From tools-discuss-bounces@ietf.org Fri Jun 01 11:25:21 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hu90C-0004um-Ra; Fri, 01 Jun 2007 11:25:20 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1Hu90B-0004sz-Iq for tools-discuss-confirm+ok@megatron.ietf.org; Fri, 01 Jun 2007 11:25:19 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hu90B-0004sm-91 for tools-discuss@ietf.org; Fri, 01 Jun 2007 11:25:19 -0400 Received: from piper.jhuapl.edu ([128.244.26.33] helo=jhuapl.edu) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Hu90A-0001o6-20 for tools-discuss@ietf.org; Fri, 01 Jun 2007 11:25:19 -0400 Received: from ([128.244.206.105]) by piper.jhuapl.edu with ESMTP id 5502121.30893416; Fri, 01 Jun 2007 11:25:05 -0400 Message-ID: <46603A51.1070004@innovationslab.net> Date: Fri, 01 Jun 2007 11:25:05 -0400 From: Brian Haberman User-Agent: Thunderbird 1.5.0.12 (Macintosh/20070509) MIME-Version: 1.0 To: tools-discuss@ietf.org X-Enigmail-Version: 0.94.1.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Spam-Score: 0.0 (/) X-Scan-Signature: 08170828343bcf1325e4a0fb4584481c Subject: [Tools-discuss] Authenticating posts to IETF mailing list X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org Hi, On one of my working group's mailing list, we have had to set the moderate flag on my subscription due to my e-mail address having been harvested (most likely off the charter page) and used to spam the list. It becomes quite the hassle to send an e-mail to the list, log on to the admin interface, wade through all the spam messages, and approve my own posting. Would it be possible to beta test a PGP-based authorization method as described in http://mail.python.org/pipermail/mailman-developers/2005-July/018153.html Regards, Brian _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Fri Jun 01 14:17:19 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuBgc-00006g-M2; Fri, 01 Jun 2007 14:17:18 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HuBgb-00006Y-Hq for tools-discuss-confirm+ok@megatron.ietf.org; Fri, 01 Jun 2007 14:17:17 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuBgb-00006Q-87 for tools-discuss@ietf.org; Fri, 01 Jun 2007 14:17:17 -0400 Received: from vapor.isi.edu ([128.9.64.64]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HuBgZ-0007fO-Qx for tools-discuss@ietf.org; Fri, 01 Jun 2007 14:17:17 -0400 Received: from [127.0.0.1] (195.sub-70-194-151.myvzw.com [70.194.151.195]) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id l51IGx7Z000682; Fri, 1 Jun 2007 11:17:02 -0700 (PDT) Message-ID: <46606284.6040301@isi.edu> Date: Fri, 01 Jun 2007 11:16:36 -0700 From: Joe Touch User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Brian Haberman Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> In-Reply-To: <46603A51.1070004@innovationslab.net> X-Enigmail-Version: 0.95.0 X-ISI-4-43-8-MailScanner: Found to be clean X-MailScanner-From: touch@isi.edu X-Spam-Score: 0.0 (/) X-Scan-Signature: 8b431ad66d60be2d47c7bfeb879db82c Cc: tools-discuss@ietf.org X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0321092976==" Errors-To: tools-discuss-bounces@ietf.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0321092976== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigC89175BDFC2D43B629966F39" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigC89175BDFC2D43B629966F39 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Brian Haberman wrote: > Hi, > On one of my working group's mailing list, we have had to set the > moderate flag on my subscription due to my e-mail address having been > harvested (most likely off the charter page) and used to spam the list.= > It becomes quite the hassle to send an e-mail to the list, log on to > the admin interface, wade through all the spam messages, and approve my= > own posting. >=20 > Would it be possible to beta test a PGP-based authorization method= > as described in >=20 > http://mail.python.org/pipermail/mailman-developers/2005-July/018153.ht= ml Why not write a filter to check mail sent from your address for a really short cookie in the header or body? It's a lot less heavyweight on the server side, and also supports non-PGP posters, and need not be beta-tested. It would work for anyone whose email was compromised. Joe --------------enigC89175BDFC2D43B629966F39 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGYGKFE5f5cImnZrsRAlfyAKCtCHkBc5BoWn8c3dJhIB5JnffvzwCdHZK6 QhFSEKIkGFvNiazSmLYMxV0= =Nd7n -----END PGP SIGNATURE----- --------------enigC89175BDFC2D43B629966F39-- --===============0321092976== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============0321092976==-- From tools-discuss-bounces@ietf.org Fri Jun 01 14:38:32 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuC19-0000Sl-E1; Fri, 01 Jun 2007 14:38:31 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HuC18-0000Sf-4Y for tools-discuss-confirm+ok@megatron.ietf.org; Fri, 01 Jun 2007 14:38:30 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuC17-0000SX-R9 for tools-discuss@ietf.org; Fri, 01 Jun 2007 14:38:29 -0400 Received: from sj-iport-3-in.cisco.com ([171.71.176.72] helo=sj-iport-3.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HuC16-0001RI-Hw for tools-discuss@ietf.org; Fri, 01 Jun 2007 14:38:29 -0400 Received: from sj-dkim-4.cisco.com ([171.71.179.196]) by sj-iport-3.cisco.com with ESMTP; 01 Jun 2007 11:38:28 -0700 X-IronPort-AV: i="4.16,373,1175497200"; d="scan'208"; a="489985181:sNHT237921988" Received: from sj-core-2.cisco.com (sj-core-2.cisco.com [171.71.177.254]) by sj-dkim-4.cisco.com (8.12.11/8.12.11) with ESMTP id l51IcRUT004570; Fri, 1 Jun 2007 11:38:27 -0700 Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com [171.70.151.144]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id l51IcNaI013068; Fri, 1 Jun 2007 18:38:23 GMT Received: from xfe-sjc-211.amer.cisco.com ([171.70.151.174]) by xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Fri, 1 Jun 2007 11:38:23 -0700 Received: from [171.70.233.106] ([171.70.233.106]) by xfe-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Fri, 1 Jun 2007 11:38:23 -0700 In-Reply-To: <46606284.6040301@isi.edu> References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> Mime-Version: 1.0 (Apple Message framework v752.3) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> Content-Transfer-Encoding: 7bit From: Fred Baker Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list Date: Fri, 1 Jun 2007 11:37:44 -0700 To: Joe Touch X-Mailer: Apple Mail (2.752.3) X-OriginalArrivalTime: 01 Jun 2007 18:38:23.0245 (UTC) FILETIME=[08B6DBD0:01C7A47C] DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=396; t=1180723107; x=1181587107; c=relaxed/simple; s=sjdkim4002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=fred@cisco.com; z=From:=20Fred=20Baker=20 |Subject:=20Re=3A=20[Tools-discuss]=20Authenticating=20posts=20to=20IETF= 20mailing=20list |Sender:=20; bh=Zxh8BdPM81fh4GKOitI6j/xxQbtzdTHeiTkQUosYO1A=; b=KayRH4ueUGPoJTzD57dvf7QCGclvIE/imFGoAb/hRyNssX4GIeMYuIhB2VVQa/lxB9EqMULV Butd+8f7WRJVjc7WtjNixdcoLrK0OEul6mUB95KmBr/Cz5QsLN4XKiKI; Authentication-Results: sj-dkim-4; header.From=fred@cisco.com; dkim=pass (si g from cisco.com/sjdkim4002 verified; ); X-Spam-Score: 0.0 (/) X-Scan-Signature: d17f825e43c9aed4fd65b7edddddec89 Cc: Brian Haberman , tools-discuss@ietf.org X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org On Jun 1, 2007, at 11:16 AM, Joe Touch wrote: > Why not write a filter to check mail sent from your address for a > really > short cookie in the header or body? I'm not sure that helps anyone else. fred@cisco.com is an address that is often found in spam as well, and I can certainly test for my own address, but nobody else would know that I'm inserting the envelope line. _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Fri Jun 01 16:07:19 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuDP1-0004At-Pg; Fri, 01 Jun 2007 16:07:15 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HuDP0-0004Am-7W for tools-discuss-confirm+ok@megatron.ietf.org; Fri, 01 Jun 2007 16:07:14 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuDOz-0004Ae-Tk for tools-discuss@ietf.org; Fri, 01 Jun 2007 16:07:13 -0400 Received: from purgatory.unfix.org ([2001:7b8:20d:0:290:27ff:fe24:c19f]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HuDOz-00016s-9T for tools-discuss@ietf.org; Fri, 01 Jun 2007 16:07:13 -0400 Received: from [IPv6:2001:770:100:9e::2] (spaghetti.unfix.org [IPv6:2001:770:100:9e::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: jeroen) by purgatory.unfix.org (Postfix) with ESMTP id 76B69140C365; Fri, 1 Jun 2007 22:07:11 +0200 (CEST) Message-ID: <46607C6E.4000009@spaghetti.zurich.ibm.com> Date: Fri, 01 Jun 2007 21:07:10 +0100 From: Jeroen Massar Organization: Unfix User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070326 Thunderbird/2.0.0.0 Mnenhy/0.7.5.666 MIME-Version: 1.0 To: Fred Baker Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> In-Reply-To: <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> X-Enigmail-Version: 0.95.0 OpenPGP: id=333E7C23 X-Virus-Scanned: ClamAV version 0.90.2, clamav-milter version 0.90.2 on purgatory.unfix.org X-Virus-Status: Clean X-Spam-Score: -2.8 (--) X-Scan-Signature: 4b800b1eab964a31702fa68f1ff0e955 Cc: Brian Haberman , tools-discuss@ietf.org, Joe Touch X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0133906818==" Errors-To: tools-discuss-bounces@ietf.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0133906818== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig86044928B113AAA3AD19E933" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig86044928B113AAA3AD19E933 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Fred Baker wrote: >=20 > On Jun 1, 2007, at 11:16 AM, Joe Touch wrote: >=20 >> Why not write a filter to check mail sent from your address for a real= ly >> short cookie in the header or body? >=20 > I'm not sure that helps anyone else. fred@cisco.com is an address that > is often found in spam as well, and I can certainly test for my own > address, but nobody else would know that I'm inserting the envelope lin= e. In Brian's case it is quite a bit more nasty than spam. It seems that virusses have picked up his address and are using it as a source, with a target of the ipv6 mailinglist. I've deleted upto now, since february 2006 when this started occurring. Then we, in agreement with Brian moderated his mail address so that it would not end up in the archives and of course not at all the subscribers. The biggest problem with adminning a mailinglist now is simply that there is about, I guess ~75 spams a day ending up in the moderator queue. The problem with this is that one becomes lazy in checking the queue, thus if there is a legit message it will take a few moments longer for them to be approved. Or it might just happen accidentally that you delete it, afaik that didn't happen yet though fortunately. Having PGP signing option for a mailinglist would be very welcome. It seems that the patch that Brian mentioned is from what I saw quite fine, I have to test it a bit more, but the test run that I did went fine for the 10k mails I spat through it (replaying mboxes is fun :) Only thing was that most mail got entered in the modqueue as I didn't sign them up and only few people actually PGP sign their mail. I guess though that when there is an incentive and actual use that it will become more widespread in usage to actually use PGP. Of course, what we really should be looking at is DKIM, but getting mailers to support that requires admin intervention. PGP is what everbody can do for oneselves. Of course, I am not saying "make it mandatory" (some people are forced to use stupid mailers like eg Lotus Notes), but for a case like Brian's it is a perfect solution. Greets, Jeroen --------------enig86044928B113AAA3AD19E933 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Jeroen Massar / http://unfix.org/~jeroen/ iHUEARECADUFAkZgfG4uFIAAAAAAFQAQcGthLWFkZHJlc3NAZ251cGcub3JnamVy b2VuQHVuZml4Lm9yZwAKCRApqihSMz58I3kyAJ9CnXSf5P5pjHzpW1SFAnjX8k3W 3ACgkTTjX6FuDvczqo4Vho7IgQh+ywU= =cjAm -----END PGP SIGNATURE----- --------------enig86044928B113AAA3AD19E933-- --===============0133906818== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============0133906818==-- From tools-discuss-bounces@ietf.org Fri Jun 01 17:52:56 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuF3H-0000xO-V6; Fri, 01 Jun 2007 17:52:55 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HuF3G-0000wc-CI for tools-discuss-confirm+ok@megatron.ietf.org; Fri, 01 Jun 2007 17:52:54 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuF3G-0000wU-2W for tools-discuss@ietf.org; Fri, 01 Jun 2007 17:52:54 -0400 Received: from s-utl01-dcpop.stsn.net ([72.255.0.201]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1HuF3E-0000mB-T4 for tools-discuss@ietf.org; Fri, 01 Jun 2007 17:52:54 -0400 Received: from s-utl01-dcpop.stsn.net ([127.0.0.1]) by s-utl01-dcpop.stsn.net (SMSSMTP 4.1.2.20) with SMTP id M2007060117524920152 ; Fri, 01 Jun 2007 17:52:49 -0400 X-Spam-Status: No, hits=0.0 required=9.9 tests=ALL_TRUSTED: -2.867,AWL: 0.051,BAYES_00: -1.665 X-Spam-Level: Received: from [127.0.0.1] ([10.24.135.156]) by s-utl01-dcpop.stsn.net; Fri, 1 Jun 2007 17:52:48 -0400 Message-ID: <4660950D.1070807@isi.edu> Date: Fri, 01 Jun 2007 14:52:13 -0700 From: Joe Touch User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Fred Baker Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> In-Reply-To: <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> X-Enigmail-Version: 0.95.0 X-Spam-Score: 0.0 (/) X-Scan-Signature: cab78e1e39c4b328567edb48482b6a69 Cc: Brian Haberman , tools-discuss@ietf.org X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0468756606==" Errors-To: tools-discuss-bounces@ietf.