Goddamned stupid Sympatico!
GP
Accidentally, I copied an address @sympatico.ca which wasn't valid
anymore. This aft, I found that out and decided to sent a message to
Sympa-ticoune at the following address: jhdfjh8...@sympatico.ca
No oreply from the server. I sent the same kind of message to
videotron, vif and cam. I got an error message. But shit, I couldn't
believe this. Si I asked my provider to send a message: same result.
So I called Sympaticoune's service. Some kind of North-African
answered that if I wasn't a member of Sympaticoune, they couldn't help.
Some people here pretend Sympaticoune service is great. How much more
stupid can an ISP really get?
GP
Sylvain Robitaille
> So I called Sympaticoune's service. Some kind of North-African
> answered that if I wasn't a member of Sympaticoune, they couldn't help.
What I'd really like to know (and I do agree with you about the lack of
quality of service at Sympatico; it's exactly why I left them years ago,
never to look back), is what is the relevance of the "North-African"
to your dissatisfaction with Sympatico? Would you have been less
dissatisfied if a "pure-laine Québecois" answered the phone, but gave
you the same response?
I'm all in favour of people expressing dissatisfaction with a service,
but I do feel a need to question when the dissatisfaction appears to
have racial bearing.
--
----------------------------------------------------------------------
Sylvain Robitaille s...@alcor.concordia.ca
Systems analyst Concordia University
Instructional & Information Technology Montreal, Quebec, Canada
----------------------------------------------------------------------
SEKT
companies like bell, like to get richer by hiring immigrants with little or
know technical knowledge, as opposed to people with some expertise.
why pay $15-25 to a tech support guy who will figure out your problem in 5
minutes, when you can pay $10 to an immigrant (it does not really matter
where from or what skin color), who will spend 1 hour on the phone with you,
and not solve in the end.
I think you are the one whos just made this into a racial issue. or maybe
you just do not know what they do. its quite bad. so lets just do our
part everyone, and stay away from bell. I have videotron cable internet and
vonage phone service. I am bell free. life's a little better without them
in it.
take care.
"Sylvain Robitaille" <s...@alcor.concordia.ca> wrote in message
news:slrnd683d...@alcor.concordia.ca...
Sylvain Robitaille
> why pay $15-25 to a tech support guy who will figure out your problem
> in 5 minutes, when you can pay $10 to an immigrant (it does not really
> matter where from or what skin color), who will spend 1 hour on the
> phone with you, and not solve in the end.
The way you've worded that suggests that "immigrant" and "technically
inept" are the same thing. I'm afraid I'm going to have to disagree.
Technical ineptitude has no nationality, and is as widespread in as many
cultures as you care to think of.
You probably didn't mean it that way, but I hope you can re-read your
wording and see that it looks that way.
I've known some immigrants who can work circles around technically inept
"pure" North-Americans ... I don't believe any of them ever worked for
Sympatico ...
> I think you are the one whos just made this into a racial issue.
If it was relevant to the original complaint about Sympatico's lack of
quality of service that the Sympatico tech-support representative who
answered the phone was apparently from North-Africa, then I suppose I
have, but I did _ask_ what the relevance was, because I sure don't see
it with the information that was provided.
If my suspicion is correct and there was no relevance, than I feel very
strongly that this type of thing is worth discussing, and hopefully I
can convince the original poster that this one detail should not have
been included in his post.
JF Mezei
>
> I think its a well known fact, to all except yourself perhaps, that giant
> companies like bell, like to get richer by hiring immigrants with little or
> know technical knowledge, as opposed to people with some expertise.
I have to strongly disagree with this. I have worked at a shop where an
immigrant and totally imcompetant manager hired a Serb fresh out of
serbia with his family still there. He coudl barely speak english. He
tuirned out within a couple of months to be excellent. He was the one
you wanted to talk with because you trusted he'd not only get the job
done, he do it well.
Now, large shops hire drones to answer the phone. They have scripts, and
if you deviate from the allowed questions, the drone is programmed to
give you bullshit. Don't blame it on the individual. It is the company
that is like that.
Now, if Sympatico does not provide postmaster responses for
undeliverable messages, that is not correct. But I can see a reason for
it: SPAM. Spammers generates hundreds of billions of messages, and it
increases the load on the servers if Sympatico has to send back non
delivery notifications to adresses that likely didn't even originate the
messages since spammer use random adresses from lists in the "from".
Dragan Cvetkovic
> I have to strongly disagree with this. I have worked at a shop where an
> immigrant and totally imcompetant manager hired a Serb fresh out of
> serbia with his family still there. He coudl barely speak english. He
> tuirned out within a couple of months to be excellent. He was the one
> you wanted to talk with because you trusted he'd not only get the job
> done, he do it well.
Of course :-)
--
Dragan Cvetkovic,
To be or not to be is true. G. Boole No it isn't. L. E. J. Brouwer
!!! Sender/From address is bogus. Use reply-to one !!!
GP
> SEKT wrote:
>
>>I think its a well known fact, to all except yourself perhaps, that giant
>>companies like bell, like to get richer by hiring immigrants with little or
>>know technical knowledge, as opposed to people with some expertise.
