Re: Whitelists, not directly useful to spamassassin...

[Per Jessen]

Warren Togami wrote:

 https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6247#c49
 https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6247#c51
 It turns out that the ReturnPath and DNSWL whitelists have a
 statistically insignificant impact on spamassassin's ability to
 determine ham vs. spam.  Meanwhile, both whitelists have high levels
 of accuracy.
 
 How can both of these statements be true?  I suspect this is because
 the scores are balanced by the rescoring algorithm to be safe in the
 majority case where no whitelist rule has triggered.  Thus whitelists
 are not needed or relied upon to prevent false positive
 classification.

I concur, that is what my analysis of HABEAS hits over the last four
months showed too. 


/Per Jessen, Zürich

Re: OT: Museum piece...

[Timo Schoeler]

thus Charles Gregory spake:

On Wed, 16 Dec 2009, Ted Mittelstaedt wrote:

Those were the days.  A few poke and peek commands, 15 minutes
waiting for the cassette tape to load the pirated game...


Biggest thrill for me was reverse-egineering the 'fast loader' code in 
one of the games so that I could create my own TSR that would allow me 
to load *any* game from the floppy drive using fast synchronous 
transfer.


I remember to run some app on my C64 (there was a 1541-II atached to it, 
as well as a 1581 -- but the 1541-II is the device that came into play) 
that used the floppy's CPU and RAM as a second node. MPP for crunching 
fractals, in the 80s, at home! :D



Sigh.

(So, so seriously OT here. Better stop this now LOL)

- C


Timo

Re: Reminder:: 3.3.0 pre-release cut: December 17th

[Kai Schaetzl]

Warren Togami wrote on Wed, 16 Dec 2009 18:12:05 -0500:

 All bugs targeted for 3.3.0.

When reviewing this list and playing around I found that there are 22 bugs 
for milestone 3.2.6. Shouldn't these get reviewed and promoted to 3.3.0 if 
still valid?

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com

Re: OT: Museum piece...

[Martin Gregorie]

On Wed, 2009-12-16 at 21:20 -0500, Gene Heskett wrote:
 No cpm here, but what was once os-9, now nitros-9 because we changed the cpu 
 to a hitachi 6309, cmos  smarter, then re-wrote os-9.  Both levels.
 
No CP/M here either, but I have a working Flex 09 relic - MC6809 with
parallel connected ASCII keyboard (remember them?) and a stack of 4
floppy drives, with all drivers and boot strap in my own re-engineered
ROM monitor.

I still run OS-9/68K v2.4 on a 68020 (Peripheral Technology hardware).
This is run almost daily with access over my LAN via ssh access to a
copy of Kermit and a serial port on the physically nearest Linux box. 
 

Martin

Re: Reminder:: 3.3.0 pre-release cut: December 17th

[Mark Martinec]

On Thursday December 17 2009 12:49:25 Kai Schaetzl wrote:
 When reviewing this list and playing around I found that there are 22 bugs
 for milestone 3.2.6. Shouldn't these get reviewed and promoted to 3.3.0 if
 still valid?

What usually happens is that a bug was fixed in trunk (3.3),
but then (if it seemed important and not too difficult to mend)
targeted for 3.2.6 just in case this release ever happens.

If one can find any bugs targeted for 3.2.6 but not yet fixed in 3.3,
please promote or copy them to a 3.3 target.

  Mark

Re: Museum piece...

[Martin Gregorie]

On Wed, 2009-12-16 at 18:27 -0800, Marc Perkel wrote:
 
 jdow wrote:
  From: Charles Gregory cgreg...@hwcn.org
  Sent: Wednesday, 2009/December/16 07:49
 
 
  On Tue, 15 Dec 2009, Chris Hoogendyk wrote:
  Marc Perkel wrote:
   http://www.vintage-computer.com/asr33.shtml
  There was actually a time when I had one of those in my house.
 
  For your amusement:
 
  I still have my old Commodore 64 and 1541 drive sitting in the basement.
 
  One year my daughter's school had a project to construct exhibits for 
  a show called 'working class treasures' for the local Worker's 
  Heritage Museum. The idea was to put on display 'precious' possesions 
  from their parents' childhood. Baseballs, old toys, favorite tools, 
  whatever.
 