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0468756606== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig51F458F6A72375DF746BD269" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig51F458F6A72375DF746BD269 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Fred Baker wrote: >=20 > On Jun 1, 2007, at 11:16 AM, Joe Touch wrote: >=20 >> Why not write a filter to check mail sent from your address for a real= ly >> short cookie in the header or body? >=20 > I'm not sure that helps anyone else. fred@cisco.com is an address that > is often found in spam as well, and I can certainly test for my own > address, but nobody else would know that I'm inserting the envelope lin= e. It helps lists that want to cooperate with you; it's like inserting a static PGP signature. It's not as automatic as the PGP solution, but it doesn't require full buy-in from all subscribers either (the PGP one appears to). Joe --------------enig51F458F6A72375DF746BD269 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGYJUOE5f5cImnZrsRAsKPAKDqaEWz3RB6FDu7vqr1UTUVvrGaeQCfV2jb f1AQ/gpm7JVD53HOLJSK2n8= =3Glt -----END PGP SIGNATURE----- --------------enig51F458F6A72375DF746BD269-- --===============0468756606== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============0468756606==-- From tools-discuss-bounces@ietf.org Fri Jun 01 18:01:53 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuFBx-0008Hi-Ae; Fri, 01 Jun 2007 18:01:53 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HuFBw-0008Ha-Eq for tools-discuss-confirm+ok@megatron.ietf.org; Fri, 01 Jun 2007 18:01:52 -0400 Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuFBw-0008HQ-2q for tools-discuss@ietf.org; Fri, 01 Jun 2007 18:01:52 -0400 Received: from s-utl02-dcpop.stsn.net ([72.255.0.202]) by chiedprmail1.ietf.org with smtp (Exim 4.43) id 1HuFBu-0000Sc-NR for tools-discuss@ietf.org; Fri, 01 Jun 2007 18:01:51 -0400 Received: from s-utl02-dcpop.stsn.net ([127.0.0.1]) by s-utl02-dcpop.stsn.net (SMSSMTP 4.1.2.20) with SMTP id M2007060118014125603 ; Fri, 01 Jun 2007 18:01:41 -0400 X-Spam-Status: No, hits=0.0 required=9.9 tests=ALL_TRUSTED: -2.867,AWL: 0.114,BAYES_00: -1.665 X-Spam-Level: Received: from [127.0.0.1] ([10.24.135.156]) by s-utl02-dcpop.stsn.net; Fri, 1 Jun 2007 18:01:40 -0400 Message-ID: <46609721.3030705@isi.edu> Date: Fri, 01 Jun 2007 15:01:05 -0700 From: Joe Touch User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Jeroen Massar Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> In-Reply-To: <46607C6E.4000009@spaghetti.zurich.ibm.com> X-Enigmail-Version: 0.95.0 X-Spam-Score: 0.0 (/) X-Scan-Signature: 6cca30437e2d04f45110f2ff8dc1b1d5 Cc: Brian Haberman , Fred Baker , tools-discuss@ietf.org X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1097502494==" Errors-To: tools-discuss-bounces@ietf.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============1097502494== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig46083DDD30D09605637B0E75" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig46083DDD30D09605637B0E75 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable A few questions below... Jeroen Massar wrote: > Fred Baker wrote: >> On Jun 1, 2007, at 11:16 AM, Joe Touch wrote: >> >>> Why not write a filter to check mail sent from your address for a rea= lly >>> short cookie in the header or body? >> I'm not sure that helps anyone else. fred@cisco.com is an address that= >> is often found in spam as well, and I can certainly test for my own >> address, but nobody else would know that I'm inserting the envelope li= ne. >=20 > In Brian's case it is quite a bit more nasty than spam. It seems that > virusses have picked up his address and are using it as a source, with > a target of the ipv6 mailinglist. That's spam, isn't it? The source isn't the issue. > I've deleted upto now, since > february 2006 when this started occurring. Then we, in agreement with > Brian moderated his mail address so that it would not end up in the > archives and of course not at all the subscribers. >=20 > The biggest problem with adminning a mailinglist now is simply that > there is about, I guess ~75 spams a day ending up in the moderator > queue. The problem with this is that one becomes lazy in checking the > queue, thus if there is a legit message it will take a few moments > longer for them to be approved. Or it might just happen accidentally > that you delete it, afaik that didn't happen yet though fortunately. Is the list closed to non-members too? I.e., are the spams coming just from subscriber addresses? > Having PGP signing option for a mailinglist would be very welcome. Is this a per-subscriber option? (you hinted at this issue) > It seems that the patch that Brian mentioned is from what I saw quite > fine, I have to test it a bit more, but the test run that I did went > fine for the 10k mails I spat through it (replaying mboxes is fun :) > Only thing was that most mail got entered in the modqueue as I didn't > sign them up and only few people actually PGP sign their mail. I guess > though that when there is an incentive and actual use that it will > become more widespread in usage to actually use PGP. That's not under many user's control; some use systems that don't support PGP, and others are required to use systems that aren't configured to use PGP. I'd hate to require this of all subscribers, or even those whose addresses have been compromised. Joe --------------enig46083DDD30D09605637B0E75 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGYJciE5f5cImnZrsRAoXfAJsHz/61lanq/TjFvK7MRkuatfgsxQCeNw1o AeDWqYjbaGpr8NkPxF+yOzU= =9Vgl -----END PGP SIGNATURE----- --------------enig46083DDD30D09605637B0E75-- --===============1097502494== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============1097502494==-- From tools-discuss-bounces@ietf.org Fri Jun 01 19:53:26 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuGvt-0002pE-OJ; Fri, 01 Jun 2007 19:53:25 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HuGvs-0002kD-PW for tools-discuss-confirm+ok@megatron.ietf.org; Fri, 01 Jun 2007 19:53:24 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuGvs-0002jI-Eu for tools-discuss@ietf.org; Fri, 01 Jun 2007 19:53:24 -0400 Received: from purgatory.unfix.org ([2001:7b8:20d:0:290:27ff:fe24:c19f]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HuGvq-0003pY-Mf for tools-discuss@ietf.org; Fri, 01 Jun 2007 19:53:24 -0400 Received: from [IPv6:2001:770:100:9e::2] (spaghetti.unfix.org [IPv6:2001:770:100:9e::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: jeroen) by purgatory.unfix.org (Postfix) with ESMTP id 3B94E140C0E7; Sat, 2 Jun 2007 01:53:19 +0200 (CEST) Message-ID: <4660B165.8000406@spaghetti.zurich.ibm.com> Date: Sat, 02 Jun 2007 00:53:09 +0100 From: Jeroen Massar Organization: Unfix User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070326 Thunderbird/2.0.0.0 Mnenhy/0.7.5.666 MIME-Version: 1.0 To: Joe Touch Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46609721.3030705@isi.edu> In-Reply-To: <46609721.3030705@isi.edu> X-Enigmail-Version: 0.95.0 OpenPGP: id=333E7C23 X-Virus-Scanned: ClamAV version 0.90.2, clamav-milter version 0.90.2 on purgatory.unfix.org X-Virus-Status: Clean X-Spam-Score: -2.8 (--) X-Scan-Signature: 31247fb3be228bb596db9127becad0bc Cc: Brian Haberman , Fred Baker , tools-discuss@ietf.org X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0876105478==" Errors-To: tools-discuss-bounces@ietf.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0876105478== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigDC83572EA1924E1C9E89E916" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigDC83572EA1924E1C9E89E916 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Joe Touch wrote: [..] > That's spam, isn't it? The source isn't the issue. It is spam that is spreading viruses so that it can spread more spam. "Worm.Stration.pac-1" is the current one that is trying to be Brian from several IPv4 addresses, unfortunately quite random. Contacting those ISP's is of no use it seems as they don't respond at all. Most likely they don't know what to do with it. See below. > Is the list closed to non-members too? I.e., are the spams coming just > from subscriber addresses? Most of the stuff in the queue comes from non-subscriber addresses. But for some reason Brian's address is being used as a from by this strand of viruses and the couple of previous ones. I guess that at some point somebody gets infected who has a message from him in his/her mailbox, but it is hard to tell what it really is. >> Having PGP signing option for a mailinglist would be very welcome. >=20 > Is this a per-subscriber option? (you hinted at this issue) Yes, the user can in their regular mailman options add their own PGP key like that they like to use. If they don't (default) then they don't get this extra protection. If somebody spams from their address then it gets through (just like the first virus from brian did) One can set the full list to require PGP keys though, but that is what for ietf lists atm is not acceptable. [..] > That's not under many user's control; some use systems that don't > support PGP, and others are required to use systems that aren't > configured to use PGP. I'd hate to require this of all subscribers, or > even those whose addresses have been compromised. It is not required, so that is not a problem (IMHO). It is also what I mentioned for DKIM, we can't require it as not everybody has the ability to implement it. The advantage of this concept thus becomes that the people who want can make sure that they don't get spammed/virussed by this. Normally this indeed does not happen, but it solves the problem in the cases that it does. Greets, Jeroen -- * =3D http://www.nabble.com/Virus-Found-in-message-%22Re%3A%22-tf1175276.html#a= 3089601 http://www.nabble.com/Virus-Found-in-message-%22Fwd%3A-Crazy-illegal-Sex%= 21%22-tf1175197.html#a3089367 http://www.nabble.com/Virus-Found-in-message-%22eBook.pdf%22-tf1175090.ht= ml#a3089046 etc etc etc... :( --------------enigDC83572EA1924E1C9E89E916 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Jeroen Massar / http://unfix.org/~jeroen/ iHUEARECADUFAkZgsW4uFIAAAAAAFQAQcGthLWFkZHJlc3NAZ251cGcub3JnamVy b2VuQHVuZml4Lm9yZwAKCRApqihSMz58IxyVAKCjjiWzBKibIIXZ/cdoWNQ9UcAy /gCeOtm7y+K/XBwE1vrg7Uh/EJoE2yY= =O4hy -----END PGP SIGNATURE----- --------------enigDC83572EA1924E1C9E89E916-- --===============0876105478== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============0876105478==-- From tools-discuss-bounces@ietf.org Fri Jun 01 23:00:54 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuJrE-0005pg-Oc; Fri, 01 Jun 2007 23:00:48 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HuJrD-0005mq-M2 for tools-discuss-confirm+ok@megatron.ietf.org; Fri, 01 Jun 2007 23:00:47 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuJrD-0005mf-9L for tools-discuss@ietf.org; Fri, 01 Jun 2007 23:00:47 -0400 Received: from s-utl01-dcpop.stsn.net ([72.255.0.201]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1HuJrC-0006x5-2z for tools-discuss@ietf.org; Fri, 01 Jun 2007 23:00:47 -0400 Received: from s-utl01-dcpop.stsn.net ([127.0.0.1]) by s-utl01-dcpop.stsn.net (SMSSMTP 4.1.2.20) with SMTP id M2007060123003420891 ; Fri, 01 Jun 2007 23:00:34 -0400 X-Spam-Status: No, hits=0.0 required=9.9 tests=ALL_TRUSTED: -2.867,AWL: 0.048,BAYES_00: -1.665 X-Spam-Level: Received: from [127.0.0.1] ([10.24.135.156]) by s-utl01-dcpop.stsn.net; Fri, 1 Jun 2007 23:00:32 -0400 Message-ID: <4660DD2E.5070401@isi.edu> Date: Fri, 01 Jun 2007 19:59:58 -0700 From: Joe Touch User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Jeroen Massar Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46609721.3030705@isi.edu> <4660B165.8000406@spaghetti.zurich.ibm.com> In-Reply-To: <4660B165.8000406@spaghetti.zurich.ibm.com> X-Enigmail-Version: 0.95.0 X-Spam-Score: 0.0 (/) X-Scan-Signature: 25620135586de10c627e3628c432b04a Cc: Brian Haberman , Fred Baker , tools-discuss@ietf.org X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0258768766==" Errors-To: tools-discuss-bounces@ietf.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0258768766== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigCF16DA70FBA827C29A4BFA57" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigCF16DA70FBA827C29A4BFA57 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Hi, Jeroen, Jeroen Massar wrote: > Joe Touch wrote: > [..] >=20 >> That's spam, isn't it? The source isn't the issue. >=20 > It is spam that is spreading viruses so that it can spread more spam. That's just still spam, though. I agree it's not useful to try to stop it at the source, but it ought to be tagged by any reasonable spam-stopping system (don't IETF lists have spam detection?) Also, you should be able to configure a reasonable mailer to drop posts with attachments. Given this is an IETF email list, that should be acceptable. >> Is the list closed to non-members too? I.e., are the spams coming just= >> from subscriber addresses? >=20 > Most of the stuff in the queue comes from non-subscriber addresses. Why not shut that down? i.e., require subscriber only posts? That doesn't solve Brian's issue, but does solve the bulk of the rest of it. =2E.. >>> Having PGP signing option for a mailinglist would be very welcome. >> Is this a per-subscriber option? (you hinted at this issue) >=20 > Yes,=20 =2E.. > One can set the full list to require PGP keys though, but that is what > for ietf lists atm is not acceptable. Right. Thanks, that was what I was wondering. =2E.. > The advantage of this concept thus becomes that the people who want > can make sure that they don't get spammed/virussed by this. Normally > this indeed does not happen, but it solves the problem in the cases > that it does. Sure, provided everyone who is attacked this way is PGP-capable. ;-) However, blocking non-member posts and attachments might go a long way to reducing workload in list management; they work for my lists. Joe --------------enigCF16DA70FBA827C29A4BFA57 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGYN0uE5f5cImnZrsRAqycAJwMdlYgtWHE7khfd7AdYIuS8xhGswCfQYzc zbZBujj4WNoyN9sZFijS2Gc= =BK4j -----END PGP SIGNATURE----- --------------enigCF16DA70FBA827C29A4BFA57-- --===============0258768766== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============0258768766==-- From tools-discuss-bounces@ietf.org Sat Jun 02 05:21:45 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuPnq-0002rD-CG; Sat, 02 Jun 2007 05:21:42 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HuPno-0002r8-No for tools-discuss-confirm+ok@megatron.ietf.org; Sat, 02 Jun 2007 05:21:40 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuPnl-0002qj-9x for tools-discuss@ietf.org; Sat, 02 Jun 2007 05:21:37 -0400 Received: from purgatory.unfix.org ([2001:7b8:20d:0:290:27ff:fe24:c19f]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HuPnk-00078b-CD for tools-discuss@ietf.org; Sat, 02 Jun 2007 05:21:37 -0400 Received: from [IPv6:2001:770:100:9e::2] (spaghetti.unfix.org [IPv6:2001:770:100:9e::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: jeroen) by purgatory.unfix.org (Postfix) with ESMTP id 6AE69140C0E7; Sat, 2 Jun 2007 11:21:34 +0200 (CEST) Message-ID: <4661369B.4080607@spaghetti.zurich.ibm.com> Date: Sat, 02 Jun 2007 10:21:31 +0100 From: Jeroen Massar Organization: Unfix User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070326 Thunderbird/2.0.0.0 Mnenhy/0.7.5.666 MIME-Version: 1.0 To: Joe Touch Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46609721.3030705@isi.edu> <4660B165.8000406@spaghetti.zurich.ibm.com> <4660DD2E.5070401@isi.edu> In-Reply-To: <4660DD2E.5070401@isi.edu> X-Enigmail-Version: 0.95.0 OpenPGP: id=333E7C23 X-Virus-Scanned: ClamAV version 0.90.2, clamav-milter version 0.90.2 on purgatory.unfix.org X-Virus-Status: Clean X-Spam-Score: -2.8 (--) X-Scan-Signature: 2857c5c041d6c02d7181d602c22822c8 Cc: Brian Haberman , Fred Baker , tools-discuss@ietf.org X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0376674971==" Errors-To: tools-discuss-bounces@ietf.