28 February 2017

How to test an IRC server by using telnet

What you need

  • The host name of the IRC server (for use in the telnet command)
  • The port number on the server (for use in the telnet command)
  • A nickname (for use in the NICK command)
  • A user name (for use in the USER command)
  • A real name (for use in the USER command)

What to do

The initial telnet: > symbolises your shell prompt.

telnet: > telnet irc.example.com 6667
telnet: Trying 192.0.2.2...
telnet: Connected to irc.example.com.
telnet: Escape character is '^]'.
client: PASS *
client: NICK MyNickname
client: USER MyUsername 8 * :My real name
server: :irc.example.com 001 MyNickname :Welcome to the Internet Relay Network MyNickname!~MyUsername@client.example.com
server: :irc.example.com 002 MyNickname :Your host is irc.example.com, running version 2.10.3p5
server: :irc.example.com 003 MyNickname :This server was created Mon Oct 13 2003 at 15:56:53 EEST
server: :irc.example.com 004 MyNickname irc.example.com 2.10.3p5 aoOirw abeiIklmnoOpqrstv
server: :irc.example.com 251 MyNickname :There are 123375 users and 7 services on 48 servers
server: :irc.example.com 252 MyNickname 204 :operators online
server: :irc.example.com 253 MyNickname 6 :unknown connections
server: :irc.example.com 254 MyNickname 55926 :channels formed
server: :irc.example.com 255 MyNickname :I have 3981 users, 0 services and 1 servers
server: :MyNickname MODE MyNickname :+i
client: JOIN #twilight_zone
server: :MyNickname!MyUsername@client.example.com JOIN :#twilight_zone
server: :irc.example.com 353 MyNickname @ #twilight_zone :MyNickname @thor-work @Diazemuls @thor @thor-away @Actilyse 
server: :irc.example.com 366 MyNickname #twilight_zone :End of NAMES list.
client: PRIVMSG #twilight_zone Hello.
client: QUIT
server: ERROR :Closing Link: MyNickname[MyUsername@client.example.com] (I Quit)

27 February 2017

Finding newsgroups and subscribing to them

This article is based on material authored by members of the news.newusers.questions Moderation Board and nnq-workers mailing list.

While some newsreaders may come pre-subscribed to groups like news.newusers.questions, there are many other newsgroups out there! Here is how to get to them.

Ways to find newsgroups

Your own news server’s group list

Your newsreader software should have a way of listing all the newsgroups your news server carries.

As you download the list for the first time, be patient. You may need to wait several minutes before the download completes. If you interrupt the download, you may end up with a corrupted list. Should this occur, shut down your newsreader and delete the file that contains the group list. If you are unsure which file that is, ask for help!

When you have downloaded the list, your newsreader will show it to you either as one long list of groups or grouped by hierarchy, such as alt, comp, and the like. In the latter case, clicking on a hierarchy will usually show you the groups and/or sub-hierarchies within.

Other group listings

Many news servers only carry a subset of the newsgroups for a hierarchy, so you may find a comprehensive list useful. However, please note that such lists may be very long and that it can be difficult to use them to find newsgroups on specific topics. For that purpose, you will probably find it much easier to use a newsgroup search engine.

For the official list of newsgroups in the ‘Big Eight’ hierarchies (comp, humanities, misc, news, rec, sci, soc and talk), please see the article labelled Subject: List of Big Eight Newsgroups in the news.announce.newgroups newsgroup. You can also find the list on the ISC's FTP site.

The same site also carries a list of newsgroups in many hierarchies (including the ‘Big Eight’ and alt as well as many national, local and regional hierarchies). This list is large, but appending .gz will get you a compressed version in GNU gzip format. These lists should be authoritative for the ‘Big Eight’, but they are not authoritative for any other hierarchy.

Asking in news.groups.questions

You could also post a question to the news.groups.questions newsgroup. They have people who look for both newsgroups and mailing lists about any topic in which you are interested.

Searching Google Groups

Another thing to do would be a Google Groups search for a newsgroup on your topic. Enter a word or two that describe your topic of choice into the search box. The search should return a list of newsgroups that are most likely to discuss the topic you are interested in as well as some sample articles containing your search terms.

When you have found an interesting group

Subscribing

In order to read articles posted to a newsgroup, you would normally subscribe to that group. This is often done by ticking a box next to the newsgroup name in the newsgroup list or by clicking first on the newsgroup name and then on a Subscribe button.

You may also be able to subscribe using your web browser, either by typing in a news URI such as news:news.newusers.questions or by clicking on a hyperlink that points to a newsgroup.

The groups to which you subscribe should automatically reappear the next time you start your newsreader.

Controlling the download volume

Your news server might have a huge amount of messages for a group you select. If this is the case, you may need to do two things in order to avoid overloading your newsreader:

  1. Make sure your newsreader is set up to fetch only headers, not entire messages. Your newsreader will download the article bodies for you, one by one, as you select them for reading. An exception to this rule would be off-line usage, when you must download entire articles in advance so that you can read them while disconnected.
  2. Limit the amount of article headers (or entire articles) your newsreader will store at a time. An amount of 500 or 1,000 might be a prudent choice unless you have a slow connection or computer.

‘Lurk’ before you post

It is always a good idea to read at least a week’s worth of postings as well as any FAQs before posting to a group for the first time. That will familiarize you with the group and help you learn its culture. It is much better to start by finding out what kind of posts are appropriate in the group than to be flamed for posting in the wrong place.

For a quick and easy way to get a week’s worth of postings and any FAQs that are crossposted to news.answers, go to Newsreaders.com and enter a group name in the search box at the bottom of the page. As not all FAQs posted to the group may be crossposted to news.answers, also look for article subjects containing e.g. FAQ or Tip.

26 February 2017

Fiery minced meat sauce

Great for cold winter evenings.

Serving suggestions

  • boiled potatoes
  • Coca-Cola

Ingredients

  • minced steak, 500 grams
  • two onions, chopped
  • four garlic cloves, chopped
  • chili powder, two teaspoons
  • one bay leaf
  • oregano, one tablespoon
  • red curry paste, one tablespoon
  • basil, half a teaspoon
  • black pepper
  • vegetable stock, two teacups
  • chopped tomatoes, 400 grams

Preparation

  1. Fry the minced steak in your wok.
  2. Add the onion and garlic. Fry.
  3. Mix in:
    • the chili powder
    • the bay leaf
    • the oregano
    • the red curry paste
    • the basil
    • the black pepper
  4. Add the vegetable stock and chopped tomatoes. Simmer for a few minutes. Serve.

25 February 2017

Three basic ‘dos’ of online security

  1. Run an antivirus program all the time to protect yourself from harmful software.
  2. Run a firewall program all the time to avert harmful network traffic.
  3. Keep all your software – including your antivirus and firewall programs – up to date. This ensures that you are using the latest security features.

On most computers, a security breach could lead to exposure of confidential information, such as banking credentials, credit card numbers and address book contents. But even if you do not feel you have any information of value to an attacker, you are still responsible for preventing criminals from using your computer and your Internet connectivity to commit fraud or to launch attacks on other computers. Such crimes hurt third parties and may incriminate you.

Remember to ‘be careful out there’ on the net. Security software cannot protect you from all threats but may save the situation should you make a mistake.

Frequent features of security software

Antivirus

Antivirus programs are designed to prevent malicious software from being executed on your computer or smartphone. They can identify dangerous files such as viruses, worms and Trojans by using pattern matching (looking for virus signature strings), heuristic analysis (looking for code that appears harmful) and sandboxing (executing the file in an isolated environment and looking for adverse effects).

Anti-spyware

Spyware is software that collects information for unauthorised parties. Key loggers, which capture passwords and other information that you type, are one form of spyware. Some antivirus programs include spyware protection, but there are also dedicated anti-spyware tools.

Firewall

Firewalls restrict traffic between your computer or smartphone and the network. They allow authorised access (such as your using email and browsing the Web) while blocking any connections that have not explicitly been allowed. One of the most important tasks of a firewall is to avert unauthorised inbound connections that may be used to examine your system and exploit vulnerabilities. A firewall can also prevent malicious software from making outbound connections.

