From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dave@taht.net>
Received: from mail.taht.net (mail.taht.net
 [IPv6:2a01:7e00::f03c:91ff:feae:7028])
 by lists.bufferbloat.net (Postfix) with ESMTPS id 6DD903B2A2
 for <bloat@lists.bufferbloat.net>; Mon,  4 Jan 2016 19:27:34 -0500 (EST)
Received: from dair-871.lorna-side.hm.taht.net
 (c-73-252-201-217.hsd1.ca.comcast.net [73.252.201.217])
 by mail.taht.net (Postfix) with ESMTPSA id E057321ECF;
 Tue,  5 Jan 2016 00:27:31 +0000 (UTC)
To: Stephen Hemminger <stephen@networkplumber.org>
References: <568B025D.70808@taht.net> <20160104161025.3861dbc5@xeon-e3>
Cc: bloat@lists.bufferbloat.net
From: =?UTF-8?Q?Dave_T=c3=a4ht?= <dave@taht.net>
X-Enigmail-Draft-Status: N1110
Message-ID: <568B0E92.3060200@taht.net>
Date: Mon, 4 Jan 2016 16:30:10 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:38.0)
 Gecko/20100101 Thunderbird/38.5.0
MIME-Version: 1.0
In-Reply-To: <20160104161025.3861dbc5@xeon-e3>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 8bit
Subject: Re: [Bloat] bufferbloat email list server upgrade going slow and
 badly
X-BeenThere: bloat@lists.bufferbloat.net
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: General list for discussing Bufferbloat <bloat.lists.bufferbloat.net>
List-Unsubscribe: <https://lists.bufferbloat.net/options/bloat>,
 <mailto:bloat-request@lists.bufferbloat.net?subject=unsubscribe>
List-Archive: <https://lists.bufferbloat.net/pipermail/bloat>
List-Post: <mailto:bloat@lists.bufferbloat.net>
List-Help: <mailto:bloat-request@lists.bufferbloat.net?subject=help>
List-Subscribe: <https://lists.bufferbloat.net/listinfo/bloat>,
 <mailto:bloat-request@lists.bufferbloat.net?subject=subscribe>
X-List-Received-Date: Tue, 05 Jan 2016 00:27:34 -0000



On 1/4/16 4:10 PM, Stephen Hemminger wrote:

> Talk to davem, maybe kernel.org would be safer/better more robust?

Damned if I know - vger is one of my problems that I'd wanted to solve
with this move 1) my old anti-spam setup made him crazy - now fixed -
and 2) vger doesn't use starttls. I'd so hoped that after 10+ years of
availability it was basically on universally, and in the post CISA world
we could put at least this portion of the middle finger up.

for now, for accepting email, (and while I sort out
other stuff) I have postfix being strict about what it accepts, and
liberal about what it sends.

smtp_tls_security_level=may
smtpd_tls_security_level=encrypt

Only 38 out of 532 email addresses on the bloat list are refusing
starttls. The instant anti-spam improvement of making tls mandatory for
email was pretty amazing...

The ongoing mailman subscribe attack looks to have been going on for
months and must be targetted at a metric ton of mailman servers.

It's only hitting three users at google, but

whoever+somerandomnumber is something I need to teach mailman to sort
out. These are the users getting the subscribe spam.

kemo.mart+67292312@gmail.com
kezukaya+93690766@gmail.com
touma3108+42493211@gmail.com

On my more paranoid days I'd think this was an attempt at a known
plaintext attack...

and, alas, poor linode: http://status.linode.com