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0376674971== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig5546E1FA66AC2FD5C019B712" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig5546E1FA66AC2FD5C019B712 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Joe Touch wrote: > Hi, Jeroen, >=20 > Jeroen Massar wrote: >> Joe Touch wrote: >> [..] >> >>> That's spam, isn't it? The source isn't the issue. >> It is spam that is spreading viruses so that it can spread more spam. >=20 > That's just still spam, though. I agree it's not useful to try to stop > it at the source, but it ought to be tagged by any reasonable > spam-stopping system (don't IETF lists have spam detection?) They do, but they don't drop messages (yet). There is also a semi-useless interface which show the spam counters, but from the subject line it is fairly obvious what is and what is not spam. What should be done is that Neustar has Virus&Spam-check on SMTP-DATA. That way they can reject messages and the sender would at least know it gets rejected. This would reduce all of this a *lot*. This would be the most useful solution IMHO. To give a scary statistic from my single jeroen@unfix.org address, last May it got 21724 mails, additionally 17316 where refused due to mostly spam reasons. Viruses are not spread to wide nowadays as far as I can see from my graphs. April was worse it seems from the history graphs with spam >60%. Trick is also that my secondary MX's already perform filtering too, so that junk that arrives there doesn't pop up in these stats. Simple postfix rejections (hostname checks etc) btw solve a lot of spam also as most spam software fortunately doesn't know how to properly speak SMTP. > Also, you should be able to configure a reasonable mailer to drop posts= > with attachments. Given this is an IETF email list, that should be > acceptable. Well, PGP signed messages look like attachments to most people ;) It is quite hard to filter out messages that look like attachment, because there are still also people who use HTML. As such filtering on MIME type etc is not easily done, especially as Mailman only allows Current List policies afaik also don't allow automatic filtering :( It would be great to REJECT at SMTP DATA time as then senders who are legit get a correct bounce about it. Checking the mailman interface, we had this problem also with another address, somebody at Microsoft also got bitten by this, we resolved that in the same way. >>> Is the list closed to non-members too? I.e., are the spams coming jus= t >>> from subscriber addresses? >> Most of the stuff in the queue comes from non-subscriber addresses. >=20 > Why not shut that down? i.e., require subscriber only posts? That > doesn't solve Brian's issue, but does solve the bulk of the rest of it.= It is configured as subscribe-only posting. Which means that everything else comes into the moderator queue. And you do not want to bounce that stuff back to unsuspecting senders by rejecting it in mailman and you do not want to automatically discard it either, as it might be a legit message. Which does happen quite often when there are cross posts between working groups, as then people might not be subscribed but do reply to the message. If the REJECT would be at SMTP DATA time that would solve that part of the problem indeed, and we would not have any spam/viruses any more in the queue. Next to spam, there are a lot of Non-Delivery notifications too. Especially the spammy "We found a virus, buy Symantec" are great. > ... >> The advantage of this concept thus becomes that the people who want >> can make sure that they don't get spammed/virussed by this. Normally >> this indeed does not happen, but it solves the problem in the cases >> that it does. >=20 > Sure, provided everyone who is attacked this way is PGP-capable. ;-) > However, blocking non-member posts and attachments might go a long way > to reducing workload in list management; they work for my lists. How exactly do you "block" these? Especially with an eye at the above where people cross post and are not subscribed. Discarding, without notification, these messages is a nono IMHO. Even legit messages being sent from a non-subscriber address to the list should be able to get through, that is where the moderator queue is for. Greets, Jeroen --------------enig5546E1FA66AC2FD5C019B712 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Jeroen Massar / http://unfix.org/~jeroen/ iHUEARECADUFAkZhNp4uFIAAAAAAFQAQcGthLWFkZHJlc3NAZ251cGcub3JnamVy b2VuQHVuZml4Lm9yZwAKCRApqihSMz58I58sAJ9vsh8sRiAeWFtDLhY91PfATzog 8gCgiJ74dE7rdwTpoXlREd+A44HjFwo= =c0yE -----END PGP SIGNATURE----- --------------enig5546E1FA66AC2FD5C019B712-- --===============0376674971== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============0376674971==-- From tools-discuss-bounces@ietf.org Sat Jun 02 08:24:52 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuSf5-00049v-2F; Sat, 02 Jun 2007 08:24:51 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HuSf4-00049q-35 for tools-discuss-confirm+ok@megatron.ietf.org; Sat, 02 Jun 2007 08:24:50 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuSf3-00049i-Pm for tools-discuss@ietf.org; Sat, 02 Jun 2007 08:24:49 -0400 Received: from s-utl01-dcpop.stsn.net ([72.255.0.201]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1HuSf2-0005Gx-IB for tools-discuss@ietf.org; Sat, 02 Jun 2007 08:24:49 -0400 Received: from s-utl01-dcpop.stsn.net ([127.0.0.1]) by s-utl01-dcpop.stsn.net (SMSSMTP 4.1.2.20) with SMTP id M2007060208244021500 ; Sat, 02 Jun 2007 08:24:40 -0400 X-Spam-Status: No, hits=0.0 required=9.9 tests=ALL_TRUSTED: -2.867,AWL: 0.081,BAYES_00: -1.665 X-Spam-Level: Received: from [127.0.0.1] ([10.24.135.240]) by s-utl01-dcpop.stsn.net; Sat, 2 Jun 2007 08:24:38 -0400 Message-ID: <46616164.40607@isi.edu> Date: Sat, 02 Jun 2007 05:24:04 -0700 From: Joe Touch User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Jeroen Massar Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46609721.3030705@isi.edu> <4660B165.8000406@spaghetti.zurich.ibm.com> <4660DD2E.5070401@isi.edu> <4661369B.4080607@spaghetti.zurich.ibm.com> In-Reply-To: <4661369B.4080607@spaghetti.zurich.ibm.com> X-Enigmail-Version: 0.95.0 X-Spam-Score: 0.0 (/) X-Scan-Signature: 6cca30437e2d04f45110f2ff8dc1b1d5 Cc: Brian Haberman , Fred Baker , tools-discuss@ietf.org X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============2103674445==" Errors-To: tools-discuss-bounces@ietf.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============2103674445== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig17A8A64C6DFEDD3B23904ACD" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig17A8A64C6DFEDD3B23904ACD Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Jeroen Massar wrote: =2E.. >> Sure, provided everyone who is attacked this way is PGP-capable. ;-) >> However, blocking non-member posts and attachments might go a long way= >> to reducing workload in list management; they work for my lists. >=20 > How exactly do you "block" these?=20 Mailman can block file attachments by attachment type, e.g., by file suffix and/or MIME type. > especially with an eye at the above > where people cross post and are not subscribed.=20 On E2E, our policy is that you need to subscribe to post. Even to cross post. > Discarding, without > notification, these messages is a nono IMHO.=20 Email isn't a reliable system; things can get lost anywhere in the chain, and there's no requirement to support positive ACK to the source upon final delivery. IMO, anyone who posts should check to see if they got a copy, and if not, can contact the list manager (and they do, when needed). > Even legit messages being > sent from a non-subscriber address to the list should be able to get > through, that is where the moderator queue is for. That, IMO, is what a list manager email addr is for. Nonsubscribers can always forward to me, and I can post on their behalf. Understand that I tried to avoid these measures, but at this point, E2E: - blocks applications - requires subscription to post - silently discards nonmember posts - rejects (with NACK) posts tagged with no-archive - silently discards spam where spam is indicated by a spam filter, and the threshold is set fairly high - holds messages matching certain announcement types notifies the sender about the hold and are reviewed every few days Since these rules were put in place in 2004, the amount of daily management work has decreased to trivial, and the utility of the list has not substantially suffered (based on posts/day). Joe --------------enig17A8A64C6DFEDD3B23904ACD Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGYWFkE5f5cImnZrsRArYqAJ9Cu5EXo9VCmIkwzW0nzy4TnX6D2wCeMj4z vrk+mD3YsW5CegMoX+t6AT8= =qduz -----END PGP SIGNATURE----- --------------enig17A8A64C6DFEDD3B23904ACD-- --===============2103674445== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============2103674445==-- From tools-discuss-bounces@ietf.org Sun Jun 03 01:57:07 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Huj5O-0003Np-Eu; Sun, 03 Jun 2007 01:57:06 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1Huj5M-0003Nf-8Z for tools-discuss-confirm+ok@megatron.ietf.org; Sun, 03 Jun 2007 01:57:04 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Huj5L-0003NW-RF for tools-discuss@ietf.org; Sun, 03 Jun 2007 01:57:03 -0400 Received: from eunet-gw.ipv6.netcore.fi ([2001:670:86:3001::1] helo=netcore.fi) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Huj5K-000402-5L for tools-discuss@ietf.org; Sun, 03 Jun 2007 01:57:03 -0400 Received: from netcore.fi (localhost [127.0.0.1]) by netcore.fi (8.13.8/8.13.8) with ESMTP id l535uoip022653; Sun, 3 Jun 2007 08:56:50 +0300 Received: from localhost (pekkas@localhost) by netcore.fi (8.13.8/8.13.8/Submit) with ESMTP id l535umdV022650; Sun, 3 Jun 2007 08:56:49 +0300 Date: Sun, 3 Jun 2007 08:56:48 +0300 (EEST) From: Pekka Savola To: Joe Touch Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list In-Reply-To: <46616164.40607@isi.edu> Message-ID: References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46609721.3030705@isi.edu> <4660B165.8000406@spaghetti.zurich.ibm.com> <4660DD2E.5070401@isi.edu> <4661369B.4080607@spaghetti.zurich.ibm.com> <46616164.40607@isi.edu> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: ClamAV 0.90.2/3340/Sun Jun 3 01:40:38 2007 on otso.netcore.fi X-Virus-Status: Clean X-Spam-Status: No, score=-3.4 required=5.0 tests=ALL_TRUSTED, AWL, BAYES_00 autolearn=ham version=3.1.8 X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on otso.netcore.fi X-Spam-Score: -2.8 (--) X-Scan-Signature: 93238566e09e6e262849b4f805833007 Cc: Brian Haberman , tools-discuss@ietf.org, Fred Baker X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org On Sat, 2 Jun 2007, Joe Touch wrote: > Understand that I tried to avoid these measures, but at this point, E2E: > > - blocks applications > - requires subscription to post > - silently discards nonmember posts > - rejects (with NACK) posts tagged with no-archive > - silently discards spam > where spam is indicated by a spam filter, > and the threshold is set fairly high > - holds messages matching certain announcement types > notifies the sender about the hold > and are reviewed every few days Well, I'm not sure how much use it is to discuss non-IETF mailing lists in the context of IETF mailing lists. At least two mechanisms of the above are incompatible with the IESG statement on IETF mailing list mail handling and as such could not be used on IETF mailing lists. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Sun Jun 03 02:45:39 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HujqM-0003Ym-PT; Sun, 03 Jun 2007 02:45:38 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HujqL-0003Yd-NI for tools-discuss-confirm+ok@megatron.ietf.org; Sun, 03 Jun 2007 02:45:37 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HujqL-0003YV-4u for tools-discuss@ietf.org; Sun, 03 Jun 2007 02:45:37 -0400 Received: from ug-out-1314.google.com ([66.249.92.170]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HujqK-0004It-MA for tools-discuss@ietf.org; Sun, 03 Jun 2007 02:45:37 -0400 Received: by ug-out-1314.google.com with SMTP id j30so1445240ugc for ; Sat, 02 Jun 2007 23:45:36 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=TKNeBtQtKZrBj/+ce80FJUP6/l4m2uuAk9XcpTizwVwyAF2iN6+qBtH9nG1wae8EiKfNrWQ64gpSxkS+glRqCIQlfmeX7CqQyXJYfk8Z2woe86aaaPnNiPOSwSpLFjNr+mU1SOyOhLKcuTsJ22zlxZlZuV0ZOztgDeBwa8DamkE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=muJUUbaaYCn2xII1LHpMOinkxDVNo/WCpRHxMt4itgSncLdWBhyiLmZm7eRIgIizdQqPijcShY6OKbvH9C0T+oHVRB2wo1yaYzndohaEx2CVzyinj0B5bwXASqsNOnqeB5B9qd61TM8lVy422lIQGLE5i/TxF69jLi0sw03BZqE= Received: by 10.67.116.2 with SMTP id t2mr2122481ugm.1180853135644; Sat, 02 Jun 2007 23:45:35 -0700 (PDT) Received: from ?192.168.1.101? ( [83.180.84.24]) by mx.google.com with ESMTP id i5sm5049091mue.2007.06.02.23.45.34; Sat, 02 Jun 2007 23:45:34 -0700 (PDT) Message-ID: <46626391.1060800@gmail.com> Date: Sun, 03 Jun 2007 08:45:37 +0200 From: Brian E Carpenter User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: Jeroen Massar Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> In-Reply-To: <46607C6E.4000009@spaghetti.zurich.ibm.