Anti-spam

Anti-spam software is designed to keep junk email, such as unsolicited commercial email messages and phishing attempts, out of your mailboxes.

Parental control

As a parent or other guardian, you can use parental control (also called child lock , web filter  and Internet filter ) software to manage how children and adolescents can to use a computer or smartphone. For example, you can allow a child to use the device at certain times of the day and for a maximum time each day. You could also prevent children from accessing websites that depict e.g. gambling, horror, smoking or violence.

24 February 2017

A very brief history of IRC

Jarkko Oikarinen started developing the IRC protocol in the summer of 1988. The original goal was to provide a means for users on OuluBox, a BBS, to chat amongst themselves, but only a few months later, IRC servers were running in Finland and the USA, forming the basis for a global network.

In 1993, RFC 1459 was published, defining the protocol. Three years later, the "main IRC network" mentioned in RFC 1459 split into IRCnet and EFnet.

Nofollow considered harmful

Google’s nofollow functionality has been hotly debated. A quick recap, in case you didn’t know: nofollow allows web publishers to select which links should and shouldn’t be counted towards the Google page rank of the targets. A webmaster might, for example, mark all external links nofollow, instead concentrating all page rank value onto his own sites. A real world example is Wikipedia, where almost all external links are marked nofollow. My take on nofollow is this:
  • I don’t like nofollow. I want my search results to reflect the real web instead of being skewed by financial objectives.
  • I reluctantly use nofollow, because it unfortunately is becoming the norm. Since big players such as Wikipedia use nofollow in order to avoid giving me credit for links to my site, I am playing the same game in order to even the field.
  • It has been suggested that nofollow would be necessary in order to keep spiders from crawling sets of infinite links, such as calendars. This argument is not valid, because such safeguards must be built into the spider anyway. Otherwise, what happens when the spider encounters a calendar whose coder didn’t remember to use nofollow?
  • Even if nofollow would be killed, webmasters could anyway try to prevent search engines from following links. Still, nofollow is significant, as it makes it extraordinarily easy to rig search results while still allowing all human readers to follow links (as opposed to client-side scripting or similar technologies that are not universally supported and usable).
In short: Google, please drop your support for nofollow.

23 February 2017

How to cancel a netnews article you have posted

This article is based on material authored by members of the news.newusers.questions Moderation Board and nnq-workers mailing list.

Eventually, it will happen to you. You have posted an article and then realized that you have committed a horrendous faux pas. Or there is a stupid typo or misspelled word. Or you just plain goofed up a crucial fact. Or you have advertised something for sale and sold it almost immediately, and your mailbox is still filling up with offers.

Most newsreader programs allow you to send cancel messages regarding articles that you have written. In theory, a cancel should delete the original article from your own news server. It should also propagate to other news servers, asking them to delete it as well, which they should.

Supersession

The news protocol also allows an article to supersede an earlier version of the same article; the superseding article should remove the previous one. This mechanism has many of the same strengths and weaknesses cancels have.

Why a cancel message might fail

Sending a cancel message is usually easy. This page includes detailed instructions for a selection of newsreaders. However, you can no longer rely on a cancel actually to remove your article from a newsgroup. Here are a few reasons why.

Vandalism

Nowadays, cancel messages are highly abused. Because cancels are easy to falsify, and because vandals often send huge amounts of forged cancels, it is becoming less and less common for news servers to act on cancel messages.

Vigilantism

Even if a cancel initially is successful, there are resurrection robots that may repost the original article (on the assumption that the cancel was illegitimate).

Propagation outside newsgroups

Netnews articles are exchanged between news servers, but they may also be gatewayed automatically to mailing lists and web-based archives. Additionally, they may have been quoted manually somewhere. Such media often do not (or even, by design, cannot) honour cancels.

Usability issues

Article expiration

Most newsreaders allow you to cancel an article only while the article has not yet expired on your news server. If the article has already expired from your server so that you no longer can call it up and read it again, you are probably out of luck.

You could compose and inject your cancel message manually. Although the protocol specification explains how, that task may be rather difficult for someone who is new to newsgroups.

Email address settings

If you follow the instructions, but get an error message that says something like You can’t cancel someone else’s article, your newsreader was not installed properly. Complain to your system administrator about it, if he/she installed your newsreader. If you installed it, check your documentation and make sure that your newsreader and news server software agree on what your email address on the From: line should be.

If you were trying to cancel someone else’s article, please be aware that falsifying cancel messages is a severe breach of netiquette.

How to send a cancel message – instructions by newsreader

Some of the newsreaders listed here are obsolete. The information has been retained for historic purposes.

Gnus

  1. Select the article and start reading it.
  2. Press C (capital) to cancel it (function `gnus-summary-cancel-article')

Thanks to Nat Makarevitch, 8 October 1995.

Netscape

Netscape versions prior to 2.0 cannot cancel articles.

In version 2.0, use the Cancel command in the Edit menu. (I think I recall that a similar command is available in newer versions as well.)

NewsWatcher

These instructions are for version 2.0b27. Other versions may vary.

Select the Cancel Article command from the Special menu. This can be done while the article is being read or while it is selected in the author/subject window.

Thanks to an anonymous contributor, 6 January 1996.

nn

  1. Select the article and start reading it.
  2. Press C (capital) to cancel it.

Thanks to Wolfgang Schelongowski, 30 September 1995.

pine

pine does not have a built-in cancel feature.

However, it is possible to cancel articles by manually creating the necessary header lines. Detailed instructions can be found in Nancy McGough’s news article Pine.WNT.4.10.9904191325060.-456319@aleph, which is available at least through Google Groups.

Thanks to Gotfryd Smolik, 29 May 2008.

rn, trn

  1. Select the article and start reading it. In order to show articles you have already viewed, you will probably have to use the U (capital) command while looking at the thread selector,
  2. While you are reading the article — or at its end — press C (capital) to cancel it.

If you want to post a corrected version of the article, press Z instead. Then you can edit the article, and trn will post it in such a way that it simultaneously cancels the old version. The contributor is unsure as to whether this also works in rn.

slrn

  1. In article mode, select the article that is to be cancelled.
  2. Press Esc, then Ctrl-C.

Thanks to John E. Davis, 3 October 1995.

Tin

While viewing the article text (you may have to use r to toggle read/unread articles), just press D (must be capital).

Thanks to an anonymous contributor, 8 October 1995.

Turnpike

  1. Select the article in the newsgroup. If it has not yet appeared, locate it in a mailroom view (File/New maillist/Mailroom).
  2. Select Cancel article from the article menu. A new window, containing the details of the message to be cancelled, will appear.
  3. You should edit the body text of the message to indicate why the message is being cancelled. This is not strictly necessary, but it is polite since at some sites, humans will look at the cancels.
  4. Press Post, go online and send the cancel.

Of course, you can only cancel your own messages. The article you are cancelling must be in the newsgroup on your computer, or in the record of outgoing articles.

Thanks to Richard Clayton, 19 September 1995.

WinVN

  1. In the group list window, open the article.
  2. In the article text window, select File/Cancel article.

You may edit the text of the cancel article. This is only possible on articles you have written.

Thanks to Christian Perrier, 4 October 1995.

22 February 2017

An IRC channel of your own

How can I create a new channel?

If you attempt to JOIN a channel that does not exist, it will be created for you, and you will be given operator status (‘ops’) on that channel. Subsequent users who join the same channel will not be given operator status (as long as the channel is not empty at the time they join).

What are the things I can do as a channel operator?

