Become a fan of Slashdot on Facebook


Forgot your password?

Comment: Re:Brilliant idea (Score 1) 480

by rocca (#42634729) Attached to: Google Declares War On the Password

It's easy to remember 20+ web passwords if they mean something to you:

I Use Gmail For Sending Email = IUGFSE.

My Money Is Safe At Toronto Dominion Bank = MMISATDB.

I Love To Eat Pizza At Joe's Pizzeria = ILTEPAJP. ...add a sequence or some other memorable number, perhaps a standard special character as the 2nd or 3rd character, and capitalize the even, odd, or 4th and last characters or whatever makes sense to you and you end up with:


...easy to remember, and pretty strong passwords.

Comment: Re:Not much to do (Score 1) 459

by rocca (#35278478) Attached to: Ask Slashdot: Is There a War Against Small Mail Servers?

Really? From TFA: "We are singling out spammers on our network and blocking port 25," said Mitch Bowling, Comcast's vice president of operations. "We don't think it's the right approach to blanket port 25. The right approach is to seek out people who are spamming our network and others.", any spammers they find, instead of terminating the account they block port 25. Of course everyone else they don't 'find' can still spam away...

Comment: Re:Not much to do (Score 2) 459

by rocca (#35275902) Attached to: Ask Slashdot: Is There a War Against Small Mail Servers?

If you aren't able to get a proper reverse DNS entry for your public outbound mail server then you probably shouldn't be running one. If you have a real static IP (as opposed to "my IP doesn't seem to change") - then it shouldn't be a problem getting the DNS setup correctly.

To answer the original question about "what should you do", the answer is simple - if the ISP won't issue a PTR record because of the type of connection being used then the customer should smart-host their mail through the ISP mail servers to ensure global reachability. As you say, often the edge device is a swiss-army knife and in many cases the admin isn't competent enough to properly secure/maintain it. This is exactly what blocking outbound SMTP from dynamic space is meant to accomplish and I'm pleasantly surprised to hear that Comcast/Verizon have finally started to implement what every other responsible ISP has been doing for a decade.

Comment: Re:While I sorta agree with what the guy is saying (Score 1) 229

by rocca (#34108476) Attached to: Firesheep Author Reflects On Wild Week

To play devil's advocate using your example it'd be the same as selling "child poison" and saying there are plenty of other things you could do with it. :) I don't disagree with you that tools can be abused for non-intended purposes, but this software is being promoted for its intended purpose. The fix is stronger security protocols of course, but I couldn't resist the analogy - sorry.