[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] TMDA

Subject: Re: [cobalt-users] TMDA
From: Jeff Lasman <blists@xxxxxxxxxxxxx>
Date: Sat Dec 13 21:00:01 2003
Organization: nobaloney.net
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

On Friday 12 December 2003 01:31 am, Pablo Jejcic wrote:

> Did anyone give a try to http://tmda.net/ ?
>
> I'm thinking of installing this on my Cobalt Qube3, but if anyone
> have negative thought I will not... ;)

While this particular implementation of challenge/response happens to 
have some interesting additional features, challenge/response is 
basically a flawed method for dealing with email, as it requires 
unknown senders to do something extra to get email to you.

For example, if you install this on your server, all your users will 
find their mailing list subscriptions will no longer work.  In fact 
many mailing lists now immediately automatically unsubscribe anyone who 
sends a challenge/response email, and if those emails get back to 
senders they generate a lot bad will.

Yes, you can set up tagged addresses so your mailing list email (for 
example) will get through, but unless you install tmda.cgi you'll have 
to manage this for all your users.

And if you do try to install tmda.cgi, note (from the documentation) 
that it only works as is on qmail servers.  The RaQ uses sendmail, not 
qmail.

In any event, even if you do get tmda.cgi working, your users will have 
to unsubscribe from, and resubscribe to, all their mailing lists, 
between the time you install tmda and the time they post to any list 
for the first time.

Not to mention the same problem occurring with every form-to-email page 
running on your server; they'll need to be changed as well, or you'll 
need to know of all of them, and create whitelist entries yourself.

One of my clients installed a challenge/response system for his main 
domain and didn't notice the problem with form-to-email until he'd lost 
a lot of business.

Jeff
-- 
Jeff Lasman, nobaloney.net, P. O. Box 52672, Riverside, CA  92517 US
Professional Internet Services & Support / Consulting / Colocation
Our blists address used on lists is for list email only
Phone +1 909 324-9706, or see: "http://www.nobaloney.net/contactus.html";

Follow-Ups:
- RE: [cobalt-users] TMDA
  - From: Pablo Jejcic
- [cobalt-users] Mysql Access
  - From: Pablo Jejcic
- Re: [cobalt-users] TMDA
  - From: Wayne

References:
- [cobalt-users] TMDA
  - From: Pablo Jejcic

Prev by Date: Re: [cobalt-users] Majordomo 552 errors
Next by Date: Re: [cobalt-users] Can someone point me to sendmail configuration I read here before...
Previous by thread: Re: [cobalt-users] Can someone point me to sendmail configuration I read here before...
Next by thread: RE: [cobalt-users] TMDA

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index