Spam filtering on the lists (Re: *****SPAM***** (XXXX)XXXXXXXXXXXXXXXXXXXX XXXXXXXXXX...)
According to these headers contained in the message received from the list, SpamAssassin has correctly tagged it as Spam. So why was it forwarded anyway? X-Spam-Status: Yes, hits=11.4 required=4.7 tests=SUBJ_ALL_CAPS,JAVASCRIPT,MAILTO_LINK, CTYPE_JUST_HTML,FORGED_HOTMAIL_RCVD,SUBJ_FULL_OF_8BITS version=2.01 X-Spam-Flag: YES X-Spam-Checker-Version: SpamAssassin 2.01 (devel $Id: SpamAssassin.pm,v1.61 2002/01/25 04:41:02 jmason Exp $) X-Spam-Prev-Content-Type: text/html; charset=ks_c_5601-1987 X-Spam-Report: 11.44 hits, 4.7 required; * 0.7 -- Subject is all capitals * 3.0 -- BODY: JavaScript code * 0.8 -- BODY: Includes a URL link to send an email * 3.3 -- HTML-only mail, with no text version * 0.8 -- Forged hotmail.com 'Received:' header found * 2.8 -- Subject is full of 8-bit characters Nice illustration of the scoring method. That convinces me to try SpamAssassin. signature.asc Description: This is a digitally signed message part
Re: apache BASIC authentication w/large userbase
On Thu, Apr 04, 2002 at 01:07:37PM -0500, Jeff S Wheeler [EMAIL PROTECTED] wrote a message of 47 lines which said: LDAP resources or experience in-house, but honestly would like to move to it Not to discourage you but do not take that move lightly: LDAP is a huge and difficult beast. well. There seems to be a real lack of a good, thorough HOWTO though. Unfortunately, yes. Have I not looked in the right place? No, no, it is a really a problem. Is LDAP really the best tool here? Keep in mind hundreds of authen requests per second, I never benchmarked so many requests but other people seem to be happy about OpenLDAP speed. You'll probably have to set up a LDAP replica on the Web server itself. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Netscape Roaming Access
Hi all! Last time I have wrote: I've installed slapd 2.0.23-2 on linux debian with apt-get install. After that I edited the configuration files and a netscape-profile.schema. Then I edited entrys into the database with ou=People and ou=roaming. It works well. Subsequent I enable the Roaming Access for Netscape and set the server information. I selectet the items Bookmarks, Cookies, Mail Filters, Adress Book, user Preferences and History to transferred to the database. After I restarted Netscape Comunicator I login with my LDAP - Password but when I shutdown the comunicator, the database dosen't save my Bookmarks, Cookies, etc. Now I have unfixed my problem. I only install the slapd_2.0.14-1.1_i386.deb packet. Now it woks well and the database save my Bookmarks, Cookies, etc. But can me anyone say where the difference is between this two ( slapd_2.0.23-2 and slapd_2.0.14-1.1) versions? Thanks in advance, Tamara -- Tamara Wowczuk Global Information Services Steindamm 132, D-24145 Kiel Telefon +49 (0)431 7164191 Telefax +49 (0)431 7164192 E-mail [EMAIL PROTECTED] ___
Re: apache BASIC authentication w/large userbase
You might be interested in an article from IBM on non-stop authentication with Linux clusters where they use an LDAP server with replication on a second failover server and auto takeover in case of failure. http://www-1.ibm.com/servers/esdd/articles/linux_clust/index.html Cheers, Marcel --On Freitag, 5. April 2002 10:22 +0200 Stephane Bortzmeyer [EMAIL PROTECTED] wrote: On Thu, Apr 04, 2002 at 01:07:37PM -0500, Jeff S Wheeler [EMAIL PROTECTED] wrote a message of 47 lines which said: LDAP resources or experience in-house, but honestly would like to move to it Not to discourage you but do not take that move lightly: LDAP is a huge and difficult beast. well. There seems to be a real lack of a good, thorough HOWTO though. Unfortunately, yes. Have I not looked in the right place? No, no, it is a really a problem. Is LDAP really the best tool here? Keep in mind hundreds of authen requests per second, I never benchmarked so many requests but other people seem to be happy about OpenLDAP speed. You'll probably have to set up a LDAP replica on the Web server itself. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Marcel Hicking VIA NET.WORKS Deutschland GmbH Bismarckstrasse 120, D-47057 Duisburg Geschaeftsfuehrung: Ray D. Samuelson, Matt Nydell Amtsgericht Duisburg, HRB 7672 Phone: +49 203-3093 100, Fax:+49 203-3093 112 e-mail: [EMAIL PROTECTED] http://www.vianetworks.de/ Alle Angebote sind unverbindlich. Es gelten unsere Allgemeinen Geschaeftsbedingungen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GRE, VPN and suchlike
