using their own equipment, spending their time and money
> to allow the rest of us to post anonymously.
>
> My question is about some of the filtering that is done. I believe that
> most or all exit remailers filter spam messages.
>
> That's good. But if it is ok to filter spam, is it also ok to filter other
> things? If a remailer operator filtered spam, maybe he would also think it
> was ok to filter racist comments, for example.
>
> Spam is illegal, but so are racist comments in some countries. Some
> countries have laws against 'false news', so if you say that Indians were
> bad people, maybe that is illegal and a remailer operator should be
> filtering such comments. Or maybe somebody says Jews were not put into gas
> chambers and that is illegal so it gets filtered.
>
> It seems that once you start blocking spam, you are on a slippery slope to
> blocking lots of other things that most people do not think should be
> blocked.
Eelbash, you seem to see abuse everywhere. You worry about people
flooding through your remailer, even though it doesn't happen. You
worry about people posting racist or illegal messages through your
remailer, even though if it's happened it caused you no great problems.
You block newsgroups or add a disclaimer to certain newsgroups for
whatever reasons, even though nobody even posts in them from your
remailer.
You keep doing these silly preemptive strikes on imaginary threats
that haven't happened. Whilst doing so, you're affecting real and
legitimate posts and mail that may pass through you, all to combat
any slight possibility of abuse that your imagination can dream up.
| |
| TwistyCreek 2006-01-29, 8:49 pm |
| In article <Y9TUVNRZ38744.8156481481@twistycreek.com>
TwistyCreek <anon@comments.header> wrote:
>
Hi Eelbash.
> My question is about some of the filtering that is done. I believe that
> most or all exit remailers filter spam messages.
Nope, most remailers don't filter spam at all. Spam isn't a big problem
for remailers. The latency and inability to pump out hundreds of
thousands of messages an hour make it useless for spammers.
> That's good. But if it is ok to filter spam, is it also ok to filter other
> things? If a remailer operator filtered spam, maybe he would also think it
> was ok to filter racist comments, for example.
Nope. Does it really matter to you if someone posts a racist post
in to a racist newsgroup?
> Spam is illegal, but so are racist comments in some countries. Some
> countries have laws against 'false news', so if you say that Indians were
> bad people, maybe that is illegal and a remailer operator should be
> filtering such comments. Or maybe somebody says Jews were not put into gas
> chambers and that is illegal so it gets filtered.
You have strange logic to go from blocking spam to blocking someone
saying indians are bad people. Maybe you should get a job with the
Chinese censors; they think with similar strange logic.
You could apply what you said to an email service provider. They block
spam. Why don't they block racist messages, or bad indians messages too?
Why aren't they shut down and taken to court for allowing such messages
to be sent through them?
What about usenet service providers? alt.flame.niggers is full of posts
from people posting without remailers. Shouldn't their providers be
filtering such comments?
> It seems that once you start blocking spam, you are on a slippery slope to
> blocking lots of other things that most people do not think should be
> blocked.
Nope. Again, spam isn't a problem.
| |
| Anonymous 2006-01-29, 8:49 pm |
| In article <Y9TUVNRZ38744.8156481481@twistycreek.com>
admin <admin@eelbash.org> wrote:
>
> First of all, my thanks to all of the remailer operators who run this
> wonderful service using their own equipment, spending their time and money
> to allow the rest of us to post anonymously.
>
> My question is about some of the filtering that is done. I believe that
> most or all exit remailers filter spam messages.
>
> That's good. But if it is ok to filter spam, is it also ok to filter other
> things? If a remailer operator filtered spam, maybe he would also think it
> was ok to filter racist comments, for example.
Good god, man. Do you ever give up? Do you really think nobody knows
this is you, eelbash?
| |
| George Orwell 2006-01-29, 8:49 pm |
| Thrasher Remailer wrote:
>
> I have not heard that spam is a problem for remailers and I can't remember
> coming across any real spam that has been sent through a remailer so your
> comments are based on a false assumption.
No, it's your assumption that's false. You don't see or hear about these
problems because remailers filter for spam. If nothing else, remailer
software does duplicate checking. And some/most remailer operators have
some sort of controls in place in addition to that.
Hell, some of them are even going as far as using domain and/or IP block
based third party RBL's. Or their providers are.
| |
| Fritz Wuehler 2006-01-29, 8:49 pm |
| TwistyCreek <anon@comments.header> wrote:
>
> First of all, my thanks to all of the remailer operators who run this
> wonderful service using their own equipment, spending their time and money
> to allow the rest of us to post anonymously.
