Received: (from ptownson@localhost) by massis.lcs.mit.edu (8.9.1/8.9.1) id CAA23291; Fri, 14 May 1999 02:16:03 -0400 (EDT) Date: Fri, 14 May 1999 02:16:03 -0400 (EDT) From: editor@telecom-digest.org Message-Id: <199905140616.CAA23291@massis.lcs.mit.edu> To: ptownson Subject: TELECOM Digest V19 #83 TELECOM Digest Fri, 14 May 99 02:16:00 EDT Volume 19 : Issue 83 Inside This Issue: Editor: Patrick A. Townson Some Information Required (Stavan Kadepurkar) Re: Unsolicited FAX Spamming (support@sellcom.com) Re: Unsolicited FAX Spamming (John McHarry) Re: Unsolicited FAX Spamming (Bill Levant) Re: Email and Newsgroup Similarities (Peter Corlett) Re: One Small Correction (Marc Schaefer) Re: "Internet Pioneers" (Marc Schaefer) Feds Make Bust in $45M Net Scam (Monty Solomon) Re: Last Laugh! FCC Goes Ooops (Andy Yee) TELECOM Digest is an electronic journal devoted mostly but not exclusively to telecommunications topics. It is circulated anywhere there is email, in addition to various telecom forums on a variety of networks such as Compuserve and America On Line, and other forums. It is also gatewayed to Usenet where it appears as the moderated newsgroup 'comp.dcom.telecom'. TELECOM Digest is a not-for-profit, mostly non-commercial educational service offered to the Internet by Patrick Townson. All the contents of the Digest are compilation-copywrited. You may reprint articles in some other media on an occassional basis, but please attribute my work and that of the original author. Contact information: Patrick Townson/TELECOM Digest Post Office Box 765 Junction City, KS 66441-0765 Phone: 415-520-9905 Email: editor@telecom-digest.org Subscribe/unsubscribe: subscriptions@telecom-digest.org This Digest is the oldest continuing e-journal on the Internet, having been founded in August, 1981 and published continuously since then. Our archives are available for your review/research. URL information: http://telecom-digest.org Anonymous FTP: hyperarchive.lcs.mit.edu/telecom-archives/archives (or use our mirror site: ftp.epix.net/pub/telecom-archives) Email <==> FTP: telecom-archives@telecom-digest.org Send a simple, one line note to that automated address for a help file on how to use the automatic retrieval system for archives files. You can get desired files in email. ************************************************************************* * TELECOM Digest is partially funded by a grant from the * * International Telecommunication Union (ITU) in Geneva, Switzerland * * under the aegis of its Telecom Information Exchange Services (TIES) * * project. Views expressed herein should not be construed as represent-* * ing views of the ITU. * ************************************************************************* In addition, a gift from Mike Sandman, Chicago's Telecom Expert has enabled me to replace some obsolete computer equipment and enter the 21st century sort of on schedule. His mail order telephone parts/supplies service based in the Chicago area has been widely recognized by Digest readers as a reliable and very inexpensive source of telecom-related equipment. Please request a free catalog today at http://www.sandman.com --------------------------------------------------------------- Finally, the Digest is funded by gifts from generous readers such as yourself who provide funding in amounts deemed appropriate. Your help is important and appreciated. A suggested donation of twenty dollars per year per reader is considered appropriate. See our address above. Please make at least a single donation to cover the cost of processing your name to the mailing list. All opinions expressed herein are deemed to be those of the author. Any organizations listed are for identification purposes only and messages should not be considered any official expression by the organization. ---------------------------------------------------------------------- From: Stavan Kadepurkar Reply-To: "stawan@metro1.com" Subject: Some Information Required Date: Thu, 13 May 1999 16:34:04 -0700 Organization: Metro One Telecommunication Hi Patrick, I desperately need some info on Feature Group D(FGD) also called equal access dialing plan. The info that I have is that the inbound string consists of 2 strings one the ANI and the other the DNIS plus other things like KP and II digits. Now what do the II digits stand for? What information do they contain . what can the carriers send through these digits? Please let me know if you have any pointers to where I can get information about this stuff. Stawan ------------------------------ From: support@sellcom.com Subject: Re: Unsolicited FAX Spamming Date: Fri, 14 May 1999 04:50:32 GMT Organization: www.sellcom.com Reply-To: support@sellcom.com jyoull@hotmail.com (Jim Youll) spake thusly and wrote: > Both made brilliant statements to me about how "their attorneys had > reviewed the law" and "as long as they removed my number when I asked > them, they hadn't violated Federal Law." When we get unsolicited FAXes we just FAX them right on over to a nice lady at the FCC. (They prefer that you call them first and then they will give you their FAX number). We don't seem to get as many as we used to ... Steve http://www.sellcom.com (Opinions expressed, though generally wise and accurate are not officially positions of SELLCOM) Cyclades / Siemens (May REBATE) / Y2K ODIU support / Zoom / Palmer Safes (Tech assistance provided without warranty express or implied) Check us out at http://www.thepubliceye.com ------------------------------ From: John McHarry Subject: Re: Unsolicited FAX Spamming Date: Thu, 13 May 1999 20:06:44 -0400 John R. Covert wrote: > But they were in Florida, which made things more difficult. I called > them up, and they told me that the calls were originating from England > in order to be exempt from U.S. law. > I am not sure that I believe that they are power-dialling every number > in the United States from England. On the other hand, they can probably > figure out whether there is a fax machine at the number they call within > about two UK message units, so maybe they are. I find it believable that they were calling from England. Since the collapse of the international settlement regime it might as well be the 52nd state. At least if you have a calling plan such as they could get. On the other hand, I doubt this gives them any immunity from US law since they are running it out of Florida. If I sent you a bomb via a foreign remailing service, I suspect my neck would break just fine. ------------------------------ From: Wlevant@aol.com (Bill Levant) Date: Thu, 13 May 1999 20:31:13 EDT Subject: Re: Unsolicited FAX Spamming > But they were in Florida, which made things more difficult. I called > them up, and they told me that the calls were originating from England > in order to be exempt from U.S. law. Well, sure, that's what they'd SAY. > What do other readers of the Digest think? > I had hoped they were in Massachusetts, because then I would have just > gone down to small claims court and requested the $500 ($1500 if the > court decides that the violation was knowing or willfull) that Title 47 > of the US Code allows. This reader thinks you ought to go down and file suit. Assuming that the Defendant has "minimum contacts" with Massachusetts (and spamming calls into the state might be enough) then the Court should have the power to make service of process anywhere in the country. I'd sue in Federal Court, though. The state court judges are less likely to be familiar with the new (Federal) law and less willing to enforce it. Besides, it's easier to transfer judgments from state to state in Federal Court. Yes, the filing fee is apt to be steeper ($150.00, IIRC), but you get to add it to your claim if you win. Bill (Yes, I'm a lawyer, but not in Massachusetts or Florida). ------------------------------ From: abuse@verrine.demon.co.uk (Peter Corlett) Subject: Re: Email and Newsgroup Similarities Date: 13 May 1999 19:48:51 GMT Organization: B13 C*b*l TELECOM Digest Editor wrote: [...] > Now please note carefully: if you do NOT want your mail to be piped > through someone's .forward file, i.e. handled by his filter- rules, etc > ... then you put a backslash in front of his name. [...] A backslash in > front of something always means deal with it just as written, ignoring any > user-created aliases locally or elsewhere which might have been put up for > handling that instruction. Not at this site it doesn't! Mail to backslashed addresses gets treated as-is by the delivery software here. I have a procmail script which filters and pipes and diddles mail around to organise them better. For example I pipe mailing lists into local moderated newsgroups so I can follow threads easier. Non directly-addressed mail gets dropped into a low-priority mailbox ... as does anything to a backslashed address. [...] > I have never tested to see if a backslash in front of a 'newsgroup mailbox > name' i.e. \some-nice-newsgroup@sitename would also serve to overthrow the > moderator flag, or ignore it and seat itself in the box anyway. I would > never want to screw up someone's moderated news- group in that way. Even > if it did, I doubt it would go any further than the local site since when > other sites came there to get the latest news to carry away with them > elsewhere the absence of the 'Approved-by' line would get them nervous. The backslashing would merely affect the delivery of the article to the moderator or moderation bot. Many of these use procmail to filter and forward articles - in this case dropping through to the "default" mailbox has the least desired result - the message lingers in /var/spool/mail never to be read. This also assumes that their mailserver doesn't bounce the message with "no such user" because there's a backslash in front of the address. There are easier ways to post to a moderated group without it being mailed to the moderation address. > So just remember, when your mail is important, and needs to reach the > recipient post-haste and get right to his attention, be sure to backslash > him to go right to his default mailbox on the system and ignore any > booby-traps he has set for you along the way, things that would cause your > valuable mail to be ignored or destroyed. The default mailbox isn't always the one that is read. Some procmail recipes filter out the interesting messages and then leave all the junk to fall through and be ignored. Anybody who has enough about them to set up .forward or procmail to customise mail delivery is probably trying to track mail than let it all pile up and languish in one place. Besides, if somebody