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.0 (/) X-Scan-Signature: f4c2cf0bccc868e4cc88dace71fb3f44 Cc: Brian Haberman , Fred Baker , tools-discuss@ietf.org, Joe Touch X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org On 2007-06-01 22:07, Jeroen Massar wrote: ... > The biggest problem with adminning a mailinglist now is simply that > there is about, I guess ~75 spams a day ending up in the moderator > queue. The problem with this is that one becomes lazy in checking the > queue, thus if there is a legit message it will take a few moments > longer for them to be approved. Or it might just happen accidentally > that you delete it, afaik that didn't happen yet though fortunately. While I was moderating the IESG list it was getting ~100 spams for each legitimate non-member posting; afaik I only discarded one valid posting in 2 years, and we got it back ;-) For lists that the secretariat is running TMDA in front of, that rate is down to approximately zero. However, TMDA will not block the type of forgery Brian H is suffering from, and the cost of checking a PGP signature on every message from someone on the TMDA whitelist would presumably be significant and possibly prohibitive. > Having PGP signing option for a mailinglist would be very welcome. Because of the overhead, I would suggest applying it very selectively. I don't think making PGP a condition for unmoderated posting would be practical in general. > > It seems that the patch that Brian mentioned is from what I saw quite > fine, I have to test it a bit more, but the test run that I did went > fine for the 10k mails I spat through it (replaying mboxes is fun :) > Only thing was that most mail got entered in the modqueue as I didn't > sign them up and only few people actually PGP sign their mail. I guess > though that when there is an incentive and actual use that it will > become more widespread in usage to actually use PGP. Maybe, but you're talking about tens of thousands of email addresses, judging by the size of the secretariat's TMDA whitelist. It would take years for everyone to move to PGP. Brian > > Of course, what we really should be looking at is DKIM, but getting > mailers to support that requires admin intervention. PGP is what > everbody can do for oneselves. > > Of course, I am not saying "make it mandatory" (some people are forced > to use stupid mailers like eg Lotus Notes), but for a case like > Brian's it is a perfect solution. > > Greets, > Jeroen > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Tools-discuss mailing list > Tools-discuss@ietf.org > https://www1.ietf.org/mailman/listinfo/tools-discuss _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Sun Jun 03 08:42:15 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HupPN-0003Tx-Iz; Sun, 03 Jun 2007 08:42:09 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HupPL-0003Tr-QW for tools-discuss-confirm+ok@megatron.ietf.org; Sun, 03 Jun 2007 08:42:07 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HupPL-0003Tj-GY for tools-discuss@ietf.org; Sun, 03 Jun 2007 08:42:07 -0400 Received: from purgatory.unfix.org ([2001:7b8:20d:0:290:27ff:fe24:c19f]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HupPJ-0002Sn-Lz for tools-discuss@ietf.org; Sun, 03 Jun 2007 08:42:07 -0400 Received: from [IPv6:2001:770:100:9e::2] (spaghetti.unfix.org [IPv6:2001:770:100:9e::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: jeroen) by purgatory.unfix.org (Postfix) with ESMTP id 154FE140C0D3; Sun, 3 Jun 2007 14:42:02 +0200 (CEST) Message-ID: <4662B71A.5010704@spaghetti.zurich.ibm.com> Date: Sun, 03 Jun 2007 13:42:02 +0100 From: Jeroen Massar Organization: Unfix User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.3) Gecko/20070326 Thunderbird/2.0.0.0 Mnenhy/0.7.5.666 MIME-Version: 1.0 To: Brian E Carpenter Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46626391.1060800@gmail.com> In-Reply-To: <46626391.1060800@gmail.com> X-Enigmail-Version: 0.95.0 OpenPGP: id=333E7C23 X-Virus-Scanned: ClamAV version 0.90.2, clamav-milter version 0.90.2 on purgatory.unfix.org X-Virus-Status: Clean X-Spam-Score: -2.8 (--) X-Scan-Signature: c3a18ef96977fc9bcc21a621cbf1174b Cc: Brian Haberman , Fred Baker , tools-discuss@ietf.org, Joe Touch X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1957450404==" Errors-To: tools-discuss-bounces@ietf.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============1957450404== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigA569151D0F8AD6AB32F94472" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigA569151D0F8AD6AB32F94472 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Brian E Carpenter wrote: > On 2007-06-01 22:07, Jeroen Massar wrote: [..] >> Having PGP signing option for a mailinglist would be very welcome. >=20 > Because of the overhead, I would suggest applying it very selectively. > I don't think making PGP a condition for unmoderated posting would > be practical in general. Indeed, the idea is to have it enabled when a user wants to, or when such a case like Brian Habermans occurs. This would solve that problem at least, thus shortening queue times (I don't check the queue every 5 mins and sometimes actually sleep ;) or give the admin pass to the individual involved and other such setups. PGP signing would solve that. Having SMTP REJECT for Spam+Virusses on the IETF lists would already help a lot in this respect. A simple Spamassassin/ClamAV milter setup does miracles. Is there anything there that we can help Neustar on trying to implement it? All mail is getting tagged/tested already; there is also a virus/spam interface that displays the SA scores in the mailman interface, but they are detectable on spam subject already. See https://www1.ietf.org/mailman/spamdb/ for folks who have a list with admin access. One can also add a filter in the form of "X-Spam-Score: .*\+\+\+" which would mean a score of 3. The problem with this though is bounces which will only generate more useless traffic. Setting it to discard might cause a false-positive to never be caught. REJECT at SMTP time though solves that, as the spammer doesn't get to deliver his message and a real sender will receive a bounce showing that it was spam. Of course backscatter might still happen at an open relay, but there is not much we can do about that. [..] > Maybe, but you're talking about tens of thousands of email addresses, > judging by the size of the secretariat's TMDA whitelist. It would take > years for everyone to move to PGP. PGP verification is not very high I must say, though it would need quite a bit more testing. Even though there might be 10k subscribers, the signature would only be checked inbound. Although it would indeed be very cool, I also don't see it happening especially due to mailclient restrictions that some people get laid upon them by the larger companies, and there are enough of those participants on the list, forcing them to use gmail would not really be productive ;) DKIM is a similar setup, but runs into the problem that it requires the administrator of the domain to set it up. At least in many cases pgp-signing a message can still be done, simply plainsign it and cut/paste it into the mailclient and hope that the client/server doesn't modify it for you. For this situation it would thus work better than DKIM IMHO. Personally, I think that PGP signing messages is a good thing though, as people who you are communicating with do know that it is you. Although I've not heard about any forgeries of mail addresses happening on IETF lists, except for those viruses. Greets, Jeroen --------------enigA569151D0F8AD6AB32F94472 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Jeroen Massar / http://unfix.org/~jeroen/ iHUEARECADUFAkZitxsuFIAAAAAAFQAQcGthLWFkZHJlc3NAZ251cGcub3JnamVy b2VuQHVuZml4Lm9yZwAKCRApqihSMz58Iz3jAKCOCR4jZTPWlJLHrrh9kQcbNPa1 WgCfdsni9Dm4haEVRijmdOixgoX9EzM= =kXxj -----END PGP SIGNATURE----- --------------enigA569151D0F8AD6AB32F94472-- --===============1957450404== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============1957450404==-- From tools-discuss-bounces@ietf.org Sun Jun 03 08:55:38 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HupcP-0003yV-C3; Sun, 03 Jun 2007 08:55:37 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HupcO-0003yP-3m for tools-discuss-confirm+ok@megatron.ietf.org; Sun, 03 Jun 2007 08:55:36 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HupcN-0003xk-Pd for tools-discuss@ietf.org; Sun, 03 Jun 2007 08:55:35 -0400 Received: from sj-iport-6.cisco.com ([171.71.176.117]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HupcM-0005BS-Da for tools-discuss@ietf.org; Sun, 03 Jun 2007 08:55:35 -0400 Received: from sj-dkim-4.cisco.com ([171.71.179.196]) by sj-iport-6.cisco.com with ESMTP; 03 Jun 2007 05:55:34 -0700 X-IronPort-AV: i="4.16,377,1175497200"; d="scan'208"; a="158157886:sNHT44196435" Received: from sj-core-5.cisco.com (sj-core-5.cisco.com [171.71.177.238]) by sj-dkim-4.cisco.com (8.12.11/8.12.11) with ESMTP id l53CtXl1023101; Sun, 3 Jun 2007 05:55:33 -0700 Received: from xbh-sjc-221.amer.cisco.com (xbh-sjc-221.cisco.com [128.107.191.63]) by sj-core-5.cisco.com (8.12.10/8.12.6) with ESMTP id l53CtXtV002261; Sun, 3 Jun 2007 12:55:33 GMT Received: from xfe-sjc-211.amer.cisco.com ([171.70.151.174]) by xbh-sjc-221.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Sun, 3 Jun 2007 05:55:33 -0700 Received: from [10.0.0.49] ([10.21.66.246]) by xfe-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Sun, 3 Jun 2007 05:55:32 -0700 In-Reply-To: <46626391.1060800@gmail.com> References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46626391.1060800@gmail.com> Mime-Version: 1.0 (Apple Message framework v752.3) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <070CD4CF-21B1-4481-9D1C-99002EF7A6F7@cisco.com> Content-Transfer-Encoding: 7bit From: Fred Baker Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list Date: Sun, 3 Jun 2007 08:55:25 -0400 To: Brian E Carpenter X-Mailer: Apple Mail (2.752.3) X-OriginalArrivalTime: 03 Jun 2007 12:55:32.0764 (UTC) FILETIME=[78940DC0:01C7A5DE] DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=847; t=1180875333; x=1181739333; c=relaxed/simple; s=sjdkim4002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=fred@cisco.com; z=From:=20Fred=20Baker=20 |Subject:=20Re=3A=20[Tools-discuss]=20Authenticating=20posts=20to=20IETF= 20mailing=20list |Sender:=20; bh=K8Mu5WaLrjcO92vuDo6BUz1SVS5N15aWsnOFkH6tH3I=; b=N6PCT+9riefbaVHvtTNuOtHQiCTM8FihCrPbgDlu9SjpUIftVIyuibQH/k+4NJFIqgzGwVdP UBvGFdt4R3j4n1qIzQVP3O3VxvdNQhp52axNY/b3B8X7nqCXRbuo6aDm; Authentication-Results: sj-dkim-4; header.From=fred@cisco.com; dkim=pass (si g from cisco.com/sjdkim4002 verified; ); X-Spam-Score: 0.0 (/) X-Scan-Signature: cf4fa59384e76e63313391b70cd0dd25 Cc: Brian Haberman , tools-discuss@ietf.org, Joe Touch X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org On Jun 3, 2007, at 2:45 AM, Brian E Carpenter wrote: > For lists that the secretariat is running TMDA in front of, that > rate is down to approximately zero. However, TMDA will not block > the type of forgery Brian H is suffering from, and the cost of > checking a PGP signature on every message from someone on the TMDA > whitelist would presumably be significant and possibly prohibitive. Checking for the presence of a PGP signature could be done with a little code, and leave the validation of it to the user. Spam-bots don't PGP-sign their stuff, and if they spoofed it that would be obvious at the user end. Ditto DKIM; it might come with a signature from the bot's ISP, but it won't come with the signature of the person it putatively came from, and right now it doesn't come with a signature at all. _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Sun Jun 03 11:50:54 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HusM2-0002MJ-18; Sun, 03 Jun 2007 11:50:54 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HusM0-0002MD-QH for tools-discuss-confirm+ok@megatron.ietf.org; Sun, 03 Jun 2007 11:50:52 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HusM0-0002M5-Gd for tools-discuss@ietf.org; Sun, 03 Jun 2007 11:50:52 -0400 Received: from wx-out-0506.google.com ([66.249.82.238]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HusM0-0006nM-6y for tools-discuss@ietf.org; Sun, 03 Jun 2007 11:50:52 -0400 Received: by wx-out-0506.google.com with SMTP id t5so871678wxc for ; Sun, 03 Jun 2007 08:50:52 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=RYrluCjpUsipd2jdRQvO+pd/CWnyz+bqX/cLF1aqvR5TJY9DOVVvNOze/NrIzyRcUjFnT2HHnDqvGjLW4buSqyBnGIOz9o/GJUIlwYEyDmoo7vbqhP9LHeFB/QR2LPBQzkYQtIGavUl+umF7zFBGqzz2lOcTmSD/UaeLboF3thg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=pftBzvz/1RVdhjKD/QzUceeGoy35bU8D1JO9vlwU9PPi4aisYuiaeWiEWgHawsyRmYSb+uymKOrKLuRch2W8Hp1CV8iC2gM4gaKiSDiIlRX3hyJ6MnqqfP2GAmhDcQSPeLZbzkJrRO24NY16uAR2ccnKYK0dHJ5Za++mpRnrBLA= Received: by 10.70.132.2 with SMTP id f2mr5882891wxd.1180885851927; Sun, 03 Jun 2007 08:50:51 -0700 (PDT) Received: from ?192.168.1.101? ( [83.180.84.24]) by mx.google.com with ESMTP id 6sm1765093wrh.2007.06.03.08.50.48; Sun, 03 Jun 2007 08:50:50 -0700 (PDT) Message-ID: <4662E35A.20206@gmail.com> Date: Sun, 03 Jun 2007 17:50:50 +0200 From: Brian E Carpenter User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: Jeroen Massar Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46626391.1060800@gmail.com> <4662B71A.5010704@spaghetti.zurich.ibm.com> In-Reply-To: <4662B71A.5010704@spaghetti.zurich.ibm.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.0 (/) X-Scan-Signature: 02ec665d00de228c50c93ed6b5e4fc1a Cc: Brian Haberman , Fred Baker , tools-discuss@ietf.org, Joe Touch X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org On 2007-06-03 14:42, Jeroen Massar wrote: ... > Having SMTP REJECT for Spam+Virusses on the IETF lists would already > help a lot in this respect. A simple Spamassassin/ClamAV milter setup > does miracles. Is there anything there that we can help Neustar on > trying to implement it? All mail is getting tagged/tested already; As I understand it, a lot of mail is already kicked into a junk bucket on the basis of the Spamassassin scores, but the threshold is set quite permissively. The junk bucket is not public, but there's a way for the ADs to review it in case of dispute, iirc. Brian > there is also a virus/spam interface that displays the SA scores in > the mailman interface, but they are detectable on spam subject already. > > See https://www1.ietf.org/mailman/spamdb/ for folks who have > a list with admin access. > > One can also add a filter in the form of "X-Spam-Score: .*\+\+\+" > which would mean a score of 3. The problem with this though is bounces > which will only generate more useless traffic. Setting it to discard > might cause a false-positive to never be caught. REJECT at SMTP time > though solves that, as the spammer doesn't get to deliver his message > and a real sender will receive a bounce showing that it was spam. > Of course backscatter might still happen at an open relay, but there > is not much we can do about that. > > [..] >> Maybe, but you're talking about tens of thousands of email addresses, >> judging by the size of the secretariat's TMDA whitelist. It would take >> years for everyone to move to PGP. > > PGP verification is not very high I must say, though it would need > quite a bit more testing. Even though there might be 10k subscribers, > the signature would only be checked inbound. > > Although it would indeed be very cool, I also don't see it happening > especially due to mailclient restrictions that some people get laid > upon them by the larger companies, and there are enough of those > participants on the list, forcing them to use gmail would not really > be productive ;) > > DKIM is a similar setup, but runs into the problem that it requires > the administrator of the domain to set it up. At least in many cases > pgp-signing a message can still be done, simply plainsign it and > cut/paste it into the mailclient and hope that the client/server > doesn't modify it for you. For this situation it would thus work > better than DKIM IMHO. > > Personally, I think that PGP signing messages is a good thing though, > as people who you are communicating with do know that it is you. > Although I've not heard about any forgeries of mail addresses > happening on IETF lists, except for those viruses. > > Greets, > Jeroen > _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Sun Jun 03 13:35:15 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hutz0-0005u1-O3; Sun, 03 Jun 2007 13:35:14 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1Hutyz-0005tw-Eu for tools-discuss-confirm+ok@megatron.ietf.org; Sun, 03 Jun 2007 13:35:13 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hutyz-0005to-5C for tools-discuss@ietf.org; Sun, 03 Jun 2007 13:35:13 -0400 Received: from vapor.isi.edu ([128.9.64.64]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Hutyx-00059K-OO for tools-discuss@ietf.org; Sun, 03 Jun 2007 13:35:13 -0400 Received: from [127.0.0.1] (pool-71-105-94-14.lsanca.dsl-w.verizon.net [71.105.94.14]) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id l53HYvQb009532; Sun, 3 Jun 2007 10:34:58 -0700 (PDT) Message-ID: <4662FBA9.9030705@isi.edu> Date: Sun, 03 Jun 2007 10:34:33 -0700 From: Joe Touch User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Pekka Savola Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46609721.3030705@isi.edu> <4660B165.8000406@spaghetti.zurich.ibm.com> <4660DD2E.5070401@isi.edu> <4661369B.4080607@spaghetti.zurich.ibm.com> <46616164.40607@isi.edu> In-Reply-To: X-Enigmail-Version: 0.95.0 X-ISI-4-43-8-MailScanner: Found to be clean X-MailScanner-From: touch@isi.edu X-Spam-Score: 0.0 (/) X-Scan-Signature: 082a9cbf4d599f360ac7f815372a6a15 Cc: Brian Haberman , Fred Baker , tools-discuss@ietf.org X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0669719039==" Errors-To: tools-discuss-bounces@ietf.