  Well, the only thing I had of any 'meaning' to me was my C-64. So she 
  put that in her exhibit.
 
  So yes, my Commodore 64 has actually been displayed in a museum.
  Not just figuratively, but *literally* a 'museum piece'. :)
 
 
  How many do you want? I believe Loren might still have several.
 
  {O.O}
 
 
 I don't know if anyone still remembers this but this is what I had for 
 my first computer back on 1979.
 
 http://www.scotthodson.com/blog/wp-content/uploads/2007/08/imsai8080.jpg
 
 IMSAI 8080 - except I had a Z80 board for it.
 
War Games anybody? I remember The Kid had an IMSAI 8080 and, judging
by the flashing lights, it was faster than the SAC's supercomputer by
several orders of magnitude.


Martin

Re: Sharing and merging bayes data?

[Thomas Harold]

On 12/17/2009 2:50 AM, Rajkumar S wrote:

Hello,

I have 2 SA servers running for a single domain. Both were primed with
a set of 200 spam and ham messages are are now auto learning. After
about a day both have auto learned different numbers of ham and spam
mails. Is it possible to merge the bayes data every night and update
both servers with new merged data?



I'm not sure about the merging, but why would you not be using a SQL 
server back-end database for storing the bayes information.  Then both 
servers could reference and update the same data set.

Re: Sharing and merging bayes data?

[Matt Kettler]

On 12/17/2009 2:50 AM, Rajkumar S wrote:
 Hello,

 I have 2 SA servers running for a single domain. Both were primed with
 a set of 200 spam and ham messages are are now auto learning. After
 about a day both have auto learned different numbers of ham and spam
 mails. Is it possible to merge the bayes data every night and update
 both servers with new merged data?

 with regards,

 raj

   

No.. If you're using file-based bayes, there's no good way to share
updates between one DB and the other. The information needed to make
such a merger successful isn't stored, because it is not needed for any
reason within SpamAssassin. The database merely stores the token, it's
spam count, it's nonspam count, and a last-seen timestamp. If you look
at the same token in 2 different databases, you can't really merge these
counts, because you don't know how many occurred since your last merge.

 If you really want common bayes data between two servers, you should
configure bayes to use a SQL server (MySQL, etc) and point both
SpamAssassin configurations to the same database. This also has the
benefit that both servers are continuously in-sync.

OT Re: Museum piece...

[Michael Scheidell]

On 12/17/09 8:56 AM, Kevin Golding wrote:


I think I still have a Model B in the loft somewhere...

Kevin
   
I had an ASR 33 teletype with an Anderson Jacobs 110 baud coupler.  We 
dialed into an 800 number owned by tymenet (an X.25 pad).
had to hit the ^p on the keyboard after it stopped screaming into the 
coupler.


it took ATT (in 1970) two months to engineer a phone line from the CO 
that would stand up to the rigors of 110 baud.
(and I might have been the one to have written one of the original ST 
games.  I still have the paper tape and printout of the source)


It started its life on an SDS940 somewhere in Texas, running 'UBASIC'  
(university of maryland basic).


Ended up on a Sperry Univac that was jointly owned by Florida Atlantic 
University and Florida International University.
I used to skip class (11th grade in high school) to hang out in the 
basement of the FAU admin building and work on the program.


new 'glass tubes' came in.  we convinced the computer science majors 
that 'CRT' meant 'Computer Readout Tube'.  and, yes, the two most 
popular programs that ran on the new 'calcom plotter' were a pinup of 
marilyn monroe and lucy (pregnant) yelling 'You blockhead charlie brown')


--
Michael Scheidell, CTO
Phone: 561-999-5000, x 1259
 *| *SECNAP Network Security Corporation

   * Certified SNORT Integrator
   * 2008-9 Hot Company Award Winner, World Executive Alliance
   * Five-Star Partner Program 2009, VARBusiness
   * Best Anti-Spam Product 2008, Network Products Guide
   * King of Spam Filters, SC Magazine 2008

_
This email has been scanned and certified safe by SpammerTrap(r). 
For Information please see http://www.spammertrap.com

_

Re: Sharing and merging bayes data?

