24 Aug 2003 dwmw2   » (Master)

The email flood seems to be fairly easily stemmed by a few simple rules.

First, don't accept mail without a Message-ID.
Second, don't let mailing lists accept bounce messages (i.e. messages with empty MAIL FROM:<>)
Third, enable sender verification callouts; also for recipients if your machine is MX backup for anyone.

There's been no vir{uses,ii} and only one 'bounce' get through to the linux-mtd list, and that one was because some vegetable managed to configure a virus checker to send its bounces as real messages instead of bounces -- either through cluelessness or in an attempt to add mail loops to the fun which is already being had by all. Abuse@upstream duly notified.

Eventually I'd like to see all mail cryptographically signed, with the public key available in the DNS for verification purposes.

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!