> I have to strongly disagree with this. I have worked at a shop where an
> immigrant and totally imcompetant manager hired a Serb fresh out of
> serbia with his family still there. He coudl barely speak english. He
> tuirned out within a couple of months to be excellent. He was the one
> you wanted to talk with because you trusted he'd not only get the job
> done, he do it well.
You and Robitaille can't read, Mezei. Neither me nor SEKT said
immignants were incompetent.
No time to discuss this with people who can't read, immigrants or not.
> Now, if Sympatico does not provide postmaster responses for
> undeliverable messages, that is not correct. But I can see a reason for
> it: SPAM. Spammers generates hundreds of billions of messages, and it
> increases the load on the servers if Sympatico has to send back non
> delivery notifications to adresses that likely didn't even originate the
> messages since spammer use random adresses from lists in the "from".
Another stupid answer. I said Vidéotron, Vif and CAM returned error
messages. They're facing spam problems too and it seems they've solved
it otherwise than by not returning error messages. Spammers are
identified by the sender and not returning an error message is the
surest way to receive more spam at the same address.
GP
JF Mezei
> Another stupid answer. I said Vidéotron, Vif and CAM returned error
> messages. They're facing spam problems too and it seems they've solved
> it otherwise than by not returning error messages. Spammers are
> identified by the sender and not returning an error message is the
> surest way to receive more spam at the same address.
Insulting people doesn't give you any points.
Look at the headers of a spam message and tell me to whom the receiving
SMTP server should send a non delivery message. Since the headers are
forged, the SMTP server would be sending back a non delivery
notification to someone who hadn't sent that message.
Remember that Sympatico is now aligned to Microsoft, so you can't expect
it to abide by established standards.
Tim Richards
why is it their fault that you addressed your email wrong, and why do they
have to have their mail server set up in such away that allows people to
figure out if email addresses are valid or not.
i think its great that they dont give you a bounceback message.
"GP" <gil...@inverse.nretla.org> wrote in message
news:11681oi...@corp.supernews.com...
JF Mezei
> why is it their fault that you addressed your email wrong, and why do they
> have to have their mail server set up in such away that allows people to
> figure out if email addresses are valid or not.
It is expected in the internet community that undeliverable emails are
bounced back to the sender.
Say to sent an important report to al...@sympatico.ca instead of al...@sympatico.ca
Alice complains you didn't send the report, you accuse her of having
lost it and you tell het that since sympatico didn't bounce it, it must
have been delivered.
TeGGer®
news:ccV8e.1503$9G.2...@news20.bellglobal.com:
> On Mon, 18 Apr 2005 15:15:59 -0400
> GP <gil...@inverse.nretla.org> wrote:
>
>:
>:So I called Sympaticoune's service. Some kind of North-African
>:answered that if I wasn't a member of Sympaticoune, they couldn't help.
>
> I dunno, GP, I'm in Ontario, but when I call Sympastupide, some kind
> of Frenchman usually answers, with a funny accent, speaking lousy
> English.
>
'Scuse my unilingual ignorance, but what is GP trying to say with the
"coune" thing? He obviously means it in an epithetical way.
I checked for it in Voila's translation but it did not come up as anything
Voila recognized.
--
TeGGeR®
Ben Kennedy
"TeGGer®" <teg...@tegger.c0m> wrote:
> 'Scuse my unilingual ignorance, but what is GP trying to say with the
> "coune" thing? He obviously means it in an epithetical way.
>
> I checked for it in Voila's translation but it did not come up as anything
> Voila recognized.
I believe the English translation would be "Sympaticunt".
-ben
(Vive le Canada!)
----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
Sylvain Robitaille
> You and Robitaille can't read, Mezei. Neither me nor SEKT said
> immignants were incompetent.
Oh, I can read quite well. What you said was (and I quote):
> Some kind of North-African answered that if I wasn't a member of
> Sympaticoune, they couldn't help.
I would like to re-iterate my question: what is the relevance of whether
or not the person answering the telephone is of North-African origin?
Would the matter have been any less frustrating if the person answering
the phone had not been North-African?
TeGGer®
news:ben-DE3C24.2...@news2.istop.com:
> In article <Xns963CD082...@207.14.113.17>,
> "TeGGer®" <teg...@tegger.c0m> wrote:
>
>> 'Scuse my unilingual ignorance, but what is GP trying to say with the
>> "coune" thing? He obviously means it in an epithetical way.
>>
>> I checked for it in Voila's translation but it did not come up as
>> anything Voila recognized.
>
> I believe the English translation would be "Sympaticunt".
Ohhhhh...I see...
It suddenly becomes clear why Voila would not translate!
--
TeGGeR®
GP
> In article <Xns963CD082...@207.14.113.17>,
> "TeGGer®" <teg...@tegger.c0m> wrote:
>
>
>>'Scuse my unilingual ignorance, but what is GP trying to say with the
>>"coune" thing? He obviously means it in an epithetical way.
>>
>>I checked for it in Voila's translation but it did not come up as anything
>>Voila recognized.