Just as you can use the MODE command to adjust your own user properties, you – as a channel operator – can set certain channel modes that affect your channel:

mode mnemonic property example comments
b ban users matching this user mask cannot join the channel nor talk on the channel /MODE #mychannel +b *!*@*saunalahti.fi You would typically ban someone if they acted in an abusive fashion and kicking him did not keep him from coming back and repeating the offense. A user can usually change his nickname right away, and can often obtain a new IP address (e.g. by using a VPN service), so you will probably want to ban whole domains, or in the absence of reverse DNS, networks (e.g. /MODE #mychannel +b *!*@192.0.2.*)
i invite-only only invited users may join the channel /MODE #mychannel +i
k key only users who enter this password may join the channel /MODE #mychannel +k secret Users will need to enter the password as a parameter to the JOIN command, e.g. /JOIN #mychannel secret
l limit maximum user limit /MODE #mychannel +l 10
m moderation only ‘voiced’ users will be able to talk on the channel /MODE #mychannel +m
n no external messages only users on the same channel will be able to send messages into the channel /MODE #mychannel +n Otherwise users will be able to use PRIVMSG to send to the channel even if they are not on it
o operator give someone channel operator status /MODE #mychannel +o MyFriend You should be careful when giving ops, because you are basically giving away the channel. Never op someone you would not trust the channel to, and never op someone without being certain they really are who you think they are (it’s easy to modify one’s nickname and ‘real name’ so that they match someone else’s). On the other hand your channel should have enough ops, otherwise it may easily become stuck in an opless status
p private make the channel ‘private’ /MODE #mychannel +p A private channel will not be included in a reply to NAMES command, unless the user issuing the command is on that channel
s secret make the channel ‘secret’ /MODE #mychannel +s A secret channel will not be included in a reply to a LIST or NAMES command, unless the user issuing the command is on that channel
t topic prevent normal users (i.e. non-chanops) from setting the channel topic /MODE #mychannel +t
v voice give someone a voice, i.e. allow him to speak on the channel /MODE #mychannel +v MyFriend Technically, this is relevant only if the channel is moderated (mode +m). However, some non-moderated channels use this voice flag to denote loyal and trusted non-chanop users

The above examples illustrate setting modes using the + sign. Modes can be removed by using the - sign instead. Mode changes can also be stacked on the same command line, as in /MODE #mychannel +im.

The following commands are available only to channel operators:

command action example comments
INVITE invite someone to the channel /INVITE MyFriend #mychannel
KICK remove someone from the channel /KICK #mychannel Jeff Abusive language The comment is optional

Also, if the channel mode +t is set, only channel operators may change the channel topic (done using the TOPIC command).

How do I keep my channel operator status while I am logged off?

Normal IRC functionality does not allow for servers to ‘remember’ channel operators; if you leave the channel, you will lose ops. If you are the last user to leave the channel it will cease to exist, and the next person to join it will get ops. If you are the last op but not the last user to leave, the channel will become ‘opless’, and the only way for someone to receive ops will be joining the channel at a moment when it is empty.

If your channel has a lot of users (or even a few users who idle constantly), you could give operator status to a few persons that you trust, and require them to op you (and each other) when necessary. This approach seems easy, but it is very insecure since no reliable authentication takes place; anyone with access to the same host or dynamic IP address scope could join the channel using your nickname and username, and receive ops. (Sooner or later some idiot chanop would probably even op an attacker on nickname alone.) Instead, I am going to suggest two more secure options.

screen

The first option is the easier one. It involves running the screen program or a similar utility on a host that is constantly connected to the net; most people I know use a Unix-type server located at work, at school or at their ISP.

Basically, you start screen, join IRC, and obtain channel operator status in one way or another. When it is time to log off you ‘detach’ the screen, leaving it to ‘idle’ in the background (if you do not explicitly detach the session, it will be automatically terminated when you log off). The next time you log on you restart screen, reconnecting to your detached session, and your IRC session will be there waiting for you just as if you never would have logged off in the first place.

IRC ‘bots’

The second option is running one or more IRC robots, usually called bots. This approach is much more versatile, but also a little more complicated. You still need a constantly-connected host to run your bot on, but after installation you do not need to log onto that machine (except for performing maintenance work). The bot sits on your channel 24/7, and when you join the channel and require ops, you just start a private chat with the bot, provide a password, and the bot will op you. You may not even need to request ops from the bot since you can perform channel maintenance, such as setting bans, through the bot instead.

Not all IRC servers allow bots; check the MOTD, displayed automatically when you connect, for details on that server’s bot policy and/or contact details (some servers require you to obtain authorization prior to running a bot). You can also view the MOTD for another server on the same network using the MOTD command (e.g. /MOTD irc.domain.com).

eggdrop

The #1 IRC bot is eggdrop, available for both Unix-like systems and Windows. eggdrop bots are very powerful; ‘out of the box’ features include botnet support, dynamic ban lists and a telnet server, and tcl scripts can be used to customize the bot to do just about anything you want.

In real life bots do crash or become disconnected, so you may want to run several instead of just one. Three eggdrop bots, connected together to form a botnet, are often enough to nicely take care of one or more channels.

21 February 2017

Advance-fee fraud

In advance-fee fraud, victims are baited with promises of a monetary asset or other gain (some common types of lure are identified below). Advance-fee fraud has been perpetrated out of Nigeria and other developing countries since the 1980s. Initially, fax, telex and postal mail were used, but with the advent of Internet caf├ęs, email became the fraudsters’ tool of choice. SMS messages are also used, but to a much lesser degree.

Once the perpetrators have succeeded in recruiting a new victim, they proceed to groom him or her by email and telephone, often presenting various falsified documents intended to substantiate the deal. Eventually, the fraudsters will ask the victim for an advance payment towards administrative, storage or other fees that allegedly must be paid to make the transaction possible. These requests are typically made in the name of a bank, courier service or other third party. Phony addresses, such as barclaybnkplc3@gmail.com or dhlcourierservice14@yahoo.com, may be used to impersonate an existing organisation, but the criminals may also simply invent the name of a bank or whatever.

African telephone country-codes usually begin with +2. For example, +234 means Nigeria. Fraudsters often also use British ‘personal numbers’ beginning with +44 70, as calls to such numbers can be easily and cheaply (VoIP) routed to another country. Any telephone number can be used criminally, but some attempts are more obvious than others.

If the victim makes a payment to the perpetrators, new payments are requested for as long as the they continue to make them. Obviously, the victim will never receive the alleged asset that was used as bait.

The inheritance bait

  • I wish to notify you that late Engr. Jürgen Krügger made you a beneficiary to his WILL. He left the sum of Thirty Million, One Hundred Thousand Dollars (USD$30,100.000.00) to you in the Codicil and last testament to his WILL. This may sound strange and unbelievable to you, but it is real and true. Being a widely traveled man, he must have been in contact with you in the past or simply you were nominated to him by one of his numerous friends abroad who wished you good.

The donation bait

  • I have willed out almost half of our assets to several charities, less privileged in different countries. I and my late husband also agreed to render support to an unknown individual that we have not met before due to the fact that when we were still young in life we received an anonymous help from an individual we don't know and we have not being able to know till date. I deposited a Cheque in the sum of £4,800.000.00 (Four Million Eight Hundred Thousand British Pounds) in a brown envelope as a parcel with DHL Express Courier Services UK over four weeks ago to be delivered to you.

The jackpot bait

  • Microsoft and Oracle are now the largest Internet companies and in an effort to make sure that Internet Explorer remains the most widely used program, Microsoft and Oracle in conjunction with Yahoo! Mail are running an e-mail beta test. Your email address as indicated was drawn and attached to ticket number 00190 with reference number MSW1002/07 and draw numbers 14-21-25-39-40-47(20) which subsequently won you £900,000.00 (Nine Hundred Thousand Great Britain Pounds) as one of the 28 jackpot winners in this draw.

The money laundering bait

  • My name is Sgt. Owen John, I am an American soldier, I am serving in the military of the 1st Armored Division in Iraq, as you know we are being attacked by insurgents everyday and car bombs. We managed to move funds belonging to Saddam Hussein? family. The total amount is US$25.5 Million dollars in cash, mostly 100 dollar bills. We want to move this money to you, so that you may invest it for us and keep our share for banking.

