Capital Area Central Texas UNIX Society
CACTUS Newsletter

Volume 13, Number 12 - December 1997

Contents:


December 18th CACTUS Meeting


CACTUS Meeting Location: Applied Research Labs

CACTUS meets on the third Thursday of each month at the Applied Research Labs (ARL) in the JJ Jake Pickle Research Campus (JJ PRC). We'll meet in the main auditorium located directly behind the guard's desk and main lobby.

Please do not show up earlier than 6:20 pm on the specified day. Enter through the main entrance at 10000 Burnet Road for ARL:UT. Tell the guard that you are here for the CACTUS meeting. You will be required to sign a log book, but not required to wear a badge. The guards will direct you to the auditorium entrance. Limited parking in the front of the building is available, but more extensive parking is available in the large parking lot just north of the ARL building. After 6:30 pm, all entrances to JJ PRC, except for the Burnet Road entrance, are closed and locked. You can still enter the parking lot in front of the ARL building. No parking tags are necessary after 6:00 pm. See map for further details.

Online maps are available at:

As always, please leave the facility as you saw it when you arrived. So let's clean up all pizza and soda items before we leave. Thanks and hope to see all of you there.


Location for the Monthly CACTUS Meeting
Applied Research Laboratory

                                                     | |     ^
           <---- to MOPAC                            | |     |
                                                     | |     | North
                                                     | |     | to Braker Lane
                                      ---------------+ |
                                      -+ /-----------+ |
                                       | |           | |
                                       | +--------+  | |
                                       |  Parking |  | |
                                       |    Lot   |  | |
                                       +----------+  | |
                                                     | |
                              +------------+         | |
                              |            | +-------+ |
                              |            | |   +---+ |
                              |            | |   |   | | Rutland
                              |    ARL     | |   |   | +---------
                              |            | |   |   | +---------
                              |            | |   +---+ |
                              |            | +---+---+ |
                              +------------+         | |  |
                                                     | |  | South
                                                     | |  | to US 183
                                                     | |  v

October Meeting Report

by Luis Basto

This month we had about 28 people showed for the spammers talk. We had three speakers, Jack McKinney, Gil Kloepfer, and Chip Rosenthal each giving us a specific viewpoint as well as their experiences in dealing with the increasing bombardment of spam email.

Jack talks from the point of view of preventing the spammers from getting out. The major problem and advantage for spammers are mail relays. Spammers send their mail for free by relaying through other people's mail servers, instead of running their own which would be prohibitively expensive. They are also getting smarter where instead of blasting out thousands of messages at a time, they would send them in bundles of 99 or 100 to make them less noticeable.

Jack gave some suggestions for preventing email from ever getting out. This includes checking for valid A or MX records from the envelope sender's hostname, and enabling authorization in smtp.

When spam mail got out on the wire, the next best thing you can do is to stop them from entering your system. Gil, collaborating with Lenny Tropiano, has developed a blacklist which are rulesets to screen out spam mail. Details on it can be read from:

http://www.gc2.kloepfer.org/~gil/cactus.html

Chip and Paul Vixie are developing an elaborate system called MAPS: Mail Abuse Protection System. It combines Jack and Gil's approaches by protecting both the front and back ends.

Securing the front door is a major resource called the Realtime Blackhole List (RBL), which contains a comprehensive list of known email abusers. It lists them by IP addresses instead of domains and is available by either BGP4 or DNS.

Securing the back door is the anti-relay project. This includes active discussion with ISPs and other providers to eliminate open mail relay and also in system administration education.

You can find more detailed information from:

http://maps.vix.com

and

http://www.unicom.com

All in all, it appears that the strategy to combat email spamming is to disable relaying, blocking known violators with a blacklist, and making all system administrators aware of these resources to help them deal with spamming.

Don't forget that the January meeting will feature the election of officers. If you don't show up, you may be elected. Nicole German from Hummingbird will also talk about their PC X server.


Membership Report

by Luis Basto

Please welcome Pamela Hanes, Zach Wong as new members of CACTUS. We also want to thank Dave Carver and Bryan Harold for renewing their membership.

We are pleased to have Computer Task Group (CTG) renew their sponsorship. CTG is a professional recruiter for the information and systems services business with 50 offices in North America and Europe. The contact information is Kristi Brannon, (512) 502-0910, kbrannon [at] gw <dot> ctg <dot> com. Their web site is http://www.ctg.com.

Take a look at the label on your newsletter if you received one. The membership expiration date is supposed to be printed there but lately it has been missing. Send email to membership [at] cactus <dot> org or newsletter [at] cactus <dot> org if you don't see a date on your label.


Membership

To renew your membership, please send check or money order payable to CACTUS ($25/yr for regular membership and $96/yr for corporate sponsorship):

CACTUS
PO BOX 9786
AUSTIN, TX 78766-9786

You can also pay in person at the general meetings. The date on the upper right hand of the newsletter mailing label indicates when your membership expires. Please direct any inquiries or address changes to membership [at] cactus <dot> org.


CACTUS Officers


Contact Information


CACTUS Sponsors