From: Digest <deadmail>
To: "OS/2GenAu Digest"<deadmail>
Date: Tue, 9 Jan 2007 00:00:45 EST-10EDT,10,-1,0,7200,3,-1,0,7200,3600
Subject: [os2genau_digest] No. 1415
Reply-To: <deadmail>
X-List-Unsubscribe: www.os2site.com/list/

**************************************************
Monday 08 January 2007
 Number  1415
**************************************************

Subjects for today
 
1  Re:  Mystified : Peter Moylan <peter at ozebelg dot org>
2   Epson 680 : Ed Durrant <edurrant at bigpond dot net dot au>
3   CopyWipe - Free hard disk image/clone program : Robert Traynor  (BobT)" <rtraynor at optusnet dot com dot au>
4  Re:  rexx/enviroment problem ? : Ian Manners" <deadmail>
5  Re:  Mystified : Alan Duval <amoht at westnet dot com dot au>

**= Email   1 ==========================**

Date:  Mon, 08 Jan 2007 00:35:50 +1100
From:  Peter Moylan <peter at ozebelg dot org>
Subject:  Re:  Mystified

Alan Duval wrote:
> It would seem to me that spam could be stopped if one could nominate 
> the only sites that one would accept Email from. Maybe this is 
> possible and I am unaware of it.

For the average user, who is fetching mail from his ISP using the POP3
protocol, the only viable option is to run each message through a spam
checker as it's being downloaded from the ISP's mail server. Luckily
spam checkers are by now widely available, e.g. I use Thunderbird which
has a built-in spam checker. If your mail program doesn't have a
built-in spam filter, there are still usually ways of invoking a
separate filter program during the fetch. What you can NOT do with any
sort of reliability is a simple test on the mail headers, e.g. looking
at the "From:" header line. This is because just about any header can be
faked, and spammers routinely fake everything they can. You can place a
certain degree of trust in the "Received:" header lines, because these
are inserted by the intermediate mail servers that the mail passed
through on its path from the spammer to you. (These lines should be read
in reverse order, i.e. the first "Received:" line was inserted by the
last mail server, which will be a server belonging to your own ISP, and
so on.) A spammer or spam factory can fake the last "Received:" line, or
even the last few, but sooner or later the mail has to pass through a
legitimate mail server which is accurately reporting the address of the
previous server back in the delivery chain.

Because header lines are routinely faked, most spam filters rely on some
sort of content analysis. (Unfortunately, these are now being defeated
by the trick of filling the message with genuine-looking random text,
and putting the spam itself into a GIF attachment or something similar.
My copy of Thunderbird has not yet learnt that nobody except spammers
sends GIF attachments, but I'm hoping that the next release of
Thunderbird will be wiser to this trick. One thing I used to do was to
kill all mail that was in HTML form; but that blocked my sister, who has
never learnt how to use "plain text". (It also blocked my employer, but
that was less of a loss.)) Even when the filter works well, you still
have the overhead of downloading the spam, because it can't be analysed
until it has been received. All that you've gained is that the spam
doesn't have to be read by human eyes.

If you're running your own mail server then you have an extra piece of
information, namely the IP address of the machine that's passing on the
mail to you. The bad news is that this is usually the address of a
non-spammer, because it will probably be the address of some innocent
relay machine rather than the address of the original sender. In fact,
for most people it will always be their ISP's address. Only if you're
your own ISP, with the ability to receive mail from anywhere rather than
via one upstream provider, can you take advantage of this extra knowledge.

I've been planning to develop a Weasel filter - or even build the
feature in to Weasel - that will analyse the "Received:" lines in such a
way as to look at the upstream addresses rather than the immediate
sender, for the case where the immediate sender is always someone
trusted like your ISP, but as so often happens this is outranked by more
urgent jobs on the priority list.

In any case, once you have the IP address, how do you use it? If you use
a pure "whitelist" approach, accepting only mail from known friends,
you'll probably block the spam but you might also block that letter from
a (non-Nigerian) lawyer telling you that you've just inherited a fortune
from a previously unknown great-aunt. Quite a lot of my own genuine mail
comes from people who are not already on my "friends" list. At the other
extreme, a pure "blacklist" approach of blocking known spammers is
imperfect because the spammers move around so much, and also because
some spammers use innocent "victim" machines to relay their spam. Mind
you, you can do reasonably well by subscribing to the services of
serious blacklist maintainers who continually update their blacklists.

One person I know uses a very complicated algorithm that builds a huge
database of suspect IP addresses. It blocks a lot of spam, but it also
blocks a lot of genuine mail. I can't e-mail him to tell him that
because he has me accidentally blacklisted. This is just one example
that goes to show that even the determined anti-spam experts are having
trouble getting it right.

-- 
Peter Moylan                          peter at ozebelg dot org
                                       peter.moylan at optusnet dot com dot au
                                       http://www.pmoylan dot org

Please note the changed e-mail and web addresses.  The domain
eepjm.newcastle.edu.au no longer exists, and I can no longer
receive mail at my newcastle.edu.au addresses.  The optusnet
address could disappear at any time.
----------------------------------------------------------------------------------
 

**= Email   2 ==========================**

Date:  Mon, 08 Jan 2007 06:43:50 +1100
From:  Ed Durrant <edurrant at bigpond dot net dot au>
Subject:   Epson 680

Hi all.
  Some of you know I've  found the Epson Stylus Color 680 printer a 
reliable and effective printer on OS/2 for many years. I have repaired 
it several time and despite the fact that Epson have stopped making ink 
cartridges for, I have kept it going on aftermaket cartridges.

