No implementation for shlwapi.dll.0(StrRetToBufA)

David Elliott dfe at infinite-internet.net
Tue Feb 13 00:39:21 CST 2001


Francois Gouget wrote:

> On Mon, 12 Feb 2001, Dan Kegel wrote:
>
> > Francois Gouget wrote:
> > >    But I'm not behind a modem. I'm behind a DSL so the above really
> > > doesn't matter much.
> >
> > Ah, but you don't have a static IP address, I bet.
> > It's much easier to track back spam to a static IP address,
> > so those addresses are much safer from being spam sources.
> > It's those dynamic IP addresses that let spammers hide.
>
>    How is forcing me to use my ISP's mail server going to help?
>    You'll get the ISP's IP address granted. But the 'From' field is
> going to be forged so the ISP will have no idea of who sent the mail.
>
>    The only way for them to find out is to look at the header and see
> from which IP address the mail originates. And this is going to be
> what? You guessed it, a dynamic IP address! Just like in the headers you
> get from me: they source is my dynamic IP address.
>

Yeah, but you also generated an entry in the mailservers log and I am sure they
are keeping track of their own dynamic IP assignments at specific times.  So
therefore it gives people one authority to bitch to for spam (the ISPs mail
server) and from their the ISP can take appropriate action.  It also means that
if there is tons of spam from the ISP then the ISPs mail server just needs to be
blocked since all the "dial-ups" already are.

>
>    So you're back to square one and you haven't gained anything.
>
>    Ok, I'm not an expert of spam tracing, but it seems to me that the
> best way to find its source is to do a whois and a traceroute on the
> originating IP address.
>

Ish.  Sometimes there are extra forged headers too.

>
> > >    It also seems to me that this leads to a system where dialup users
> > > are second rate internet citizens and have fewer rights than first rate
> > > citizens. So in this future if you're not an accredited corporation you
> > > would not have the right to connect to any computer but your ISP's
> > > servers which will then relay your traffic... for a fee, if they see
> > > fit...
> >
> > Well, sorry, but if you want to get rid of spam, we need to add some
> > primitive tracability features to the email system, and requiring a
> > static IP is part of that.
>
>    I'm not convinced about the static IP aspect. Even if it turns out to
> be necessary I still cannot swallow the way the MAPS DUL puts it:
> "...use the equipment you're authorized to use". This clearly implies
> I'm not allowed to connect to their email server. If that's so I really
> don't see why I would be allowed to connect to their Web server, or
> anonymous ftp server, ...
>    Then what's left of the Internet?
>

I thought of it more as "You are given a nice mailserver that has a very
permanent connection to the net and can be reached at all times.  Use the damn
thing."  I also have to say that using the DUL has saved me from many a spam
according to my logs   Every so often I get SPAM from a dial-up that is not
listed in the DUL and I encourage the ISP to add their dial-up pools to the DUL.

Now, your case would seem to be someone different since it's not like you can
really get a throwaway DSL/Cable connection as easily as a standard dial-up.
There is quite a bit of setup involved usually.  I know for cable they must send
a tech to your house, they do not allow self-installs, period.  So that also
solves the fake name/address problem.  Personally I would rather that the
DUL did not list DSL/Cable IP pools, or if they were in a seperate list.  But
I love the fact that the DUL lists most of the major dial-up pools.  Especially
consider that on a dial-up link you really can't reliably run your own mail
server and have almost no reason for doing so since your ISPs mail server is
there and you are authorized to use it.  On a DSL/Cable link you can conceivably
run your own outgoing mailserver, and even run an incoming one if you have a
static IP.  In fact, I probably save @Home a bit of cash by running my own
mailserver since it means I am not using resources on theirs, so I can't really
see the reason for DSL/Cable to want to put their IP pools in the DUL.  (BTW,
I have a static IP which is not listed in the DUL).

Oh well, this debate is getting kind of old.  You really ought to try using all
three MAPS lists and also report any spam that comes through anyway to maps and
to the ISPs/sysadmins/etc. involved.  You will be amazed at the decrease in
spam.  I used to have like 4 a day.  I get one every few days now (so like 2-4 a
week).  Every so often there is a burst of like 3 spams in a row from the same
dumbass but other than that it has been very effective and thus I support MAPS
and encourage others to do so as well.

-Dave





More information about the wine-devel mailing list