>
> My question is about some of the filtering that is done. I believe that
> most or all exit remailers filter spam messages.
>
> That's good. But if it is ok to filter spam, is it also ok to filter other
> things? If a remailer operator filtered spam, maybe he would also think it
> was ok to filter racist comments, for example.
>
> Spam is illegal, but so are racist comments in some countries. Some
> countries have laws against 'false news', so if you say that Indians were
> bad people, maybe that is illegal and a remailer operator should be
> filtering such comments. Or maybe somebody says Jews were not put into gas
> chambers and that is illegal so it gets filtered.
>
> It seems that once you start blocking spam, you are on a slippery slope to
> blocking lots of other things that most people do not think should be
> blocked.
Can't you go more than a week or two before posting the same junk
again in a bid to justify your censoring strategy?
It's pathetic, it really is.
| |
| TwistyCreek 2006-01-29, 8:49 pm |
| On 28 Jan 2006, TwistyCreek <anon@comments.header> wrote:
>First of all, my thanks to all of the remailer operators who run this
>wonderful service using their own equipment, spending their time and money
>to allow the rest of us to post anonymously.
>
>My question is about some of the filtering that is done. I believe that
>most or all exit remailers filter spam messages.
I will assume this is an honest question and give an honest answer.
How would we do that? In my case, I am only using Mercury and Reliable.
There are no abilities to filter on message content that I know of. I have
yet to hear of anyone receiving spam through my re-mailer. I do use the MD5
hash filter. I have it set to 168 hours. No duplicate messages will be
accepted for that period of time to reduce vulnerability to floods or mail
bombing. I have never heard of a re-mailer being used to send spam.
When Reliable was written by RProcess many years ago, he included almost
every option one could think of. If he had intended a re-mailer operator to
filter on message content, he would have included that capability. Because
it is not there, I assume he never intended messages to be filtered on
content by a re-mailer operator.
If we follow the traditions set by the original re-mailer gurus, we won't
make mistakes.
>That's good. But if it is ok to filter spam, is it also ok to filter other
>things? If a remailer operator filtered spam, maybe he would also think it
>was ok to filter racist comments, for example.
>
>Spam is illegal, but so are racist comments in some countries. Some
>countries have laws against 'false news', so if you say that Indians were
>bad people, maybe that is illegal and a remailer operator should be
>filtering such comments. Or maybe somebody says Jews were not put into gas
>chambers and that is illegal so it gets filtered.
See above. I can't filter on content.
>It seems that once you start blocking spam, you are on a slippery slope to
>blocking lots of other things that most people do not think should be
>blocked.
See above. I don't have the ability to filter on content, be it spam or
messages that I personally might find offensive.
I do have the ability to block newsgroups if I choose, block mail to E-mail
addresses, and a few other options. There is absolutely no ability in
Reliable to filter on message content, on key words, or anything like that.
To filter on message content would require the use of a 3rd party program.
In my mind, the addition of a 3rd party program to filter on message
content would put me on a "slippery slope" and be against the traditional
guidelines set forth by the first re-mailer designers. If it was good
enough then, it is good enough now. The concept has been proven over time.
Time is the single most valuable tool we have in anonymity. For instance, I
did not use the DH/DSS over RSA keys until they were tested by time.
Reliable does have the option of appending a note to the bottom of a usenet
post. The suggested footnote is relatively benign. Something like <this was
sent through 2 or more remailers> Personally, I chose not to add it. The
default one suggested by RProcess is OK with me, I personally like it. It
in no way impugns the integrity of the message author.
So, to sum it up, I cannot filter spam or anything that I or someone else
may find offensive if it is in the body of the message. To do so would
place me on the "slippery slope". I am not going to go there.
I hope this answers your question.
| |
| Thomas J. Boschloo 2006-01-29, 8:49 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
TwistyCreek wrote:
> On 28 Jan 2006, TwistyCreek <anon@comments.header> wrote:
>
> I will assume this is an honest question and give an honest answer.
>
> How would we do that? In my case, I am only using Mercury and Reliable.
> There are no abilities to filter on message content that I know of. I have
> yet to hear of anyone receiving spam through my re-mailer. I do use the MD5
> hash filter. I have it set to 168 hours. No duplicate messages will be
> accepted for that period of time to reduce vulnerability to floods or mail
> bombing. I have never heard of a re-mailer being used to send spam.
