Обсуждение: Anyone want to admit to being presinet.com?

And if so, would you mind stopping your mail system from regurgitating
copies of pghackers traffic?  It's especially bad that you're sending
the stuff with a fraudulent envelope From, ie, one not pointing back
at yourself.

Feb 13 16:55:12 sss2 sm-mta[5221]: k1DLtBSE005221: from=<pgsql-hackers-owner@postgresql.org>, size=3848, class=-60,
nrcpts=1,msgid=<05d901c630e7$94309bb0$02010a0a@PRESINET.local>, proto=ESMTP, daemon=MTA, relay=mail.presinet.com
[209.53.156.1]
        regards, tom lane


------- Forwarded Message

Return-Path: pgsql-hackers-owner@postgresql.org
Delivery-Date: Mon Feb 13 16:55:12 2006
Received: from presinet.com (mail.presinet.com [209.53.156.1])by sss.pgh.pa.us (8.13.1/8.13.1) with ESMTP id
k1DLtBSE005221for<tgl@sss.pgh.pa.us>; Mon, 13 Feb 2006 16:55:11 -0500 (EST)
 
Received: from mail pickup service by presinet.com with Microsoft SMTPSVC; Mon, 13 Feb 2006 13:51:01 -0800
PureMessageGuid: {E36E9D67-EA8E-4442-967E-4498D1B5B218}
thread-index: AcYw3I3TqJS4sUupQgat6sCKlhTSRQ==
X-Original-To: pgsql-hackers-postgresql.org@localhost.postgresql.org
X-Greylist: domain auto-whitelisted by SQLgrey-
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;        s=beta; d=gmail.com;
h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;

b=icR9BrBytqB8dsAOy5PPJzcfCHQZHPUbun6svoYP1+38ySIlmhOInNmPyDSuRIWHsQF3yQmiCI2FyUCMV0yuethFeV6IlgoVO+ZQOCvmh8AZLYjGeVNwkXMGtd0hqeswX9ULnEOIyDyZI3nOy9YI/9LGiajHGfkEm4M7mnBop84=
Message-ID: <05d901c630e7$94309bb0$02010a0a@PRESINET.local>
Date: Mon, 13 Feb 2006 13:51:00 -0800
From: "Gregory Maxwell" <gmaxwell@gmail.com>
X-Mailer: Microsoft CDO for Exchange 2000
To: "Joshua D. Drake" <jd@commandprompt.com>
Subject: Re: [HACKERS] Why don't we allow DNS names in pg_hba.conf?
Content-Class: urn:content-classes:message
Importance: normal
Cc: "Tom Lane" <tgl@sss.pgh.pa.us>, "Andrew Dunstan" <andrew@dunslane.net>,       "Mark Woodward"
<pgsql@mohawksoft.com>,      "Bruce Momjian" <pgman@candle.pha.pa.us>, <mark@mark.mielke.cc>,       "Euler Taveira de
Oliveira"<eulerto@yahoo.com.br>,       "Jim C. Nasby" <jnasby@pervasive.com>,       "Andreas Pflug"
<pgadmin@pse-consulting.de>,      "Marc G. Fournier" <scrappy@postgresql.org>,       <pgsql-hackers@postgresql.org>
 
Priority: normal
In-Reply-To: <43F0EC2D.3090302@commandprompt.com>
MIME-Version: 1.0
Content-Type: text/plain;charset="ISO-8859-1"
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
Content-Disposition: inline
References: <18463.1136312512@sss.pgh.pa.us> <43F09F12.8060800@dunslane.net>
<16763.24.91.171.78.1139845497.squirrel@mail.mohawksoft.com><43F0A61F.7000503@dunslane.net>
<16641.24.91.171.78.1139849868.squirrel@mail.mohawksoft.com><43F0B9D3.7010606@dunslane.net>
<16562.24.91.171.78.1139859518.squirrel@mail.mohawksoft.com><43F0E6ED.5030906@dunslane.net>
<4101.1139862090@sss.pgh.pa.us><43F0EC2D.3090302@commandprompt.com>
 