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0669719039== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig68AE69418C661AE7B5DA2E96" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig68AE69418C661AE7B5DA2E96 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Pekka Savola wrote: > On Sat, 2 Jun 2007, Joe Touch wrote: >> Understand that I tried to avoid these measures, but at this point, E2= E: >> >> - blocks applications >> - requires subscription to post >> - silently discards nonmember posts >> - rejects (with NACK) posts tagged with no-archive >> - silently discards spam >> where spam is indicated by a spam filter, >> and the threshold is set fairly high >> - holds messages matching certain announcement types >> notifies the sender about the hold >> and are reviewed every few days >=20 > Well, I'm not sure how much use it is to discuss non-IETF mailing lists= > in the context of IETF mailing lists.=20 It's an IRTF mailing list. > At least two mechanisms of the > above are incompatible with the IESG statement on IETF mailing list mai= l > handling and as such could not be used on IETF mailing lists. Proclamations by the IESG do not constitute IETF policy, IMO I am not aware of any community consensus position that's inconsistent with the above. The only statement I could find on the matter is: http://www.ietf.org/IESG/STATEMENTS/moderated-lists.txt Nothing above is inconsistent with this statement. Is there something else? I.e., which two? Joe --------------enig68AE69418C661AE7B5DA2E96 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGYvuqE5f5cImnZrsRApsrAJ4jJomFViJUFe6NAsNCQDsJOwamBgCcDnBh vRj1prcp5gCZE/jRfgvuneY= =cNLa -----END PGP SIGNATURE----- --------------enig68AE69418C661AE7B5DA2E96-- --===============0669719039== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============0669719039==-- From tools-discuss-bounces@ietf.org Sun Jun 03 13:37:33 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Huu1F-0007Sj-JC; Sun, 03 Jun 2007 13:37:33 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1Huu1E-0007Sd-7C for tools-discuss-confirm+ok@megatron.ietf.org; Sun, 03 Jun 2007 13:37:32 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Huu1D-0007SV-Tn for tools-discuss@ietf.org; Sun, 03 Jun 2007 13:37:31 -0400 Received: from vapor.isi.edu ([128.9.64.64]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Huu1C-0005JN-Gp for tools-discuss@ietf.org; Sun, 03 Jun 2007 13:37:31 -0400 Received: from [127.0.0.1] (pool-71-105-94-14.lsanca.dsl-w.verizon.net [71.105.94.14]) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id l53HbNCH010094; Sun, 3 Jun 2007 10:37:24 -0700 (PDT) Message-ID: <4662FC3C.7040300@isi.edu> Date: Sun, 03 Jun 2007 10:37:00 -0700 From: Joe Touch User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Jeroen Massar Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46626391.1060800@gmail.com> <4662B71A.5010704@spaghetti.zurich.ibm.com> In-Reply-To: <4662B71A.5010704@spaghetti.zurich.ibm.com> X-Enigmail-Version: 0.95.0 X-ISI-4-43-8-MailScanner: Found to be clean X-MailScanner-From: touch@isi.edu X-Spam-Score: 0.0 (/) X-Scan-Signature: 50a516d93fd399dc60588708fd9a3002 Cc: Brian Haberman , Brian E Carpenter , tools-discuss@ietf.org, Fred Baker X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1255728822==" Errors-To: tools-discuss-bounces@ietf.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============1255728822== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig98B786466FE711900FCC571E" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig98B786466FE711900FCC571E Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Jeroen Massar wrote: =2E.. > Having SMTP REJECT for Spam+Virusses on the IETF lists would already > help a lot in this respect. A simple Spamassassin/ClamAV milter setup > does miracles. Is there anything there that we can help Neustar on > trying to implement it? All mail is getting tagged/tested already; > there is also a virus/spam interface that displays the SA scores in > the mailman interface, but they are detectable on spam subject already.= >=20 > See https://www1.ietf.org/mailman/spamdb/ for folks who have > a list with admin access. >=20 > One can also add a filter in the form of "X-Spam-Score: .*\+\+\+" > which would mean a score of 3. The problem with this though is bounces > which will only generate more useless traffic. Setting it to discard > might cause a false-positive to never be caught.=20 That should be reasonable; IMO, posters should check to see that what they send actually posts anyway (mail is not end-to-end reliable, i.e., to the destination). They can always forward a note to the list admin when they want to post something that was getting a false spam tag. Joe --------------enig98B786466FE711900FCC571E Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGYvw8E5f5cImnZrsRAowQAJ41HeM660Kq6D/wKV7XgZ/tGCdyHgCgnflx uPcEmvTi4+QXP9Fyu0MZ6os= =i0UU -----END PGP SIGNATURE----- --------------enig98B786466FE711900FCC571E-- --===============1255728822== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============1255728822==-- From tools-discuss-bounces@ietf.org Sun Jun 03 14:16:02 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuucN-0005Ws-9g; Sun, 03 Jun 2007 14:15:55 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HuucM-0005Wm-5V for tools-discuss-confirm+ok@megatron.ietf.org; Sun, 03 Jun 2007 14:15:54 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuucL-0005Wd-S7 for tools-discuss@ietf.org; Sun, 03 Jun 2007 14:15:53 -0400 Received: from eunet-gw.ipv6.netcore.fi ([2001:670:86:3001::1] helo=netcore.fi) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HuucK-0001CM-9l for tools-discuss@ietf.org; Sun, 03 Jun 2007 14:15:53 -0400 Received: from netcore.fi (localhost [127.0.0.1]) by netcore.fi (8.13.8/8.13.8) with ESMTP id l53IFiUi006942; Sun, 3 Jun 2007 21:15:44 +0300 Received: from localhost (pekkas@localhost) by netcore.fi (8.13.8/8.13.8/Submit) with ESMTP id l53IFhYx006939; Sun, 3 Jun 2007 21:15:43 +0300 Date: Sun, 3 Jun 2007 21:15:43 +0300 (EEST) From: Pekka Savola To: Joe Touch Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list In-Reply-To: <4662FBA9.9030705@isi.edu> Message-ID: References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46609721.3030705@isi.edu> <4660B165.8000406@spaghetti.zurich.ibm.com> <4660DD2E.5070401@isi.edu> <4661369B.4080607@spaghetti.zurich.ibm.com> <46616164.40607@isi.edu> <4662FBA9.9030705@isi.edu> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: ClamAV 0.90.2/3340/Sun Jun 3 01:40:38 2007 on otso.netcore.fi X-Virus-Status: Clean X-Spam-Status: No, score=-3.4 required=5.0 tests=ALL_TRUSTED, AWL, BAYES_00 autolearn=ham version=3.1.8 X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on otso.netcore.fi X-Spam-Score: -2.8 (--) X-Scan-Signature: 9ed51c9d1356100bce94f1ae4ec616a9 Cc: Brian Haberman , Fred Baker , tools-discuss@ietf.org X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org On Sun, 3 Jun 2007, Joe Touch wrote: > Pekka Savola wrote: >> On Sat, 2 Jun 2007, Joe Touch wrote: >>> Understand that I tried to avoid these measures, but at this point, E2E: >>> >>> - blocks applications >>> - requires subscription to post >>> - silently discards nonmember posts >>> - rejects (with NACK) posts tagged with no-archive >>> - silently discards spam >>> where spam is indicated by a spam filter, >>> and the threshold is set fairly high >>> - holds messages matching certain announcement types >>> notifies the sender about the hold >>> and are reviewed every few days >> At least two mechanisms of the >> above are incompatible with the IESG statement on IETF mailing list mail >> handling and as such could not be used on IETF mailing lists. > > Proclamations by the IESG do not constitute IETF policy, IMO > I am not aware of any community consensus position that's inconsistent > with the above. This seems like a mailing list management issue. Most IETF lists are WG lists. The IESG is ultimately responsible for the management of WGs. I'd feel it'd be a bit strange if the IESG wasn't allowed to issue management guidance on this. But your mileage may vary, and debating this on this forum is probably not productive. > The only statement I could find on the matter is: > http://www.ietf.org/IESG/STATEMENTS/moderated-lists.txt > Nothing above is inconsistent with this statement. Is there something > else? I.e., which two? http://www.ietf.org/IESG/STATEMENTS/mail-submit-policy.txt 'silently discard non-member posts' and 'requires subscription to post'. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Sun Jun 03 15:21:12 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuvdV-00025O-Md; Sun, 03 Jun 2007 15:21:09 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HuvdV-00025J-16 for tools-discuss-confirm+ok@megatron.ietf.org; Sun, 03 Jun 2007 15:21:09 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HuvdU-00025B-Mr for tools-discuss@ietf.org; Sun, 03 Jun 2007 15:21:08 -0400 Received: from vapor.isi.edu ([128.9.64.64]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HuvdT-0006IA-62 for tools-discuss@ietf.org; Sun, 03 Jun 2007 15:21:08 -0400 Received: from [127.0.0.1] (pool-71-105-94-14.lsanca.dsl-w.verizon.net [71.105.94.14]) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id l53JKx7Y028996; Sun, 3 Jun 2007 12:21:00 -0700 (PDT) Message-ID: <46631480.2000608@isi.edu> Date: Sun, 03 Jun 2007 12:20:32 -0700 From: Joe Touch User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Pekka Savola Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46609721.3030705@isi.edu> <4660B165.8000406@spaghetti.zurich.ibm.com> <4660DD2E.5070401@isi.edu> <4661369B.4080607@spaghetti.zurich.ibm.com> <46616164.40607@isi.edu> <4662FBA9.9030705@isi.edu> In-Reply-To: X-Enigmail-Version: 0.95.0 X-ISI-4-43-8-MailScanner: Found to be clean X-MailScanner-From: touch@isi.edu X-Spam-Score: 0.0 (/) X-Scan-Signature: 34d35111647d654d033d58d318c0d21a Cc: Brian Haberman , Fred Baker , tools-discuss@ietf.org X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0598621101==" Errors-To: tools-discuss-bounces@ietf.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0598621101== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig197F92379BAB312B8EA3174D" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig197F92379BAB312B8EA3174D Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Pekka Savola wrote: > On Sun, 3 Jun 2007, Joe Touch wrote: >> Pekka Savola wrote: >>> On Sat, 2 Jun 2007, Joe Touch wrote: >>>> Understand that I tried to avoid these measures, but at this point, >>>> E2E: >>>> >>>> - blocks applications >>>> - requires subscription to post >>>> - silently discards nonmember posts >>>> - rejects (with NACK) posts tagged with no-archive >>>> - silently discards spam >>>> where spam is indicated by a spam filter, >>>> and the threshold is set fairly high >>>> - holds messages matching certain announcement types >>>> notifies the sender about the hold >>>> and are reviewed every few days >>> At least two mechanisms of the >>> above are incompatible with the IESG statement on IETF mailing list m= ail >>> handling and as such could not be used on IETF mailing lists. >> >> Proclamations by the IESG do not constitute IETF policy, IMO >> I am not aware of any community consensus position that's inconsistent= >> with the above. >=20 > This seems like a mailing list management issue. Most IETF lists are W= G > lists. The IESG is ultimately responsible for the management of WGs.=20 > I'd feel it'd be a bit strange if the IESG wasn't allowed to issue > management guidance on this. But your mileage may vary, and debating > this on this forum is probably not productive. Guidance, agreed. I think it's productive here (to note, not to debate in detail) because it helps direct what facilities are required for mailling list tools. >> The only statement I could find on the matter is: >> http://www.ietf.org/IESG/STATEMENTS/moderated-lists.txt >> Nothing above is inconsistent with this statement. Is there something >> else? I.e., which two? >=20 > http://www.ietf.org/IESG/STATEMENTS/mail-submit-policy.txt >=20 > 'silently discard non-member posts' and 'requires subscription to post'= =2E I'll note that I resisted requiring subscriber-only posts on the E2E-list, but added it only after being directed by the WG chairs. I don't see anything that prohibits requiring subscription to automatically post, so long as there is an avenue for posters that doesn't require subscription (there is - email to the admin). As to silent drops of nonsubscribers, yes, that's in direct conflict with what the IESG recommends. The primary alternative is to set "reject" rather than "discard" for those. That's configurable, and can be set as preferred. The current setting is designed to reduce our server load and interaction with spam sources; at some point, we have to protect our resources. I can easily set that other ways if desired and requested. Joe --=20 ---------------------------------------- Joe Touch Sr. Network Engineer, USAF TSAT Space Segment --------------enig197F92379BAB312B8EA3174D Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGYxSDE5f5cImnZrsRAhRXAJ90zXMgMaVrfuSQpGU/pJo8ljZW0wCfSo6S KStFmQIy0eZ2a+9Mvze/NQw= =cfW+ -----END PGP SIGNATURE----- --------------enig197F92379BAB312B8EA3174D-- --===============0598621101== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============0598621101==-- From tools-discuss-bounces@ietf.org Mon Jun 04 03:01:18 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hv6Yz-0000Ed-Vi; Mon, 04 Jun 2007 03:01:13 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1Hv6Yz-0000EY-E9 for tools-discuss-confirm+ok@megatron.ietf.org; Mon, 04 Jun 2007 03:01:13 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hv6Yy-0000EA-QZ for tools-discuss@ietf.org; Mon, 04 Jun 2007 03:01:12 -0400 Received: from ug-out-1314.google.com ([66.249.92.172]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Hv6Yw-0000Bj-Bl for tools-discuss@ietf.org; Mon, 04 Jun 2007 03:01:12 -0400 Received: by ug-out-1314.google.com with SMTP id j30so1813930ugc for ; Mon, 04 Jun 2007 00:01:09 