Hi Gregiore, Gregoire Hostettler wrote: Thank you, Brendan, This is a good starting point. But will this package implement GRE (port 47) ? Just because I need to install the Linmux box as a firewall. In fact it is already a fw. What I need is just to make VPN encapsulated packets to go through the firewall to the VPN server which is located in the inside LAN. If all you want to do is forward PPTP packets to an internal (public IP) PPTP VPN server that's easy. Under kernel 2.4: # For the initial PPTP authentication iptables -A INPUT -p TCP -s your VPN server --dport 1723 -j ACCEPT iptables -A INPUT -p TCP -d your VPN server --sport 1723 -j ACCEPT # Then for forwarding GRE iptables -A INPUT -p 47 -s your VPN server -j ACCEPT iptables -A INPUT -p 47 -d your VPN server -j ACCEPT If you want to masquerade PPTP packets to an internal (private IP) PPTP server then read this howto: http://www.linuxdoc.org/HOWTO/VPN-Masquerade-HOWTO.html However, this only covers kernels 2.0 and 2.2. I haven't tried doing this under 2.4 yet. And do I need samba ? I want to keep my Debian fw with as few daemons as possible, as you can guess ;-) You only need Samba if you want to provide Windows file and printer sharing on the firewall itself. PPTP does not require Samba. Anyway THANK YOU for your help ! No problems. Hope this helps! Brendan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Spam filtering on the lists
On Fri, 2002-04-05 at 10:13, Jean-Marc V. Liotier wrote: (Re: *SPAM* ()XX XX XX...) According to these headers contained in the message received from the list, SpamAssassin has correctly tagged it as Spam. So why was it forwarded anyway? Because it might not be spam, but only a false hit ?? Because blocking mail by the list could be considered some kind of sensorship ?? BTW, because you used multiple X's in 3 different words, your mail also scored 1.896 points for 'Uses words and phrases which indicate porn (3)'. This is not very much (and is compensated by using a In-Reply-To: header worth -5.029 points, so I did receive your message, but you get the idea :) I use spamassassin on my home and work mailservers (when I receive this message back from the mailinglist I know it has been checked 4 times by various spamassassins) and I really like it, but even spamassassin is not perfect enough to use it to really block mail. -- Tot ziens, Bart-Jan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Spam filtering on the lists
On Fri, 5 Apr 2002 15:09, Bart-Jan Vrielink wrote: According to these headers contained in the message received from the list, SpamAssassin has correctly tagged it as Spam. So why was it forwarded anyway? Because it might not be spam, but only a false hit ?? Because blocking mail by the list could be considered some kind of sensorship ?? Isn't sensorship the point of a spam sensor? hehe What's wrong with bouncing the message and asking the user to fix it before sending it again? -- If you send email to me or to a mailing list that I use which has 4 lines of legalistic junk at the end then you are specifically authorizing me to do whatever I wish with the message and all other messages from your domain, by posting the message you agree that your long legalistic sig is void. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GRE, VPN and suchlike
