NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.
ntp-4.2.8p15 was released on 23 June 2020. It addresses 1 medium-severity security issue in ntpd, and provides 13 non-security bugfixes over 4.2.8p13.
Are you using Autokey in production? If so, please contact Harlan - he's got some questions for you.
The NTP Project
uses the industry-standard Mailman
mailing list management software.
This software includes many features to help make it easier for users to subscribe and post to lists they want or to see messages from mailing lists they're interested in, for moderators to view incoming messages that are waiting to be posted to a mailing list, for administrators to monitor and manage existing mailing lists as well as create new ones, and for the list owners and site administrators to set very flexible policies and procedures for handling various different kinds of desirable or undesirable traffic. A longer list of features can be found at http://www.list.org/features.html
An index of our public mailing lists can be found at http://lists.ntp.org/
. All of these mailing lists have publicly accessible archives, which can be read by subscribers and non-subscribers alike, without any requirement to provide a login or password.
measures which are implemented on the ntp.org mail system are applied across the board before the messages are handed off to Mailman, where additional anti-spam or other controls may be implemented on either a site-wide or list-specific basis using internal Mailman-specific methods. This is a necessary side-effect of the only method supported by Mailman for integration with an Internet e-mail system. Some of the additional Mailman anti-spam measures include:
- For most mailing lists, posts from non-subscribers are held for moderation (by default)
- For certain specific mailing lists, posts from non-subscribers are rejected (by default)
- New subscribers are moderated by default
- Once the subscriber demonstrates that they are a human being and not a program, and that they are capable of posting messages that are at least minimally on-topic and not some form of spam, their "moderation bit" will be cleared, and they will be able to post messages in the future without going through the moderation system
- We make every effort to check the moderation queues for all mailing lists on a timely basis
- Usually at least once a day, sometimes twice a day or more
- For those messages which are rejected by the moderator, we try to provide a good explanation as to why it was rejected
- Once a message has entered a moderation queue, the sender will be sent a short message indicating this fact and providing more information that they may find useful, while they wait for action to be taken by a human moderator
- The system has built-in limits so that it does not send back more than a certain number of notices per day to the same address, so as to reduce the risk of our systems being used as a way of attacking someone else (see "Joe Job")
- Content types
- Most mailing lists are restricted to plain ASCII text
- Messages posted in HTML format will be converted to ASCII text before being posted to the list
- Cryptographic signatures of recognized types are considered to be approved content and allowed through
- Unapproved content types (i.e., most "attachments") will be stripped
- Message size
- Most mailing lists are relatively restricted in terms of the maximum size of message they will accept
- Messages that are larger than this limit will be placed in the moderation queue, and the sender will be notified
- Too many recipients
- If a message comes in that has been addressed to a large number of recipients (including one or more of the mailing lists), then it will be rejected or placed in the moderation queue, as appropriate for that particular list
- In this case, "large" usually means ten or more recipients listed in the "To:" or "Cc:" header fields
- Implicit addressing
- If a message is received that does not explicitly list the mailing list address as a recipient in either the "To:" or "Cc:" header fields, then it will be rejected or placed in the moderation queue, as appropriate for that particular list
- Whitelists & Blacklists
- Additional white or black lists are maintained and used within Mailman on a per-list basis
- Messages coming from an address on the white list will be allowed through without moderation, even if the sender is not a subscriber to the list
- Messages coming from an address on the black list will be rejected or discarded by Mailman, according to the list configuration
- Additional anti-spam rules may be applied (see the Mailman documentation)
Note that all mailing lists at this site are operated on an opt-in basis only. We work very hard to keep spam from getting into the system from the outside world, and we work very hard to keep our mailing lists from being used to abuse or spam others.
Please contact our Postmaster Services Team
if you have any further questions regarding any mailing list hosted at our site.
- 21 Dec 2007