Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!eweka.nl!lightspeed.eweka.nl!194.109.133.83.MISMATCH!newsfeed.xs4all.nl!newsfeed4.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
MIME-Version: 1.0
In-Reply-To: <CAPTjJmp6He+TOr2RiLAW8ZyPvG4Bn3y884psiRFVop9ZG+ZByg@mail.gmail.com>
References: <l1jqjt$16e$1@dont-email.me> <mailman.221.1379758290.18130.python-list@python.org> <l1jrkv$5mi$1@dont-email.me> <CAPTjJmp6He+TOr2RiLAW8ZyPvG4Bn3y884psiRFVop9ZG+ZByg@mail.gmail.com>
Date: Sat, 21 Sep 2013 12:09:53 -0400
Subject: Re: How to send an anonymous mail via Python script
From: Joel Goldstick <joel.goldstick@gmail.com>
To: Chris Angelico <rosuav@gmail.com>
Content-Type: multipart/alternative; boundary=001a1133225278a8ff04e6e70472
Cc: "python-list@python.org" <python-list@python.org>
Precedence: list
Newsgroups: comp.lang.python
Message-ID: <mailman.228.1379779797.18130.python-list@python.org>
Lines: 249
NNTP-Posting-Host: 2001:888:2000:d::a6
Xref: csiph.com comp.lang.python:54558

--001a1133225278a8ff04e6e70472
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On Sat, Sep 21, 2013 at 6:41 AM, Chris Angelico <rosuav@gmail.com> wrote:

> On Sat, Sep 21, 2013 at 8:15 PM, =CE=9D=CE=AF=CE=BA=CE=BF=CF=82 <nikos.gr=
33k@gmail.com> wrote:
> > On 21/9/2013 1:04 =CE=BC=CE=BC, Chris Angelico wrote:
> >>
> >> On Sat, Sep 21, 2013 at 7:58 PM, =CE=9D=CE=AF=CE=BA=CE=BF=CF=82 <nikos=
.gr33k@gmail.com> wrote:
> >>>
> >>> Can you please tell me what alternation must be made in order to send
> >>> this
> >>> anonymously?
> >>>
> >>> that is my question. There must be a way.
>

Nikos, stop!  There very well may be a way to send spam.  But you need to
understand internet infrastructure, and be more clever than the many people
who do understand the internet infrastructure and don't want to read spam.
You can't do this because, as you have professed in other endless trolling
threads,  you don't like to read or study, you like people to give you
answers.  To me, that is the definition of laziness.  The second reason you
can't do this may be that you just don't want to do any of the things you
ask here.  Evidence of this would be that you repeat the same questions
over and over, ignore the answers, quote other's as supporting your
ruefully annoying wining, and then start a new thread just like the old
thread with one of your many email aliases.  That is the definition of a
troll.

This list is very informative when you disappear for a while.  If your
purpose is to single handedly degrade the experience of dozens of people
with interesting questions, and volunteers who guide and teach others, well
nice job.  If by chance you are just an unfortunate soul with such large
gaps in your self understanding of how rude your behavior here is, you
should know that you are rude. So, stop it