It was so simple ! Just use [iptables] ipchains to setup the rules and we have a nice passthrough ! THANKS a lot, everything works perfectly now ! Greg Hi Gregiore, Gregoire Hostettler wrote: Thank you, Brendan, This is a good starting point. But will this package implement GRE (port 47) ? Just because I need to install the Linmux box as a firewall. In fact it is already a fw. What I need is just to make VPN encapsulated packets to go through the firewall to the VPN server which is located in the inside LAN. If all you want to do is forward PPTP packets to an internal (public IP) PPTP VPN server that's easy. Under kernel 2.4: # For the initial PPTP authentication iptables -A INPUT -p TCP -s your VPN server --dport 1723 -j ACCEPT iptables -A INPUT -p TCP -d your VPN server --sport 1723 -j ACCEPT # Then for forwarding GRE iptables -A INPUT -p 47 -s your VPN server -j ACCEPT iptables -A INPUT -p 47 -d your VPN server -j ACCEPT If you want to masquerade PPTP packets to an internal (private IP) PPTP server then read this howto: http://www.linuxdoc.org/HOWTO/VPN-Masquerade-HOWTO.html However, this only covers kernels 2.0 and 2.2. I haven't tried doing this under 2.4 yet. And do I need samba ? I want to keep my Debian fw with as few daemons as possible, as you can guess ;-) You only need Samba if you want to provide Windows file and printer sharing on the firewall itself. PPTP does not require Samba. Anyway THANK YOU for your help ! No problems. Hope this helps! Brendan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Spam filtering on the lists
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Friday 05 April 2002 6:48 am, Russell Coker wrote: On Fri, 5 Apr 2002 15:09, Bart-Jan Vrielink wrote: According to these headers contained in the message received from the list, SpamAssassin has correctly tagged it as Spam. So why was it forwarded anyway? Because it might not be spam, but only a false hit ?? Because blocking mail by the list could be considered some kind of sensorship ?? Isn't sensorship the point of a spam sensor? hehe What's wrong with bouncing the message and asking the user to fix it before sending it again? I like the way it is, because it clearly marks what is (probably) spam, and all I have to do is put 1 rule in my mailer that moves everything with a subject containing **SPAM** to the trash. However, it relieves the burden on the mailist admins to clear out the inbox, and lets through messages that are legit but would otherwise get bounced (like the XXX example). Basically, this is the coolest approach I've seen a list take so far. Mad props to whoever came up with the idea! - -- D.A.Bishop -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8rcNfEHLN/FXAbC0RAjIKAKDu9CACY/Z6DHAcUKmg2tMQm/bEzwCfSrLL f/YY/SQ491ZCPLu8UTDVvFQ= =hgdW -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [HELP] RAID chunk-size - alternatives
On Friday, April 5, 2002, at 03:34 AM, Russell Coker wrote: Of course. As we all know SCSI cables never break. There must be something about the IDE command-set which causes copper wires to corrode. :-# (I know this is a joke, but) actually there is. IDE has a wonderful feature of only talking to one device per channel at a time. So if that device just happens to die, guess what happens :-( I've never seen SCSI cables corrode. I've never seen IDE ones fail to corrode, catch fire, and explode. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [HELP] RAID chunk-size - alternatives
On Fri, 5 Apr 2002 12:25, Anthony DeRobertis wrote: Of course. As we all know SCSI cables never break. There must be something about the IDE command-set which causes copper wires to corrode. :-# (I know this is a joke, but) actually there is. IDE has a wonderful feature of only talking to one device per channel at a time. So if that device just happens to die, guess what happens :-( The same result as SCSI termination problems, which sometimes don't appear until after months of use. -- If you send email to me or to a mailing list that I use which has 4 lines of legalistic junk at the end then you are specifically authorizing me to do whatever I wish with the message and all other messages from your domain, by posting the message you agree that your long legalistic sig is void. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]