The loan bait

  • HANSON BEN gives out loans at low interest rate of 3% to student,individuals,business men and woman with low credit all over the globe.Sound lending is base on the promise that the borrowers will repay.contact us via email:hansonbenoffer@gmail.com

The visa bait

  • Two hundred and twenty five (225) U.S- visa's were released and 6.3 million e-mail addresses were extracted from world wide registered web-sites during the 33-days extraction period that ran for final selection, all extracted email addresses were assigned to different ticket numbers for representation and privacy for final- selection through computer- draw- system. Your e-mail address- attached to- ticket- number (564002-188) drew -the lucky- number's which subsequently won- you the- U.S -visa and we are sending the winning- notification- directly through the- selected- winning e-mail address which means that if you receive the winning- notification in your mail box that you have been selected- among the lucky- winner's.

The invitation bait

  • It gives me a great pleasure to invite you to the forth coming international seminar which the American Institute for Human Right (AIHR) is excited to be hosting in September 14th to 16th 2011 first Phase at Elm Croft Manor New York City USA, And then from September 19th to 22nd 2011, Second phase at Lagasca Madrid Spain. Note: the (AIHR) will be providing all delegates with to and fro Air ticket and also visa's guidance for the seminar purpose.

The current-event bait

This exhibit was received in October 2011, some days after Libyan head of state Muammar Gaddafi was captured and killed:

  • Goodday, I apologies to reach you through this medium but I just have to due to the urgency of my offer. Am Dr. Mohammed Abdullah a Senior Adviser to Late Col. Moammar Gadhafi who died in the recent revolution in Libya, before the former Libyan leader was ought out of power and killed he move the fund of US$120M through me which was lodged in a finance house in Europe for safe keeping. But due to the new development where all aides to the late Libyan leader is under serious check and close monitoring I have decided to seek for a foreign assistance who will help me lay claim of this fund since I can no longer travel out of my country as friend and associate are now part of the revolutionary movement making it impossible for me to seek for the assistance of my old associate. Please contact me through my private email if you are willing to assist: abdullahmohammed@w.cn. Dr.Mohammed Abdullah.

The sex-and-love bait

  • i am very open and would like to know little about you for serious relationship. Well I am little girl by age 24ys old but I still have more to say if you care to know more about me please back to me via email privatly for my photo and more details (adiragabriel69@yahoo.com)

The ‘black money’ bait

The perpetrators show the intended victim black pieces of paper, which they claim are actually stained banknotes. The victim is asked to advance money towards a very expensive washing liquid that can allegedly clean the ‘banknotes’ and make them usable. – This bait can also be used in follow-up fraud:

  • This is Fivestars Chemical Laboratory Company,specializes in chemicals for anti-breeze bank notes currencies such as us.dollar, euro, pound, and many other local currencies.If you have made a kind of currency business proposals which involves your money been stacked or not fully processed, You will not be charged for any chemical for the cleaning of your money but you must bear in mind that 30% of the total money cleaned will be our commission after cleaning all the money. we have helped a lot of people all over the world in this issue, Contact us today for quality & effective service for we are the best among equals.

The job bait

Although most job ads seem to aim to recruit money mules, recruiting scams can take a multitude of other forms as well.

  • Concept: We seeks people -- regular citizens, not professional drivers -- to go about their normal routine as they usually do, only with an advert of any of the companies we are advertising their product pasted on your car. You will be compensated with a sum of $200 ( Two dollars per Week),which is essentially a "rental" payment for letting our company use the space.We shall provide experts that will handle the advert placement on your car. You will receive an upfront payment of $400 ( Four hundred dollars) for accepting to carry this advert on your car and other weekly payments.

The competing beneficiary

Fraudsters often try to create a sense of urgency by indicating that another person has intervened and is attempting to obtain the funds.

  • In the said letter of change of beneficiary/ownership, representatives of Janet Wlliams states that you are dead and as such your fund should be paid to her as the next of kin to you. Because of the elaborate global scam, we decided to contact you for confirmation. If after seven working days, no responce is received from you,it will be assumed that you are dead and as such authorization and approval will be granted on behalf of Janet Wlliams to claim/receive your fund. Confirm this pictures and reconfirm your Information and how you want your fund paid to you without further delay if you are still alive.

Victim hijacking

Perpetrators may also attempt to take over victims who are in the process of being defrauded by competing criminal organisations. This can be done through spamming messages introducing the sender as an auditor or government official who has detected funds that the victim should already have received. The sender may also impersonate a co-victim.

  • We have arrested all the fraud people that has been cheating you and collecting your money here in Nigeria we are the new ATM CARD office with EFCC office here in Nigeria now your ATM CARD will reach your hand today or tomorrow it will cost you nothing but only $100usd that is all once this fees is paid we will give you delivery tracking number to enable you know when it reach your home. This is the Name where you can make the payment. Receiver Name: MORDI JOSEPH. Address Lagos Nigeria
  • Please be inform that any email correspondence you are involved in regarding money transfer or on-line lottery winnings from over sea is now being handled by us. The person or company you were dealing with has gone into bankruptcy and has been put into receivership since they are in serious financial difficulty due to world wide credit situation and blatant incompetence on their part. They are no longer in any honest or trustworthy position to deal with your claim. The insolvency agent has handed over all responsibility for this matter to us at SerVo RISK FEE TRANSFER INC® It is important for our records and the smooth completion of this business that henceforth you cease all further communication with them and only reply to this one mail address.
  • If your outstanding fund you’re expecting from the Nigerian government has exceed a year and half which is eighteen months; there is no office, bank or commission that will help you get it without asking you to pay fees upon fees which might result to thousands of dollars. Some of them might keep on demanding for unending fees from you until you get frustrated. I will introduce you to someone who I believe can help you out. He’s a God fearing and straight forward Christian. He’s works directly with the CBN and I have directed up to seven foreign beneficiaries to him this month and they all received their fund successfully. He will help you deal with the CBN governor directly and make sure all other fees are been waived off completely until you get the fund in your bank account and this will take him just thirty six hrs to execute it depending on how much you trust him.

As an attempt to improve credibility, the message may include a list of individuals suspected of misappropriating the victim’s funds. Such a list would consist of names known to the hijacker as having been used by competing fraudsters. The victim may therefore recognise on the list the name of his or her initial contact person.

The hijacker advises the victim to cease communicating with the original perpetrator. Later, the fraudsters that have taken over the victim advise him or her that problems have arisen and that further payments are necessary. They may also request an advance reward.

Follow-up fraud

Even after the victim has realised that they have been swindled, the perpetrators may contact him or her again, this time under the name of a prosecutor, lawyer, law enforcement agency or private investigator. The victim is told that the fraudsters have been apprehended and that they can obtain compensation for the advance fees previously lost. In a variant, the fraudsters impersonate an authority or organisation that allegedly reimburses fraud losses.

  • This email is to all the people that have been scammed in any part of the world, the UNITED NATIONS have agreed to compensate them with the sum of $850,000.00 (Eight Hundred and Fifty Thousand Dollars)This includes every foriegn contractors that may have not received their contract sum, and people that have had an unfinished transaction or international businesses that failed due to Government problems etc.

If the victim expresses an interest, the perpetrators get back to requesting money from him or her under the pretext that various administrative, investigative, legal etc. expenses must be paid before the claim can succeed.

Some variants of follow-up fraud focus on recipients who have seen through a previous scam attempt:

  • This is Barr.Smith Onyema,I'm happy to inform you about my success in getting those funds transferred under the cooperation of a new partner. Presently i'm in Paris France for investment projects with my own share of the total sum. meanwhile, i didn't forget your past efforts and attempts to assist me in transferring those funds despite that it failed us some how. Now contact our pastor in Benin Republic his name is Rev. Pastor Stanley James,on his private e-mail (pastorstanleyjames@yahoo.fr) ask him to send you the total of $750,000.00 (Seven Hundred And Fifty Thousand United State Dollars) which i kept for your compensation for all the past desire and attempts to assist me in that matter.

20 February 2017

IRC power user stuff

What do PING? and PONG! mean?