wants to contact me *that* urgently, they have my mobile telephone number, or a handy little web form I knocked up that allows them to page me. Email is checked whenever I can be bothered to dial in, which can anything up to 60 hours between polls. ------------------------------ From: Marc Schaefer Subject: Re: One Small Correction Date: 13 May 1999 11:10:49 +0200 Organization: ALPHANET NF -- Not for profit telecom research TELECOM Digest Editor wrote: > sendmail like so much of the software which binds our virtual > community was written in a long-ago time when things were much, Yes. However nowadays's UNIX/sendmail has many anti-spamming rules (based on headers, ability to DNS resolve, ability to reject relaying, and also dynamic databases of known spammers or 'open servers' (MAPS, http://maps.vix.com/ or the more aggressive ORBS)). It works pretty well. This ensures a quite low spam volume (at this time around one per day, and I didn't enable the secondary MAPS yet, the ISP dialup blacklist), even when I post, regularly, on newsgroups and mailing-lists with my right mail address. And most of the spams aren't even sent to the mail server since the TCP connection is simply rejected. I just checked, DejaNews (http://www.dejanews.com) reports around a gazillon news articles with schaefer@alphanet.ch inside. I use this address since 1991. Now, on a related note, if you prefix a newsgroup moderation alias with \, in general this will return an error. The \ trick *only* works for UNIX accounts which may have a .forward file. One of the griefs against sendmail is the many tricks and address- flagging which have caused (sometimes security) bugs in the past. In fact, at the beginning, an internal address(*) (which could be a file to append to) could also be an external address. So you could append to any files on a remote system (but that's old) with a properly constructed recipient address. But it looks the \ leak hasn't been fixed yet. The only risk is that the mail piles up on the server (instead of, e.g. going to the new place), or that procmail filtering rules are bypassed. In both cases, presumably the mail will not be read or read much later, thus it's more an annoyance for the guy using the \ than the guy reading the mail :) There are alternatives to sendmail: there is qmail, a very fast and security-conscious software, Postfix (from IBM I think), and of courses the old GNU Smail package. They all support the concept of .forward files (well, at least quite closely), but at least presumably qmail doesn't have this ``feature''. All of the above, including sendmail, are open source. To my knowledge, both sendmail and Postfix have commercial support available. (*) the primary goal for the \ is the ability to forward the mail somewhere and keep a copy schaefer@somewhere.org, \schaefer One could object to this that sendmail could have, from the beginning on, detected loops like this: schaefer@somewhere.org, schaefer (in schaefer's .forward) and resolved them as a local copy. Infact, the version of sendmail I have (8.9.x) also works if you forget the \, thus making \ completely obsolete. Thus, the only remaining use of \ is backward compatibility. [TELECOM Digest Editor's Note: But I, for example, receive a great deal of mail -- all editorial mail -- in my default mailbox. Everything inbound to anything@telecom-digest.org or various aliases@lcs.mit.edu directed to ptownson hit my .forward file which says pipe it along to the Elm filter. (You can use Elm filter without using the rest of Elm if you wish). It then goes through a rather strong filtering, with various rules which examine 'if to' 'if from' 'subject' and a host of other things. I have about thirty rules, some of which divert that particular item into a box for its purpose such as additions/deletions and change of addresses to the mailing list. Other rules look for mail coming from postmasters, mailer-daemons, roots, and put those things a certain place. A script I wrote a few years ago is an 'intelligent autoreply', meaning the filter rules look at the incoming thing, try to decide what the person is writing about, and then divert it to one autoreply message or another, so that each person receives an approp- riate reply ... usually! (grin) ... Rob Slade sent me a book review one day which had the word 'subscribe' or 'subscription' or at least the string 'subscri' and got back an autoreply from me saying I would add him to the Digest mailing list ... (smile) ... but usually it works okay. Once the rules have weeded out all the postmasters, daemons, and such by replying or dropping them on the floor or whatever, then the rest is considered 'editorial' and mailed to my default mailbox. The only way I can get it via mail and not start an endless loop with the filter is by backslashing myself when I tell the rules 'now send it to me.' Here at LCS that works okay at present. At some places where I have accounts -- and at LCS until a couple versions of sendmail ago, the result doing that was it would remail to absolutely me, but put an extra bunch of header stuff at the top with a blank line between it and the first bunch of header info ... and that was a terrible mess to deal with when the stuff all gets put in the Digest-making script. Alternatively, I could just cat