> I believe the English translation would be "Sympaticunt".
No. Ti-Coune is rather some kind of Hillbilly.
> -ben
> (Vive le Canada!)
Yes. And the Liberals! Unless you think the Conservatives will be so
much better?
GP
Warren
>
> i think its great that they dont give you a bounceback message.
>
Some random thoughts. First of all, we're all assuming that this is an
*intentional* server configuration (to not bounce undeliverable
mails)... this may be giving Sympatico waaaay too much credit. Secondly,
it seems to me that spammers use bounce/no bounce as a way to confirm
the existance of a legitimate email address. They don't care *who* it
is, just that it exists. By not bouncing mail for non-existant users,
they're denied that crucial bit of info. In theory their mailing lists
will become bloated and inaccurate and therefore make them less
valuable. On the other hand, Sympatico has to deal with the increase in
traffic that will result from these bloated databases.
I'd wager if we just started public executions of confirmed spammers
there'd be a whole lot less spam. While we're at it, lets do Karla too.
Warren.
Sylvain Robitaille
> it seems to me that spammers use bounce/no bounce as a way to confirm
> the existance of a legitimate email address.
That would require that the spammers usse a legitimate "envelope sender"
address, which they invariably don't ...
--
----------------------------------------------------------------------
Sylvain Robitaille s...@alcor.concordia.ca
Systems analyst / Postmaster Concordia University
Warren
> Warren wrote:
>
>
>>it seems to me that spammers use bounce/no bounce as a way to confirm
>>the existance of a legitimate email address.
>
>
> That would require that the spammers usse a legitimate "envelope sender"
> address, which they invariably don't ...
>
Ah, yes... of course. Told you they were *random* thoughts. :)
Warren.
Malcolm Ferguson
>I think its a well known fact, to all except yourself perhaps, that giant
>companies like bell, like to get richer by hiring immigrants with little or
>know technical knowledge, as opposed to people with some expertise.
>
>why pay $15-25 to a tech support guy who will figure out your problem in 5
>minutes, when you can pay $10 to an immigrant (it does not really matter
>where from or what skin color), who will spend 1 hour on the phone with you,
>and not solve in the end.
>
>
Have you thought that perhaps it's a nasty under-paid job and people who
are born and bred here are less likely to take it? Perhaps people who
grew up in Canada have more family, support network and more financial
stability. Immigrants on the other hand are in a foreign land with lots
of obstacles and hurdles and often have no choice but take whatever job
they can to survive.
>I think you are the one whos just made this into a racial issue. or maybe
>you just do not know what they do. its quite bad. so lets just do our
>part everyone, and stay away from bell. I have videotron cable internet and
>vonage phone service. I am bell free. life's a little better without them
>in it.
>
>
I don't think Sylvain was making it in to a racial issue. I have no
idea why GP needed to point out that the person he spoke to was a North
African. It didn't add anything to the story, other than suggest a bias
on the part of the writer. I too am an immigrant, but because I'm
white, well-paid and I have what people tell me is a "cool accent" (also
implying that I'm from an acceptable country), I'm okay. I find it
surprising how many people make anti-immigrant remarks to me, completely
forgetting that I'm one too. People have to start somewhere, and quite
often that's with jobs that native Canadians turn their noses up to.
Malc
Devon Ferns
Well, I just tried it from my sympatico email acct to a fake on I made
by jamming the keys
<iouweoiuwe...@sympatico.ca>: host
smtp2.sympatico.ca[209.226.175.63]
said: 550 Invalid recipient: <iouweoiuwe...@sympatico.ca>
(in reply
to RCPT TO command)
Seems to work for me..
Maybe if your mail is coming from an outside mail server it won't
bounce, but at least I can see that it will from an internal one.
Devon.
Malcolm Ferguson
>why is it their fault that you addressed your email wrong, and why do they
>have to have their mail server set up in such away that allows people to
>figure out if email addresses are valid or not.
>
>i think its great that they dont give you a bounceback message.
>
>
I don't. It's very easy to make a typo. I want to know if my email
hasn't been received so I can make an effort to rectify the situation.
It's sounds like you're concerned about dictionary attacks. This is a
very real concern, but swallowing all email to foil such attacks is a
lot of collateral damage. It's a bit like cracking nut with a sledgehammer.
Malc
Dragan Cvetkovic
Malcolm Ferguson <Malcolm_Ferguson@NO_SPAM_PLEASEyahoo.com> writes:
> Tim Richards wrote:
>>i think its great that they dont give you a bounceback message.
>>
> It's sounds like you're concerned about dictionary attacks. This is a very
> real concern, but swallowing all email to foil such attacks is a lot of
> collateral damage. It's a bit like cracking nut with a sledgehammer.
Well, we have had terrible problems in our company with dictionary attacks
so we had to limit the number of concurrent sendmail processes to, say,
about 100, and to limit the number of "Rcpt To" queries to something like 20
per session (I don't remember the details) and appies a buch of similar
tricks. Additional problem would be that the spammer would open 20-50
parallel sessions with dictionary attacks...