[Michael Scheidell]

On 12/17/09 2:50 AM, Rajkumar S wrote:

Hello,

I have 2 SA servers running for a single domain. Both were primed with
a set of 200 spam and ham messages are are now auto learning. After
about a day both have auto learned different numbers of ham and spam
mails. Is it possible to merge the bayes data every night and update
both servers with new merged data?

with regards,

raj
   
One option, since 'mx2' version of bayes is heavily weighted towards 
'spam', is, just nightly, stop spamd, backup bayes from mx1, and restore 
to mx2.

(and its a lot easier if you use bayes).

or, as one posted suggested, use one single mysql database.  its faster 
and more stable.

(mark:
_
This email has been scanned and certified safe by SpammerTrap(r). 
For Information please see http://www.spammertrap.com

_

Re: Sharing and merging bayes data?

[Rajkumar S]

On Thu, Dec 17, 2009 at 7:44 PM, Michael Scheidell list-s...@secnap.com wrote:
 or, as one posted suggested, use one single mysql database.  its faster and
 more stable.

Thanks every one, mysql is the way to go.

raj

Re: Sharing and merging bayes data?

[Ned Slider]

On 12/17/2009 02:14 PM, Michael Scheidell wrote:

On 12/17/09 2:50 AM, Rajkumar S wrote:

Hello,

I have 2 SA servers running for a single domain. Both were primed with
a set of 200 spam and ham messages are are now auto learning. After
about a day both have auto learned different numbers of ham and spam
mails. Is it possible to merge the bayes data every night and update
both servers with new merged data?

with regards,

raj

One option, since 'mx2' version of bayes is heavily weighted towards
'spam', is, just nightly, stop spamd, backup bayes from mx1, and restore
to mx2.
(and its a lot easier if you use bayes).

or, as one posted suggested, use one single mysql database. its faster
and more stable.


Or if you really don't want to use a single mysql database, yet another 
alternative might be to disable autolearning, and manually train both 
servers against shared folders for spam/ham run as a nightly cronjob.

Re: Site-wide Bayes

[RW]

On Wed, 16 Dec 2009 09:36:12 -0500
Michael Scheidell scheid...@secnap.net wrote:

 On 12/16/09 9:27 AM, Thomas Harold wrote:
  I'm guessing that you'd also want to change the autolearn
  thresholds to be stricter?  Like only auto-learning if it scores
  below -2 or above +10?
 
  (That might be an amavisd-new feature.)
 I still use 0, but have the high score at +15.

The default is 0.1 IIRC, and I wouldn't recommend setting it lower
without negative-scoring custom rules - it's set positive for good
reasons. 

BAYES and userconf whitelisting rules don't count for autolearning, so
if you set a negative threshold with the default rules, you rely on
DNS whitelisting to define ham - the likes of HABEOUS.

Setting it at exactly 0.0 is also problematical since the decision to
learn is commonly going to be determined by nominally scored rules that
score 0.001 and -0.001.

Re: Sharing and merging bayes data?

[RW]

On Thu, 17 Dec 2009 09:04:18 -0500
Matt Kettler mkettler...@verizon.net wrote:


 No.. If you're using file-based bayes, there's no good way to share
 updates between one DB and the other. The information needed to make
 such a merger successful isn't stored, because it is not needed for
 any reason within SpamAssassin. The database merely stores the token,
 it's spam count, it's nonspam count, and a last-seen timestamp. If
 you look at the same token in 2 different databases, you can't really
 merge these counts, because you don't know how many occurred since
 your last merge.

I'm not saying it's a good idea, but it is possible provided that you
retained the result of the previous merge. It should be simple to
script too.

Re: Whitelists, not directly useful to spamassassin...

[Jason Bertoch]

Warren Togami wrote:



While whitelists are not directly effective (statistically, when 
averaged across a large corpus), whitelists are powerful tools in 
indirect ways including:


* Pushing the score beyond the auto-learn threshold for things like 
Bayes to function without manual intervention.


This does not sound like a positive thing to me.  E-mail from any sender 
that is malformed enough to skip auto-learning should not be forced into 
Bayes as ham simply because some 3rd party promises, for their own 
monetary benefit, that the sender is a nice guy.  Why should any sender 
that I have not intentionally added to my local whitelist get a break?


I've had enough problems with DNSWL, HABEAS, and JMF that they have all 
been disabled here.  Unfortunately, that also means I have no recent 
data to add to the debate.  Although I believe that whitelists should be 
included in the default install for those that want them, I also believe 
they should be disabled by default so that an admin must knowingly 
enable them after reading the manual and considering the consequences.