the stream >> usr/mail/ptownson taking care to add a blank line between items, have the required 'From ' and whatnot ... in other words put it in my default mailbox myself and the later pull it out through 'other side' when I was reading mail. This is sort of like at the 'real' post office where the clerk sticks mail in your box from one side, and later you show up with a key, open the box from the other side and take the mail out. In essence, you work both sides of the counter or mailbox. There are some definite problems with this however; it just is not, IMO, good practice to be postmaster and patron at the same time (smile). In my account, there are times the mail arrives so rapidly -- this was especially true in UUCP days when sendmail would sit quietly for quite awhile, then someone's UUCP load would show up and sendmail would hand me ten items within a two or three second period -- that at times, trying to put something in the box is going to 'crash' with another piece, resulting in two emails merged together, a few lines of one and a few lines of another, none of it making any sense. Even my filter rules and autoreplies would cause crashes like that if I did not identify the incoming stream as thing.$$, meaning process, so that two or more instances of my autoreply could be running at the same time harmoniously, without each trying to tamper with what the other instance was doing, etc. Where 'delivering my own mail' was concerned, the only way to avoid crashes of two files at one time was by saying to each instance as it came along, 'while lock then sleep 1', 'touch lock, drop mail, rm lock', move along let the next one in ... and each instance waits in line until it cannot see a lock any longer, then creates a lock to protect itself, drops its mail and takes it lock away. That works, mostly, but it still is not good practice. A user is never able to synch that process quite as well as sendmail can, and there would be times -- rarely -- when two instances would both try to establish lock at the same time, each drop their mail on the other one, then the first one to remove the lock would leave the second one there hanging, looking for a lock to remove that no longer was around. Maybe its answer was to establish lock and then walk away leaving it there; now the mail was stalled 'while lock then sleep' for ten hours or until the next day when I logged in and found one piece of mail in my box. I'd look at my directory, see that lock there from ten hours earlier, and 'rm' it .. .then sit there watching for the next couple minutes as fifty or a hundred pieces of mail would show up in my default box, one or two seconds apart. Now had sendmail been in charge, by ten hours later it would have been telling everyone -- sender, recipient, site postmaster -- that it had gotten itself stalled somehow and was unable to continue. It is best not to 'play postmaster' and deliver your own mail out of your filter rules, etc, but rather, give it to the mail software and tell him to deliver it --OR-- do not use your default box at all and manage to dispose of all the mail yourself in other user-created boxes somehow. My problem is I have always used my default mailbox as the drop point after sorting and filtering. To change it now I would have to rewrite a couple of scripts and change a dozen filter rules. Then it would get broken, I would get cranky, and you would get no issues of the Digest for a week while I sat here nervously trying to repair whatever had gone wrong. PAT] ------------------------------ From: Marc Schaeffer Subject: Re: "Internet Pioneers" Date: 13 May 1999 11:27:49 +0200 Organization: ALPHANET NF -- Not for profit telecom research Robert Eden wrote: > UUCP - (anyone update the maps lately?) Well, no, I don't think I updated them since 1991. However, UUCP is still alive, mainly as a leaf-node cheap transfer protocol (especially in countries where Internet access is not that cheap and where people still have some UNIX knowledge). However, some of my UUCP connections (most of the active remaining ones) go through the Internet over TCP. Also, I still transfer my news with UUCP: I still haven't found a way to compress news with bzip2 with NNTP :( schaefer:/usr/users/schaefer> uuname | wc -l 28 So, I still have 28 UUCP nodes. From them, there are 15 which are still active, it seems. Note that on UNIX software, we always use FQDN (Internet) addressing, never bang path (!). Some older software (e.g. UUPC on MS-* or OS/2) insists to use bang path, however. We do not use maps, we just have default routing to my server, which does Internet routing. We don't do any non local calls UUCP anymore. > FIDONET - BBS network... I still have 6 active FTN downlinks (2 nodes, 4 points in FTN terminology). It's going to die very soon, however, since the non UNIX software is not open source, and has Y2K compliancy problems. Moreover, BBS'es have been badly hit by the popularity of the Internet. FTN also has the notion of ``UUCP maps'' (they call it a FidoNet nodelist). I started doing FTN in 1993, and since then, I have not really used a nodelist. I just route the mail to my ``boss'' (higher in the FidoNet's hierarchy), applying the same logic as in UUCP. Again, some FTN connections go through the Internet. > AX.25 - Ham Radio.. (a better