More on IE8

IE8 May Not Pass the Acid2 Test After All

This basically states what I said about IE8 yesterday. The author of Acid2 made a post about this topic. He is very unhappy with the idea, and states several possible ways of handling the situation and the probable outcome of each.

Therefore I recommend not including the meta tag, or, if you are forced to include it, making sure it says “IE=7″, even once IE8 ships. This seems to me to be the best way to show your support for an open, interoperable Web on the long term.

Even if IE8′s rendering engine can properly handle all the stuff that Acid2 tests for, it might not end up working simply because IE8 will default to IE7-mode unless the special meta-tag is in the page. Based on Hixie’s comments, it’s pretty much guaranteed that the Acid2 page won’t include any special tags just for IE8. MS could put some tricks into IE8 to force it to use the new rendering engine when it encounters the Acid2 test, including hardcoding the URL and looking at a “fingerprint” of the page to see if it matches Acid2. However, these could be very easily worked around, by something as simple as hosting the page elsewhere or obfuscating the page in order to change its fingerprint. It would be pretty funny to watch MS trying to explain why it passes Acid2 on this site, but not on that site…

As stated before by myself, Hixie, Opera, Mozilla (continued), Webkit, and even WaSP members, this is not the way to fix the problem. Even Eric Meyer, who supports the IE versioning idea, spent an hour trying to convince a member of the IE team that the default should be “latest” rather than “IE7″ (which is the part I have a problem with). I plan to publish standards-compliant code (or at least make my best effort) and not include any extra special notes so that a single browser knows that I really, really, really mean what I wrote. If the new “standards-compliant” IE8 can’t handle that, then I guess it isn’t really standards-compliant.

IE8 – More of the same crap from Microsoft

Microsoft Confirms IE8 Has 3 Render Modes

The IEBlog has some info about IE8. It will be super-duper standards-compliant. If that page happens to have a special IE tag added to it.

Back in the day, there was this great idea to use the DOCTYPE to determine if the author actually knew their way around HTML, or if they were clueless. The idea was that the ones that used perfect code would have a proper DOCTYPE, so the browser would render the page in Standards mode. The ones that didn’t have a valid DOCTYPE (i.e. just “HTML”) would be rendered in Quirks mode, where the browser would be more lenient. Simple, effective plan.

However, in an effort to be standards-compliant, HTML generators and well-meaning people started using proper DOCTYPEs without using standards-compliant code. They told the browser to render it one way, but used code that would render a different way. In short, the pages are incorrect. Think of it as telling someone to use “Correct Math” mode instead of “One-Less Math” mode. When you say 3, it means 3. In One-Less mode, saying 3 meant 2. People put in the DOCTYPE for Correct Math mode, but still left One-Less code in there. That made things look screwy.

With IE8, Microsoft is continuing to improve standards support. It’s been reported that IE8 can even properly render ACID2. However, they’ve chosen to undo all their progress by having IE8 default to the old rendering engine, unless you add a specific meta tag to the header of your page. In order to get IE8 to use its most standards-compliant mode, you have to add a non-standard tag. Since there are so many pages that have the Standards mode DOCTYPE, but aren’t really standards-compliant (i.e. poorly coded sites), they’re cutting current Standards support in favor of old broken code.

Instead of forcing authors of old broken code to fix their stuff, Microsoft is forcing authors of new unbroken code to “fix” their stuff. They’re doing so by claiming that the DOCTYPE system is broken, and implementing a new version of the DOCTYPE system which will suffer the exact same issues when the next version comes out. The root cause of this issue is bad code and their system promotes it rather than doing anything to discourage it.

spamd FTW

A while back, I discovered spamd. It’s essentially a fake mailserver whose purpose is to tie up spammers. It throttles down the connection which makes the spammer wait a very long time to actually pass on their message. Once the spammer sends the email to spamd, it then responds to the spammer that there was a problem and to try again later.

It used to be that spammer programs didn’t retry in cases like that. They would just write it off as a failure and move on to the next target. People used this fact against spammers and graylisting was born. In general valid mailservers would retry and spammers wouldn’t, so the trick was just to have your mailserver tell everyone to try again. Valid mailservers would try again in a few minutes and the email would be delivered, while the spammers would simply give up. Email was delayed a few minutes, but it stopped a lot of spam.

In the continual cat and mouse game, spammers realized this and made their programs smarter. They made it so that their spam programs would also retry just like a real mailserver, getting around graylisting. However, that makes them even more vulnerable to spamd. After the spammer finally hands off his message to spamd, he’s told to try again later. Rather than giving up, the spam program tries again later, once again getting caught in the spamd trap.

Annoying spammers with pf and spamd explains how you can set up a pretty fancy system to cause questionable traffic to get routed into a spamd trap, while legitimate mailservers are allowed to deliver mail directly to you. Hitting back at spammers with OpenBSD and spamd is similar, but describes how to set up a blacklist-only spamd to trap connections made to a non-mailserver. You don’t use any filtering or classification, because it’s at an address that shouldn’t get any mail (therefore all connections are spam).

Anyway, spamd has been ported to FreeBSD. I have a FreeNAS box, which is a minimal version of FreeBSD. I was able to get spamd installed on my FreeNAS with those two pages, plus a little Googling. I have to say, it’s pretty neat. I’ll try to get a more complete tutorial up soon, so that others can do this as well. Rather than just neutralizing spam by filtering it, this actually hurts spammers by sucking up their time and keeping them from sending other spam. In the example above, a spammer spent over two hours trying to send a single email. For comparison, bulk emailers brag about being able to send hundreds of emails per minute (one program showed almost 1500 emails sent in 3 minutes). At 500 spams/minute, his spamd just stopped 60,000 spams.

Here is a video (4.4MB, codec) of just how long it takes to send an email to spamd. Because it throttles down the connection, spamd is never really dealing with much of a load. Despite putting a huge dent in the spamming operation, it won’t stress your system. If you have the means to run it, I suggest you do. For spam to stop, it must be made unprofitable. This is a great way to cut into spammer profits.