The argument has also been made that whitelists should be included 
simply because blacklists are.  I think that argument is flawed. 
Blacklists are part of the spam fighting community while whitelists are 
part of the bulk delivery community.  Their goals and motives are 
completely different.  For one, blacklists will normally have evidence 
of abuse to support their listing.  Whitelists only have policies and 
promises.  Second, the scoring of whitelists is currently favored over 
blacklists, and will continue to be at the proposed settings for 3.3.0. 
 Why can a whitelist override the score of a blacklist when it is the 
blacklist that has evidence of abuse?



After reading up on Bug6247, I found that ReturnPath included 
interesting stats on their lists:


Certified
Active: 4407
Suspended: 1300
Total: 5707

Safe
Active: 6561
Suspended: 283
Total: 6844


The Certified list is supposedly difficult to get on so I'm not sure how 
to interpret these results.  Is 1/5 of the list suspended because of due 
diligence on the part of ReturnPath?  If so, how did they get certified 
in the first place?


If whitelists are to be enabled by default, I believe their score should 
be moved considerably more toward zero.


/Jason

OT Re: Museum piece...

[Steve Lindemann]

I think I still have a Model B in the loft somewhere...

Kevin
   


I've seen CP/M mentioned but no mention of the venerable Kaypro!  Oh 
those were the days  8^)


But my first digital computer (at work) was a Raytheon 703 with paper 
tape to load programs (after you fingered in the boot) and output was 
the lights on the front panel.  I also worked on analog computers for a 
number of years, it wasn't so much programming as re-engineering.  I 
actually do miss those days.

--
Steve Lindemann __
Network Administrator  //\\  ASCII Ribbon Campaign
Marmot Library Network, Inc.   \\//  against HTML/RTF email,
http://www.marmot.org  //\\  vCards  M$ attachments
+1.970.242.3331 x116

Re: Whitelists, not directly useful to spamassassin...

[Charles Gregory]

Thank you, Warren. That (finally) gives some real perspective to this 
mess, and gets some of the 'real' questions answered.


- C

On Wed, 16 Dec 2009, Warren Togami wrote:
I made a discovery today that surprised even myself.  Using the rescore 
masscheck and weekly masscheck logs while working on Bug #6247 I found some 
interesting details that throws a wrench into this lively debate.


https: //issues.apache.org/SpamAssassin/show_bug.cgi?id=6247#c49
https: //issues.apache.org/SpamAssassin/show_bug.cgi?id=6247#c51
It turns out that the ReturnPath and DNSWL whitelists have a statistically 
insignificant impact on spamassassin's ability to determine ham vs. spam. 
Meanwhile, both whitelists have high levels of accuracy.


How can both of these statements be true?  I suspect this is because the 
scores are balanced by the rescoring algorithm to be safe in the majority 
case where no whitelist rule has triggered.  Thus whitelists are not needed 
or relied upon to prevent false positive classification.


While whitelists are not directly effective (statistically, when averaged 
across a large corpus), whitelists are powerful tools in indirect ways 
including:


* Pushing the score beyond the auto-learn threshold for things like Bayes to 
function without manual intervention.
* The albeit controversial method where some automated spam trap blacklists 
use whitelists to help determine if they really should list an IP address.


https: //issues.apache.org/SpamAssassin/show_bug.cgi?id=6247
https: //issues.apache.org/SpamAssassin/show_bug.cgi?id=6251
spamassassin-3.3.0 has reduced the score impact of these whitelists to more 
modest levels, maxing out at -5 points.  -5 is PLENTY for spamassassin, as 5 
points is the level which the scoreset is tuned. Mail from a whitelisted host 
would need greater than 10 points to be blocked, which is statistically very 
rare for ham.  I believe that we are striking the right balance with these 
modest whitelist scores in this release.


That being said, whitelists should be constantly policed to maintain their 
reputation and trust levels.  For example, while I currently am impressed by 
DNSWL's performance, I am not pleased that they seem to lack automated 
trap-based enforcement.  Relying only on manual reports and manual 
intervention requires too much effort in the long-term for any organization, 
be it company or volunteer run.