The problems with bouncing or non-bouncing mail has got quite a bit more
complicated since virus programs and virii themselves started sending mails
and your mailbox starts filling with "You message to as...@usa.com" could
not be delivered"...
My 0.02$.
Dragan
Ben Kennedy
Devon Ferns <dferns...@NOSPAMsympatico.ca> wrote:
> Well, I just tried it from my sympatico email acct to a fake on I made
> by jamming the keys
>
> <iouweoiuwe...@sympatico.ca>: host
> smtp2.sympatico.ca[209.226.175.63]
> said: 550 Invalid recipient: <iouweoiuwe...@sympatico.ca>
> (in reply
> to RCPT TO command)
>
> Seems to work for me..
>
> Maybe if your mail is coming from an outside mail server it won't
> bounce, but at least I can see that it will from an internal one.
Yeah... smtp2.sympatico.ca is not an MX, so that's irrelevant to
everyone sending mail from the internet (outside sympatico).
ben@ben$ host -t mx sympatico.ca
sympatico.ca mail is handled by 5 toip6.bellnexxia.net.
sympatico.ca mail is handled by 5 toip7.bellnexxia.net.
sympatico.ca mail is handled by 5 toip8.bellnexxia.net.
sympatico.ca mail is handled by 5 toip1.bellnexxia.net.
sympatico.ca mail is handled by 5 toip2.bellnexxia.net.
sympatico.ca mail is handled by 5 toip3.bellnexxia.net.
sympatico.ca mail is handled by 5 toip4.bellnexxia.net.
sympatico.ca mail is handled by 5 toip5.bellnexxia.net.
ben@ben$ telnet toip6.bellnexxia.net smtp
Trying 209.226.175.174...
Connected to toip6.bellnexxia.net.
Escape character is '^]'.
220 toip6.bellnexxia.net ESMTP
helo bar
250 toip6.bellnexxia.net
mail from:<f...@zygoat.ca>
250 sender <f...@zygoat.ca> ok
rcpt to:<kljasdjklfjklweui...@sympatico.ca>
250 recipient <kljasdjklfjklweui...@sympatico.ca> ok
data
354 go ahead
Subject: bogus
fix your server
.
250 ok: Message 1854836444 accepted
quit
221 toip6.bellnexxia.net
Connection closed by foreign host.
ben@ben$
-ben
JF Mezei
> it seems to me that spammers use bounce/no bounce as a way to confirm
> the existance of a legitimate email address.
When is the last time that a spam message used a legitimate email
address in the From: (and more importantly, the MAIL FROM: which
generates the reply-path: used by the SMTP software to bounce messages) ????
If they use fake "From:" then no bounce will ever come back to them.
If they use a real "From:" then not only will bounce message get to
them, but so will police forces, lawyers etc.
JF Mezei
> rcpt to:<kljasdjklfjklweui...@sympatico.ca>
> 250 recipient <kljasdjklfjklweui...@sympatico.ca> ok
> data
This by itself doesn't mean that Sympatico doesn't work. Many SMTP
receivers don't have access to full corporate directory and only once
the message is received and passed onto the internal corporate servrers
can TO validation be made.
So just because the RCPT TO: command worked doesn't mean that the domain
won't generate a bounce message later on.
What it does mean thought is that by accepting this recipient with the
250 message, the sympatico servers took responsability to issue a non
delivery notification should that recipient fail at a later stage of delivery.
Ben Kennedy
JF Mezei <jfmezei...@teksavvy.com> wrote:
> So just because the RCPT TO: command worked doesn't mean that the domain
> won't generate a bounce message later on.
Okay, true. But I can add anecdotally that I sent a similar random
message from my real address yesterday, after the start of this thread,
and have yet to receive a bounce (not holding my breath).
GP
> In article <1113927250.a8561372606baa9e045c545e2b1d59c6@teranews>,
> JF Mezei <jfmezei...@teksavvy.com> wrote:
>
>
>>So just because the RCPT TO: command worked doesn't mean that the domain
>>won't generate a bounce message later on.
>
>
> Okay, true. But I can add anecdotally that I sent a similar random
> message from my real address yesterday, after the start of this thread,
> and have yet to receive a bounce (not holding my breath).
And what use would it be if you received one in 3 weeks? This
"corporate directory" argument is nonsense. Invalid recipient messages
should be sent within seconds.
I had a similar issue at Videotron a few years ago. Invalid recipient
messages were sent but Videotron's brave server kept trying and sent
the notification only days later. I was told this was normal procedure
and that I understood nothing to the email service. So I called the
media and, a few... weeks later -- resolving issues takes time with
Videotron! -- it seemed I understood the news service.
GP
Ben Kennedy
GP <gil...@inverse.nretla.org> wrote:
> And what use would it be if you received one in 3 weeks? This
> "corporate directory" argument is nonsense. Invalid recipient messages
> should be sent within seconds.
I agree.
Dragan Cvetkovic
> In article <116ae22...@corp.supernews.com>,
> GP <gil...@inverse.nretla.org> wrote:
>
>> And what use would it be if you received one in 3 weeks? This
>> "corporate directory" argument is nonsense. Invalid recipient messages
>> should be sent within seconds.