> >>
> >>
> >> No, there isn't. The nearest you could come to anonymous mail would be
> >> sending via a botnet (to hide your IP address) and forging the from
> >> address. So unless you *want* your mail to be flagged as spam and
> >> detested by the entire world, NO THERE IS NO WAY to send it
> >> anonymously.
> >>
> >> ChrisA
> >>
> > How about an anonymous remailer then?
>
> I'm going to spell this out for the benefit of anyone else who's
> reading this, because I know Nikos won't take any notice. This is a
> gross oversimplification, but I'm trying to condense everything into a
> single email.
>
> The internet can't be built on certainties, so it's built on trust.
> Especially with the detection of spam, it's mainly a matter of trust -
> trusting the sending computer, trusting the sending domain, and
> trusting that the email in question really was sent by that domain.
> Most anti-spam measures are aimed at one of those - for instance, SPF
> is all about demonstrating that the sending computer belongs to the
> sending domain, and DKIM is about matching the contents of the email
> to its domain. The receiving MTA has to decide: Do I trust this sender
> enough to accept this email, or will I reject it? As an example, my
> own mail server checks a lot of things, including:
> * How well the sender complies with the SMTP specification (if you
> can't get protocol right, I don't want to talk to you; if you
> deliberately violate protocol to try to conceal yourself, I definitely
> don't want to talk to you)
> * Whether the hostname and IP address match
> * Whether the reverse DNS for the IP address has four numbers in it (a
> common indication of home senders -
> c122-107-147-136.eburwd5.vic.optusnet.com.au looks like a home user);
> this doesn't prevent mail delivery, but it's marked down
> * The SPF record for the sending domain, if it has one
> * Certain source or destination addresses that have been blacklisted
> * Bayesian similarity to emails previously marked as spam
> * A few other details that I won't discuss in public, so you can't
> game the system and send me a pile of spam :)
>
> Some of these checks are "below the waterline" requirements - for
> instance, if you don't say HELO or EHLO at the beginning of your SMTP
> request, I'm not going to accept any mail from you. Others are "above
> the waterline" - I'll still take the mail, but it's more likely to go
> in the junk folder, because I don't trust you that much.
>
> Violating the internet's standards will often mean your mail gets
> rejected. There's a reason for that; trying to hide is usually a bad
> idea. Be honest; establish a domain and a (small) set of IP addresses
> that send its mail, and you can build up a record of trust ("Every
> message I've ever seen from foo.example.com (IP address 203.0.113.54
> as per its SPF record) has been accepted by my users as legitimate, so
> I'm going to assume that this one, from the same domain and IP, is
> legit"). It's not even all that hard to do - just deploy one of the
> well-known mail servers like exim or Postfix, set up an SPF record
> (not actually necessary, but it's so easy and can help so much that I
> think everyone should do it), and let the rest take care of itself.
>
> ChrisA
> --
> https://mail.python.org/mailman/listinfo/python-list
>



--=20
Joel Goldstick
http://joelgoldstick.com

--001a1133225278a8ff04e6e70472
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On Sat, Sep 21, 2013 at 6:41 AM, Chris Angelico <span dir=3D"ltr">&=
lt;<a href=3D"mailto:rosuav@gmail.com" target=3D"_blank">rosuav@gmail.com</=
a>&gt;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"HOEnZb"><div class=3D"h5">On S=
at, Sep 21, 2013 at 8:15 PM, =CE=9D=CE=AF=CE=BA=CE=BF=CF=82 &lt;<a href=3D"=
mailto:nikos.gr33k@gmail.com">nikos.gr33k@gmail.com</a>&gt; wrote:<br>