Warren Togami
wtog...@redhat.com

Re: Cooperative data gathering project.

[Marc Perkel]

Jason Haar wrote:

On 12/17/2009 03:30 PM, Marc Perkel wrote:
Then the third filed is NONE. That's how I do it. But the idea is 
that any kind of daya can be collectively gathered and distributed.


Instead of a TCP channel (which means software), what about using DNS? 
If the SA clients did RBL lookups that contained the details as part 
of the query, then if your end parses DNS logs (I'm thinking djbdns, 
don't know about BIND), then you could extract the data yourself.


You could even introduce a token into the RBL to stop the bad guys 
corrupting your corpus (a problem you'll have to deal with anyway 
whatever the network mechanism).


e.g. (token == 834ufg754)

spam.1.2.3.4.834ufg754.newrbl.com
ham.5.6.7.8.834ufg754.newrbl.com

ie only the dns logs that contain valid tokens are legitimate



In this case the idea is to gather data in real time. So those who 
gather data need to be able to send the data to a central place that 
receives the data and then makes it available to everyone.

Re: Whitelists, not directly useful to spamassassin...

[Warren Togami]

On 12/17/2009 11:27 AM, Jason Bertoch wrote:


If whitelists are to be enabled by default, I believe their score should
be moved considerably more toward zero.

/Jason


I don't necessarily disagree with this desire, as now we know the 
whitelists actually are making almost zero difference to spamassassin's 
results.


We did at least reduce the scores from their default values that were in 
spamassassin-3.2.x as a reasonable compromise.


Warren

testing spamassassin,sa-learn not work

[Khanh Truong]

Hi,

I created a sample message, then tell spamassassin to learn it as spam
with the command
#sa-learn --spam spamtest.txt

then I tried the command
#spamc  spamtest.txt

but spamassassin still scored it as non-spam. Am I doing something
wrong? Please help!

Here is my spamtest.txt (based on GTUBE):

Subject: Test spam mail (GTOBE)
Message-ID: gtobe2.2020...@example.net
Date: Wed, 23 Jul 2003 23:30:00 +0200
From: Sender sen...@example.net
To: Recipient recipi...@example.net
Precedence: junk
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

rwo*moiseimfos.oiamf*ifomie*ioefs-fnoianee-fpqo-noi-afes-afesf*e.34rm
http://www.cometomystore.com

Re: [sa] Re: emailreg.org - tainted white list

[Charles Gregory]

On Thu, 17 Dec 2009, Yet Another Ninja wrote:

On 12/16/2009 6:16 PM, Charles Gregory wrote:

 On Wed, 16 Dec 2009, Yet Another Ninja wrote:
  blabber... checkout SVN - follow dev list... HABEAS is history...
 I believe the *point* here is that HABEAS is NOT 'history' for ordinary
 systems running ordinary sa-update on 3.2.5.


they can adjust scores if they don't approve of what has been delivered...


Agreed. But that does not make the statement HABEAS is history accurate 
in any way that is relevant to current sa-update..



 My rules (in /var/lib/spamassassin) still include the strong negative
 scores for HABEAS, as discussed here.
funny.. my rules show a 0 score for HABEAS stuff, same with all the other 
certification services  oh wait!! I adjusted the scores myself coz I didn't 
want them in my way.


Why don't you go one step further and just 'unsubscribe' from any spam you 
receive? If you want the ultimate in responsive after-the-spam-has-arrived 
customization, that's the way to go ;)


Oh. Sorry. Someimes the sarcasm gets away from me.

We are discussing the DEFAULT rules. The only way someone can tell me that 
HABEAS is history and have it apply to ME is if they have propogated a 
change through sa-update. They haven't. Your customizatino sounds a lot 
like mine. But just because you and I have solved our problems for *us* 
personally does not mean we can just forget about everyone else.


You're a Ninja, judging by your From header. You *must* be in this to 
improve things for everyone. I'm certainly not posting here just to hear 
myself talk. I can customize my server far faster (it's actually a daily 
routine) than I can type suggestions here. But I want this to work for 
everyone. And everyone is not on this list. So changing SA defaults is the 
best way to help everyone.