>
> I agree.
>
I am not sure I do. For example, a secondary SMTP server need only accept
email for a given domain. Otherwise, if you delegate a role of a backup
SMTP to e.g. your ISP provider (situation common to a lot of small
companies), you will need to send them a list of valid users. Besides,
checking if every username is valid is a very expensive operation ...
Sylvain Robitaille
> a secondary SMTP server need only accept email for a given domain.
True, but if the message is undeliverable, it is up to that mail server
to send back notification of such. Normally, in the case of temporary
failures (the primary mail server is unavailable, for example), the
sender would receive notification in about 4 hours that the message
still wasn't delivered but would be retried.
In the case that the secondary mail server is unable to deliver a
message because of a non-existent address, it would normally send back
the undeliverable notification almost immediately.
Sympatico's mail infrastructure is very likely quite complex, with
several levels before a message is truly "delivered". However, it's
also very likely that the information containing which email addresses
correspond to which customer accounts is already not kept on any one mail
server to begin with. It doesn't seem a stretch to me for the outward
facing mail servers to be able to return "user unknown" to an invalid
recipient address. That way they needn't worry about bounces.
Sylvain Robitaille
> This "corporate directory" argument is nonsense. Invalid recipient
> messages should be sent within seconds.
Agreed, on both counts, however the "corporate directory" argument
may still explain why the mail server is accepting the message for
the invalid recipient, rather than simply telling you "user unknown".
Once it accepts the message, however, it definitely _should_ be prepared
to let you know if that message is undeliverable, and the lack of such
notification can only be interpretted as a broken configuration.
Ben Kennedy
Dragan Cvetkovic <m...@privacy.net> wrote:
> I am not sure I do. For example, a secondary SMTP server need only accept
> email for a given domain. Otherwise, if you delegate a role of a backup
> SMTP to e.g. your ISP provider (situation common to a lot of small
> companies), you will need to send them a list of valid users.
Well, yeah, that would be the best solution.
At the least though, if a service is going to accept all mail for a
given domain, it better at least make an effort to send out non-delivery
reports.
>Besides,
> checking if every username is valid is a very expensive operation ...
I guess, but it has to be done eventually!
Mike Drechsler - SPAM PROTECTED EMAIL
> GP wrote:
>
>
>>This "corporate directory" argument is nonsense. Invalid recipient
>>messages should be sent within seconds.
>
>
> Agreed, on both counts, however the "corporate directory" argument
> may still explain why the mail server is accepting the message for
> the invalid recipient, rather than simply telling you "user unknown".
> Once it accepts the message, however, it definitely _should_ be prepared
> to let you know if that message is undeliverable, and the lack of such
> notification can only be interpretted as a broken configuration.
In the future (starting now) mail administrators should be using SPF to
prevent sending delivery notifications if the original message was not
sent from an authorized IP for that domain.
http://www.spamcop.net/fom-serve/cache/329.html#spf
> Q: Is there any way to mitigate the problem without entirely disabling auto-responses?
> A: Yes, due to recent attempts to "fix" the problem of forged email, there is. If you must continue to use an auto-responder, you can greatly increase it's accuracy (and perhaps avoid being blocked). Using this method, the auto-responder may not always respond to every legitimate email. It will respond to the vast majority, and it will send much less (although not zero) misdirected mail.
>
> To do this, your responder should use SPF and/or Domain Keys to verify the authenticity of the message being replied to. The details of these methods are beyond the scope of this FAQ, but here are a few notes about the proper implementation of SPF for auto-responders:
>
> If the SPF record is too broad, use only the explicitly listed IP ranges or mx fields.
> If the sending domain lacks an SPF record, accept mail only from the IP addresses listed as the domain's MXs (inbound mailservers). Large domains have mostly adopted SPF already. Smaller domains are likely to use the same servers for inbound and outbound mail.
> SPF is much more widely used, but Domain Keys is more reliable and error-proof. Most senders who use Domain Keys also use SPF (there is no disadvantage to using both). In short, implementing SPF checking will give you the most benefit with the least effort.
>
> Q: If I disable delayed bounces, won't I be vulnerable to a directory harvest attack?
>
> A: Yes. If you do nothing else to prevent harvest attacks, spammers will be able to more easily try many possible usernames to check which ones you accept mail for. There are other, better ways to mitigate this problem beyond the scope of this document (tarpitting). Sending delayed bounces to all and sundry is not a good way to prevent directory harvesting - it harms others and does not really prevent harvesting.
--
WARNING! Email address has been altered for spam resistance.
Please remove the -deletethispart-. section before replying directly.
Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)
JF Mezei
an email address is wrong is that it makes it harder for hackers to test
email adresses. (you have to wait for non-delivery notification).
Consider cases where the email address is a valid username. You don't
want hackers to test out username combinations.
The real trick is to have the receiver immediatly flag spam messages and
not push them up further and thus not bother with non delivery notifications.
Ben Kennedy
JF Mezei <jfmezei...@teksavvy.com> wrote:
> One advantage of not having the RCPT TO: immediatly return an error when
> an email address is wrong is that it makes it harder for hackers to test
> email adresses. (you have to wait for non-delivery notification).