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=HwNj+08Mrh7ErB3bETxggrT4heEbDX2/ZtdDhZ0l7JXJHSPnC2y2qMPfV+L6kd61Z14lw7BRLIFo7drnhAr6ktHMjttfIhxSO9XWAHoz7U2Kw5T4UOCqySUmNH3Fz3aAJMracAc2+tQ7ohm12qCOMpNqsDQkBtScYZqB4WHUE6E= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=GTzKEFX84ebv0t1H3GpOv0cPhEDKBfSNPYN90hnsP3T95Ns6ulxI5zCvSsNN7UVImpZdu7xdxTLLkDYBkTnETGh6YHbuj8LbBZi5D579Fg0Nf7K6XlPUKZpym3qM5hMt8iYnGdpcYFW5rfvAu+mQ5TP10i3718FP0VadfmB01kQ= Received: by 10.67.93.7 with SMTP id v7mr2920679ugl.1180940469435; Mon, 04 Jun 2007 00:01:09 -0700 (PDT) Received: from ?10.10.50.1? ( [213.3.13.1]) by mx.google.com with ESMTP id i5sm170019mue.2007.06.04.00.01.08; Mon, 04 Jun 2007 00:01:08 -0700 (PDT) Message-ID: <4663B8B3.9080205@gmail.com> Date: Mon, 04 Jun 2007 09:01:07 +0200 From: Brian E Carpenter User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: Joe Touch Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46626391.1060800@gmail.com> <4662B71A.5010704@spaghetti.zurich.ibm.com> <4662FC3C.7040300@isi.edu> In-Reply-To: <4662FC3C.7040300@isi.edu> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.0 (/) X-Scan-Signature: 7aefe408d50e9c7c47615841cb314bed Cc: Brian Haberman , tools-discuss@ietf.org, Fred Baker X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org > ...IMO, posters should check to see that what > they send actually posts anyway You're kidding, right? That's never going to happen. Brian _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Mon Jun 04 03:13:02 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hv6kN-0001hg-Mm; Mon, 04 Jun 2007 03:12:59 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1Hv6kM-0001hb-C2 for tools-discuss-confirm+ok@megatron.ietf.org; Mon, 04 Jun 2007 03:12:58 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hv6kM-0001hT-2F for tools-discuss@ietf.org; Mon, 04 Jun 2007 03:12:58 -0400 Received: from ug-out-1314.google.com ([66.249.92.168]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Hv6kK-00028L-JA for tools-discuss@ietf.org; Mon, 04 Jun 2007 03:12:58 -0400 Received: by ug-out-1314.google.com with SMTP id j30so1817570ugc for ; Mon, 04 Jun 2007 00:12:53 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=HI360v5LqxunjD7zxc5sNVcBa3tsWQC0AMABKsH6EVRLaURIrziRZQiBoAb+0A+N1gbAT0nz8z8hQg7EMp3yf17PYY3rrdfDH5OvJu/FoJ5+vRYqbLt3z0bS+Vvanaz2I9xLwyJeLJMXpIeD3nOFpV/9AJecJQ2aWu1hfyIeP8U= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=HWymb3nlOrEuOwE3982xQeu8ObKU92/QO/4NHreoZjzddRRsVoPJGv/0rj6af8eczicm/pbVaaYM4eI3yQhUYoJ8Povg3nZyfvPH5RlDPczAHjU1E6JNq89VAuZ6/Q7fX0qcEe74qPsixf1L3VVleeeXS/+5wfV/JDumSOosSUI= Received: by 10.67.116.15 with SMTP id t15mr2896784ugm.1180941173295; Mon, 04 Jun 2007 00:12:53 -0700 (PDT) Received: from ?10.10.50.1? ( [213.3.13.1]) by mx.google.com with ESMTP id 28sm25326ugc.2007.06.04.00.12.52; Mon, 04 Jun 2007 00:12:52 -0700 (PDT) Message-ID: <4663BB73.7020601@gmail.com> Date: Mon, 04 Jun 2007 09:12:51 +0200 From: Brian E Carpenter User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: Joe Touch Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46609721.3030705@isi.edu> <4660B165.8000406@spaghetti.zurich.ibm.com> <4660DD2E.5070401@isi.edu> <4661369B.4080607@spaghetti.zurich.ibm.com> <46616164.40607@isi.edu> <4662FBA9.9030705@isi.edu> <46631480.2000608@isi.edu> In-Reply-To: <46631480.2000608@isi.edu> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.0 (/) X-Scan-Signature: 00e94c813bef7832af255170dca19e36 Cc: Brian Haberman , Pekka Savola , tools-discuss@ietf.org, Fred Baker X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org On 2007-06-03 21:20, Joe Touch wrote: > > Pekka Savola wrote: >> On Sun, 3 Jun 2007, Joe Touch wrote: >>> Pekka Savola wrote: >>>> On Sat, 2 Jun 2007, Joe Touch wrote: >>>>> Understand that I tried to avoid these measures, but at this point, >>>>> E2E: >>>>> >>>>> - blocks applications >>>>> - requires subscription to post >>>>> - silently discards nonmember posts >>>>> - rejects (with NACK) posts tagged with no-archive >>>>> - silently discards spam >>>>> where spam is indicated by a spam filter, >>>>> and the threshold is set fairly high >>>>> - holds messages matching certain announcement types >>>>> notifies the sender about the hold >>>>> and are reviewed every few days >>>> At least two mechanisms of the >>>> above are incompatible with the IESG statement on IETF mailing list mail >>>> handling and as such could not be used on IETF mailing lists. >>> Proclamations by the IESG do not constitute IETF policy, IMO >>> I am not aware of any community consensus position that's inconsistent >>> with the above. >> This seems like a mailing list management issue. Most IETF lists are WG >> lists. The IESG is ultimately responsible for the management of WGs. >> I'd feel it'd be a bit strange if the IESG wasn't allowed to issue >> management guidance on this. But your mileage may vary, and debating >> this on this forum is probably not productive. > > Guidance, agreed. I think it's productive here (to note, not to debate > in detail) because it helps direct what facilities are required for > mailling list tools. > >>> The only statement I could find on the matter is: >>> http://www.ietf.org/IESG/STATEMENTS/moderated-lists.txt >>> Nothing above is inconsistent with this statement. Is there something >>> else? I.e., which two? >> http://www.ietf.org/IESG/STATEMENTS/mail-submit-policy.txt >> >> 'silently discard non-member posts' and 'requires subscription to post'. > > I'll note that I resisted requiring subscriber-only posts on the > E2E-list, but added it only after being directed by the WG chairs. Are you talking about e2e, which iirc is a closed IRTF group? Or about e2e-interest, which iirc is an open-subscription group loosely associated with the e2e research group? In either case, IETF rules and practices don't apply anyway. > > I don't see anything that prohibits requiring subscription to > automatically post, so long as there is an avenue for posters that > doesn't require subscription (there is - email to the admin). > > As to silent drops of nonsubscribers, yes, that's in direct conflict > with what the IESG recommends. More to the point, on an IETF list, it's against a deep IETF principle that is documented in RFC 2418: The IETF has basic requirements for open and fair participation and for thorough consideration of technical alternatives. > The primary alternative is to set > "reject" rather than "discard" for those. The normal thing is to moderate all non-member posts except for non-members that have been whitelisted. And personally I never use "reject" for spam because that at worst helps the spammer and at best wastes bits. Brian _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Mon Jun 04 03:14:26 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hv6lm-0003X2-5r; Mon, 04 Jun 2007 03:14:26 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1Hv6lk-0003Wx-OE for tools-discuss-confirm+ok@megatron.ietf.org; Mon, 04 Jun 2007 03:14:25 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hv6lh-0003We-Uy for tools-discuss@ietf.org; Mon, 04 Jun 2007 03:14:21 -0400 Received: from smtp.nokia.com ([131.228.20.173] helo=mgw-ext14.nokia.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Hv6lf-0002Fy-GH for tools-discuss@ietf.org; Mon, 04 Jun 2007 03:14:21 -0400 Received: from esebh107.NOE.Nokia.com (esebh107.ntc.nokia.com [172.21.143.143]) by mgw-ext14.nokia.com (Switch-3.2.5/Switch-3.2.5) with ESMTP id l547EDBK021628; Mon, 4 Jun 2007 10:14:15 +0300 Received: from esebh103.NOE.Nokia.com ([172.21.143.33]) by esebh107.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 4 Jun 2007 10:14:05 +0300 Received: from esebh102.NOE.Nokia.com ([172.21.138.183]) by esebh103.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 4 Jun 2007 10:14:05 +0300 Received: from mgw-int02.ntc.nokia.com ([172.21.143.97]) by esebh102.NOE.Nokia.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.1830); Mon, 4 Jun 2007 10:14:04 +0300 Received: from [172.21.34.187] (esdhcp034187.research.nokia.com [172.21.34.187]) by mgw-int02.ntc.nokia.com (Switch-3.2.5/Switch-3.2.5) with ESMTP id l547E3fr017477; Mon, 4 Jun 2007 10:14:03 +0300 In-Reply-To: <46607C6E.4000009@spaghetti.zurich.ibm.com> References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> Mime-Version: 1.0 (Apple Message framework v752.3) Message-Id: From: Lars Eggert Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list Date: Mon, 4 Jun 2007 10:13:52 +0300 To: ext Jeroen Massar X-Mailer: Apple Mail (2.752.3) X-OriginalArrivalTime: 04 Jun 2007 07:14:04.0930 (UTC) FILETIME=[EF4A6E20:01C7A677] X-Nokia-AV: Clean X-Spam-Score: 0.0 (/) X-Scan-Signature: 00e94c813bef7832af255170dca19e36 Cc: Brian Haberman , Fred Baker , tools-discuss@ietf.org, Joe Touch X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0868174711==" Errors-To: tools-discuss-bounces@ietf.org --===============0868174711== Content-Type: multipart/signed; micalg=sha1; boundary=Apple-Mail-24-770569545; protocol="application/pkcs7-signature" --Apple-Mail-24-770569545 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed On 2007-6-1, at 23:07, ext Jeroen Massar wrote: > The biggest problem with adminning a mailinglist now is simply that > there is about, I guess ~75 spams a day ending up in the moderator > queue. The problem with this is that one becomes lazy in checking the > queue, thus if there is a legit message it will take a few moments > longer for them to be approved. Or it might just happen accidentally > that you delete it, afaik that didn't happen yet though fortunately. I've had great success running spamassassin over the moderation queue to thin out obvious spam: http://www.waider.ie/hacks/workshop/perl/ mailman.pl Lars --Apple-Mail-24-770569545 Content-Transfer-Encoding: base64 Content-Type: application/pkcs7-signature; name=smime.p7s Content-Disposition: attachment; filename=smime.p7s MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGQDCCAvkw ggJioAMCAQICEGtxkLFHQu1g67hlmYfwPuIwDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UEBhMCWkEx JTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQ ZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA3MDEwNDE2MTE1NFoXDTA4MDEwNDE2MTE1 NFowXDEPMA0GA1UEBBMGRWdnZXJ0MQ0wCwYDVQQqEwRMYXJzMRQwEgYDVQQDEwtMYXJzIEVnZ2Vy dDEkMCIGCSqGSIb3DQEJARYVbGFycy5lZ2dlcnRAbm9raWEuY29tMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEA26hjntVPZMiwh4d8tyuk9KiucvG92BVUGArk5zO1jhmq7tLFgU1mqcIg VGumfQqjkAzIuh83kxIiqBrB05Wvxp85apwt4sUCvzMe8mQWzZZZYp0rBzwpOj+VC5pxsMRYtYW+ BaTFBEmvFr7D7C7roZUk0lDppS5SZFs4SQbEe9ykB9aeUf1iTiw2+ikyP2+JEYto14WYCoxFWbms FbQ1uaaK+yn1WH2YHhyMfi0IOxuT0jtbsngjHJMpWIqq334zBhj+rPSUug47YBHr41FCDMHbbbjv WbyTyDYneOW3WY8LY8bGWVlAknQGB7lgduShe6e0RI/7SL/VE6X27lM9LwIDAQABozIwMDAgBgNV HREEGTAXgRVsYXJzLmVnZ2VydEBub2tpYS5jb20wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUF AAOBgQCx3nxxTg/WowobVTRXBiXUEEZj4LBiunWbuAnR0UbJIgijvq3JbiJvZo2gUGiW9LPaHSBz 4oxT1VR/S/6O0a4e87oV5cOQm6ReB68o9rDfUzxHTwoCfv2wwMwBrXyzQMjyQK4Lt8siV41gmZpm rSXMhjTJdd9uYYNoZKQLq+VM+TCCAz8wggKooAMCAQICAQ0wDQYJKoZIhvcNAQEFBQAwgdExCzAJ BgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgG A1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMg RGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3 DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3 MTYyMzU5NTlaMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5 KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQTCBnzAN BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxKY8VXNV+065yplaHmjAdQRwnd/p/6Me7L3N9VvyGna9 fww6YfK/Uc4B1OVQCjDXAmNaLIkVcI7dyfArhVqqP3FWy688Cwfn8R+RNiQqE88r1fOCdz0Dviv+ uxg+B79AgAJk16emu59l0cUqVIUPSAR/p7bRPGEEQB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMB Af8ECDAGAQH/AgEAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3 dGVQZXJzb25hbEZyZWVtYWlsQ0EuY3JsMAsGA1UdDwQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgG A1UEAxMRUHJpdmF0ZUxhYmVsMi0xMzgwDQYJKoZIhvcNAQEFBQADgYEASIzRUIPqCy7MDaNmrGcP f6+svsIXoUOWlJ1/TCG4+DYfqi2fNi/A9BxQIJNwPP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQlGLH 2ydxVyWN3amcOY6MIE9lX5Xa9/eH1sYITq726jTlEBpbNU1341YheILcIRk13iSx0x1G/11fZU8x ggMQMIIDDAIBATB2MGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAo UHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQ a3GQsUdC7WDruGWZh/A+4jAJBgUrDgMCGgUAoIIBbzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcB MBwGCSqGSIb3DQEJBTEPFw0wNzA2MDQwNzEzNTJaMCMGCSqGSIb3DQEJBDEWBBThI3F/xGUNAVyn MaqJM67JfxYWRTCBhQYJKwYBBAGCNxAEMXgwdjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt YWlsIElzc3VpbmcgQ0ECEGtxkLFHQu1g67hlmYfwPuIwgYcGCyqGSIb3DQEJEAILMXigdjBiMQsw CQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UE AxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECEGtxkLFHQu1g67hlmYfwPuIw DQYJKoZIhvcNAQEBBQAEggEAKgosrb4ne7CUh1BW+FEXf8gF6zRpORP2mBs5DpxWGH2uJOiSt4Ul u/tHAkn98DpwsBK61bcFewzws3iQ026Ug8MhhAuZCeNiYm7Gu+q1SYyl7xQnLdosxeNFuwxuYn1i vo0qNBqpC+liW3oXoyqPKIyhrLM6MsY6Kv7k74WujYLm3q+CqjoFmmhbgO/bw+xArYmnp2yqjRTq 62qBCMcpGKgnzmBs7dOMbY023Ouc4M0ooCJrGgmNtv5uDrskc0JRJR2qYEXxQWSxKEQ2lmQbuTlS fMSS/mJinA9B440vHbMrOErwgq3A0VnCwYLemSPEzUPvXDswNuEr2MS6jA025QAAAAAAAA== --Apple-Mail-24-770569545-- --===============0868174711== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============0868174711==-- From tools-discuss-bounces@ietf.org Mon Jun 04 03:20:09 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hv6rI-0005Nq-Tc; Mon, 04 Jun 2007 03:20:08 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1Hv6rH-0005Nl-HV for tools-discuss-confirm+ok@megatron.ietf.org; Mon, 04 Jun 2007 03:20:07 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hv6rH-0005Na-6l for tools-discuss@ietf.org; Mon, 04 Jun 2007 03:20:07 -0400 Received: from ug-out-1314.google.com ([66.249.92.168]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Hv6rF-0002z3-QV for tools-discuss@ietf.org; Mon, 04 Jun 2007 03:20:07 -0400 Received: by ug-out-1314.google.com with SMTP id j30so1819864ugc for ; Mon, 04 Jun 2007 00:20:05 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=KP4RJpMPxmqIsqCDzFumwa7XNwmYCXHTGhOJFFeLVpMEh42uXcKIEsSuDCCkKL0m7ajAG0XRcHIufweFeMPBGAhNh1bx+mf+wVEvXszTtkd5TaHEp6lrou5sE3OrgfVLh6+w+im774eXNISP4c6V0NCelEeI2BHLwW4sR5F2BJM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=QZf8L2boqeeGzR0zqvfWYhQc9lA+0UHa2YQ4K/5FftF/cxmYgWxW9x9s3MZ/tl9vxrPScI5Git1M1BIhCcI293RExwldUxeQSMoK58nF+KM2Bg1MuhyLQ1MaPCn3vuUMtlPdYt33zY+HtExjXkOcmSjnYGKDGYg9QZ01yk4zg9o= Received: by 10.66.243.2 with SMTP id q2mr2933284ugh.1180941604772; Mon, 04 Jun 2007 00:20:04 -0700 (PDT) Received: from ?10.10.50.1? ( [213.3.13.1]) by mx.google.com with ESMTP id w5sm219011mue.2007.06.04.00.20.03; Mon, 04 Jun 2007 00:20:04 -0700 (PDT) Message-ID: <4663BD22.40407@gmail.com> Date: Mon, 04 Jun 2007 09:20:02 +0200 From: Brian E Carpenter User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: Fred Baker Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46626391.1060800@gmail.com> <070CD4CF-21B1-4481-9D1C-99002EF7A6F7@cisco.com> In-Reply-To: <070CD4CF-21B1-4481-9D1C-99002EF7A6F7@cisco.