I don't have the 'budget' to just jump in and help code, so I make 
suggestions, with (I hope) the appropriate tone of respect for the people 
who *do* have the 'budget' to be working on improving SA. But this is NOT 
me whining about *my* problems. I don't have a problem with HABEAS. I 
occasionally notice their rule fire, but usually something else knocks 
out the spam anyways (shrug)


- C

Re: emailreg.org - tainted white list

[Charles Gregory]

On Wed, 16 Dec 2009, LuKreme wrote:

On 16-Dec-2009, at 16:11, Michael Hutchinson wrote:
So far only 1 person on this list has claimed to have been hit by Spam 
that has been let through by the Habeas rules in SA.
I'm the only one? Really? That doesn’t jibe with my memory, but I'm not 
scanning the entire list to prove you wrong.


No, no! I'm the one! (smile)

Though in fairness, I don't see a terrible problem with it. Just the 
occasional hit I would suspect a hacked server


- C

Re: OT Re: Museum piece...

[hchan]

re: CP/M

No S-100 bus systems mentioned yet?

My first home computer was a Godbout S-100 bus system running a dual 8085/8088 
CPU board. At that time, the future in operating systems was going to be CP/M 
86.

I decided it was time to upgrade when a computer store clerk was trying to tell 
me that there was no such thing as an 8 floppy disk...

-
Hoover Chanhc...@mail.ewind.com  -or-  hc...@well.com
Eastwind Associates
P.O. Box 16646 voice: 415-731-6019  -or-  415-565-8936
San Francisco, CA 94116

Re: testing spamassassin,sa-learn not work

[John Hardin]

On Thu, 17 Dec 2009, Khanh Truong wrote:

I created a sample message, then tell spamassassin to learn it as spam 
with the command

#sa-learn --spam spamtest.txt

then I tried the command
#spamc  spamtest.txt

but spamassassin still scored it as non-spam. Am I doing something
wrong? Please help!


Training a message as spam does not guarantee the next time the exact same 
message is seen that it will be scored as spam. It's not a poison pill 
tool.


Training a message as spam tells SA that messages that look similar to the 
trained messages will be scored more spammy than they otherwise would 
be. This may push the overall score past a threshold.


Three things you need to look at:

(1) Have you trained enough spam _and_ ham messages to give the bayes 
database enough to work with to make decisions? Run sa-learn --dump 
magic and verify that you have at least 200 spam _and_ 200 ham tokens.


(2) What was the bayes score on the message the first time you passed it 
through SA for scoring, _before_ using it for training?


(3) What was the bayes score on the message when you passed it through SA 
for scoring _after_ training?


--
 John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
 jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org
 key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
---
  Bother, said Pooh as he struggled with /etc/sendmail.cf, it never
  does quite what I want. I wish Christopher Robin was here.
   -- Peter da Silva in a.s.r
---
 8 days until Christmas

Re: OT Re: Museum piece...

[Charles Gregory]

On Thu, 17 Dec 2009, hc...@mail.ewind.com wrote:
I decided it was time to upgrade when a computer store clerk was trying 
to tell me that there was no such thing as an 8 floppy disk...


I wonder if IBM finally phased them out?
I still have a couple as souvenirs :)

- C

Re: OT Re: Museum piece...

[jdow]

From: Steve Lindemann st...@marmot.org
Sent: Thursday, 2009/December/17 08:30



I think I still have a Model B in the loft somewhere...

Kevin
   


I've seen CP/M mentioned but no mention of the venerable Kaypro!  Oh 
those were the days  8^)


Have one complete with the SASI hard disk.

{^_^}

Re: [sa] Re: habeas - tainted white list

[Christian Brel]

{side note}
Has anyone noticed how the thread 'emailreg.org - tainted white list'
has been left unchanged, despite the topic moving on to Habeas. Whilst
this is side splittingly funny if you do a search on emailreg.org and
see it in the archives, it's probably not fair to drag their name
through the mud when the topic has moved on?

I wonder how long the thread will be left at the new 're: habeas -
tainted white list'? How many will post using it? Or if those black
helicopters and MIB's will seek to put a stop to it?


-- 
This e-mail and any attachments may form pure opinion and may not have
any factual foundation. Please check any details provided to satisfy
yourself as to suitability or accuracy of any information provided.
Data Protection: Unless otherwise requested we may pass the information
you have provided to other partner organisations. 

Re: OT Re: Museum piece...