The appropriate way of handling this is called a tarpit or teergrube
(google for it).
Courier server does this automatically; it's what I run on all my
machines.
Gabriel
jechouale gabriel $ hostx -t MX sympatico.ca
sympatico.ca MX 5 toip6.bellnexxia.net
sympatico.ca MX 5 toip7.bellnexxia.net
sympatico.ca MX 5 toip8.bellnexxia.net
sympatico.ca MX 5 toip1.bellnexxia.net
sympatico.ca MX 5 toip2.bellnexxia.net
sympatico.ca MX 5 toip3.bellnexxia.net
sympatico.ca MX 5 toip4.bellnexxia.net
sympatico.ca MX 5 toip5.bellnexxia.net
You Can take a look yourself
https://toip6.bellnexxia.net/login
Doing a quick search in google leads to this first hit
IronPortT - "The Leader in Email Security"
So is it IronPort or Sympatico?...mmm you make your own mind about that one.
-Gabriel
Mike Drechsler - SPAM PROTECTED EMAIL
<mike-newsgroup@-DELETETHISPART-.upcraft.com> wrote in message
news:8De9e.397472$za2....@news.easynews.com...
----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
GP
> Sympatico appears to be running "IronPort C60" as their mail servers.
>
> jechouale gabriel $ hostx -t MX sympatico.ca
> sympatico.ca MX 5 toip6.bellnexxia.net
> sympatico.ca MX 5 toip7.bellnexxia.net
> sympatico.ca MX 5 toip8.bellnexxia.net
> sympatico.ca MX 5 toip1.bellnexxia.net
> sympatico.ca MX 5 toip2.bellnexxia.net
> sympatico.ca MX 5 toip3.bellnexxia.net
> sympatico.ca MX 5 toip4.bellnexxia.net
> sympatico.ca MX 5 toip5.bellnexxia.net
>
> You Can take a look yourself
> https://toip6.bellnexxia.net/login
>
> Doing a quick search in google leads to this first hit
> IronPortT - "The Leader in Email Security"
If it's IronPort, it's Sympatico using IronPort. That's it, that's all.
GP
Geoffrey Welsh
> Now, if Sympatico does not provide postmaster responses for
> undeliverable messages, that is not correct. But I can see a reason
> for it: SPAM. Spammers generates hundreds of billions of messages,
> and it increases the load on the servers if Sympatico has to send
> back non delivery notifications to adresses that likely didn't even
> originate the messages since spammer use random adresses from lists
> in the "from".
Agreed... which is why _competent_ ISPs configure their front-end mail
servers to reject (i.e. refuse to accept) messages for any number of reasons
(including invalid recipient address) rather than accept them. No
backspatter to forged From: addresses. No workload associated with sending
non-delivery reports. Less(!) bandwidth utilization, because the message is
rejected before the body is transferred. Legitimate senders will receive
non-delivery reports from their outbound mail relays. Win-win-win-win...
which we all know better than to expect from Bell/Sympatico.
--
Geoffrey Welsh <Geoffrey [dot] Welsh [at] bigfoot [dot] com>
Ambidextrous? No, I said I'm ambinonscattous - I don't give a crap
either way!
Geoffrey Welsh
> (Vive le Canada!)
My Canada includes... corrupt politicians (whether I like it or not.)
Geoffrey Welsh
> Warren wrote:
>> it seems to me that spammers use bounce/no bounce as a way to confirm
>> the existance of a legitimate email address.
> That would require that the spammers usse a legitimate "envelope
> sender" address, which they invariably don't ...
Not necessarily. If the spammer is using software to send to your server
(usually proxied thorugh a hijacked broadband customer, but that's probably
irrelevant) then they can see that the recipient was rejected in their own
SMTP session, regardless of forged From: field or NDRs.
That said, spammers' techniques vary and no single scenario applies to all
of them.
Geoffrey Welsh
> This by itself doesn't mean that Sympatico doesn't work. Many SMTP
> receivers don't have access to full corporate directory and only once
> the message is received and passed onto the internal corporate
> servrers can TO validation be made.
That's not true if your front end is running Postfix, which can verify the
recipient address with the destination server before accepting the message.
(I only wish that I could figure out how to make Exchange 5.5 reject
undeliverable messages in stead of receiving them so I can use this feature
and stop maintaining a separate list of recipients on our Postfix front
end.)
JF Mezei
>
> Ben Kennedy wrote:
> > (Vive le Canada!)
>
> My Canada includes... corrupt politicians (whether I like it or not.)
The fact that the media are making such a big fuss about a harmless
political bribe is a sign of a very healthy democracy.
When you look to the south and see that there is no real opposition
(political or media) to major issues such as lying to go to war, war
crimes, torture, holding of hostages at Gantanamo, denying
constitutional legal rights to every person in the USA etc, what is
happening in Ottawa right now is very good, even though it is totally
insignificant in the grand scheme of things.
