From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <10164dc26ad9444e5e4e4d99132c8ea5@felloff.net> Date: Sat, 24 Sep 2016 01:31:19 +0200 From: cinap_lenrek@felloff.net To: 9fans@9fans.net MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: [9fans] upas/send -r Topicbox-Message-UUID: a0be215c-ead9-11e9-9d60-3106f5b1d025 i'v been getting emails send to my mailserver for random unknown accounts which produces bounce emails for the unsuspecting victims in the reply-to header. thinking if upas/send should reject mails instead when called from smtpd to avoid the backscatter. patched my local version so upas/send will never produce a bounce when passed the -r flag and print "mail rejected: ...." to standard error instead. this causes smtpd to return a 5.0.0 status. are there good reasons not to do this in general? -- cinap From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Fri, 23 Sep 2016 18:19:51 -0700 Message-ID: <60ebf215-a387-4a19-ad6a-14e8cb08c23c@email.android.com> In-Reply-To: <10164dc26ad9444e5e4e4d99132c8ea5@felloff.net> From: Erik Quanstrom To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> MIME-Version: 1.0 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: base64 Subject: Re: [9fans] upas/send -r Topicbox-Message-UUID: a0c33f02-ead9-11e9-9d60-3106f5b1d025 PHAgZGlyPSJsdHIiPnRoYXQncyBhbiBpbnRlcmVzdGluZyB0b3BpYy4mIzE2MDsgSSBiZWxpZXZl IHRoZSBiZXN0IGFwcHJvYWNoIGlzIHRvIHJlamVjdCB0aGUgaW5jb21pbmcgY29ubmVjdGlvbi4m bmJzcDsgdGhlIGJ5cGFzcyBtb2RzIGFyZSBwcmV0dHkgZ29vZCBhdCByZWplY3RpbmcgYm9ndXMg c2VuZHMgYnkganVzdCBlbmZvcmNpbmcgUkZDIHJ1bGVzIGZvciBoZWxvLjwvcD4KPHAgZGlyPSJs dHIiPi0gZXJpazxicj4KPC9wPgo= From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: <60ebf215-a387-4a19-ad6a-14e8cb08c23c@email.android.com> References: <10164dc26ad9444e5e4e4d99132c8ea5@felloff.net> <60ebf215-a387-4a19-ad6a-14e8cb08c23c@email.android.com> From: Jules Merit Date: Fri, 23 Sep 2016 18:38:13 -0700 Message-ID: To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: multipart/alternative; boundary=94eb2c0892c8bee171053d36f265 Subject: Re: [9fans] upas/send -r Topicbox-Message-UUID: a0c94e10-ead9-11e9-9d60-3106f5b1d025 --94eb2c0892c8bee171053d36f265 Content-Type: text/plain; charset=UTF-8 My cable company set my IP to my home address. All sorts of MITM, spoofing. eurocorp.us (68.111.201.89) EscondidoCounty 1829 There are 9fans in JadeHelm wargames. I'm James Jake Niantic, .dk Orphilla. (6:19)pm confirmed Erich, I ChKe On Fri, Sep 23, 2016 at 6:19 PM, Erik Quanstrom wrote: > that's an interesting topic. I believe the best approach is to reject the > incoming connection. the bypass mods are pretty good at rejecting bogus > sends by just enforcing RFC rules for helo. > > - erik > --94eb2c0892c8bee171053d36f265 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
My cable company set my IP to my home address.=C2=A0 All s= orts of MITM, spoofing.
eurocorp.us = (68.111.201.89) EscondidoCounty 1829
There are 9fans in JadeH= elm wargames.
I'm James Jake Niantic, .dk Orphilla.
(6:19)pm confirmed Erich, I ChKe
On Fri, Sep 23, 2016 at 6:19 PM, Erik Quanstrom= <quanstro@quanstro.net> wrote:

that's an interesting topic.=C2=A0 I believe t= he best approach is to reject the incoming connection.=C2=A0 the bypass mod= s are pretty good at rejecting bogus sends by just enforcing RFC rules for = helo.

- erik


--94eb2c0892c8bee171053d36f265-- From mboxrd@z Thu Jan 1 00:00:00 1970 From: erik quanstrom Date: Tue, 27 Sep 2016 20:08:33 -0700 To: 9fans@9fans.net Message-ID: <4efaa7a085cf6219270cbec2771ef83b@mule> In-Reply-To: References: <10164dc26ad9444e5e4e4d99132c8ea5@felloff.net> <60ebf215-a387-4a19-ad6a-14e8cb08c23c@email.android.com> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: Re: [9fans] upas/send -r Topicbox-Message-UUID: a0e6ec54-ead9-11e9-9d60-3106f5b1d025 On Fri Sep 23 18:40:00 PDT 2016, jules.merit.eurocorp.us@gmail.com wrote: > My cable company set my IP to my home address. All sorts of MITM, spoofing. > eurocorp.us (68.111.201.89) EscondidoCounty 1829 > There are 9fans in JadeHelm wargames. > I'm James Jake Niantic, .dk Orphilla. > (6:19)pm confirmed Erich, I ChKe > > On Fri, Sep 23, 2016 at 6:19 PM, Erik Quanstrom > wrote: > > > that's an interesting topic. I believe the best approach is to reject the > > incoming connection. the bypass mods are pretty good at rejecting bogus > > sends by just enforcing RFC rules for helo. the rfc only requires that the helo be a valid dns name. so you would not be filtered based on spoofing, but you would be filtered if you said you were machine.local, as many windows boxes do by default. - erik