Well, it is there that you are WRONG! It is absolutely imperative for a
remailer operator to filter on spam. You must filter both incoming and
outgoing spam. And use black lists. And while you are at it. Filter on
viruses too. Trust me, it will make your remailer a lot safer. (and its
users too since they won't get virusses or spam)
> When Reliable was written by RProcess many years ago, he included almost
> every option one could think of. If he had intended a re-mailer operator to
> filter on message content, he would have included that capability. Because
> it is not there, I assume he never intended messages to be filtered on
> content by a re-mailer operator.
>
> If we follow the traditions set by the original re-mailer gurus, we won't
> make mistakes.
RProcess did more than that stupid. He explicitely required remops like
Frog-Admin to add filter to their capability string.
[snip]
> I hope this answers your question.
Whos question was this anyways?
Thomas
- --
Robert Heinlein: "When in danger or in doubt, run in circles, scream and
shout"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBQ9ushgEP2l8iXKAJAQHNiwMdEKnDqQtX
nSqMGEn2Vfvl1OeBQmWm3bCp
yfmN58RNXVAIHoH3peG+EFsMyNog1JkBjwuzuToZ
65XLYbM4J3RrA5FjhrpoGNqm
ytf1TDcQsICBQab1m8hO1yNFcWIAreUj0JlfqQ==
=A711
-----END PGP SIGNATURE-----
| |
| Thrasher Remailer 2006-01-29, 8:49 pm |
| In <Y9TUVNRZ38744.8156481481@twistycreek.com>, anon@comments.header wrote:
>First of all, my thanks to all of the remailer operators who run this
>wonderful service using their own equipment, spending their time and money
>to allow the rest of us to post anonymously.
>
>My question is about some of the filtering that is done. I believe that
>most or all exit remailers filter spam messages.
>
Incorrect (unless you're talking about eelbash).
Exit remailers do not filter anything that other remailer don't filter.
Specifically, the only thing they filter is message headers, removing any that can identify the sender.
Mail2news gateways on the other hand, DO use things like cleanfeed to filter spam.
Remailers also dest block addresses of people who request their address not receive mail from that remailer.
They may also source-block abusers/flooders if they can be identified. (which, if they're using remailers, mostly they cannot be identified)
| |
| Thrasher Remailer 2006-01-29, 8:49 pm |
| In <43dbabe3$0$11062$e4fe514c@news.xs4all.nl>, nospam@hccnet.nl wrote:
>=====BEGIN PGP SIGNED MESSAGE=====
>Signature: 0x225CA009 Thomas J. Boschloo <boschloo@multiweb.nl>
>Date: Sat Jan 28 11:40:22 2006
>Status: OK (Invalid)
>
>TwistyCreek wrote:
>
>Well, it is there that you are WRONG! It is absolutely imperative for a
>remailer operator to filter on spam. You must filter both incoming and
>outgoing spam. And use black lists. And while you are at it. Filter on
>viruses too. Trust me, it will make your remailer a lot safer. (and its
>users too since they won't get virusses or spam)
Sorry Tommy, but it's the M2N or recipients MTA that may or may not do any filtering. Blacklists should not be used by anyone because too much legitimate mail gets nuked because some spammer used a dynamic ip.
using anti-virus software on incoming and outbound mail is again not a remailer function, it's the MTA's job. it's also not very usefull in remailed messages when most of them are encrypted anyway.
>
>RProcess did more than that stupid. He explicitely required remops like
>Frog-Admin to add filter to their capability string.
His docs say that those who filter should add 'filter' to their capstring, yes, but I've never seen a capstring with that entry.. not even Eelbash whom everyone KNOWS is filtering all non-encrypted traffic his machine handles.
| |
| TwistyCreek 2006-01-29, 8:49 pm |
| On 28 Jan 2006, Thrasher Remailer <thrasher@reece.net.au> wrote:
>In <Y9TUVNRZ38744.8156481481@twistycreek.com>, anon@comments.header wrote:
>
>
>Incorrect (unless you're talking about eelbash).
>
>Exit remailers do not filter anything that other remailer don't filter.
Speaking for myself, I can't filter anything based upon the contents of a
message.
>Specifically, the only thing they filter is message headers, removing any
>that can identify the sender.
Certainy those headers. I also filter out X headers that can be inserted by
a troll to send a message intended to cause problems. For example, I also
filter out X headers that someone might add such as X-Keywords: to prevent
a troll from adding a lot of keywords because the troll has a woody for
someone and wants to make a big show of it. If you look at the thesaurus
for many of us, you will see many additional headers are stripped. They not
only protect the sender, but also protect the re-mailer from passing on
headers intended to cause problems for others.