  Unfortunately after having a major paper jam at the weekend, I have to 
take it apart again only to find more black ink inside it than I thought 
a cartridge could hold. Cleaned all of this out and the rogue strip of 
paper that caused the jam and reassembled the printer but when I powered 
it on it made such a horrible noise and jammed. I then saw a very small 
cog on the floor that has obviously exited the printer during the ink 
cleaning phase.

  That was the final straw, it's really not worth trying to repair this 
nearly 10 year old (?) inkjet printer, it has more than served its time. 
so it's now been unceremoniously cast out into the rubbish.

  The point of this e-mail is that I have two unopened black cartridges 
(T017 equivalent) for this Epson 680 (also fit Epson 777 and 685) if 
anyone on this list has one of these printers and wants these two black 
cartridges, please send me your postal address off-list and I'll happily 
send these to you at no cost. I know how difficult these are to find I'd 
rather give them away that throw them away.

Cheers/2

Ed.
----------------------------------------------------------------------------------
 

**= Email   3 ==========================**

Date:  Mon, 08 Jan 2007 10:47:36 +1000
From:  "Robert Traynor  (BobT)" <rtraynor at optusnet dot com dot au>
Subject:   CopyWipe - Free hard disk image/clone program

Hi All,

I had recently upgraded a hard drive to 500gb and I decided to try out
a free program that will either copy one hard drive to another or wipe
the contents of one drive.

CopyWipe for DOS 1.14  or  CopyWipe for Windows 1.14 is available from:-
<http://www.terabyteunlimited dot com/copywipe.html>

I chose to make up a BartPE WinXp cd and install CopyWipe on that.
It is a bit ironic that I was able to copy (from Windows) the 300gb hard 
drive complete with eCS 1.1 partitions and Boot Manager to a new 500gb
drive using a 1:1 sector option and eCS worked perfectly first time.

Because it was a complete digital copy of the original 300gb drive, byte for
byte with the exception of the blank approx 200gb at the end, eCS did
not even loose a drive letter or hick up.  I then used LVM to create a logical
partion in the new free space and bith windows and eCS are continuing 
to work perfectly.

YMMV, but it works for me.

I have also tested the Dos version in VPC, running simulations and it too
works ok.  To ensure that it works for you, simply choose the 
"sector by sector" option when you use it.  You must take care when using
as it will not show you volume labels, just identifying drives by absolute
terms, ie. drive 0, drive 1 etc.

HTH,
Regards,
Robert Traynor (BobT).
8 January 2007   10:40


   ,-._|\       Robert Traynor        (BobT)
 /  Oz  \   email    rtraynor.removeme at removeme.optusnet dot com dot au
 \_,--.x/ 


----------------------------------------------------------------------------------
 

**= Email   4 ==========================**

Date:  Mon, 08 Jan 2007 21:17:02 +1100 (EDT)
From:  "Ian Manners" <deadmail>
Subject:  Re:  rexx/enviroment problem ?

Hi Peter

>I was away when this discussion started, but a possible explanation has

Hope you enjoyed your 'away' :-)

>just occurred to me. If a program is running detached (i.e. as a daemon
>without access to keyboard/screen/mouse) then any process that it starts
>must also run detached. This is a consequence of the way environments
>are inherited and I don't think there's any way to change it. This
>means, for example, that if a Weasel filter needs to write to the screen
>then Weasel cannot be run detached (or the filter will fail to run
>properly). From vague memory, I think you are running one or both of
>Weasel and ClamAV as detached processes.

Only the ClamAV Demon is running detached, clamdscan.exe is then
called by the filter which puts a call through to clamd.exe, which as its
a demon speeds things up by a quantum leap. All output from ClamAV
is turned off at the command line, and no bounce back messages go
out. 

> From memory, I think that cmd.exe is able to run detached but that some
>of its commands won't work in that case. My suspicion is that COPY will
>fail in a detached process because COPY expects to write to the screen.
>If my guess is correct, then the answer could be as simple as adding a
>'>nul' to the end of the COPY command.

So thats why I see the >nul in some rexx files.

I'll try that to check soon but still odd that my clamfilt.cmd worked
for a while until one update of clamav, then the copy command stopped
working :-(

It does fit the fault perfectly though, so will give the > nul a try simply
due to curiosity.

Cheers
Ian Manners
Tech Fossil (Often  called a Dinosaur) - ancient animal that gets things done
http://www.os2site dot com/


There is no Mafia. The world is flat. Chairman Bill is a genius.
----------------------------------------------------------------------------------
 

**= Email   5 ==========================**

Date:  Mon, 08 Jan 2007 22:28:46 +1100
From:  Alan Duval <amoht at westnet dot com dot au>
Subject:  Re:  Mystified

Hi Peter,

Thanks for your detailed reply.

Regards,

Alan Duval
----------------------------------------------------------------------------------
 

