Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

(AFS) FAQ: Site policies as of 2 August 2001

1 view
Skip to first unread message

Randall Raemon

unread,
Apr 23, 2009, 12:20:00 AM4/23/09
to

Last modifed: 2 August 2001

The old domain name of shikahr.com.inter.net no longer exists.
All information reflects the new domain name of shikahrsoho.com.
There are no other substantive changes in site policies.

This is one of several FAQ postings for the vulcan-* mailing lists
hosted at shikahrsoho.com.

This FAQ describes those policies of the host site that impact
the vulcan-* mailing list.

Contents:

0. About the host site
1. Site security
2. Email addressing
a. Resolvable site names
b. The Internet RBL facility
3. Spam

About the host site
-------------------

shikahrsoho.com... What is that? Who is that?

The shikahrsoho site is a SOHO (Small Office/Home Office) site. It is
not an ISP. The site exists to support a software consultation and
contracting effort for businesses and customers within a local
geographic area. It is not one of these much hyped Internet e-commerce
web-based whatzits. We do work the old fashioned way: in person.

The shikahrsoho site is primarily a Unix shop: *BSD and Linux. There
are a couple of Windows thingies tucked up in the back corner.

We have a CIDR block of IP addresses: 209.198.142.216/29. Our
connection to the Internet is less than a fullblown T1. It's not
a DSL connection, but is instead an ISDN connection. At full
throttle, we could probably push 512k thru the pipe. That puts the
site in the low end traffic category (meaning that we don't even
consider taking a newsfeed) Most of the time, we're doing our part
for the Net at 64k. Those of you who have the newer 56k modems and
are getting a full speed connection are running about the same as
we do on an average day.

Site Security
-------------

Site security and system administration is part and parcel of the
shikahr work. We practice what we preach.

The shikahrsoho site runs a custom built and very Spartan firewall.
Only those services needed on the outside world are provided: email,
selected web traffic, and very selected ftp traffic. Details are
provided a little further down in this posting.

Please note: IMAP, POP, Telnet, finger, etc etc are disabled at the
site firewall. Attack traffic at these ports is logged for analysis.
The standard scripting attacks don't work. We read Bugtraq and Phrack
on the net, and we follow rootshell offerings.

Email addressing and spam filters
---------------------------------

The shikahrsoho site runs a fairly aggressive set of spam filters.
A side effect of this is that some folks can have some difficulty
in sending email to the site.

The basic rule-of-thumb is that the return address on email must
be a valid address that can be looked up in the Internet Domain
Name System. If this can't be done, the shikahrsoho site firewall will
bounce your email sight-unseen.

This can impact two sets of users. First are folks who get an IP address
thru their dial-up connection, giving them an address of something
like <user\@[123.123.0.1]>. IP addresses in email addresses are
rejected at the firewall. It is intended to block those spam
generators who inject directly thru dial-up terminal servers.

The second comes from those sites whose site admin folks haven't
gone to the trouble of configuring their DNS servers. Email addresses
should have a reverse lookup ( site -> IP -> site ), so everything
is consistent. Spammers often have bogus sites ( site1 -> IP -> site2).
The reverse lookup blocks those attempts. (An example: a site
identified itself as being "somesite.co.jp". The IP address was for
a modem bank in Cleveland. Last time I checked, Cleveland was in the
United States, and not in Japan.)

If you are having email problems that seem to be caused by these
filters, you will likely need to get in touch with me. Email to the
shikahrsoho site obviously isn't going to work, unless you have some
other site to send email from. Alternatively, you can send me a
message at a different address. I have an outside account where you
can contact me via mindspring.com, at the emailbox shikahr.

(Aside: you wouldn't believe how much junk email I get at that
address. It's obviously on the spammer's lists...)

Another thing that the shikahrsoho site firewall does, is to "syntax check"
the email headers. Certain of the header fields have to correlate to
each other. If that relationship isn't there, then the email will
bounce. The syntax check in some cases is rather Draconian, but it
is effective.

The Internet RBL facility
-------------------------

This is a fairly new capability on the Net. It's available for the
shikahrsoho site to use, but has not been enabled... yet...

The Internet RBL is a "Realtime Blackhole List" of spam sites. There
is a site on the net that hosts a list of spam sites. If email comes
in from one of these listed sites, the receiving site queries the RBL
host, asks "is this a known spammer?", and if RBL says "yes", then
the receiving site can bounce the email sight unseen, or queue it,
or do whatever the receiving site would deem appropriate.

The shikahrsoho site, so far, has not gotten enough spam to need to use
the RBL facility. But the capability is there.

Why do you need to know about this? Because, on some occasions, an
ISP will have a rogue spammer that the ISP is reluctant to "deal with".
The ISP eventually gets put into the RBL spammer list, causing all
email from the ISP to get bounced by sites that use the RBL facility.
Once the spammer is "rehabilited", then the ISP gets removed from
the RBL spam site list.

Spam
----

One word: Don't...

If you've read thru this posting, you've already noticed that the
shikahrsoho site is rather spam intolerant. So am I. You spam, you're gone.

All address lists are for shikahrsoho site internal use only. The only
bulk mailings from the shikahrsoho site are by requested subscription
mailing lists. Subscription requests are logged or archived. Commerical
traffic thru the shikahr mailing lists is seriously frowned upon,
and subject to deletion at the discretion of whoever is at the
control console at the time. It's a business and legal problem area
that we'd just as soon avoid.


-----------------------------------------------------------------
To unsubscribe from the Vulcan-L list, send an email message
of "unsubscribe vulcan-l" to Vulcan-L-Request at shikahrsoho.com

0 new messages