SMT Disabled by Default in -current
I would walk 500 miles
And I would walk 500 more
But we use the metric system here
So in kilometers that's 804
An interesting question turns up via email, but my answer bounces in the exact way described in this article: https://bsdly.blogspot.com/2017/08/twenty-plus-years-on-smtp-callbacks-are.html - it appears that snakeoil is still considered a vitally important ingredient in Rube Goldberg 'antispam' contraptions.
It appears that my spamtraps have entered a canon of sorts. On our freshly configured imapd, this https://www.bsdly.net/~peter/20180509_imap-gropers.txt happened. Login attemps to spamtrap IDs, earning of course only a place in the permanent blocks (as described in https://bsdly.blogspot.no/2017/04/forcing-password-gropers-through.html)
So happy to hear that somebody appreciates root@$mymailserver's writing - https://home.nuug.no/~peter/20180508_wholesalersorb_adalinejehles71.txt but I would prefer they go read what https://bsdly.blogspot.com is actually about.
p2k18 Hackathon Report: Klemens Nanini on ports and pledges https://undeadly.org/cgi?action=article;sid=20180430061520
p2k18 Hackathon report: Marc Espie (espie@) on pkg_* and packages progress
p2k18 Hackathon report: Solene Rapenne (solene@) on joining the project, packages progress https://undeadly.org/cgi?action=article;sid=20180429101745
This somehow made it to my inbox - spam of course but with some real translation gems - as text with headers here, https://home.nuug.no/~peter/spam-and-scams/kontor_av_hodet.txt graphic preserved at https://home.nuug.no/~peter/spam-and-scams/kontor_av_hodet.png
I take log entries like
Apr 23 12:27:16 skapet sshd: Failed password for invalid user email@example.com from 22.214.171.124 port 38760 ssh2
as evidence that the "salting the mine, poisoning the well" (as outlined in https://www.bsdly.net/~peter/traplist_ethics.shtml) project is succeeding.
I suppose it takes a special kind of weird to be truly happy to see pop3 gropers auto-LART themselves by trying to read noreply's mail. This https://bsdly.blogspot.co.uk/2017/04/forcing-password-gropers-through.html from last year explains it all, and it's still happening. Nothing to add, I'm just happy to see the setup works.
Don't worry, that was not a creative explosion happening over at bsdly.blogspot.com.
Only me making bad formatting of old posts slightly less awful. But do come read anyway :)
While looking for something else in my webserver logs I notice that there are several hosts that try to fetch the hourly traplist dumps https://www.bsdly.net/~peter/bsdly.net.traplist but via http and ignoring the redirect to https. Both sites (bsdly and nuug) now force https, update your setups!
MAP_STACK Stack Register Checking Committed to -current https://undeadly.org/cgi?action=article;sid=20180413065457
Looking at the SSH bruteforcers (password guesssing) by country data so far this month it looks like RU has overtaken CN for the first time in a while. Is this a trend? Anybody else looking at this angle, I would like to hear from you!