However, while the media are focusing on this silly issue, there are
real issues that shoudl be discussed. The government of canada has begun
to implement orwelian measures under pressure fronm the Bush regime,
such as collecting reservation data from all flights:
http://www.cic.gc.ca/english/visit/api.html
And now the biometric passport thing.
BTW, Ceasars Palace in Las Vegas will be outfitting all its rooms with
biometric locks. So not only will they be able to transmit all
reservation data to the US government (which they have already done on
multiple occasions) but also fingerprints of all guests.
Sylvain Robitaille
>>> it seems to me that spammers use bounce/no bounce as a way to confirm
>>> the existance of a legitimate email address.
>> That would require that the spammers usse a legitimate "envelope
>> sender" address, which they invariably don't ...
>
> Not necessarily. If the spammer is using software to send to your
> server (usually proxied thorugh a hijacked broadband customer, but
> that's probably irrelevant) then they can see that the recipient
> was rejected in their own SMTP session, regardless of forged From:
> field or NDRs.
That's completely opposite to the bounce/no-bounce scenario that was
proposed. In fact, what you're saying is that spammers could
potentially (and probably do) gather information about valid addresses
via the "dictionary attack" method. I don't see how the header From: or
envelope sender addresses have any bearing on this method. (there are
defenses against this method, but they're mostly of limited value, in my
opinion)
My point was that if spammers used bounces as a way to determine that
recipient addresses are no longer valid, as was suggested, they would have
to use a valid (to themselves) envelope sender to gather that information.
That doesn't seem very likely to happen.
I have no doubt that what you're proposing takes place all the time.
Sylvain Robitaille
>> ... Many SMTP receivers don't have access to full corporate directory
>> and only once the message is received and passed onto the internal
>> corporate servrers can TO validation be made.
>
> That's not true if your front end is running Postfix, ...
or other similarly equipped MTA configurations ...
--
----------------------------------------------------------------------
Sylvain Robitaille s...@alcor.concordia.ca
Systems analyst Concordia University
Geoffrey Welsh
> The fact that the media are making such a big fuss about a harmless
> political bribe is a sign of a very healthy democracy.
No infraction of the law is completely harmless, if only because it
contributes to a general (if downscale) prohibition-style disdain of the
law. "I'll hire your niece to work in my office if you hire my cousin to
work in yours" is a relatively harmless political bribe. Tens of millions
of taxpayers' dollars overbilled and kicked back to a political party is
harmful and intolerable, especially to those with the brains to realize
that, if a significant fraction of the ~$250 million sponsorship budget was
stolen, then it's a no-brainer to guess that a similar fraction of the
billion spent on the long gun registry (which was supposed to cost a few
million) and the billions unaccounted for at HRDC were similarly stolen.
And the
That's your money and mine, J-F... money which we didn't have to pay or
which could have been used to provide the services we expect the government
to provide in return for our tax money.
You can kiss your involuntary contribution to the Liberal party - and any
claim to a free democracy in this country - goodbye with a smile if you
like, but I will not and I hope that the same Canadians who re-elected the
Liberals after so many broken promises will see that this is an entirely
more important class of transgression.
> When you look to the south and see that there is no real opposition
> (political or media) to major issues such as lying to go to war, war
> crimes, torture, holding of hostages at Gantanamo, denying
> constitutional legal rights to every person in the USA etc,
<OT>
I don't believe that for a moment. I do believe that the Bush
administration and its henchmen are making spectacularly brilliant use of
9/11 to wrap their agenda in the flag and to stoke a mob mentality rallying
around their Commander in Chief. But there is opposition and, eventually,
it will become obvious to even the most uneducated redneck that Americans
are dying in Iraq and the government is throwing billions of sagging
American dollars at Iraq because their President pulled a bait and switch on
them, selling them Bush's hate-on for Iraq under the label of the war on
terrorism and justifying a costly and deadly invasion on accusations the
President hoped might be true.
Smarter Americans know that, despite Bush's directive not to let the
terrorists win by letting the attack change the American way of life, it is
the Bush administration who have undermined the one thing that makes America
stand out among democratic societies: its rabid defence of Americans' right
to freedom and privacy first committed to paper in a day when both the
average American and the existence of the nation itself were in far more
danger than they are today.
> what is happening in Ottawa right now is very good, even though it is
> totally
> insignificant in the grand scheme of things.
Nothing that you will ever do will be significant on that that scale,
either; now that I've pointed that out, I expect that you will no longer let
laws or morals guide any part of your life and call whatever you decide to
do "good", since it just doesn't matter. <grin>
JF Mezei
> work in yours" is a relatively harmless political bribe. Tens of millions
> of taxpayers' dollars overbilled and kicked back to a political party is
> harmful and intolerable, especially to those with the brains to realize
> that, if a significant fraction of the ~$250 million sponsorship budget was
> stolen,
While this sure looks and smells like corruption, the wasted amounts
didn't affect the way that you or I live. It didn't affect our
liberties, civil rights and didn't send peopole to prison just because
they look like an arab. And that si why I consider this whole
soponsorship story to be trivial. (but it is still wrong).
And I am happy that if a government can't get away with such a trivial
thing, that it shouldn't get away with more serious stuff.
