Notices by 🆘Bill Cole 🇺🇦 (grumpybozo@toad.social)

@prettygood @mjg59 I concur. AT&T folks have been summonable there in the past.

@atax1a @jwz It is a frustration that for DKIM, DMARC, and SPF to be as trustworthy as possible, one must deploy DNSSEC correctly and defend one's domain against any threat to its reputation but all the spammers need to do is buy a cheap domain with any old garbage DNS and get a handful of records right.

@jwz The stats we collect for the #SpamAssassin project (mass-scan results from participating sites) have long shown that spammers are more consistent at making SPF, DKIM, and DMARC correct than are legitimate senders. DMARC in particular has no discernible benefit for most senders, so it is a useless signal.

Rejecting mail based solely on authentication failures of those deeply flawed authentication methods does more harm than good.

@dalias @lispi314
Unless the 250 reply at SMTP EoD is delayed until real final delivery, it is not possible to be certain of final deliverability. Small systems running Sendmail are able do that but I don't believe that any other widespread MTA even offers synchronous final delivery during SMTP time. It's not feasible at scale.
If a message gets queued, it can always fail at the next hop. Users get deleted between accept and deliver. Mailboxes fill. LMTP receivers fall over mid-transaction.

@dalias @lispi314

What protocol would that be? What normative document agrees with you that mail should be silently dropped after having been accepted with some basis for trusting the envelope sender? (e.g. SPF affirmative pass, aligned valid DKIM signature, etc.)

Note that I am not arguing that one should generate bounces lightly. Everything that can be checked at SMTP end-of-data before acceptance should be but there are edge cases where a proper bounce message should be sent.

@dalias @lispi314 If you're going to call it "illegal" I’d love to see a relevant citation of law supported by litigation results.

Or even a single reference to supporting advice in an RFC (which cannot make anything illegal in any sense. )

@inthehands @lisamelton It’s kayfabe. Distraction from the ongoing coup being run by Musk and to make the remnant Chinese tariffs that don’t get cancelled seem less terrible.

@dalias @GossiTheDog The royal decree was notionally aimed at all organizations receiving Federal funds.
Never mind that to actually impose such a condition on funds for educational institutions would demand a formal rulemaking process.

Best way to avoid FB phishing: don't have a FB account.

If that's not an option, it is imperative that you use a unique email address for communication from FB which you do not share with anyone else, human or corporate. https://infosec.exchange/@happygeek/113787777146227848

@JessTheUnstill @dalias I'd argue that what the fash transphobes actually want is for people like you to suffer and/or repent and/or die. Moving makes you resistant to their attempts to make those happen.

JFC, I just heard mass screaming from at least 2 different neighbors.

I gather a local sportsball team won...
#Detroit #Michigan

The scholar-athletes of Univ. of Mich. apparently have defeated those of some college in #Ohio, in Ohio, unexpectedly. Given my proximity to that institution, my status as a taxpayer, and the multiple alums and faculty in my immediate family, I am obligated to say: #GoBlue

Alvin Toffler and Paul Ehrlich were guilty of being mostly right ~40 years early.
We're starting to understand that the threat of "over-"population isn't fundamentally Malthusian (food) but rather the fragility of the large complex systems that have so far sustained growing populations to the point of 'demographic transition' and the diverse resource demands of transitioned societies.
Meanwhile, "developed" nations have OD'd on mis/dis/infotainment to the point of rejecting objective reality.

The smartest people in the richest states on Earth know that our current trajectory is towards a hard crash of civilization due to climate change. We should be able to effect the necessary changes to minimize the catastrophe and to push for demographic transition in ways that don't threaten to make the climate problem worse.
That's been true for 30 years.
We are not doing it because of various delusions including the one that we can just push through by juicing AI, biotech, and space.

Sufficiently advanced incompetence is indistinguishable from a state-sponsored attack https://kolektiva.social/@mxy/113510960921049998

We all know it's going to be President Vance at whatever time that becomes convenient for them, right? Early 2027 at the latest, maybe early 2025.
Thiel et al. won't hesitate for an instant to close out Trump's presidency-for-life.

It really is amazing.
I wonder how well we will cope when there are a half-dozen disaster zones in need simultaneously instead of 2. It’s coming. https://mastodon.social/@avlcharlie/113316613445109292

@lilithsaintcrow @cstross It is actually being dispersed quite a bit. Data center landlords, utilities, Nvidia, Seagate, Cisco, etc. Also to the humans doing the grunt work of classifying and tagging all the input data. Data center ops staff. Janitors. Sysadmins.
It’s one upside of truly hopeless tech investments: that money gets USED, it’s not just funneling into a few hands. Usually.

I can’t recommend the particular mail service, but the practice is sound. I’ve got a whole subdomain dedicated to the addresses I use to subscribe to stuff and talk to companies. I get almost no spam ever to those addresses (and burn them when they do) https://me.dm/@thetechtutor/113251884203032910

It’s the second time I’ve had a random solicitation for work around the house this Summer and the second time I’ve said/done *something* I don’t recognize as problematic but which has generated a negative attitude.
I guess maybe my bewilderment (and mild annoyance) at the pitch and its unexpectedness is evident? Is it so obvious that I’m not going to sign a contract at the moment? Or do a handshake agreement? Or engage in any sort of affirmative executive function?