X-Virus-Scanned: by amavisd-new at hub.org
X-Spam-Status: No, score=0.027 required=5 tests=[AWL=0.027]
X-Spam-Score: 0.027
X-Spam-Level: 
X-Mailing-List: pgsql-hackers
List-Archive: <http://archives.postgresql.org/pgsql-hackers>
List-Help: <mailto:majordomo@postgresql.org?body=help>
List-Id: <pgsql-hackers.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@postgresql.org>
List-Post: <mailto:pgsql-hackers@postgresql.org>
List-Subscribe: <mailto:majordomo@postgresql.org?body=sub%20pgsql-hackers>
List-Unsubscribe: <mailto:majordomo@postgresql.org?body=unsub%20pgsql-hackers>
Precedence: bulk
Sender: <pgsql-hackers-owner@postgresql.org>
X-unconfigured-debian-site-MailScanner: Found to be clean
X-unconfigured-debian-site-MailScanner-From: pgsql-hackers-owner+m79690@postgresql.org
X-OriginalArrivalTime: 13 Feb 2006 20:32:05.0609 (UTC) FILETIME=[8DC53D90:01C630DC]
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by sss.pgh.pa.us id k1DLtBSE005221

On 2/13/06, Joshua D. Drake <jd@commandprompt.com> wrote:
> Well as one of the people that deploys and managees many, many
> postgresql installations I can say I have never run into the need to
> have dns names and the thought of dns names honestly seems silly. It
> will increase overhead and dependencies that I just wouldn't want in my
> installations.

It is not uncommon for an environment that has already suffered
through one forced renumbering to forbid the use of hard set IPs in
application software.

With IPv6 we will just see more and more of that.

---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?
              http://www.postgresql.org/docs/faq

------- End of Forwarded Message

Tom,

> And if so, would you mind stopping your mail system from regurgitating
> copies of pghackers traffic?  It's especially bad that you're sending
> the stuff with a fraudulent envelope From, ie, one not pointing back
> at yourself.

The really amusing thing is that presinet.com claim to be "Network Security
Experts".

--
--Josh

Josh Berkus
Aglio Database Solutions
San Francisco

Tom Lane wrote:
> And if so, would you mind stopping your mail system from regurgitating
> copies of pghackers traffic?  It's especially bad that you're sending
> the stuff with a fraudulent envelope From, ie, one not pointing back
> at yourself.
> 

That would be me. I've notified one of our admins about the problem. It 
appears we are testing some new software on our mail system, and 
obviously there is a misconfiguration.

Thanks for the heads-up, and sorry about the noise.

Where did you see the emails? In this list? I haven't seen any show up 
here, or I would have gotten on this earlier.

Bricklen Anderson <banderson@presinet.com> writes:
> Where did you see the emails? In this list? I haven't seen any show up 
> here, or I would have gotten on this earlier.

No, delivered to me personally, as you can see from the headers.  It
just started recently --- I've only gotten two so far.
        regards, tom lane

On Monday 13 February 2006 14:27, Josh Berkus wrote:
> Tom,
>
> > And if so, would you mind stopping your mail system from regurgitating
> > copies of pghackers traffic?  It's especially bad that you're sending
> > the stuff with a fraudulent envelope From, ie, one not pointing back
> > at yourself.
>
> The really amusing thing is that presinet.com claim to be "Network Security
> Experts".

Security through effective banning of incoming mail......  At least they don't
claim to be email delevery experts ;-)

--
Darcy Buskermolen
Wavefire Technologies Corp.

http://www.wavefire.com
ph: 250.717.0200
fx: 250.763.1759

Darcy Buskermolen wrote:
> On Monday 13 February 2006 14:27, Josh Berkus wrote:
> 
>>Tom,
>>
>>
>>>And if so, would you mind stopping your mail system from regurgitating
>>>copies of pghackers traffic?  It's especially bad that you're sending
>>>the stuff with a fraudulent envelope From, ie, one not pointing back
>>>at yourself.
>>
>>The really amusing thing is that presinet.com claim to be "Network Security
>>Experts".
> 
> 
> Security through effective banning of incoming mail......  At least they don't 
> claim to be email delevery experts ;-)
> 
Ironic, isn't it? :)

It turns out it was one of our admins manually (and erroneously) 
forwarding on a couple emails that he noticed were caught in one of the 
spam filters.