Unfortunatly, Bush ahs pit trememdous pressure on the canadian
governbment to enact police state rules and there doesn't seem to be
much opposition to it, perhaps because canadians can't believe our
governmemt would allow such laws to be passed.
http://www.cic.gc.ca/english/visit/api.html
This even lies to the reader by stating that this orwelian policy
doesn't give the government anymore information than a customs agent
would see. Passengers records contain not only your flights, but your
credit card number, if you booked with anyone else, if there are other
itineraries oustide of canada in your reservation
(for instance, a round the world passenger going from Hong Kong to
Vancouver to Halifax to London to Afghanistan to Hong Kong). The customs
agent would only know or care about pax coming from Hong Kong. But hthe
PNR shows the whole itinerary. It also shows your meal preferences, when
you made the bookings, of you made any changes to it (and when) etc etc.
This is an extreme invasion of privacy.
And worse part is that while a customs agent might see your credit card
number if he looks at your airline ticket, he isn't going to write it
down on a computer. But the systematic computer captyure of the PNRs
lets a government then assocuate all orts of information about you, and
check all your purchases, monitor your movements etc. (eg: they will be
able to tell that you bought gas in Calgary on a specific date, and that
you stayed in a certain hotel at the same time as some terrorist suspect
and thus thgey can then wrongly accuse you of having ties to that
terrorist suspect, which has happened many times in the USA already).
And now, if the governmeht doesn't fight the Bush regime's demand that
all flights that overfly the USA seubmit full PNR records to the USA
regime, it means that Bush will know whenever you fly in Canada since
many routes do overfly US sairspace depending on winds (even Montreal-Toronto).
That isd FAR more important for a government to deal with than some
overblown corruption scandal. Let Gomery finish his report and when
done, then charge whomeever is resposible.
then it's a no-brainer to guess that a similar fraction of the
> billion spent on the long gun registry (which was supposed to cost a few
> million)
Yeah. Gun registry is a definite subsidy to some friends. That shouldn't
have been too hard to do. Heck, they could have used car registry
software to implement it on the same machines.
> like, but I will not and I hope that the same Canadians who re-elected the
> Liberals after so many broken promises will see that this is an entirely
> more important class of transgression.
The problem with politics is that ideological differences between
parties don't give an individual a choice of government. If you don't
support the ideology of the reform party (which calls itself
"Conservative" these days), then you can't really vote for reform even
if you think that the liberals have made mistakes. (Same thing in
Québec, if you are not a separatist, it is hard to vote PQ because you
disagree wioth their goals).
And in western canada, they also have no choice. They are genetically
incapable of voting liberal, so they are forced to vote for whatever
main opposition party exists even if it is against their own beliefs and values.
> around their Commander in Chief. But there is opposition and, eventually,
> it will become obvious to even the most uneducated redneck that Americans
Until the US media such as CNN and FOX start to be critical of Bush in a
serious way, those who refuse to believe that the USA has committed
atrocitieas and war crimes will continue to block reception of any
information to that effect. The Bush regime has been extreely succesful
in its brainwashing techniques and media self-censure.
Rumsfeld was more succesful than he could have hopes in portraying
France as an ennemy of americans for instance.
> are dying in Iraq and the government is throwing billions of sagging
> American dollars at Iraq because their President pulled a bait and switch on
The idiots re-elected the Bush regime despite the fact that he had
mismanaged the US government's budget and had racked up record deficits
and over 200 billion cost for its invasion of Iraq. (they asked for an
additional 87 billion this week btw, and nobody is making a big fuss
about it). In canada, a government might fall because of a few dozen
million being misspent. In the USA, the government was not only
re-elected, but re-elected with greater majority in moth house and
senate, givin the war criminals no opposition and can proceed with
permanent dfamage to alaska for instance.
> Smarter Americans know that, despite Bush's directive not to let the
The USA media kjhow that the smarter americans represent a minirity and
they need ratings to get revenus and thus shape their news to attract
viewers. The have lost their independance and no longer have a goal to
present news. Thet present what they think their viewers want to see.
And instead of focusing on corruption of the USA govt, they focus on
baseless accusatiosn of accusations of the UN and don't even bother
tasking US politicians to apoloogixze for their false accusatiosn when
reports come out that prove innocence of UN in all of the specific
accusations made by US politicians.
Madonna
> Agreed... which is why _competent_ ISPs configure their front-end mail
> servers to reject (i.e. refuse to accept) messages for any number of reasons
> (including invalid recipient address) rather than accept them. No
> backspatter to forged From: addresses. No workload associated with sending
> non-delivery reports.
Doing that, the spammer could send to aa...@sympatico.ca, aa...@sympatico.ca, aa...@sympatico.ca ...
and see immediately which are the valid recipients.
Ben Kennedy
Madonna <nos...@nospam.ca> wrote:
> Doing that, the spammer could send to aa...@sympatico.ca, aa...@sympatico.ca,
> aa...@sympatico.ca ...
> and see immediately which are the valid recipients.
As I said a few days ago, take a google for "tarpit" and "teergrube".
With a competent SMTP server, this problem is taken care of
automatically.
-ben