From: Andrei Popescu on
On Jo, 01 iul 10, 19:43:44, lee wrote:

> > One downside seems to be that it creates lots of exim processes, and
> > I am not sure why yet. It may be open connections with dropping
> > data as a result of the recently added iptables rule
>
> Just to be curious, what is the thinking/idea/advantage behind
> disallowing connections by firewall rules instead of denying the
> relaying or blacklisting the originating IPs through exims
> configuration?

I'm not very familiar with this stuff, but I can imagine:

- two levels of defense
- sparing exim all the useless connections

Regards,
Andrei
--
Offtopic discussions among Debian users and developers:
http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
From: lee on
On Thu, Jul 01, 2010 at 09:08:26PM +0100, Alan Chandler wrote:
> On 01/07/10 18:43, lee wrote:
> >Just to be curious, what is the thinking/idea/advantage behind
> >disallowing connections by firewall rules instead of denying the
> >relaying or blacklisting the originating IPs through exims
> >configuration?
> >
> >
>
> I would like to cause as much disruption to these guys as possible.

Thanks for you all your responses! It makes some sense seeing it that
way :)


--
To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
Archive: http://lists.debian.org/20100703141435.GD31587(a)yun.yagibdah.de
From: Richard Hector on
On Thu, 2010-07-01 at 21:08 +0100, Alan Chandler wrote:

> I would like to cause as much disruption to these guys as possible.

I'd happily drop packets to save bandwidth, and load on my MTA, but I'd
think twice about that reason.

My understanding is that most spam comes from compromised home machines
these days - so the person getting disrupted is some poor sucker whose
machine is compromised, not the actual offender.

Dropping packets may save _them_ bandwidth as well, so as I say, I'd
happily do it :-)

Richard



--
To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
Archive: http://lists.debian.org/1278418867.30144.14.camel(a)diamond.lan.walnut.gen.nz
From: John Hasler on
Richard Hector writes:
> My understanding is that most spam comes from compromised home
> machines these days - so the person getting disrupted is some poor
> sucker whose machine is compromised, not the actual offender.

The machine is compromised because the sucker failed to secure it.
While the botnet operator is the actual criminal the owner of the
compromised machine is still negligent.
--
John Hasler


--
To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
Archive: http://lists.debian.org/878w5opuq9.fsf(a)thumper.dhh.gt.org
From: Richard Hector on
On Tue, 2010-07-06 at 09:09 -0500, John Hasler wrote:
> Richard Hector writes:
> > My understanding is that most spam comes from compromised home
> > machines these days - so the person getting disrupted is some poor
> > sucker whose machine is compromised, not the actual offender.
>
> The machine is compromised because the sucker failed to secure it.
> While the botnet operator is the actual criminal the owner of the
> compromised machine is still negligent.

Through ignorance, in most cases, I suspect. I doubt most of them are
aware of the consequences.

Richard



--
To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
Archive: http://lists.debian.org/1278455528.3978.6.camel(a)topaz.wgtn.cat-it.co.nz