PING is the IRC server making sure that your client is still there. When a PING message is received, the client needs to reply with a PONG message, otherwise the server will end the connection.

A PING may occur immediately when you connect to IRC; the idea behind this is checking that you are not forging (‘spoofing’) your IP address; the PING message is sent to the address that you claim to connect from, and it includes a random string that must be sent back together with the PONG reply.

During the connection, the server sends PING messages at constant intervals, e.g. every 180 seconds.

What does DCC mean?

The DCC protocol allows two IRC clients to connect with each other directly (as explained earlier, normal IRC chat takes place through one or more IRC servers instead). DCC can be used for private chatting (DCC CHAT) and also for sending and receiving files (the sender uses DCC SEND, after which the recipient accepts the file using DCC GET).

What about all the other abbreviations I keep seeing?

Typing is slower than talking, so when your IRC pal says something really funny, instead of saying ‘I’m rolling on the floor laughing my ass off’, you could simply type ‘ROTFLMAO’.

Here’s a compilation of more or less well known acronyms:

ADN
any day now
AFAIK
as far as I know
AFK
away from keyboard
AKA
also known as
ASAP
as soon as possible
B4N
bye for now
BAK
back at the keyboard
BBL
be back later
BFD
big f***ing deal
BFN
bye for now
BRB
be right back
BS
bulls**t
BTW
by the way
CTCP
Client to Client Protocol
CU
see you
CUL
see you later
CUL8ER
see you later
CYA
cover your a*s
FAQ
frequently asked question
FUBAR
f***ed up beyond all recognition
FWIW
for what it’s worth
FYI
for your information
GA
go ahead
HAND
have a nice day
HTH
hope this helps
IANAL
I am not a lawyer
IIRC
if I remember correctly
IMHO
in my humble opinion
IMNSHO
in my not so humble opinion
IMO
in my opinion
IOW
in other words
IRL
in real life
ISP
Internet service provider
L8R
later
LOL
laughing out loud
MOTOS
member of the opposite sex
OTOH
on the other hand
PITA
pain in the a*s
RE
hi again
ROTFL
rolling on the floor laughing
ROTFLMAO
rolling on the floor laughing my a*s off
RTFM
read the f***ing manual
SNAFU
situation normal, all f***ed up
SO
significant other
TANSTAAFL
there ain’t no such thing as a free lunch
TGIF
thank god it is Friday
THX
thanks
TIA
thanks in advance
WB
welcome back
WTF
what/who the f***
WYSIWYG
what you see is what you get

How can I tune my client settings?

There are a couple of user modes that you can set to customize your client:

mode mnemonic property example comments
i invisible you will not be included in WHO listings (unless the user issuing the command is on the same channel) /MODE Chatter69 +i Many IRC servers will automatically set this mode for you when you connect
o operator IRC operator status /MODE Chatter69 -o This mode can be set only using the OPER command
s server notices receive server notices /MODE Chatter69 +s
w wallops receive WALLOPS (messages sent to all operators) /MODE Chatter69 +w

Another flag you can set for yourself is the AWAY property: say you have to take a break from IRC because your dog needs a walk. Type /AWAY Walking the dog, and anyone who sends you a private message or sends your server a WHOIS query for you will receive a notice similar to Chatter69 is away: Walking the dog. When you and your dog return, just type /AWAY, and you will be considered ‘here’ again.

You can set user modes and away messages only for yourself, not for other users.

How can I get information on other people?

ISON will simply tell you whether certain nicknames are online or not: /ISON Per Marie Elvis.

NAMES will list nicknames and channels, or nicknames on one or more specified channels.

The WHO command was designed to list users, but nowadays it has very limited use since most users (explicitly or automatically) set user mode +i, making them ‘invisible’ to the WHO command.

WHOIS will return information about a particular user, e.g. /WHOIS MyFriend. On an IRC network, the best source of information will often be the server that user is connected to. A convenient shortcut to specifying that server is using the nickname for this as well, as in /WHOIS MyFriend MyFriend.

WHOWAS may find similar information about a user who already has signed off IRC or changed his nickname.

How do I get rid of someone who annoys me?

If you become the target of abusive behaviour such as flooding, do not waste time looking for someone to ask for help. Instead, protect yourself. You can block private messages, CTCP messages and DCC requests using the ignore functionality of your client software. If the abuser disrupts a channel you are on, notify one of the channel operators (or kick/ban the user yourself if you are a chanop).

How can I find out stuff about the servers?

The STATS command is used to read configuration information and statistics from a certain server (from the server you are connected to, if none is specified). For example, /STATS i would return the I and i lines (a list of users and hosts that will be allowed to connect) from your current server’s configuration file, and /STATS k irc.funet.fi would list the K lines (a list of users and hosts that are banned even though they may have an I or i line) in force on that server. There are other options as well, not all of which simply retrieve static information; try c, h, l, m, o (for O lines, or operator host masks), u and y!

Other commands that will provide you with server-related information include ADMIN, INFO, LINKS, TIME, TRACE and VERSION. All of these will accept a server name for a parameter, e.g. /ADMIN irc.funet.fi.

Who runs IRC?

An IRC admin, i.e. a server administrator, is a person who is in charge of running an IRC server. He has access to the server configuration files and therefore complete control over how the server runs; who is allowed to connect, etc.

IRCops (IRC operators, not ‘IRC Cops’!) help admins run the IRC service and are also expected to assist users. Ops are able to connect and disconnect servers, and disconnect (‘kill’) and ban (‘K-line’) users from the server.

IRC operators should not be confused with channel operators. Although RFC 1459 states otherwise, IRCops nowadays typically take no part in channel conflicts, so you should not ask one to kill off a bad person so you can get ‘your’ channel back.

For probably most organizations running IRC servers, IRC is not a lucrative business; you can’t sell stuff on IRC or place advertisements there as you can on the Web. Therefore ISP executives often could not care less about whether IRC stays or goes. Instead, IRC servers – no matter what the organisation – are run largely on a volunteer basis, and it is often reasonably easy to annoy those overworked volunteer IRC admins and ops enough to convince them that your network or domain – or even your top level domain, such as everyone in your country – does not deserve access any more.

Remember, access to IRC is a privilege, not a right.

19 February 2017

Cashew chicken

Easy to cook. Mild taste.

Serving suggestions

  • rice

Ingredients

  • chicken breast, diced, 500 grams
  • ginger paste, one tablespoon
  • one chopped garlic clove
  • soy sauce, two tablespoons
  • toasted sesame oil, four tablespoons
  • cashew nuts, 100 grams
  • broccoli buds, 100 grams
  • one sliced onion
  • one sliced celery stalk
  • one sliced carrot
  • vegetable stock, one teacup
  • ground black pepper

Preparation

  1. Mix together in a bowl:
    • the chicken
    • the ginger paste
    • the garlic
    • half of the soy sauce
    • one teaspoon of the sesame oil
  2. Heat the remaining sesame oil in your wok. Fry the cashew nuts. Set them aside.
  3. Fry the chicken until lightly brown. Set it aside.
  4. Fry the broccoli, onion, celery and carrot until crisp.
  5. Add and heat the chicken.
  6. Add the vegetable stock and the remaining soy sauce. Bring to the boil.
  7. Add the cashew nuts and black pepper. Serve.

18 February 2017

Basic IRC usage

The user mask

In addition to simple nicknames, a more versatile way of referring to user identities on IRC is the user mask, sometimes referred to as user@host or ban mask. User masks are used e.g. when placing channel bans on the IRC server, and chances are that your IRC client uses them locally as well for specifying who should be ignored, automatically given channel operator status, etc.

The mask is constructed as follows:

  1. the nickname
  2. ! (separator character)
  3. the user name
  4. @ (separator character)
  5. the host name or IP address

Wildcards are allowed, e.g. *!*@* would cover anyone on IRC. Some servers also support the special wildcard #, which signifies one digit, and CIDR prefixes, such as *!*@192.0.2.0/23 (instead of *!*@192.0.2.* and *!*@192.0.3.*).