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.0 (/) X-Scan-Signature: 93238566e09e6e262849b4f805833007 Cc: Brian Haberman , tools-discuss@ietf.org, Joe Touch X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org On 2007-06-03 14:55, Fred Baker wrote: > > On Jun 3, 2007, at 2:45 AM, Brian E Carpenter wrote: > >> For lists that the secretariat is running TMDA in front of, that rate >> is down to approximately zero. However, TMDA will not block the type >> of forgery Brian H is suffering from, and the cost of checking a PGP >> signature on every message from someone on the TMDA whitelist would >> presumably be significant and possibly prohibitive. > > Checking for the presence of a PGP signature could be done with a little > code, and leave the validation of it to the user. That sounds like a special case: if sender is Haberman and PGP is absent, then moderate the message. But that doesn't scale. Brian > Spam-bots don't > PGP-sign their stuff, and if they spoofed it that would be obvious at > the user end. Ditto DKIM; it might come with a signature from the bot's > ISP, but it won't come with the signature of the person it putatively > came from, and right now it doesn't come with a signature at all. > _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Mon Jun 04 07:13:40 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HvAVH-0000W6-K2; Mon, 04 Jun 2007 07:13:39 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HvAVG-0000V2-6b for tools-discuss-confirm+ok@megatron.ietf.org; Mon, 04 Jun 2007 07:13:38 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HvAVF-0000Uu-TB for tools-discuss@ietf.org; Mon, 04 Jun 2007 07:13:37 -0400 Received: from mtagate6.de.ibm.com ([195.212.29.155]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HvAVE-0006x5-GX for tools-discuss@ietf.org; Mon, 04 Jun 2007 07:13:37 -0400 Received: from d12nrmr1607.megacenter.de.ibm.com (d12nrmr1607.megacenter.de.ibm.com [9.149.167.49]) by mtagate6.de.ibm.com (8.13.8/8.13.8) with ESMTP id l54BDZ8a259118 for ; Mon, 4 Jun 2007 11:13:35 GMT Received: from d12av04.megacenter.de.ibm.com (d12av04.megacenter.de.ibm.com [9.149.165.229]) by d12nrmr1607.megacenter.de.ibm.com (8.13.8/8.13.8/NCO v8.3) with ESMTP id l54BDYRg4059228 for ; Mon, 4 Jun 2007 13:13:35 +0200 Received: from d12av04.megacenter.de.ibm.com (loopback [127.0.0.1]) by d12av04.megacenter.de.ibm.com (8.12.11.20060308/8.13.3) with ESMTP id l54BDYKU014502 for ; Mon, 4 Jun 2007 13:13:34 +0200 Received: from sihl.zurich.ibm.com (sihl.zurich.ibm.com [9.4.16.232]) by d12av04.megacenter.de.ibm.com (8.12.11.20060308/8.12.11) with ESMTP id l54BDYNw014495 for ; Mon, 4 Jun 2007 13:13:34 +0200 Received: from [9.145.249.189] (sig-9-145-249-189.de.ibm.com [9.145.249.189]) by sihl.zurich.ibm.com (AIX4.3/8.9.3p2/8.9.3) with ESMTP id NAA124446 for ; Mon, 4 Jun 2007 13:13:33 +0200 Message-ID: <4663F3DB.7090109@zurich.ibm.com> Date: Mon, 04 Jun 2007 13:13:31 +0200 From: Brian E Carpenter Organization: IBM User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: tools-discuss@ietf.org Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.0 (/) X-Scan-Signature: 79899194edc4f33a41f49410777972f8 Subject: [Tools-discuss] idnits: amusing bug X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org > idnits 2.04.07 > > tmp/draft-carpenter-idloc-map-cons-01.txt: (not yet posted.) ... > == Unused Reference: 'RFC4864' is defined on line 914, but no explicit > reference was found in the text The actual referring sentence is: Also, is there any relation to topology hiding [RFC4864]? It looks as if the '?' confuses the checker. When I remove it, the warning goes away. Brian _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Mon Jun 04 09:38:49 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HvCll-0008PV-2s; Mon, 04 Jun 2007 09:38:49 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HvClk-0008PQ-BP for tools-discuss-confirm+ok@megatron.ietf.org; Mon, 04 Jun 2007 09:38:48 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HvClk-0008PI-20 for tools-discuss@ietf.org; Mon, 04 Jun 2007 09:38:48 -0400 Received: from vapor.isi.edu ([128.9.64.64]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HvCli-0005zB-M7 for tools-discuss@ietf.org; Mon, 04 Jun 2007 09:38:48 -0400 Received: from [127.0.0.1] (pool-71-105-94-14.lsanca.dsl-w.verizon.net [71.105.94.14]) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id l54DcL97025625; Mon, 4 Jun 2007 06:38:21 -0700 (PDT) Message-ID: <466415B6.9080001@isi.edu> Date: Mon, 04 Jun 2007 06:37:58 -0700 From: Joe Touch User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Brian E Carpenter Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46609721.3030705@isi.edu> <4660B165.8000406@spaghetti.zurich.ibm.com> <4660DD2E.5070401@isi.edu> <4661369B.4080607@spaghetti.zurich.ibm.com> <46616164.40607@isi.edu> <4662FBA9.9030705@isi.edu> <46631480.2000608@isi.edu> <4663BB73.7020601@gmail.com> In-Reply-To: <4663BB73.7020601@gmail.com> X-Enigmail-Version: 0.95.0 X-ISI-4-43-8-MailScanner: Found to be clean X-MailScanner-From: touch@isi.edu X-Spam-Score: 0.0 (/) X-Scan-Signature: d8ae4fd88fcaf47c1a71c804d04f413d Cc: Brian Haberman , Pekka Savola , tools-discuss@ietf.org, Fred Baker X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1458278979==" Errors-To: tools-discuss-bounces@ietf.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============1458278979== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig3AF94670B0E1F09036E95141" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig3AF94670B0E1F09036E95141 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Brian E Carpenter wrote: =2E.. >> I'll note that I resisted requiring subscriber-only posts on the >> E2E-list, but added it only after being directed by the WG chairs. >=20 > Are you talking about e2e, which iirc is a closed IRTF group? >=20 > Or about e2e-interest, which iirc is an open-subscription group > loosely associated with the e2e research group? The latter. > In either case, IETF rules and practices don't apply anyway. We choose to try to follow them as best possible. >> I don't see anything that prohibits requiring subscription to >> automatically post, so long as there is an avenue for posters that >> doesn't require subscription (there is - email to the admin). >> >> As to silent drops of nonsubscribers, yes, that's in direct conflict >> with what the IESG recommends.=20 >=20 > More to the point, on an IETF list, it's against a deep IETF principle > that is documented in RFC 2418: >=20 > The IETF has basic requirements for open and fair participation and > for thorough consideration of technical alternatives. Everyone is welcome to subscribe, and subscription doesn't mean you need to receive posts (there's a 'nomail' option). Posters who don't want to subscribe are welcome to send mail to the admin, which are then posted. So exactly how does this configuration violate this requirement? >> The primary alternative is to set >> "reject" rather than "discard" for those.=20 >=20 > The normal thing is to moderate all non-member posts except for > non-members that have been whitelisted.=20 That's a ridiculous waste of resources for lists that are very popular. > And personally I never use > "reject" for spam because that at worst helps the spammer and at best > wastes bits. Agreed. Joe --------------enig3AF94670B0E1F09036E95141 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGZBW2E5f5cImnZrsRAkGMAJsEdTb75Mrmgx4+b1yTgiQTmO5kCgCeKOuQ I9ZT9uoZ7pfVydZtZa769MU= =yhVV -----END PGP SIGNATURE----- --------------enig3AF94670B0E1F09036E95141-- --===============1458278979== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============1458278979==-- From tools-discuss-bounces@ietf.org Mon Jun 04 09:56:11 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HvD2Z-0006fJ-7j; Mon, 04 Jun 2007 09:56:11 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HvD2X-0006fE-GO for tools-discuss-confirm+ok@megatron.ietf.org; Mon, 04 Jun 2007 09:56:09 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HvD2X-0006f6-6s for tools-discuss@ietf.org; Mon, 04 Jun 2007 09:56:09 -0400 Received: from ug-out-1314.google.com ([66.249.92.171]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HvD2W-0000Cw-I2 for tools-discuss@ietf.org; Mon, 04 Jun 2007 09:56:09 -0400 Received: by ug-out-1314.google.com with SMTP id j30so1973795ugc for ; Mon, 04 Jun 2007 06:56:07 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=k68AItB7izL6C6ImOoR0r94u2mYO/7DjDTU/UuxySSIxjfTzB0S/Sjt1Prug/gmUxDTe3DCdItMbL0qbg/RRHvdXEQbP5b1nzlGnB1WhtEkXR1I4i8WhrSFBj+QmXW20HwZwQuB1rzX5CkY53P5SpfAtPbZFPGZbEggrZUv/ynI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=Uxqnayrrom0KWjuIwxbzCpCy0yJYr+1B8a2K8Z5H7+3BPPnHSYqj4e5W5f4ylx1m1XVjp9ew0kF3XrdGMXIObXItMfCGCiRthoh7LhEGnWH9oc0jSTJeoWTLE3Af5uVBVxjde6ViatWlBULAnz6oTZln6SSqXK4rfJ9IXxu/mV8= Received: by 10.66.240.12 with SMTP id n12mr3126066ugh.1180965366922; Mon, 04 Jun 2007 06:56:06 -0700 (PDT) Received: from ?10.10.50.1? ( [213.3.13.1]) by mx.google.com with ESMTP id p56sm213112uga.2007.06.04.06.56.04; Mon, 04 Jun 2007 06:56:05 -0700 (PDT) Message-ID: <466419F2.4070005@gmail.com> Date: Mon, 04 Jun 2007 15:56:02 +0200 From: Brian E Carpenter User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: Joe Touch Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46609721.3030705@isi.edu> <4660B165.8000406@spaghetti.zurich.ibm.com> <4660DD2E.5070401@isi.edu> <4661369B.4080607@spaghetti.zurich.ibm.com> <46616164.40607@isi.edu> <4662FBA9.9030705@isi.edu> <46631480.2000608@isi.edu> <4663BB73.7020601@gmail.com> <466415B6.9080001@isi.edu> In-Reply-To: <466415B6.9080001@isi.edu> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: 0.0 (/) X-Scan-Signature: 0a7aa2e6e558383d84476dc338324fab Cc: Brian Haberman , Pekka Savola , tools-discuss@ietf.org, Fred Baker X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org On 2007-06-04 15:37, Joe Touch wrote: > > Brian E Carpenter wrote: > ... >>> I'll note that I resisted requiring subscriber-only posts on the >>> E2E-list, but added it only after being directed by the WG chairs. >> Are you talking about e2e, which iirc is a closed IRTF group? >> >> Or about e2e-interest, which iirc is an open-subscription group >> loosely associated with the e2e research group? > > The latter. > >> In either case, IETF rules and practices don't apply anyway. > > We choose to try to follow them as best possible. > >>> I don't see anything that prohibits requiring subscription to >>> automatically post, so long as there is an avenue for posters that >>> doesn't require subscription (there is - email to the admin). >>> >>> As to silent drops of nonsubscribers, yes, that's in direct conflict >>> with what the IESG recommends. >> More to the point, on an IETF list, it's against a deep IETF principle >> that is documented in RFC 2418: >> >> The IETF has basic requirements for open and fair participation and >> for thorough consideration of technical alternatives. > > Everyone is welcome to subscribe, and subscription doesn't mean you need > to receive posts (there's a 'nomail' option). Posters who don't want to > subscribe are welcome to send mail to the admin, which are then posted. > > So exactly how does this configuration violate this requirement? I think it's a convenience issue. There are probably a couple of hundred list associated with the I*TF that an individual might want to post to very occasionally - you can't expect people to manage that many subscriptions, and people expect to send mail to the list, not to a human relay. BTW to be clear - I'm not on e2e-interest at the moment, but while I was, I had no complaints whatever at the list management policy. > >>> The primary alternative is to set >>> "reject" rather than "discard" for those. >> The normal thing is to moderate all non-member posts except for >> non-members that have been whitelisted. > > That's a ridiculous waste of resources for lists that are very popular. Actually I didn't find that while administering the IESG list. The number of non-spam non-member posts was quite high, of course, but didn't cost more than a couple of minutes per day. It would have been much more time-consuming to act as a human relay. It was the spam that took the time, until TMDA came along. Brian _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Mon Jun 04 10:05:55 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HvDBz-0005Bv-AE; Mon, 04 Jun 2007 10:05:55 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HvDBy-0005Bp-SO for tools-discuss-confirm+ok@megatron.ietf.org; Mon, 04 Jun 2007 10:05:54 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HvDBy-0005Bh-Ir for tools-discuss@ietf.org; Mon, 04 Jun 2007 10:05:54 -0400 Received: from vapor.isi.edu ([128.9.64.64]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HvDBy-0001ZS-67 for tools-discuss@ietf.org; Mon, 04 Jun 2007 10:05:54 -0400 Received: from [127.0.0.1] (pool-71-105-94-14.lsanca.dsl-w.verizon.net [71.105.94.14]) by vapor.isi.edu (8.13.8/8.13.8) with ESMTP id l54E5aHO002714; Mon, 4 Jun 2007 07:05:37 -0700 (PDT) Message-ID: <46641C19.1030808@isi.edu> Date: Mon, 04 Jun 2007 07:05:13 -0700 From: Joe Touch User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Brian E Carpenter Subject: Re: [Tools-discuss] Authenticating posts to IETF mailing list References: <46603A51.1070004@innovationslab.net> <46606284.6040301@isi.edu> <5F4AA7FB-2FBB-4936-BF5F-EB28358246F8@cisco.com> <46607C6E.4000009@spaghetti.zurich.ibm.com> <46609721.3030705@isi.edu> <4660B165.8000406@spaghetti.zurich.ibm.com> <4660DD2E.5070401@isi.edu> <4661369B.4080607@spaghetti.zurich.ibm.com> <46616164.40607@isi.edu> <4662FBA9.9030705@isi.edu> <46631480.2000608@isi.edu> <4663BB73.7020601@gmail.com> <466415B6.9080001@isi.edu> <466419F2.4070005@gmail.com> In-Reply-To: <466419F2.4070005@gmail.com> X-Enigmail-Version: 0.95.0 X-ISI-4-43-8-MailScanner: Found to be clean X-MailScanner-From: touch@isi.edu X-Spam-Score: 0.0 (/) X-Scan-Signature: 32b73d73e8047ed17386f9799119ce43 Cc: Brian Haberman , Pekka Savola , tools-discuss@ietf.org, Fred Baker X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============0992527689==" Errors-To: tools-discuss-bounces@ietf.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0992527689== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig7483003C5FA14AB2436108BE" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig7483003C5FA14AB2436108BE Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Brian E Carpenter wrote: =2E.. >>>> As to silent drops of nonsubscribers, yes, that's in direct conflict= >>>> with what the IESG recommends.