>Mail2news gateways on the other hand, DO use things like cleanfeed to
>filter spam.
>
>Remailers also dest block addresses of people who request their address
>not receive mail from that remailer.
Very true. I destination block only on the request of someone from a
legitamate address. I will not dest-block any requests sent to me other
than from the originating E-mail address. I have even had a request to
dest-block my own re-mailer 
>They may also source-block abusers/flooders if they can be identified.
>(which, if they're using remailers, mostly they cannot be identified)
Obviously, a re-mailer can't block other re-mailers and still be
dependable.
The real abusers are usually newbies. Long time users of re-mailers are not
abusers. They do not take advantage of the system to harass others. They
respect the re-mailer operators and the re-mailer system. Sure, people
disagree and flame wars erupt, but that isn't real abuse. The following is
a case of abuse:
In my case I was receiving a lot of threatening E-mails. I was quite
nervous about it. I made a couple of mistakes to allow it to happen. With
the first re-mailer domain name I started, I registered it with all of the
correct personal information including my real name and address. I used my
company E-mail address for the contact E-mail. I also listed my home phone
and address. I have an unusual last name and both of my adult children have
the same last name. My son's name is the same as mine. The closest person
that has the same last name is my mother. She lives about 150 miles away.
I was operating it from a regular home account. The ToS of my provider did
not permit operating a server from the "home" type of account. Along with
some threatening E-mails to me, I received a polite E-mail from my ISP
requesting I stop the server. That had me puzzled for the longest time. Why
was I singled out since other re-mailers and Tor servers were using the
same ISP?
So, I changed account types, registered a new domain name and started a
"new" re-mailer. Mistake number 2 was announcing the new re-mailer name
under the admin name of the old re-mailer.
The threatening letter kept coming, but now to the new re-mailer contact.
Eventually the newbie made a mistake. He was apparently making "custom
chains" to my contact address. Several times he screwed up and missed
inserting a chain of even a single re-mailer. He actually sent what he
thought was an "anonymous" threat without using any re-mailers in between.
The RFC822 headers of the threats clearly showed the originating IP. I
believe he was using an older version of QS or maybe hand rolling. I have
never used QS so can't say if a warning message will pop up if you don't
have any re-mailers selected. I only use JBN and it will warn you if you
don't have a re-mailer selected.
That was how he got caught. He was acting on behalf of a friend of his that
had a run in with my son. His friend came out on the losing side so he
decided to "help" out his friend by annoying and threatening me and my
family by E-mail.
He got off easy. I talked to the DA and asked that he be let off since I
now understood why he was doing what he did. The DA agreed with me up to a
point. He was allowed to plea bargain and agree to go to Anger Management
classes and 40 hours of community service. If he completes those, nothing
will be on his record. I think the word was expunged or something like
that. He was living at his parents home and was using the same ISP I have.
His parents go to the same Church. They are wonderful people and apologized
to me personally and very profusely.
In retrospect, when I announced the first re-mailer, he probably did a
WHOIS and saw my name and address. I suspect he used my old re-mailer to
send garbage to his own E-mail address, then used that as evidence to
complain to my ISP. That is probably why I got the polite E-mail from my
ISP to stop the server.
After I was operating within the ToS of my ISP, there was nothing he could
do about it. I think by agitating him enough and him being frustrated that
he couldn't shut the re-mailer down caused him to go on a rampage. That was
when he made the mistake of missing a re-mailer before hitting the send
button.
After realizing he probably did a WHOIS, I checked the the first re-mailer
name. All of my personal information was still there. I deleted the domain
name, but the personal information was still showing. So I went back and
filled it in with bogus information. I have waited until now to allow the
bogus information to propogate through all of the WHOIS utilities on all of
the various web sites. Some other friends in the re-mailer community that
are more savvy than I on the Internet have checked that all of my personal
information has now disappeared.
Life is a lot better now. The re-mailer will "keep on truckin" to quote a
trusted friend and another big contributer to the re-mailer system.
| |
| George Orwell 2006-01-29, 8:49 pm |
| On Sat, 28 Jan 2006 15:40:53 +0000, TwistyCreek wrote:
> On 28 Jan 2006, TwistyCreek <anon@comments.header> wrote:
>
> I will assume this is an honest question and give an honest answer.
>
> How would we do that? In my case, I am only using Mercury and Reliable.
> There are no abilities to filter on message content that I know of.