The nickname

Since IRC servers ‘kill’ (i.e. disconnect) duplicate nicknames on sight, the nickname is often enough to specify a user. Nicknames can, however, be changed at will, so they are not useful for control purposes; if you decide to e.g. have your IRC client ignore someone who is flooding you with unwanted messages, you do not want him to be able to just change his nickname and continue harassing you.

The user name

The user name will be either the name your IRC client provides at logon, or the user name part of your Ident server’s response. It may be preceded by a special character indicating whether the IRC server received an Ident response from your host (~ indicates missing Ident) and whether your connection is restricted (from using certain commands).

The host name or IP address

Your host name will be the DNS name for the IP address you are connecting from. If your network’s DNS service is broken, or some other problem prevents the lookup from succeeding, your user mask will contain your IP address instead.

Let’s assume my nick is john, my user name is jdoe, and the host I run my IRC client on is ws155.example.com. This can be expressed as john!jdoe@ws155.example.com. If my reverse DNS would not work, the user mask would be something like john!jdoe@10.10.10.10 instead.

Can I use someone’s user mask as his mail address?

Due to the @ character, the user@host part of the user mask looks similar to a mail address, but nevertheless it is not one. Mail sent to IRC user@host addresses on Unix systems have a certain chance of finding its way to the intended recipient since the user name probably exists and the host machine may happen to run a mail server. For the most part, however, this cannot be counted on.

Using IRC channels

One way of chatting is joining one or more channels. A channel is a group of users chatting (or idling) together. Channels are usually formed by people with something in common – teens living in the same city, fans of the same rock group, Linux enthusiasts... Any text you send to a channel will be visible to all the users on that channel (unless they have set their clients to ignore you).

Your IRC client may come with a pre-loaded list of channels, but there is no guarantee that those channels happen to be in use on your particular server or network at any given time. You can have your client download the current list of channels, but if the list is long, the server may disconnect you for flooding the connection. You may want to search on the Web instead.

The channel listing generated by your IRC server will show the channel name, the topic if one exists, and the number of users currently on that channel. Channels where new users are welcome often have an informative topic line in the language of the channel.

When you have found a suitable channel, use the command JOIN to enter it, e.g. /JOIN #mychannel or /JOIN &another. You are not restricted to sitting on one channel at a time; you may join several if you want to. I usually idle on a few different channels.

What do the # and & prefixes in channel names mean?

They exist so that channel names will be distinguished from user nicknames. If the server is not connected to an IRC network, it does not matter which prefix (# or &) it was created with. However, if the server is connected to another server (i.e. an IRC network), only # channels will work globally, across the network; & channels will be local and work only on the local server.

Who are these people with nicknames that start with a @ sign?

The channel operators (chops or chanops) are the hosts and rulers of their channel. You can recognize them by the @ prefix added to their nickname whenever it is listed in the context of that channel.

Chanops can set modes and kick and ban users as they please. There is basically no one you can complain to about having been treated unfairly by a channel operator, e.g. kick-banned for no good reason; instead, you can create a channel of your own and run that channel as you see fit.

How can I persuade the channel operators of an existing channel to op me?

Hang out on the channel frequently, acting according to the norms for that channel.

Asking for ops is one of the most counter-productive things you can do; you will look like a clueless newbie who is interested only in gaining channel operator status.

Why can’t I join the channel of my choice?

If you are prevented from joining the channel of your choice, chances are that one or more of the following circumstances exist:

  • you are banned from the channel (channel mode +b) – this does not necessarily mean that you personally are unwelcome; bans are often set to exclude anyone from a certain domain or network
  • the channel is invite-only (channel mode +i) and you have not been invited
  • the channel is keyed (channel mode +k) and you have not provided the password
  • the channel has a user limit (channel mode +l) and is full

Why can’t I talk to the channel?

If the channel is moderated (channel mode +m), you will not be able to send text to the channel unless you have been ‘voiced’ (mode +v).

Also, if you are banned from a channel while on that channel, you will not be able to talk on that channel any more. Note that merely setting a ban does not remove anyone from the channel; that is what the KICK command is for.

Can I change the topic line of the channel?

The TOPIC command may be used to associate a channel with a topic (typically displayed in conjunction with the channel), e.g. /TOPIC #mychannel This channel is all about me. If the channel mode +t is on, only channel operators may set the topic.

How do I leave a channel?

When you want to leave the channel, issue the PART command, as in /PART #mychannel.

How do I chat privately with someone?

You can chat privately with another user on the same server or network, regardless of whether either of you is on a channel or not.

You will need to know the nickname of the person you want to chat with. Most IRC users nowadays make themselves ‘invisible’ by setting user mode +i, so unless you know what channel the person you are looking for is on, you may find it very difficult to use IRC server functionality to find out what his nickname is.

When you have the nickname, do a WHOIS on it (e.g. /WHOIS MyFriend) just to be sure; then start talking. On many clients, you would be able to type e.g. /MSG MyFriend Hi there! (to simply send the message) or /QUERY MyFriend Hi there! (to open a dedicated window for chatting with MyFriend).

By the way, the native IRC command for sending a message – to a nickname or to a channel – is PRIVMSG. A related command is NOTICE; the difference between notices and normal messages is that notices never may be replied to with an automatic message. The logic behind this is preventing software components such as IRC servers from wasting resources on perhaps endless loops of automatic replies to automatic messages.

On the Internet, I can do anything I want, right?

Wrong.

IRC is supposed to be an enjoyable experience, so it is a good idea to behave as you would like for other users to behave towards you. Just log on, join a channel or two, idle for a moment so you will learn the name of the game, and then chat as you would in real life; this should keep you out of trouble.

Remember that different rules apply on different channels (group chats). Some channels encourage idling, others will kick you for it; many channels allow only certain languages, some outlaw anything but plain text, etc. Unfortunately you may not be able to find out the rules of a specific channel before you find yourself kicked for breaking them. However, better late than never; unless you are banned as well, you can re-join the channel and try not to repeat whatever behaviour got you kicked.

For some channels, a web page or some other kind of written information about the channel may be available. The channel topic may tell you how to retrieve it, or one of the nicknames (maybe a ‘bot’, an automatic IRC client) on the channel may send you a welcome message with information.

Don’ts and why-nots

Do not... as...
type in ALL CAPS it is considered shouting
send the same line of text several times, or hit Enter after every few words the conversation will scroll off the screen prematurely
send or accept unsolicited files a Trojan may do nasty things to your computer
mass-invite strangers to your channel it is annoying; you will be ignored, kicked, banned, killed and/or K-lined
output junk such as the Microsoft Chat Appears as lines, the lame Showdown advertisements or the large trout in mIRC nobody likes it; you may be kicked and/or banned
pester other users for personal information such as age, sex or location it is an invasion of privacy; use the WHOIS command instead. Of course, you may introduce yourself if you want to, and the other person will do the same if he wants to

Quitting IRC

How do I log off IRC?

Use the command QUIT, followed by an optional goodbye message, e.g. /QUIT See you all tomorrow.

Is someone really trying to kill me?

Sometimes a server may forcibly disconnect you from IRC, i.e. ‘kill’ your connection. IRC operators and server administrators can issue kill messages to get rid of abusive users. Most kills, however, are automatically generated server kills, due to nickname collisions or similar network problems. The kill notice should explain the reason for the kill.

Not nearly all involuntary disconnections are due to kills. Unless your client shows you a kill message, the disconnection was probably due to some other reason, such as flooding, not responding to a PING, or a network problem.

17 February 2017

Blacklisted!

Because of spam and other forms of network abuse, access to network services – such as mail exchangers – is restricted more and more often. This document provides advice for administrators whose networks or servers have been ‘blacklisted’.

The basics

You cannot bully people into accepting your traffic

The Internet consists of a large number of individual networks. Most of these networks are privately owned. Whenever a network whose operations someone else pays for agrees to receive traffic that you send, it is extending hospitality that it may revoke without notice. In most cases, you have no means to force a network to accept email or any other traffic from your network.