=20 >>> More to the point, on an IETF list, it's against a deep IETF principl= e >>> that is documented in RFC 2418: >>> >>> The IETF has basic requirements for open and fair participation an= d >>> for thorough consideration of technical alternatives. >> >> Everyone is welcome to subscribe, and subscription doesn't mean you ne= ed >> to receive posts (there's a 'nomail' option). Posters who don't want t= o >> subscribe are welcome to send mail to the admin, which are then posted= =2E >> >> So exactly how does this configuration violate this requirement? >=20 > I think it's a convenience issue. There are probably a couple of hundre= d > list associated with the I*TF that an individual might want to post > to very occasionally - you can't expect people to manage that many > subscriptions, and people expect to send mail to the list, > not to a human relay. On that point we differ; I think joining a list is a low hurdle, one that the IETF could automate in bulk (i.e., join all lists in an area at once) if desired. I also think 'managing' a list membership is a low hurdle; if you're going to post to a list, even occasionally, you should check the list posting policies to see if they've changed. At the very least, this would constitute a difference of opinion on convenience; that's a lot less than being "against a deep IETF principle", IMO. > BTW to be clear - I'm not on e2e-interest at the moment, but while > I was, I had no complaints whatever at the list management policy. (that makes you the exception; everyone seems to want to back-seat drive there, FWIW) >>>> The primary alternative is to set >>>> "reject" rather than "discard" for those.=20 >>> The normal thing is to moderate all non-member posts except for >>> non-members that have been whitelisted.=20 >> >> That's a ridiculous waste of resources for lists that are very popular= =2E >=20 > Actually I didn't find that while administering the IESG list. The > number of non-spam non-member posts was quite high, of course, > but didn't cost more than a couple of minutes per day. It would > have been much more time-consuming to act as a human relay. > It was the spam that took the time, until TMDA came along. FWIW, I get a ton of non-member posts which are clearly spam but are not caught by our spam filters. That's why we moved to subscriber only. I think that such a move is fine where needed, and can be done in a way consistent with IETF policy. Joe --------------enig7483003C5FA14AB2436108BE Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGZBwZE5f5cImnZrsRAqRJAKDsaAkBPjaYsZ7f5QueIWOKznCNnACfbXqr SHfi5TMOwqEECacDx6EvTPs= =0adU -----END PGP SIGNATURE----- --------------enig7483003C5FA14AB2436108BE-- --===============0992527689== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss --===============0992527689==-- From tools-discuss-bounces@ietf.org Mon Jun 04 11:38:09 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HvEdE-0005Y6-Li; Mon, 04 Jun 2007 11:38:08 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HvEdE-0005Y1-2n for tools-discuss-confirm+ok@megatron.ietf.org; Mon, 04 Jun 2007 11:38:08 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HvEdD-0005Xt-PX for tools-discuss@ietf.org; Mon, 04 Jun 2007 11:38:07 -0400 Received: from [2001:698:9:31:214:22ff:fe21:bb] (helo=merlot.tools.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HvEdC-0007EC-CZ for tools-discuss@ietf.org; Mon, 04 Jun 2007 11:38:07 -0400 Received: from localhost ([127.0.0.1] helo=marsanne.levkowetz.com ident=henrik) by merlot.tools.ietf.org with esmtp (Exim 4.63) (envelope-from ) id 1HvEdA-00031b-QA; Mon, 04 Jun 2007 17:38:04 +0200 Message-ID: <466431DC.4070808@levkowetz.com> Date: Mon, 04 Jun 2007 17:38:04 +0200 From: Henrik Levkowetz User-Agent: Thunderbird 2.0.0.0 (Macintosh/20070326) MIME-Version: 1.0 To: Brian E Carpenter Subject: Re: [Tools-discuss] idnits: amusing bug References: <4663F3DB.7090109@zurich.ibm.com> In-Reply-To: <4663F3DB.7090109@zurich.ibm.com> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Rcpt-To: brc@zurich.ibm.com, tools-discuss@ietf.org, henrik-sent@levkowetz.com X-SA-Exim-Mail-From: henrik@levkowetz.com X-SA-Exim-Scanned: No (on merlot.tools.ietf.org); SAEximRunCond expanded to false X-Spam-Score: -2.8 (--) X-Scan-Signature: 9182cfff02fae4f1b6e9349e01d62f32 Cc: tools-discuss@ietf.org X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org Hi Brian, On 2007-06-04 13:13 Brian E Carpenter said the following: >> idnits 2.04.07 >> >> tmp/draft-carpenter-idloc-map-cons-01.txt: > > (not yet posted.) > ... > >> == Unused Reference: 'RFC4864' is defined on line 914, but no explicit >> reference was found in the text > > The actual referring sentence is: > > Also, is there any relation to topology hiding [RFC4864]? > > It looks as if the '?' confuses the checker. When I remove it, the warning > goes away. Right. '?' wasn't listed among the permitted characters following a reference. Testing a new version now which will permit this. Henrik _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Tue Jun 05 11:51:04 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HvbJH-0007YU-Li; Tue, 05 Jun 2007 11:51:03 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HvbJG-0007YE-Fx for tools-discuss-confirm+ok@megatron.ietf.org; Tue, 05 Jun 2007 11:51:02 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HvbJG-0007Y6-6W for tools-discuss@ietf.org; Tue, 05 Jun 2007 11:51:02 -0400 Received: from mail.gmx.net ([213.165.64.20]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1HvbJE-0000vT-Op for tools-discuss@ietf.org; Tue, 05 Jun 2007 11:51:02 -0400 Received: (qmail invoked by alias); 05 Jun 2007 15:50:59 -0000 Received: from mail.greenbytes.de (EHLO [192.168.1.87]) [217.91.35.233] by mail.gmx.net (mp046) with SMTP; 05 Jun 2007 17:50:59 +0200 X-Authenticated: #1915285 X-Provags-ID: V01U2FsdGVkX1/T9es73t/TGSt4P36D0y+j6twl/UUgZDSGeZwrJm CAFXABdsM9QVsp Message-ID: <46658663.2010801@gmx.de> Date: Tue, 05 Jun 2007 17:50:59 +0200 From: Julian Reschke User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.0.4) Gecko/20060516 Thunderbird/1.5.0.4 Mnenhy/0.7.4.666 MIME-Version: 1.0 To: tools-discuss@ietf.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 X-Spam-Score: 0.0 (/) X-Scan-Signature: 7aefe408d50e9c7c47615841cb314bed Subject: [Tools-discuss] minor rfcmarkup issue wrt to "Obsoletes" link X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org Hi, for some reason the "obsoletes" link in is broken, pointing to . Best regards, Julian _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Tue Jun 05 12:12:27 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hvbdx-00061n-2N; Tue, 05 Jun 2007 12:12:25 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1Hvbdv-00061c-Ra for tools-discuss-confirm+ok@megatron.ietf.org; Tue, 05 Jun 2007 12:12:23 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hvbdv-00061U-Hh for tools-discuss@ietf.org; Tue, 05 Jun 2007 12:12:23 -0400 Received: from [2001:698:9:31:214:22ff:fe21:bb] (helo=merlot.tools.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Hvbdv-0004oJ-4J for tools-discuss@ietf.org; Tue, 05 Jun 2007 12:12:23 -0400 Received: from localhost ([127.0.0.1] helo=marsanne.levkowetz.com ident=henrik) by merlot.tools.ietf.org with esmtp (Exim 4.63) (envelope-from ) id 1Hvbdu-00080R-Cf; Tue, 05 Jun 2007 18:12:22 +0200 Message-ID: <46658B65.1010709@levkowetz.com> Date: Tue, 05 Jun 2007 18:12:21 +0200 From: Henrik Levkowetz User-Agent: Thunderbird 2.0.0.0 (Macintosh/20070326) MIME-Version: 1.0 To: Julian Reschke Subject: Re: [Tools-discuss] minor rfcmarkup issue wrt to "Obsoletes" link References: <46658663.2010801@gmx.de> In-Reply-To: <46658663.2010801@gmx.de> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Rcpt-To: julian.reschke@gmx.de, tools-discuss@ietf.org, henrik-sent@levkowetz.com X-SA-Exim-Mail-From: henrik@levkowetz.com X-SA-Exim-Scanned: No (on merlot.tools.ietf.org); SAEximRunCond expanded to false X-Spam-Score: -2.8 (--) X-Scan-Signature: 1ac7cc0a4cd376402b85bc1961a86ac2 Cc: tools-discuss@ietf.org X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org Hi Julian, On 2007-06-05 17:50 Julian Reschke said the following: > Hi, > > for some reason the "obsoletes" link in > is broken, pointing to > . Hmm. Just as odd is that it's actually broken on www2, but not on www1 and www3. Investigating. Thanks! Henrik _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Fri Jun 08 11:01:36 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hwfy4-0001v1-Rd; Fri, 08 Jun 2007 11:01:36 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HwLR5-0001ga-9P for tools-discuss-confirm+ok@megatron.ietf.org; Thu, 07 Jun 2007 13:06:11 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HwLR5-0001gR-06 for tools-discuss@ietf.org; Thu, 07 Jun 2007 13:06:11 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HwLP3-0001TZ-0m for tools-discuss@ietf.org; Thu, 07 Jun 2007 13:04:05 -0400 Received: from ug-out-1314.google.com ([66.249.92.170]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HwLP1-0007BK-NM for tools-discuss@ietf.org; Thu, 07 Jun 2007 13:04:04 -0400 Received: by ug-out-1314.google.com with SMTP id j30so1884783ugc for ; Thu, 07 Jun 2007 10:04:02 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; b=HmF8Tj/uBqy5RlS+BdvUqyD2Pu9JkZEFvWljuepEQJVML7r3z0OCnFYl20w6ys+Ba4phqTZ7N/jfKszYpIQmEXH6G0SmO1J+h5O+laTkOv9ryUuiIWy1VCr38dGi5BFCvtU7Z2JXXQeExoVnQS2mC44256zZBWoEip0est8X18w= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:sender:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition:x-google-sender-auth; b=KO+Z5ildO1kVBvNQoxE8feTdBdE64onaP2PyCxKpHLVz9snNNj8D9nLhYufR2OWiofmbFR6k/zWWwXXeM8204ugw9jMa2BzuqexLMuuXEm+FlVoNwb5sYuXsrjDodRUMUQHj8KqZ5taziHTVP9iZSofEZRna4398ITRpyxp//SE= Received: by 10.78.171.20 with SMTP id t20mr837179hue.1181235842689; Thu, 07 Jun 2007 10:04:02 -0700 (PDT) Received: by 10.78.190.11 with HTTP; Thu, 7 Jun 2007 10:04:02 -0700 (PDT) Message-ID: <28cfc1a40706071004o3823c420g96859ec187642db0@mail.gmail.com> Date: Thu, 7 Jun 2007 13:04:02 -0400 From: "Brenden Kuerbis" To: tools-discuss@ietf.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Google-Sender-Auth: 7bc21182e8653eb0 X-Spam-Score: 0.0 (/) X-Scan-Signature: d17f825e43c9aed4fd65b7edddddec89 X-TMDA-Confirmed: Thu, 07 Jun 2007 13:06:10 -0400 X-Mailman-Approved-At: Fri, 08 Jun 2007 11:01:36 -0400 Subject: [Tools-discuss] Internet-Draft Archive Prototype question X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org I'm researching the history of DNSSEC and planning to do an analysis of all dnsext-related documents. Many of the tools pages are helpful in this regard. However, I'm wondering if there is a way to get an non-truncated list of documents (with URLs) when submitting this query < http://tools.ietf.org/id/draft-*-dnsext- > Any help you could provide would be greatly appreciated. Best Regards, Brenden Kuerbis School of Information Studies, Syracuse University _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Fri Jun 08 12:20:13 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HwhC9-0001Ng-EH; Fri, 08 Jun 2007 12:20:13 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HwhC8-0001Jj-Pd for tools-discuss-confirm+ok@megatron.ietf.org; Fri, 08 Jun 2007 12:20:12 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HwhC8-0001IL-FV for tools-discuss@ietf.org; Fri, 08 Jun 2007 12:20:12 -0400 Received: from [2001:698:9:31:214:22ff:fe21:bb] (helo=merlot.tools.ietf.org) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HwhC7-0003rW-2A for tools-discuss@ietf.org; Fri, 08 Jun 2007 12:20:12 -0400 Received: from localhost ([127.0.0.1] helo=marsanne.levkowetz.com ident=henrik) by merlot.tools.ietf.org with esmtp (Exim 4.63) (envelope-from ) id 1HwhC4-0002dA-Kr; Fri, 08 Jun 2007 18:20:08 +0200 Message-ID: <466981B7.7080402@levkowetz.com> Date: Fri, 08 Jun 2007 18:20:07 +0200 From: Henrik Levkowetz User-Agent: Thunderbird 2.0.0.0 (Macintosh/20070326) MIME-Version: 1.0 To: Brenden Kuerbis Subject: Re: [Tools-discuss] Internet-Draft Archive Prototype question References: <28cfc1a40706071004o3823c420g96859ec187642db0@mail.gmail.com> In-Reply-To: <28cfc1a40706071004o3823c420g96859ec187642db0@mail.gmail.com> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Rcpt-To: bnkuerbi@syr.edu, tools-discuss@ietf.org, henrik-sent@levkowetz.com X-SA-Exim-Mail-From: henrik@levkowetz.com X-SA-Exim-Scanned: No (on merlot.tools.ietf.org); SAEximRunCond expanded to false X-Spam-Score: -2.8 (--) X-Scan-Signature: 856eb5f76e7a34990d1d457d8e8e5b7f Cc: tools-discuss@ietf.org X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org Hi Brenden, On 2007-06-07 19:04 Brenden Kuerbis said the following: > I'm researching the history of DNSSEC and planning to do an analysis > of all dnsext-related documents. Many of the tools pages are helpful > in this regard. However, I'm wondering if there is a way to get an > non-truncated list of documents (with URLs) when submitting this query > < http://tools.ietf.org/id/draft-*-dnsext- > Any help you could > provide would be greatly appreciated. Ok. I've added the capability to take a maxhits parameter to the script which generates the search result, so you should be able to get what you need from this URL: http://www1.tools.ietf.org/id/draft-*-dnsext-?maxhits=200 Henrik _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss From tools-discuss-bounces@ietf.org Fri Jun 15 10:24:03 2007 Return-path: Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HzCiY-0000Li-T2; Fri, 15 Jun 2007 10:24:02 -0400 Received: from tools-discuss by megatron.ietf.org with local (Exim 4.43) id 1HzCiX-0000LZ-Om for tools-discuss-confirm+ok@megatron.ietf.org; Fri, 15 Jun 2007 10:24:01 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HzCiX-0000LQ-FE for tools-discuss@ietf.org; Fri, 15 Jun 2007 10:24:01 -0400 Received: from mail.gmx.net ([213.165.64.20]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1HzCiW-0008V7-2l for tools-discuss@ietf.org; Fri, 15 Jun 2007 10:24:01 -0400 Received: (qmail invoked by alias); 15 Jun 2007 14:23:59 -0000 Received: from mail.greenbytes.de (EHLO [192.168.1.87]) [217.91.35.233] by mail.gmx.net (mp036) with SMTP; 15 Jun 2007 16:23:59 +0200 X-Authenticated: #1915285 X-Provags-ID: V01U2FsdGVkX1/OXGQBKkDOwJYWmvR4dctefakgG+ODTt+fU7fGUt kiUpYpvqf4QXRB Message-ID: <4672A0F5.6040501@gmx.de> Date: Fri, 15 Jun 2007 16:23:49 +0200 From: Julian Reschke User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.0.4) Gecko/20060516 Thunderbird/1.5.0.4 Mnenhy/0.7.4.666 MIME-Version: 1.0 To: tools-discuss@ietf.org Subject: Re: [Tools-discuss] Re: Bug in the Perl ABNF parser? Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 X-Spam-Score: 0.0 (/) X-Scan-Signature: ffa9dfbbe7cc58b3fa6b8ae3e57b0aa3 X-BeenThere: tools-discuss@ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF Tools Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tools-discuss-bounces@ietf.org Bill wrote some time ago: > Double-Doh, since bison 2.1 doesn't. > > > I changed YACC= to > > > YACC= @YACC@ -d -v > > > in Makefile.in and it builds on my original development system and on > MacOS 10.4. > > > I also fixed another bug that was introduced just before the 1.1 > release so I suppose I should release 1.2. Did I mention I'm bad at > releasing? ;-) > > > Bill Speaking of which: could you release that one somewhere, or just post a patch? Best regards, Julian _______________________________________________ Tools-discuss mailing list Tools-discuss@ietf.org https://www1.ietf.org/mailman/listinfo/tools-discuss