From owner-freebsd-security Sat Dec 28 8:16:42 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A8DDD37B401; Sat, 28 Dec 2002 08:16:39 -0800 (PST) Received: from mtiwmhc13.worldnet.att.net (mtiwmhc13.worldnet.att.net [204.127.131.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 83A7A43ED8; Sat, 28 Dec 2002 08:16:38 -0800 (PST) (envelope-from htabak@quadtelecom.com) Received: from quadtelecom.com ([12.91.171.95]) by mtiwmhc13.worldnet.att.net (InterMail vM.5.01.05.12 201-253-122-126-112-20020820) with ESMTP id <20021228161631.DJUR20003.mtiwmhc13.worldnet.att.net@quadtelecom.com>; Sat, 28 Dec 2002 16:16:31 +0000 Message-ID: <3E0DCE46.30803@quadtelecom.com> Date: Sat, 28 Dec 2002 11:16:06 -0500 From: Harry Tabak Reply-To: htabak@quadtelecom.com Organization: Quad Telecom, Inc User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.1) Gecko/20020823 Netscape/7.0 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Chuck Rock , freebsd-questions@FreeBSD.ORG, security@FreeBSD.ORG Cc: Harry Tabak Subject: Re: Bystander shot by a spam filter. References: <3E0DC89D.3010203@quadtelecom.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > Subject: Re: Bystander shot by a spam filter. > Date: Sat, 28 Dec 2002 09:19:32 -0600 (CST) > From: Chuck Rock > To: Harry Tabak > CC: freebsd-questions@FreeBSD.ORG, security@FreeBSD.ORG > > There's not much you can do but what you already are doing. Complain. > > You complain to the people using the software, and if they can't > configure it, they will probably stop using it if they care. I know only one user, that is how I discovered the problem. I have no way of identifying other users. That frightens me. > > You complain to the people that actually wrote the software. Usually found > in the source code and such. Unfortunately, the author hasn't replied to my complaints yet. Possibly she has taken a holiday. > > You can try to complain to FreeBSD Ports, but removing this goes against > the very nature of "Open Source" Good or bad, there's not much to convince > people not to distribute a piece of software that's free and > open. There is a significant difference between this port and the others. My other ports at worst only harm the intended user when things go wrong. This port harms random and anonymous individuals. I don't believe that FreeBSD redistributes spamming software or list managers that don't provide the proper opt-in safeguards by default. I can't really stop the Spambouncer people from shouting "fire" from their own website -- freedom of speech and all that. But should FreeBSD act as an amplifier. > Everyone knows when they install these softwares that you do so at > your own risk. If your ISP is spending money to support problems caused by > it's use and they have control over it, they will probably stop using > it. Most ISP's care about expenses, so you can bet if it's not worth > using, they will eventually stop. > > If you have any capacity, you can attempt to fix the program, and submit > it to the author for distribution. This is how Open Source works. > I will be happy to fix it, the author may not like my philosophy. I believe in Free Speech and a working internet mail system. I would attempt to minimize "false positives", and require testing. But as I said earlier, the author doesn't respond. Even if the software is adjusted, it will be impossible to recall all the older versions. > If people would stop sending spam or harden their computers connected to > the Internet to keep from sending spam accidentally, there would be no > need for this software either. Might as well wish for world peace though. > amen. Unfortuately, good people are making a bad situation even worse by "hip-shooting". > Chuck To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message