(A pointy-haired person once commented, in disbelief, ‘But that would be anarchy!’ – Not far from the head of the nail, although ‘democracy’ probably would be an even better description of the distributed nature of Internet governance.)

Issuing demands when blocked is probably the worst thing you can do to your own connectivity. Distributed block lists are protected through freedom of speech, and their operators are often highly regarded by the Internet community they serve. In addition, administrators have a duty to protect their resources, so they are usually very serious about their right to restrict access. Picking a fight with block list operators – especially issuing any threat of legal action – over your listing is therefore likely to swiftly place your networks in an indefinite number of static access lists all over the globe (yes, that is a lot of jurisdictions) for a long time.

Natural selection applies to block lists. If using a list does not produce good results, not many people will use it. Conversely, the lists that survive are likely to be both effective and esteemed.

Understanding block lists

  • Local lists are typically static access list files used on one site or within one organization.
  • Distributed lists, such as SBL and SORBS, are available to the public (perhaps for a fee), usually through the DNS. Mail servers typically query distributed lists dynamically rather than store a local copy of the entire list.

If you are dealing with a distributed block list, be sure to understand the difference between these roles:

  • the list operator who has added you to their list;
  • the party who is using the list on their networks and/or servers.

Adding a network to a distributed list is merely an informational service that by itself does not affect the traffic of the listed party. Any decision to actually block or otherwise influence traffic to a site is up to an administrator at that site. In other words, the block list operator only runs a list – whether and how to use that list is up to individual network administrators.

Being blacklisted does not necessarily mean that someone considers your network or domain abusive. As an example, mail server administrators often use block lists to deny dial-up and DSL users SMTP access, encouraging such users to send their mail through their providers’ so-called smart hosts instead. Some lists seek to list all networks assigned to certain countries, so that a provider can enforce a policy of not accepting mail sent from or through those countries.

Anyone can create a blacklist, but a listing cannot affect your outgoing email unless the list is actually used on the mail server of your recipient. Do not worry just because you have found your IP address listed on some unorthodox blacklist few mail administrators are likely to use.

(Although the terms block list and blacklisting are effectively established, and therefore used in this document, they are technically incorrect. Administrators may also use distributed lists for other purposes than actually blocking traffic; spam filters often use them merely to tag email Subject: lines, and at least theoretically, blacklists could even be used to favour the listed parties.)

Things you can do to help prevent listings

  • Do not allow anyone or anything to send spam from your networks.
  • Do not host any kind of spam support services, such as
    • websites that are advertised through spam (directly or indirectly);
    • ‘drop boxes’ for replies to spam;
    • DNS service for spammers;
    • payment processing services for products that are advertised through spam;
    • spam tools, such as web pages marketing ‘millions of email addresses’.
  • Ensure that all your servers, workstations and other devices are secure. No spam bots, open SMTP relays, open proxy servers or similar abuse intermediaries may exist.
  • Operate abuse and postmaster email addresses. Consider registering with abuse.net and creating an ISP account with SpamCop.
  • Ensure that adequate contact information (most importantly organisation and person names, email addresses and telephone as well as fax numbers) for all your domains and networks is available through the relevant Whois services.
  • Publish an adequate, detailed and binding acceptable-use policy. Focus on preventing abuse.
  • If your preventative measures fail: act upon legitimate problem reports and consider publishing your actions.
  • Ensure that all your mail exchanges accept empty return path (MAIL From: <>) delivery status notifications.
  • Avoid bad neighbourhoods. If your providers are ignorant or downright abuse-friendly, their reputation is likely to trickle down to you.

Steps to take if you find yourself listed

As discussed above, never threaten legal action over blacklisting issues.

  1. Find out how you are being blocked

    There is no single universal Internet block list. Pay attention to the error messages you have received. If there are references to a distributed block list, note them.

    You can also try looking up your domains and networks on major block lists. There are websites that allow you to query many lists at once. Note that you might be on several different lists, maybe even for several different reasons.

    You can usually query distributed lists by using a DNS resolver and appending the lookup key (in the case of an IP address, in reverse order) to the zone name. The existence of any A record indicates a positive result. For example, if the IP address 192.0.2.2 were listed on relays.dnsbl.example, the query dig 2.2.0.192.relays.dnsbl.example might yield 2.2.0.192.relays.dnsbl.example. 300 IN A 127.0.0.2. In order to differentiate between reasons for listing, the list might also use 127.0.0.3, 127.0.0.4 and so on. An NXDOMAIN reply would instead indicate that 192.0.2.2 was not listed.

    If you do not find yourself listed on any of the distributed block lists, you will have to assume for now that a local access list is blocking your traffic. Most of this document still applies.

  2. Find out why you are being blocked

    Sometimes an error message (or, in the case of distributed lists, a TXT record) will state the reason for the block. Distributed block lists often run informative websites providing answers to frequently asked questions. Even if you have been blocked only locally, the organisation blocking your traffic might have a web page explaining their policy, possibly even displaying their current block lists.

    If you cannot find any reason as to why you are being blocked, you may have to contact the blocking site at this stage already.

  3. Remove the problem, if possible

    Fixing the problem that has earned you a listing may be as easy as pulling the plug on a spam relay, or as complicated as implementing and enforcing new terms of service. Be as thorough as possible; do your best to make sure the problem is gone and cannot resurface.

    In some cases, you might conclude that the reason for the listing is impossible to remove. For example, you might be unable to relocate to a different country in order to evade a country-based listing. It may prove useful to contact (such as by telephone or fax) the party who is blocking you, and ask them to ‘whitelist’ you. Think very carefully before attempting to circumvent a listing; if a recipient does not want your traffic, they are also likely to block any alternative routes you might find, and you may be blamed for the damage this causes other users.

  4. Request removal, if appropriate

    Many block lists have automated interfaces, such as web forms, for requests regarding removal of list entries. Always try to comply with the procedures set out by the list operator. If you need to phrase your request, be polite. Most operators are eager to keep their lists up to date, but it is human to prioritise courteous requests over hate mail.

    Whenever you contact someone – whether in public or in private – over a listing, be specific. Someone who does not know which list and which networks or domains you are referring to would find phrases such as ‘please remove me’ or ‘why am I blocked?’ quite meaningless. Something like ‘the open relay at 192.0.2.2 has now been secured; please consider removing 2.2.0.192.relays.dnsbl.example’ would be much better.

    If your entire provider – or, indeed, one of their providers – is being blocked, removal is likely to require efforts by them. In such a case, avoid bothering the list operator; direct your efforts at your own provider instead.

    Not all lists accept removal requests. Others implement a waiting period: as an example, if an IP address has been listed for one month, the listing might be removed only after no more abuse from that address has been seen for another month; listed for a year, no more abuse for a year, and so on.

    Do not post removal requests to newsgroups. In particular, do not post APEWS removal requests to news.admin.net-abuse.email. Doing so will only worsen your situation.

  5. If unsuccessful, contact the recipient

    You may find your removal request denied. In such a case, the senders should contact their intended recipients, for example by telephone or fax, to request a so-called whitelisting: an exception that will allow certain mail through irrespective of any block list entries. If the recipients do want mail from your users, blocking it makes no sense.

  6. Should you try to circumvent the problem?

    Some providers offer authenticated SMTP as a standalone service allowing you to route your outgoing messages through a provider that is not your ISP. Such a solution can be particularly useful if you are innocently listed over abuse committed by other customers of your ISP or by your ISP itself. Your travelling users would probably also benefit.

    However, if you have been listed due to action or neglect on your own part, any new networks you manage to use are likely to be listed as well. Instead of building a name for yourself as a hopeless abuser, tackle the issues that caused your listing. If you need professional advice, seek it.

16 February 2017

Recovering missing or corrupted files

Are you suddenly unable to read an important file from a hard disk, a memory card, a tape or some other medium? Backups are nonexistent or do not work? Help is available.