Then you haven't looked closely enough at Mercury. It comes with a couple
hundred spam filters to which you can add as needed.
Go to configuration / content control. Ask here if you have problems. I
believe the default spam filter list is in c:\mercury\spambust.dat.
I hope this tracks properly.
> I have
> yet to hear of anyone receiving spam through my re-mailer. I do use the
> MD5 hash filter. I have it set to 168 hours. No duplicate messages will be
> accepted for that period of time to reduce vulnerability to floods or mail
> bombing. I have never heard of a re-mailer being used to send spam.
>
> When Reliable was written by RProcess many years ago, he included almost
> every option one could think of. If he had intended a re-mailer operator
> to filter on message content, he would have included that capability.
> Because it is not there, I assume he never intended messages to be
> filtered on content by a re-mailer operator.
>
> If we follow the traditions set by the original re-mailer gurus, we won't
> make mistakes.
>
>
>
> See above. I can't filter on content.
>
>
> See above. I don't have the ability to filter on content, be it spam or
> messages that I personally might find offensive.
>
> I do have the ability to block newsgroups if I choose, block mail to
> E-mail addresses, and a few other options. There is absolutely no ability
> in Reliable to filter on message content, on key words, or anything like
> that.
>
> To filter on message content would require the use of a 3rd party program.
> In my mind, the addition of a 3rd party program to filter on message
> content would put me on a "slippery slope" and be against the traditional
> guidelines set forth by the first re-mailer designers. If it was good
> enough then, it is good enough now. The concept has been proven over time.
> Time is the single most valuable tool we have in anonymity. For instance,
> I did not use the DH/DSS over RSA keys until they were tested by time.
>
> Reliable does have the option of appending a note to the bottom of a
> usenet post. The suggested footnote is relatively benign. Something like
> <this was sent through 2 or more remailers> Personally, I chose not to add
> it. The default one suggested by RProcess is OK with me, I personally like
> it. It in no way impugns the integrity of the message author.
>
> So, to sum it up, I cannot filter spam or anything that I or someone else
> may find offensive if it is in the body of the message. To do so would
> place me on the "slippery slope". I am not going to go there.
>
> I hope this answers your question.
| |
| Thomas J. Boschloo 2006-01-29, 8:49 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Thrasher Remailer wrote:
> In <43dbabe3$0$11062$e4fe514c@news.xs4all.nl>, nospam@hccnet.nl wrote:
[snip]
>
> Sorry Tommy, but it's the M2N or recipients MTA that may or may not do any filtering. Blacklists should not be used by anyone because too much legitimate mail gets nuked because some spammer used a dynamic ip.
>
> using anti-virus software on incoming and outbound mail is again not a remailer function, it's the MTA's job. it's also not very usefull in remailed messages when most of them are encrypted anyway.
lookup http://www.thefreedictionary.com/sarcasm ?
lol,
Thomas
- --
Robert Heinlein: "When in danger or in doubt, run in circles, scream and
shout"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBQ9wqQgEP2l8iXKAJAQH1ngMglORUdKp8
aKxSNueNF6ZSEwIODaNex0H1
iZse/ ypy5m00ZH7tKYq85avJ6W2CpT2faJdLI8EdgJ2oE
oGbgthIYEUfPG7Bkpu+
V3Nk25zstEPvwGGsBDj8ktoS7ZBEXN7JGtNcew==
=PAEQ
-----END PGP SIGNATURE-----
| |
| TwistyCreek 2006-01-29, 8:49 pm |
| On Sun, 29 Jan 2006, George Orwell <nobody@mixmaster.it> wrote:
>On Sat, 28 Jan 2006 15:40:53 +0000, TwistyCreek wrote:
snipped
>
>Then you haven't looked closely enough at Mercury. It comes with a couple
>hundred spam filters to which you can add as needed.
>
>Go to configuration / content control. Ask here if you have problems. I
>believe the default spam filter list is in c:\mercury\spambust.dat.
>
>I hope this tracks properly.
>
You're right. I just checked. <Big look of surprise on my face> and a
"little egg".
There is a "Basic commercial/sex content check" filter. It must be a
default filter that installs with Mercury. Wow, I learn something new every
day
Still, I have never heard of any spam coming from my re-mailer. I guess
that filter is OK.
I don't suppose it will jeopardize my intended and stated policy of
"absolutely no filtering on message content" for the users of my re-mailer.
Thank you very much. I was wrong. I guess I do filter some things, I just
never knew it.