name escapes me) This is still active, too. ------------------------------ Date: Fri, 14 May 1999 00:04:35 -0400 From: Monty Solomon Subject: Feds Make Bust in $45M Net Scam http://www.computerworld.com/home/print.nsf/CWFlash/990510A51A http://www.labmed.umn.edu/%7Ejohn/ccfraud.html ------------------------------ From: address lost in transit (Andy Yee) Subject: Re: Last Laugh! FCC Goes Ooops Organization: Jasc Software, Inc. Date: Wed, 12 May 1999 16:01:31 GMT In article , Rtf_PJM@shsu.edu (Paul MacArthur) wrote: > Or maybe this should be brought up every time the FCC's attempts to > dictate what content is indecent. Amazing, Howard Stern gets fined > because a man plays the piano with his penis - on the radio!!! - and > we can't fine the FCC for spamming us with an indecent joke. > I love dictatorships!!! > Paul > [TELECOM Digest Editor's Note: Most governments and civil servants > consider themselves far above and superior to the people they > serve. The laws and regulations of various federal agencies never > apply to the agencies themselves. Does that answer your question? > I've been trying to think of a way Holy Water could be used as part > of Joy Howell's penance. Perhaps a bucket of it poured out on top > of her computer, and that of Stacy Mesa's to cleanse them of their > sins, although I am sure the computer had no idea it was saying > something shameful and profane. PAT] Why punish a computer for the mistakes of a human? :) Andy Yee Corporate E-Mail: See Above Software Engineer Coporate Web Page: http://www.jasc.com Jasc Software, Inc. Personal E-Mail: nde@yuck.net Personal Web Page: http://www.visi.com/~nde Question authority...and the authorities will question YOU! [TELECOM Digest Editor's Note: Why not punish the computer? We blame the internet for the ills in our society now, computers are part of the internet aren't they? Sometimes I come close to screwing up, myself ... (oh really?) ... Like the other day: I was reviewing the logs for http://telecom-digest.org and noticed that every single day, about 2:00 AM, I was getting hit repeatedly by one site, typically a couple hundred hits in one minute, then it would go away. Thinking it might be just some spammer out looking for names, I thought of a game I would play with it. You can redirect callers to different web pages based on their browser, and you can certainly lock out sites, domains, etc at will. So I decided I would prepare a 'special page' just for that guy when he came around every night. I would at the top of the regular page put in something to redirect him when I saw him coming to a page with just a single line of HTML in large -- maybe 'H5' bold print which said: WHAT ARE YOU LOOKING AT? WHY ARE YOU STARING AT ME THAT WAY? and then send him away. Or maybe I would prepare a special directory just for him: a directory entitled 'top secret' with several bogus files therein including 'hackers', 'crackers', 'child porn pictures', 'list of root passwords at major universities', 'warez', 'fraud calling card numbers that work' ... you know the sort of thing I mean. Then I got to looking a bit further, and saw that this very frequent visitor every day was coming from 18.something ... and that all the 18's or most of them are at some place in Massachusetts where they have an Institute of Technology and that all of the computers with 18 in their address accounted to a Mr. Jeffrey (someone) at that Institute of Technology and I thought to myself, what if that dude does not have a sense of humor? Hmmm ... then I found that the machine in question was called 'search.mit.edu' -- not part of LCS at all -- and was used to auto-update the website www.mit.edu on a daily basis where one feature is a search engine linked to a data- base called 'Other Web Sites We Operate' (at MIT). Clicking there not only reached my neighbor here on massis called 'hyperarchive' but it also displayed TELECOM Digest files as well, with a nice index of recent articles, etc. I was quite pleased to see such a nice display of this Digest at the MIT main website, but then I realized ... Oh dear ... and automated at that ... so had I gone through with my plan to install a 'top secret' directory just for it to look at, the next day MIT's web site would have had such interesting things as 'click here to see some top secret child porn', 'click over there to review our latest top secret warez', 'click below to get a top secret list of our root passwords and those of other universities' ... oh dear, indeed. And then the top executives and the trustees of MIT would begin receiving phone calls from the {Boston Globe} and other newspapers asking about the latest features at their web site. As I explained later to someone at LCS who reads this Digest frequently, under the circumstances, -- under the circumstances -- my only option would be to go into seclusion (in other words, try to hide) while the Sitting Ducks at LCS braced themselves for the worst. Stop laughing, it is *not* funny. I am glad I re-thought my plan to abuse the search engine which I had originally thought was a spam engine. And I bet you are glad also! :) So, search.mit.edu and the rest of you out there, I'll see you again tomorrow! PAT] ------------------------------ End of TELECOM Digest V19 #83 *****************************