Shut down the system

The surest way to prevent further damage is shutting down the system abruptly, such as by unplugging a desktop computer from the mains or removing the battery from a notebook computer. In normal usage, shutting down the computer cleanly (for example, through the Start menu in Microsoft Windows) is important so that the operating system can write certain information to the hard disk. However, in case of data loss, it is safer to avoid those writing operations.

In short: the less you try to operate a logically or physically damaged disk or other medium, the better. Additionally, making notes of what happened, as well as of your own actions, may prove useful should you later need to consult a recovery specialist.

Types of damage

Logical errors

These problems are typically caused by careless use or by defective or malicious software. The disk or other medium is not physically damaged, but one or more files cannot be found or opened. They may have been deleted entirely or in part, or there may be an error in a file table, an allocation table or similar metadata.

Logical errors can often be repaired using special software tools. This avoids invasive action such as opening the casing of a hard disk drive. However, you should only use a high quality software tool that is designed for the kind of situation in which you are. Any failed attempt is likely to make the problem worse and may make recovery more expensive.

Physical damage

If the medium is physically damaged, such as by wear, impact, water, electricity or fire, recovery will probably require the data to be lifted off the damaged medium in a laboratory environment. Do not try to use software tools. At best, they will have no effect; at worst, they will worsen the damage.

How to proceed

Contact a provider such as Ibas Kroll Ontrack; they can help you decide on the most cost-efficient course of action.

The following details may help them assess the situation.

  • Type of device (camera, telephone, notebook, desktop, server…)
  • Operating system (macOS, Windows, Linux…) and version
  • Medium information
    • Type of medium (memory card, hard disk drive, RAIDDVD…)
    • Manufacturer and model
    • Quantity, size, capacity, partitioning and file-system (APFS, NTFS, FAT…)
  • Problem description
    • What happened? How did you notice the problem?
    • If an external cause (transport, lightning, fire…) was involved, please describe it
    • What was done after the problem began? Please describe all actions taken
  • Data missing
    • Directory and file names
    • Type, size and quantity of files
    • Is the data encrypted? If yes, please specify how
  • Delivery deadline, if any
  • Your name, organization, email address, postal address, telephone number and fax number

Comparing costs

For your own use in weighing up your options, you should estimate the costs involved with rebuilding the data as well as with abandoning it. Comparing these expenses with those for recovery will help you make cost-effective choices.

Rebuilding refers to work such as re-entering the information from paper documents. The costs of abandoning the data may include, for instance, giving up receivables that due to loss of billing data cannot be invoiced.

An ounce of prevention

Implementing an efficient backup strategy will minimise your likelihood of ever having to recover data from a damaged medium. Here are a few points to keep in mind:

  • Backup media must be in perfect working condition.
  • Backups should be created daily at the least.
  • Restoration should be tested before an emergency arises.
  • Some backups should be stored off-site.

Also, remember to keep your backups secure; do not allow them to become an intruder's shortcut to the information in your data centre. However, if you decide to encrypt your backups, ensure that encryption does not prevent their intended use.

15 February 2017

How to test an IMAP server by using telnet

What you need

  • The host name of the IMAP server (for use in the telnet command)
  • The IMAP user name (for use in the LOGIN command)
  • The IMAP user’s password (for use in the LOGIN command)

Encryption

For added security, you can encrypt your IMAP connection. This requires that your server supports SSL or TLS and that you have access to an SSL/TLS client program, for example OpenSSL, to use instead of telnet.

As the port-number normally is 993, an example OpenSSL command would be openssl s_client -connect imap.example.com:993 -quiet. (If you would like to see the public key of the server, as well as some other encryption-related information, omit -quiet.) The server should then start an IMAP session, displaying a greeting such as the * OK Dovecot ready example below.

What to do

The initial telnet: > symbolises your shell prompt.

telnet: > telnet imap.example.com imap
telnet: Trying 192.0.2.2...
telnet: Connected to imap.example.com.
telnet: Escape character is '^]'.
server: * OK Dovecot ready.
client: a1 LOGIN MyUsername MyPassword
server: a1 OK Logged in.
client: a2 LIST "" "*"
server: * LIST (\HasNoChildren) "." "INBOX"
server: a2 OK List completed.
client: a3 EXAMINE INBOX
server: * FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
server: * OK [PERMANENTFLAGS ()] Read-only mailbox.
server: * 1 EXISTS
server: * 1 RECENT
server: * OK [UNSEEN 1] First unseen.
server: * OK [UIDVALIDITY 1257842737] UIDs valid
server: * OK [UIDNEXT 2] Predicted next UID
server: a3 OK [READ-ONLY] Select completed.
client: a4 FETCH 1 BODY[]
server: * 1 FETCH (BODY[] {405}
server: Return-Path: sender@example.com
server: Received: from client.example.com ([192.0.2.1])
server:         by mx1.example.com with ESMTP
server:         id <20170120203404.CCCC18555.mx1.example.com@client.example.com>
server:         for <recipient@example.com>; Fri, 20 Jan 2017 22:34:24 +0200
server: From: sender@example.com
server: Subject: Test message
server: To: recipient@example.com
server: Message-Id: <20170120203404.CCCC18555.mx1.example.com@client.example.com>
server: 
server: This is a test message.
server: )
server: a4 OK Fetch completed.
client: a5 LOGOUT
server: * BYE Logging out
server: a5 OK Logout completed.

14 February 2017

Tips for Exchange users

If you work in a Microsoft Exchange environment, the following tips will hopefully make life a little easier for you and your co-workers. The features I will mention are not exactly new, but my experience tells me most Exchange and Outlook users just have not found them yet.

When you request someone to perform a task, send a task request instead of a generic email message

The message will be immediately discernible as a task request, and the recipient will not need to create a task separately. For your slight effort, you will receive the option of receiving automatic updates.

When you request an appointment, send a meeting request

You can easily pick a time through using free/busy information and the AutoPick Next feature. The meeting will show up directly on the calendars of the attendees. Remember to book any other necessary resources, such as conference rooms and equipment, at the same time.

Recipients may easily inform third parties, such as assistants, of the meeting by using the Cc line when responding to the invitation.

If your message is not eternally valid, set its expiry date and time

When you write a message knowing that it will be meaningful only for a limited period, set it to expire at a suitable time. This is especially useful when using mailing lists where a proportion of recipients are likely to be on vacation.

A time machine (sort of) – how to edit or remove messages after sending them

Have you sometimes wished you still could edit a message you had already sent, or even delete it altogether? Well, Exchange and Outlook allow you to try. First recall the original message and then, optionally, replace it with an edited version.

Of course, this will not work all the time. Think of this method as a friendly way of keeping your messages up to date rather than as a possibility to pilfer mail from recipients’ inboxes.

Mark your private contacts as private and share your non-private contacts

This is much more elegant than manually responding to requests for contact information.

Automatically request delivery and read receipts for every message you send

Also automatically filter those receipts to a subfolder. – The point has been made that requesting read receipts might be considered antisocial. Still, a situation may arise in which when you will want to confirm that a recipient has read your message. Better safe than sorry!

Create short messages as signatures

If you often need to reply e.g. ‘Hello, and thank you for your message. I no longer do foo, but please call bar instead; here is the number’, save this message as a signature (and give it a descriptive name). Inserting the text into a message will then be extremely easy.

Use rules to filter incoming email

Your inbox should only contain mail you really need to read. Messages you would only archive anyway, such as automatic notifications you might need only at some point in the future, should be automatically filtered to a suitable folder.

Likely junk mail should go to the Junk E-mail folder, which you should look over once a day or so. Use the junk mail filter in Outlook, but also create your own filters to catch what the built-in filtering misses.

Automatically filter away messages written using unfamiliar character sets. As an example, most Western users will only need to accept Baltic, Central European, Latin 3, Latin 9, US ASCII and Western European. Anything in Arabic, Chinese Simplified and so on all the way to Vietnamese can be automatically filtered to the junk folder.

Archive instead of discarding

Never throw away anything but junk mail. You do not know which messages you will need to come back to a year or five years from now. Have AutoArchive move messages to a .pst file after e.g. two months.