Once again, my most sincere thanks for adding to my knowledge. I had always
assumed Mercury just acted as the mail server for Reliable.
My warmest regards
| |
| Borked Pseudo Mailed 2006-01-29, 8:49 pm |
| George Orwell wrote:
> Go to configuration / content control. Ask here if you have problems. I
> believe the default spam filter list is in c:\mercury\spambust.dat.
>
> I hope this tracks properly.
It didn't. There's extra spaces in the References header that will out
every user.
Keep trying, fool.
LOL!
| |
| TwistyCreek 2006-01-29, 8:49 pm |
| Thrasher Remailer wrote:
>
> Sorry Tommy, but it's the M2N or recipients MTA that may or may not do any
> filtering. Blacklists should not be used by anyone because too much
> legitimate mail gets nuked because some spammer used a dynamic ip.
What yo think should happen ans what does happen are two different things.
Sorry. Many/most remailers at least do dupe checking, and quite a few go a
bit further.
>
> using anti-virus software on incoming and outbound mail is again not a
> remailer function, it's the MTA's job. it's also not very usefull in
> remailed messages when most of them are encrypted anyway.
>
>
>
> His docs say that those who filter should add 'filter' to their capstring,
> yes, but I've never seen a capstring with that entry.. not even Eelbash
> whom everyone KNOWS is filtering all non-encrypted traffic his machine
> handles.
| |
| BiKiKii Admin 2006-01-29, 8:49 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
On 29 Jan 2006, TwistyCreek wrote:
>On Sun, 29 Jan 2006, George Orwell <nobody@mixmaster.it> wrote:
>
>snipped
>
>You're right. I just checked. <Big look of surprise on my face> and a
>"little egg".
>
>There is a "Basic commercial/sex content check" filter. It must be a
>default filter that installs with Mercury. Wow, I learn something new every
>day
>
>Still, I have never heard of any spam coming from my re-mailer. I guess
>that filter is OK.
>
You best disable!
WILL flag some remailer messages as spam unless you make some modifications.
Simple example:
"p0rn" is weight of 51; default threshold is 50.
There are 10 Mixmaster messages in the remailer's mailbox and 1 in MAILOUT
that match that rule in the encyphered message body!
Ciao!
BiKiKii
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQEVAwUBQ9q0AfRwi/QFFzi5AQHrFgf+PATluZuHKfsqlPYOBHW/2Y+vFXU/pPVR
J716Pr7iMCAp5TiKXntDY6WZ1zvrMPKyPUe/U2BAZIUKryG6XfLQ/T22GDy5m5/w
QUybvbLE/Dth392yjPrHl7h5HLMf/EYUqALTGQfKKbc1pWpZZ5blqqWxmZI6c+sS
V24CiSChGTFZcZOI53QGy0MzcmX4bOSCN+m7wzXU
xXcGZ7FlfbSS99JSYMSPO9Zq
VTPuI5kYpE0GHGycP+zL5OyXtDk+JQAg2fV3wTXH
yPGkcoUwVJ8kvF5R+4mMlqg4
5G2+KTLMsAQZts6MK0J6GyuWn9hynWYikHGUB54T
y5HkUKJ9jBm4Ig==
=KQYM
-----END PGP SIGNATURE-----
| |
| TwistyCreek 2006-01-29, 8:49 pm |
| On 29 Jan 2006, BiKiKii Admin <Use-Author-Supplied-Address-Header@[127.1]>
wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>On 29 Jan 2006, TwistyCreek wrote:
>
>You best disable!
>
>WILL flag some remailer messages as spam unless you make some modifications.
>
>Simple example:
>
>"p0rn" is weight of 51; default threshold is 50.
>
>There are 10 Mixmaster messages in the remailer's mailbox and 1 in MAILOUT
>that match that rule in the encyphered message body!
>
>
>Ciao!
>
>BiKiKii
>
Thanks again for the help BiKiKii. I disabled them completely. I didn't
know they existed until today. Now I know for sure I am not doing any
content filtering.
BTW, I seem to be having problems with your pings. Anything going on? Looks
like your stats for all re-mailers are stuck at 5 today.
Thanks again!!!
| |
| George Orwell 2006-01-29, 8:49 pm |
| George Orwell wrote:
> Go to configuration / content control. Ask here if you have problems. I
> believe the default spam filter list is in c:\mercury\spambust.dat.
>
> I hope this tracks properly.
It didn't. There's extra spaces in the References header that will out
every user.
Keep trying, fool.
