Re: [spamdyke-users] growing number of tcpservers which eventually reaches the limit of tcpsessioncount
Erald Troja wrote: Hello all, We are using Hsphere control panel automation offered from Parallels with precompiled Qmail binaries. Our entry onto the spamdyke /etc/init.d/qmaild script which is currently running on a CentOS 4.6 is as follows. at the very top we define SPAMDYKE and it's configuration file SPAMDYKE=/usr/local/bin/spamdyke --config-file /etc/spamdyke/spamdyke.conf further down onto the start portion of /etc/init.d/qmaild we issue (all in one line) tcpserver -v $RRDNSKEY -R -c $TCP_SERVERS $IPLIMIT $RELAYCHKARG -u $USER_VPOPMAIL -g $GROUP_VCHKPW 0 smtp $SPAMDYKE $RBL qmail-smtpd vchkpw true cmd5checkpw true 21 | splogger smtpd Our Spamdyke configuration file is as follows. /etc/spamdyke/spamdyke.conf log-level=info graylist-level=always-create-dir graylist-dir=/var/tmp/spamdyke.graylist.d graylist-exception-ip-file=/etc/spamdyke/whitelist.conf graylist-min-secs=1200 graylist-max-secs=4322000 reject-unresolvable-rdns=true reject-empty-rdns=true Our maximum tcpsessioncount is set to 1000. This has been working fine for when our Qmail server was operating without Spamdyke. Recently we've hit the limit of tcpsessioncount twice. I've been monitoring the log files and this happens slowly but surely. I'd like to ask, why, and what can we do to prevent this and make it. Raising tcpsessioncount is an option, yet I believe we will slowly but surely reach the limit as well. Thank you. Try adding: idle-timeout-secs=660 to your configuration file. I'm betting that will fix you up. ;) See http://spamdyke.org/documentation/README.html#TIMEOUTS for details. -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] DKIM etc.
Hello, Sorry for butting in, but I'd like to give some of my thoughs too. I don't think Sam should invest time in an implementation of DKIM now, its just not the right time. As Eric said, its not yet a standard, so many mail administrators won't implement it for lack of support. Also, those links clearly demonstrate too few servers are using it to justify the need for it today and the ammount of work which I believe would take to implement it on spamdyke. Instead, if I had to choose, I'd choose SPF which is very popular nowadays compared to DomainKeys/DKIM. BUT! Qmail, specifically Plesk's qmail, already handles SPF checking, and does it well (aside the obvious non-existant logging feature). I believe Postfix/Sendmail also may have a good implementation of SPF already. And please don't misunderstand me, I'd really like to have DKIM support in spamdyke yes (the more features the merrier, and Sam's logging implementation are nothing short of shockingly amazing), just I'd put it in the later-than-sooner TODO list, like, for when about 15-20% of mailservers out there would be using DKIM. Arthur ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] DKIM etc.
Hi. I disagree about waiting for a certain (or uncertain) percentage of servers in a survey before implementing it though. This isn't a feature about convenience or annoyance, it's a feature that will probably have a big positive impact on some peoples lives. I think the fact that PayPal and eBay have already implemented it (months ago) is a strong indicator of its importance. I'd like to know which other major banking institutions have implemented it, but I don't. I expect that Chase and BofA will be doing so as soon as they can though (based on the phishing emails I've seen). Perhaps we can agree to disagree on this one. And like I said, I could be wrong (again). ;) Maybe I expressed myself incorrectly. Sure 15-20% is a wild guess of mine, who serves a not so critical slice of the market, and I try to keep things stable, avoiding adding too many tools that I don't consider essential. Surely big companies which work with any kind of eletronic commerce or online payment systems, like the ones you quoted, or any company that deals with money in a eletronic way, will always attemp to or implement these edge security enhancements, and well justified. But aside these cases, I hardly see a real purpose for the majority of small business people to enter this bloody jungle, other than for testing. In reality, I'm just ranting because I didn't see the major brazilian banks which also suffer from lots of of pishing, implementing these tools. Once they do (if the do), and depending on the speed they do, and also on the result of their work, that will surely have an impact on my business and consequentially on my decision of implementing it for myself. But one thing is for sure, either way, I (with the viewpoint of small business hosting provider) will refrain for now from implement anything like that unless someone puts up a nice tool with lots of log-spitting like what spamdyke does. :) Arthur ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] DKIM etc.
I did some Googling today and found this: http://www.phishtank.com/stats/2008/07/ Apparently, in July of this year, phishtank.com verified more phishing scams targeting PayPal than the rest of the top 10 targets combined. That pretty impressive, although I must take it with a grain of salt because I don't know anything about phishtank.com or how they collect their stats. Anecdotally, I personally see a lot of PayPal scam emails and SpamAssassin seems to catch all of them. However, most of my users are not technically literate, nor are they sufficiently skeptical when it comes to official-looking messages. Given the seriousness of falling victim to a phishing scam, I would love to block those messages entirely. If DKIM could stop them once and for all, it would be worth the effort. Here's another way to think about it: spamdyke already does pretty much everything _I_ need it to do. At this point, I continue working on it because it's a hobby and I enjoy it. So even though I have a prioritized TODO list, I'm willing to reshuffle it if even one person expresses a need/desire for something. That's why I'm working on recipient validation now -- it's not something I really need for myself but everyone was asking for it so... If there's a feature you'd rather see in spamdyke before DKIM, now's the time to speak up. :) -- Sam Clippinger Arthur Girardi wrote: Hi. I disagree about waiting for a certain (or uncertain) percentage of servers in a survey before implementing it though. This isn't a feature about convenience or annoyance, it's a feature that will probably have a big positive impact on some peoples lives. I think the fact that PayPal and eBay have already implemented it (months ago) is a strong indicator of its importance. I'd like to know which other major banking institutions have implemented it, but I don't. I expect that Chase and BofA will be doing so as soon as they can though (based on the phishing emails I've seen). Perhaps we can agree to disagree on this one. And like I said, I could be wrong (again). ;) Maybe I expressed myself incorrectly. Sure 15-20% is a wild guess of mine, who serves a not so critical slice of the market, and I try to keep things stable, avoiding adding too many tools that I don't consider essential. Surely big companies which work with any kind of eletronic commerce or online payment systems, like the ones you quoted, or any company that deals with money in a eletronic way, will always attemp to or implement these edge security enhancements, and well justified. But aside these cases, I hardly see a real purpose for the majority of small business people to enter this bloody jungle, other than for testing. In reality, I'm just ranting because I didn't see the major brazilian banks which also suffer from lots of of pishing, implementing these tools. Once they do (if the do), and depending on the speed they do, and also on the result of their work, that will surely have an impact on my business and consequentially on my decision of implementing it for myself. But one thing is for sure, either way, I (with the viewpoint of small business hosting provider) will refrain for now from implement anything like that unless someone puts up a nice tool with lots of log-spitting like what spamdyke does. :) Arthur ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users