[fw-wiz] Administrivia and "Which Firewall" stuff

From: Paul D. Robertson (proberts@patriot.net)
Date: 07/30/02 

From: "Paul D. Robertson" <proberts@patriot.net>
To: <firewall-wizards@honor.trusecure.com>
Date: Tue Jul 30 07:03:00 2002

[Feedback is best done off-list.]

Topics:

1. "Which firewall?"
2. Vacation messages
3. DSN notices
4. Mailing list settings/subscriptions
5. HTML and attachments
6. Content filters

1.

Generally, I loathe "which firewall" type questions, but the people on
this list have a lot of hands-on experience in significant environments,
therefore I'll allow the occasional one through- but the replies really
need to have a flavor of operational experience to them, or contain
some gem gleaned from experience, not just be opinionated rants[1].
Please try to keep that in mind- as well as the fact that rejected posts
aren't necessarily rejected for quality as much as for trying to not let
some of these threads degenerate or drag on past utility.

2.

It's still vacation/holiday time- if at all possible, please limit your
away messages to non-list traffic (mailing lists all have a "Precedence: bulk"
header, if you don't send to that, it's much better[2].

3.

If you're running a mail server and you've enabled Delivery Status
Notification [DSN] for delayed mail, please also look for a way to not
have that happen for either "Precedence: bulk" mail or
firewall-wizards-admin@honor.icsalabs.com -- I really don't need a
gazillion 30k messages telling me a posting's delivery to someone in your
company is delayed but there's no need to send it again. Personally, I
think this "feature" should be shot right behind FTP.

4,

If your mailbox fills up, gateway is unreachable, or something else causes
list mail to be bounced, the list software will set your status to
"Nomail"- if you suddenly stop recieving list mail, you can go to:

http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Scroll down to the bottom, put your address in the last input box and hit
"Edit Options" - this is also how to get a copy of your list password to
change the delivery options and unsubscribe [not that you should do that!]
You can also set your mode to "digest" to recieve multiple postings in a
single message instead of each individual message (helps if the volume is
getting to be too much.)

I'm trying to clean up the subscriber list, bounces, etc. If you get
weird bounces as a result of posting to the list, please forward them
to the administrative address (firewall-wizards-admin@honor.icsalabs.com)
and I'll take the appropriate action.

5.

Postings in HTML format will be rejected (this has always been the case)-
if you get a rejection for HTML, please just switch your client to do
plain text and resubmit your posting. The only attachments I'll generally
let through are GPG/PGP signatures- please try to put other things you'd
like people to see on a Web site somewhere and provide a link.

6.

I'd really appreciate it if people with content filters would apply the
DSN situation to those products as well. You're missing posts to the list
if you filter on mildly dirty words (including the one that sounds like
the thing that blocks a river to generate power,) names of executables, or
the existance of GPG signatures as attachments[3]. I don't mind if you
miss stuff, I don't particularly care to be notified of the fact that you
missed it.

We now return you to your regularly unscheduled list traffic...

Paul
[1] Yes, there have been opinionated rants in the stuff I've approved, but
it's been accompanied by some level of good data so far.
[2] http://www.infosecuritymag.com/2001/may/digest29.shtml#perspectives
for my take on having them enabled.
[3] All actual examples of messages I've gotten from content filters in
the last week.
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
proberts@patriot.net which may have no basis whatsoever in fact."
probertson@trusecure.com Director of Risk Assessment TruSecure Corporation

Relevant Pages

  • Re: Low priority MX matching primary MX to reduce spam?
    ... can be used to train your content filters. ... lists of legitimate non spamtrap email addresses. ... Such as when your legitimate machines' load ... negative net loss and at worst self defeating. ...
    (comp.mail.sendmail)
  • Re: Nested "filters" of a list
    ... so I've learned a bit about ComboBoxes and have managed to set up what ... Do you really need the selections to be on a separate worksheet? ... Once filled in all the filter criteria, you hit a "apply filters" ... "defined lists" whenever any of the selections change - ie you select ...
    (microsoft.public.excel.misc)
  • Re: OFFLINE ADDRESS BOOK SECURITY ISSUE
    ... The filters seem to work fine when I preview them ... The Outlook clients do not see any of the Address Lists under All ... OAB that they can access is restricted by ACL and only has one address ... GALs in order to secure off certain employees, ...
    (microsoft.public.exchange.admin)
  • Re: We should really change RSB to a moderated forum
    ... What would really help is if the two main news readers, MS and Netscape had the ability to make an exception list so people like Ratchet or Bob Keller could easily be excluded from the plonk lists. ... This means, for the main part, Russ is STUCK with FILTERLESS Google Groups ... They have a fairly short list of newsgroups on their server, and RSB (though ... register, myself, so I couldn't find any help about how to use the filters. ...
    (rec.sport.billiard)
  • Re: python desktop
    ... > David Fraser wrote: ... >>could you perhaps split the logicaldesktop.py into separate modules? ... (filtering the lists) ... The preferred method is to use the recent filters ...
    (comp.lang.python)