LOL!
| |
| Fritz Wuehler 2006-01-29, 8:49 pm |
| On Sun, 29 Jan 2006 02:41:13 +0000, TwistyCreek wrote:
> On Sun, 29 Jan 2006, George Orwell <nobody@mixmaster.it> wrote:
>
> snipped
> You're right. I just checked. <Big look of surprise on my face> and a
> "little egg".
>
> There is a "Basic commercial/sex content check" filter. It must be a
> default filter that installs with Mercury. Wow, I learn something new
> every day
>
> Still, I have never heard of any spam coming from my re-mailer. I guess
> that filter is OK.
> I don't suppose it will jeopardize my intended and stated policy of
> "absolutely no filtering on message content" for the users of my
> re-mailer.
>
> Thank you very much. I was wrong. I guess I do filter some things, I just
> never knew it.
>
> Once again, my most sincere thanks for adding to my knowledge. I had
> always assumed Mercury just acted as the mail server for Reliable.
>
> My warmest regards
You can disable that filter if you like. It may be disabled by default.
There is also a second filter: config/filtering rules.
I think it is empty to start with, but can be used for filtering content
using very basic regex.
| |
| Thrasher Remailer 2006-01-29, 8:49 pm |
| In <ABO39DGZ38745.9459722222@twistycreek.com>, anon@comments.header wrote:
>Thrasher Remailer wrote:
>
>
>What yo think should happen ans what does happen are two different things.
>Sorry. Many/most remailers at least do dupe checking,
ALL remailers do dupe checking, it's an anti replay attack measure..
>and quite a few go a bit further.
>
Please, would you mind posting examples? what remailers take what additional steps?
| |
| Thrasher Remailer 2006-01-29, 8:49 pm |
| In < 55104cc66ccc0532de22a74c28022669@mixmast
er.it>, nobody@mixmaster.it wrote:
>On Sat, 28 Jan 2006 15:40:53 +0000, TwistyCreek wrote:
>
>
>Then you haven't looked closely enough at Mercury. It comes with a couple
>hundred spam filters to which you can add as needed.
>
>Go to configuration / content control. Ask here if you have problems. I
>believe the default spam filter list is in c:\mercury\spambust.dat.
True, mercury CAN filter on content as you say, however, since most remailer traffic is encrypted, there's no point. In fact, using that kind of filter on encrypted remailer traffic is a bad idea because random word patterns can and do appear in armored
blobs.
If you're insisting on filtering like that, then you should add an entry to whitelist anything that is encrypted because you have no idea what it is and you could lose mail if you don't.
>I hope this tracks properly.
>
Your References header has a tab character between the message-id's where it should be a single space character.
>References: <Y9TUVNRZ38744.8156481481@twistycreek.com> <ZCHVUZC238745.4450578704@twistycreek.com>
| |
| Anonymous 2006-01-29, 8:49 pm |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sun, 29 Jan 2006 16:43:52 +0000, Thrasher Remailer wrote:
> In <ABO39DGZ38745.9459722222@twistycreek.com>, anon@comments.header wrote:
>
> ALL remailers do dupe checking, it's an anti replay attack measure..
>
> Please, would you mind posting examples? what remailers take what
> additional steps?
I can only speak for Eelbash, but I use Mercury's spam filters, which
catch a small but continuing stream of spam. Most of it is going to test
groups, but some goes to apas and some goes to remailer addresses.
A number of spam messages have shown up recently in apas, apparently sent
by kids trying to discredit the remailer that delivered them. If you run
an exit remailer, why make it easy for some jerk to abuse your remailer;
use whatever tools you have to block their spam.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFD3PdFEC+g9Qawm6QRAqnHAJ9RYofn/ltEJonXzCvvWa8SSY+uCwCgz10t
3zYkKJLTKVNi0FuZ7GICCkc=
=JqKf
-----END PGP SIGNATURE-----
-=-
This message was sent via two or more anonymous remailing services.
| |
| Anonymous 2006-01-29, 8:49 pm |
| On Sun, 29 Jan 2006 17:13:23 +0000, Thrasher Remailer wrote:
> In < 55104cc66ccc0532de22a74c28022669@mixmast
er.it>, nobody@mixmaster.it
> wrote:
>
> True, mercury CAN filter on content as you say, however, since most
> remailer traffic is encrypted, there's no point.
The spam filter also scans the message after it has been decrypted and
before it is sent out, so it does have a chance to see the spam that was
encrypted.
