From mboxrd@z Thu Jan  1 00:00:00 1970
Message-ID: <10164dc26ad9444e5e4e4d99132c8ea5@felloff.net>
Date: Sat, 24 Sep 2016 01:31:19 +0200
From: cinap_lenrek@felloff.net
To: 9fans@9fans.net
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Subject: [9fans] upas/send -r
Topicbox-Message-UUID: a0be215c-ead9-11e9-9d60-3106f5b1d025

i'v been getting emails send to my mailserver for random
unknown accounts which produces bounce emails for the
unsuspecting victims in the reply-to header. thinking if
upas/send should reject mails instead when called from
smtpd to avoid the backscatter. patched my local version
so upas/send will never produce a bounce when passed the
-r flag and print "mail rejected: ...." to standard error
instead. this causes smtpd to return a 5.0.0 status.

are there good reasons not to do this in general?

--
cinap



From mboxrd@z Thu Jan  1 00:00:00 1970
Date: Fri, 23 Sep 2016 18:19:51 -0700
Message-ID: <60ebf215-a387-4a19-ad6a-14e8cb08c23c@email.android.com>
In-Reply-To: <10164dc26ad9444e5e4e4d99132c8ea5@felloff.net>
From: Erik Quanstrom <quanstro@quanstro.net>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
MIME-Version: 1.0
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: base64
Subject: Re: [9fans] upas/send -r
Topicbox-Message-UUID: a0c33f02-ead9-11e9-9d60-3106f5b1d025

PHAgZGlyPSJsdHIiPnRoYXQncyBhbiBpbnRlcmVzdGluZyB0b3BpYy4mIzE2MDsgSSBiZWxpZXZl
IHRoZSBiZXN0IGFwcHJvYWNoIGlzIHRvIHJlamVjdCB0aGUgaW5jb21pbmcgY29ubmVjdGlvbi4m
bmJzcDsgdGhlIGJ5cGFzcyBtb2RzIGFyZSBwcmV0dHkgZ29vZCBhdCByZWplY3RpbmcgYm9ndXMg
c2VuZHMgYnkganVzdCBlbmZvcmNpbmcgUkZDIHJ1bGVzIGZvciBoZWxvLjwvcD4KPHAgZGlyPSJs
dHIiPi0gZXJpazxicj4KPC9wPgo=




From mboxrd@z Thu Jan  1 00:00:00 1970
MIME-Version: 1.0
In-Reply-To: <60ebf215-a387-4a19-ad6a-14e8cb08c23c@email.android.com>
References: <10164dc26ad9444e5e4e4d99132c8ea5@felloff.net>
	<60ebf215-a387-4a19-ad6a-14e8cb08c23c@email.android.com>
From: Jules Merit <jules.merit.eurocorp.us@gmail.com>
Date: Fri, 23 Sep 2016 18:38:13 -0700
Message-ID: <CAEVxPTNbWrkxgr54BSEL6X+gNBmBieOT6BG5dxeTAg0aF6WBFg@mail.gmail.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Content-Type: multipart/alternative; boundary=94eb2c0892c8bee171053d36f265
Subject: Re: [9fans] upas/send -r
Topicbox-Message-UUID: a0c94e10-ead9-11e9-9d60-3106f5b1d025

--94eb2c0892c8bee171053d36f265
Content-Type: text/plain; charset=UTF-8

My cable company set my IP to my home address.  All sorts of MITM, spoofing.
eurocorp.us (68.111.201.89) EscondidoCounty 1829
There are 9fans in JadeHelm wargames.
I'm James Jake Niantic, .dk Orphilla.
(6:19)pm confirmed Erich, I ChKe

On Fri, Sep 23, 2016 at 6:19 PM, Erik Quanstrom <quanstro@quanstro.net>
wrote:

> that's an interesting topic.  I believe the best approach is to reject the
> incoming connection.  the bypass mods are pretty good at rejecting bogus
> sends by just enforcing RFC rules for helo.
>
> - erik
>

--94eb2c0892c8bee171053d36f265
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">My cable company set my IP to my home address.=C2=A0 All s=
orts of MITM, spoofing.<div><a href=3D"http://eurocorp.us">eurocorp.us</a> =
(68.111.201.89) EscondidoCounty 1829<br></div><div>There are 9fans in JadeH=
elm wargames.</div><div>I&#39;m James Jake Niantic, .dk Orphilla.</div><div=
>(6:19)pm confirmed Erich, I ChKe</div></div><div class=3D"gmail_extra"><br=
><div class=3D"gmail_quote">On Fri, Sep 23, 2016 at 6:19 PM, Erik Quanstrom=
 <span dir=3D"ltr">&lt;<a href=3D"mailto:quanstro@quanstro.net" target=3D"_=
blank">quanstro@quanstro.net</a>&gt;</span> wrote:<br><blockquote class=3D"=
gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-=
left:1ex"><p dir=3D"ltr">that&#39;s an interesting topic.=C2=A0 I believe t=
he best approach is to reject the incoming connection.=C2=A0 the bypass mod=
s are pretty good at rejecting bogus sends by just enforcing RFC rules for =
helo.</p><span class=3D"HOEnZb"><font color=3D"#888888">
<p dir=3D"ltr">- erik<br>
</p>
</font></span></blockquote></div><br></div>

--94eb2c0892c8bee171053d36f265--



From mboxrd@z Thu Jan  1 00:00:00 1970
From: erik quanstrom <quanstro@quanstro.net>
Date: Tue, 27 Sep 2016 20:08:33 -0700
To: 9fans@9fans.net
Message-ID: <4efaa7a085cf6219270cbec2771ef83b@mule>
In-Reply-To: <CAEVxPTNbWrkxgr54BSEL6X+gNBmBieOT6BG5dxeTAg0aF6WBFg@mail.gmail.com>
References: <10164dc26ad9444e5e4e4d99132c8ea5@felloff.net>
	<60ebf215-a387-4a19-ad6a-14e8cb08c23c@email.android.com>
	<CAEVxPTNbWrkxgr54BSEL6X+gNBmBieOT6BG5dxeTAg0aF6WBFg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Subject: Re: [9fans] upas/send -r
Topicbox-Message-UUID: a0e6ec54-ead9-11e9-9d60-3106f5b1d025

On Fri Sep 23 18:40:00 PDT 2016, jules.merit.eurocorp.us@gmail.com wrote:

> My cable company set my IP to my home address.  All sorts of MITM, spoofing.
> eurocorp.us (68.111.201.89) EscondidoCounty 1829
> There are 9fans in JadeHelm wargames.
> I'm James Jake Niantic, .dk Orphilla.
> (6:19)pm confirmed Erich, I ChKe
>
> On Fri, Sep 23, 2016 at 6:19 PM, Erik Quanstrom <quanstro@quanstro.net>
> wrote:
>
> > that's an interesting topic.  I believe the best approach is to reject the
> > incoming connection.  the bypass mods are pretty good at rejecting bogus
> > sends by just enforcing RFC rules for helo.

the rfc only requires that the helo be a valid dns name.  so you would not be filtered
based on spoofing, but you would be filtered if you said you were machine.local, as
many windows boxes do by default.

- erik