&gt; On 21/9/2013 1:04 =CE=BC=CE=BC, Chris Angelico wrote:<br>
&gt;&gt;<br>
&gt;&gt; On Sat, Sep 21, 2013 at 7:58 PM, =CE=9D=CE=AF=CE=BA=CE=BF=CF=82 &l=
t;<a href=3D"mailto:nikos.gr33k@gmail.com">nikos.gr33k@gmail.com</a>&gt; wr=
ote:<br>
&gt;&gt;&gt;<br>
&gt;&gt;&gt; Can you please tell me what alternation must be made in order =
to send<br>
&gt;&gt;&gt; this<br>
&gt;&gt;&gt; anonymously?<br>
&gt;&gt;&gt;<br>
&gt;&gt;&gt; that is my question. There must be a way.<br></div></div></blo=
ckquote><div><br></div><div>Nikos, stop!=C2=A0 There very well may be a way=
 to send spam.=C2=A0 But you need to understand internet infrastructure, an=
d be more clever than the many people who do understand the internet infras=
tructure and don&#39;t want to read spam.=C2=A0 You can&#39;t do this becau=
se, as you have professed in other endless trolling threads,=C2=A0 you don&=
#39;t like to read or study, you like people to give you answers.=C2=A0 To =
me, that is the definition of laziness.=C2=A0 The second reason you can&#39=
;t do this may be that you just don&#39;t want to do any of the things you =
ask here.=C2=A0 Evidence of this would be that you repeat the same question=
s over and over, ignore the answers, quote other&#39;s as supporting your r=
uefully annoying wining, and then start a new thread just like the old thre=
ad with one of your many email aliases.=C2=A0 That is the definition of a t=
roll.=C2=A0 <br>
<br></div><div>This list is very informative when you disappear for a while=
.=C2=A0 If your purpose is to single handedly degrade the experience of doz=
ens of people with interesting questions, and volunteers who guide and teac=
h others, well nice job.=C2=A0 If by chance you are just an unfortunate sou=
l with such large gaps in your self understanding of how rude your behavior=
 here is, you should know that you are rude. So, stop it<br>
</div><div><br><br></div><div>=C2=A0</div><blockquote class=3D"gmail_quote"=
 style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><d=
iv class=3D"HOEnZb"><div class=3D"h5">
&gt;&gt;<br>
&gt;&gt;<br>
&gt;&gt; No, there isn&#39;t. The nearest you could come to anonymous mail =
would be<br>
&gt;&gt; sending via a botnet (to hide your IP address) and forging the fro=
m<br>
&gt;&gt; address. So unless you *want* your mail to be flagged as spam and<=
br>
&gt;&gt; detested by the entire world, NO THERE IS NO WAY to send it<br>
&gt;&gt; anonymously.<br>
&gt;&gt;<br>
&gt;&gt; ChrisA<br>
&gt;&gt;<br>
&gt; How about an anonymous remailer then?<br>
<br>
</div></div>I&#39;m going to spell this out for the benefit of anyone else =
who&#39;s<br>
reading this, because I know Nikos won&#39;t take any notice. This is a<br>
gross oversimplification, but I&#39;m trying to condense everything into a<=
br>
single email.<br>
<br>
The internet can&#39;t be built on certainties, so it&#39;s built on trust.=
<br>
Especially with the detection of spam, it&#39;s mainly a matter of trust -<=
br>
trusting the sending computer, trusting the sending domain, and<br>
trusting that the email in question really was sent by that domain.<br>
Most anti-spam measures are aimed at one of those - for instance, SPF<br>
is all about demonstrating that the sending computer belongs to the<br>
sending domain, and DKIM is about matching the contents of the email<br>
to its domain. The receiving MTA has to decide: Do I trust this sender<br>
enough to accept this email, or will I reject it? As an example, my<br>
own mail server checks a lot of things, including:<br>
* How well the sender complies with the SMTP specification (if you<br>
can&#39;t get protocol right, I don&#39;t want to talk to you; if you<br>
deliberately violate protocol to try to conceal yourself, I definitely<br>
don&#39;t want to talk to you)<br>
* Whether the hostname and IP address match<br>
* Whether the reverse DNS for the IP address has four numbers in it (a<br>
common indication of home senders -<br>
<a href=3D"http://c122-107-147-136.eburwd5.vic.optusnet.com.au" target=3D"_=
blank">c122-107-147-136.eburwd5.vic.optusnet.com.au</a> looks like a home u=
ser);<br>
this doesn&#39;t prevent mail delivery, but it&#39;s marked down<br>
* The SPF record for the sending domain, if it has one<br>
* Certain source or destination addresses that have been blacklisted<br>
* Bayesian similarity to emails previously marked as spam<br>
* A few other details that I won&#39;t discuss in public, so you can&#39;t<=
br>
game the system and send me a pile of spam :)<br>
<br>
Some of these checks are &quot;below the waterline&quot; requirements - for=
<br>
instance, if you don&#39;t say HELO or EHLO at the beginning of your SMTP<b=
r>
request, I&#39;m not going to accept any mail from you. Others are &quot;ab=
ove<br>
the waterline&quot; - I&#39;ll still take the mail, but it&#39;s more likel=
y to go<br>
in the junk folder, because I don&#39;t trust you that much.<br>
<br>
Violating the internet&#39;s standards will often mean your mail gets<br>
rejected. There&#39;s a reason for that; trying to hide is usually a bad<br=
>
idea. Be honest; establish a domain and a (small) set of IP addresses<br>
that send its mail, and you can build up a record of trust (&quot;Every<br>
message I&#39;ve ever seen from <a href=3D"http://foo.example.com" target=
=3D"_blank">foo.example.com</a> (IP address 203.0.113.54<br>
as per its SPF record) has been accepted by my users as legitimate, so<br>
I&#39;m going to assume that this one, from the same domain and IP, is<br>
legit&quot;). It&#39;s not even all that hard to do - just deploy one of th=
e<br>
well-known mail servers like exim or Postfix, set up an SPF record<br>
(not actually necessary, but it&#39;s so easy and can help so much that I<b=
r>
think everyone should do it), and let the rest take care of itself.<br>
<br>
ChrisA<br>
<span class=3D"HOEnZb"><font color=3D"#888888">--<br>
<a href=3D"https://mail.python.org/mailman/listinfo/python-list" target=3D"=
_blank">https://mail.python.org/mailman/listinfo/python-list</a><br>
</font></span></blockquote></div><br><br clear=3D"all"><br>-- <br><div dir=
=3D"ltr"><div>Joel Goldstick<br></div><a href=3D"http://joelgoldstick.com" =
target=3D"_blank">http://joelgoldstick.com</a><br></div>
</div></div>

--001a1133225278a8ff04e6e70472--