> In fact, using that kind
> of filter on encrypted remailer traffic is a bad idea because random word
> patterns can and do appear in armored blobs.
That happens with my remailer, but only very occasionally. I then
temporarily whitelist something unique about the message to let it get
through.
All in all, I rarely see a false positive in the spam bucket, not that
there is a lot of spam, but there is a steady stream, and spam is viewed
with such exaggerated dislike, that I figure cya is a good idea.
>
> If you're insisting on filtering like that, then you should add an entry
> to whitelist anything that is encrypted because you have no idea what it
> is and you could lose mail if you don't.
>
>
> Your References header has a tab character between the message-id's where
> it should be a single space character.
Thanks. I can see the tab character when I copy the refences header to the kwrite editor. I'll take another look at the code with that in mind.
-=-
This message was sent via two or more anonymous remailing services.
| |
| TwistyCreek 2006-01-29, 8:50 pm |
| On Sun, 29 Jan 2006, Fritz Wuehler
<fritz@spamexpire-200601.rodent.frell.theremailer.net> wrote:
snipped
>
>You can disable that filter if you like. It may be disabled by default.
>There is also a second filter: config/filtering rules.
>I think it is empty to start with, but can be used for filtering content
>using very basic regex.
It was enabled by default, I right clicked it and selected disable. It is
still in the list but has (disabled) next to it.
You were also right again about filtering rules. There is the ability to
filter on some things. I don't have anything in there though.
I don't accept plain text though. I see Reliable (when in verbose mode)
does delete plain text messages so I know they are coming in. I was told by
a very friendly and experienced remop not to allow clear text, at least at
first. He told me that the re-mailer might be used to send spam that way
and I might get my IP blacklisted. I went through a lot of trouble to get a
fixed IP set up and don't want to take any chances.
Just speaking for myself, I don't know enough about Mercury and filtering
(weighting factors and stuff) so I'll not touch those. I have always said
if I have a 50-50 chance on something, the choice I make will always be
100% wrong.
If people start complaining about spam from my re-mailer, I'll ask for help
here and on the remops mail list first.
My intent is to secure the operating environment from compromise to the
best of my abilities (I think I did a good job there) and let it run as it
was intended with the least amount of tinkering required. By tinkering, I
mean the rudimentary basics of adding blocks for E-mail addresses and
things like that.
I have absolutely no problem admitting I am without a doubt the absolute
"dumbest" remop there is when it comes to the Internet and capabilities of
programs like Mercury and Reliable. I have read the Reliable manual over
many times though and tried to follow RProcess's suggestions for securing
the re-mailer. I have read the recent threads about Python or whatever and
was totally lost. I guess it is something that doesn't apply to my
re-mailer anyway. The help files that come with Mercury are very basic. No
where did I see mention of a default installed spam filter. (I might have
missed it though) Which I guess begs me to ask if anyone knows of anything
else that is installed by default that could have an effect on "filtering"
mail. I really don't want Mercury to be doing anything other than receiving
and sending messages. I would rather error on the side of allowing messages
to pass rather than blocking them.
Thank you and Bikikii for sharing with me. I learned a lot and the
re-mailer is better for it. For that I am grateful.
My warmest regards
| |
| Anonymous 2006-01-29, 8:50 pm |
| In article <QPNTVY9C38746.5124074074@anonymous>
Anonymous <BigappleRemailer@bigapple.yi.org> wrote:
>
> A number of spam messages have shown up recently in apas, apparently sent
> by kids trying to discredit the remailer that delivered them.
What spam messages?!
| |
| Thomas J. Boschloo 2006-01-30, 7:48 am |
| -----BEGIN PGP SIGNED MESSAGE-----
Anonymous wrote:
> In article <QPNTVY9C38746.5124074074@anonymous>
> Anonymous <BigappleRemailer@bigapple.yi.org> wrote:
>
> What spam messages?!
Only spam I have ever seen was warez spam. I wonder if this counts as 'mon'.
hth,
Thomas
- --
Robert Heinlein: "When in danger or in doubt, run in circles, scream and
shout"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQB5AwUBQ93rXwEP2l8iXKAJAQGaqwMeMQEMzvx1
t11lEWz4DfhwJTGozFz1y7s/
skvKq8SW3O1I5g0im02ClzMOgLfB15DdcvzSPwbl
fMqo1Uyojl0IFBhltj4Y8zAT
DPcSqPCbm8UnAODvGxY8OxvVHjlfSypnV2SKNg==
=CJsj
-----END PGP SIGNATURE-----
|
|
|
|
|