[jdow]

From: hc...@mail.ewind.com
Sent: Thursday, 2009/December/17 09:06



re: CP/M

No S-100 bus systems mentioned yet?


Processor Technology SOL-PC boosted to a higher speed (had to
reengineer timing on the board.) I also added a paddle board with S-100
slots on both sides. I was able to stick 5 S-100 cards into a remarkably
odd profile compared to other S-100 systems.

My first home computer was a Godbout S-100 bus system running a dual 
8085/8088 CPU board. At that time, the future in operating systems was 
going to be CP/M 86.


I also have a Godbout chassis and some of their CPU cards. I used them
as the basis for my paging hack.

I decided it was time to upgrade when a computer store clerk was trying to 
tell me that there was no such thing as an 8 floppy disk...


I decided to upgrade when Jay Miner's geniuses put together the Amiga
computer.

{^_^} 

Re: OT Re: Museum piece...

[John Hardin]

On Thu, 17 Dec 2009, Charles Gregory wrote:


On Thu, 17 Dec 2009, hc...@mail.ewind.com wrote:

 I decided it was time to upgrade when a computer store clerk was trying to
 tell me that there was no such thing as an 8 floppy disk...


I wonder if IBM finally phased them out?
I still have a couple as souvenirs :)


They're running about $9 each on EBay...

--
 John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
 jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org
 key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
---
  Bother, said Pooh as he struggled with /etc/sendmail.cf, it never
  does quite what I want. I wish Christopher Robin was here.
   -- Peter da Silva in a.s.r
---
 8 days until Christmas

Re: [sa] Re: habeas - tainted white list

[jdow]

From: Christian Brel brel.spamassassin091...@copperproductions.co.uk
Sent: Thursday, 2009/December/17 09:28



{side note}
Has anyone noticed how the thread 'emailreg.org - tainted white list'
has been left unchanged, despite the topic moving on to Habeas. Whilst
this is side splittingly funny if you do a search on emailreg.org and
see it in the archives, it's probably not fair to drag their name
through the mud when the topic has moved on?

I wonder how long the thread will be left at the new 're: habeas -
tainted white list'? How many will post using it? Or if those black
helicopters and MIB's will seek to put a stop to it?


I believe on the whole Warren Togami's posting about a whitelist
performance on a masscheck settles the affair. White lists are very
reliable. They are also very unnecessary within SpamAssassin. So
perhaps the whole topic can die.

I also note that the people complaining about the white lists seem
to leave out solid data. Were the spams really confirmed spams or
were they merely scored as spams? What scores hit that made them
score as spams? What kind of installation do you have? How many
emails a day are processed?

It's little details like that which prompt other people to look at
assertions somewhat askance or ignore them outright.

With my three personal accounts I have yet to see an email off this
list containing HABEAS, spam or ham, since this discussion began. I
guess I don't do business with HABEAS customers and no spammers have
pushed through anything from a HABEAS site. The mail volume is fairly
high (LKML and a couple other Linux lists). And the spam seems to be
suddenly up from 60-80 a day to the 90s/day. For those spammers who
are listening, I REALLY do not need Via-thingie-alis whether or not
it is from he Pf people. If I REALLY need to get it up I do a sexy
striptease or something like that. (The V thingie seems to be a new
feature of my spam bucket - 10 or more of them a day.)

{^_-}

Re: OT Re: Museum piece...

[jdow]

From: John Hardin jhar...@impsec.org
Sent: Thursday, 2009/December/17 09:35



On Thu, 17 Dec 2009, Charles Gregory wrote:


On Thu, 17 Dec 2009, hc...@mail.ewind.com wrote:
 I decided it was time to upgrade when a computer store clerk was trying 
to

 tell me that there was no such thing as an 8 floppy disk...


I wonder if IBM finally phased them out?
I still have a couple as souvenirs :)


They're running about $9 each on EBay...


Verified formatted or New Old Stock we don't have a way to check them?

(They seem to have held their value compared to the last pack of
Verbatims I bought. Alas, the oxide is probably flaking off.)

{^_-} 

sa-update 403 forbidden

[jidanni]

Sometimes sa-update works, sometimes one gets
http: GET http://daryl.dostech.ca/sa-update/asf/891585.tar.gz request failed: 
403 Forbidden:
You don't have permission to access /sa-update/asf/891585.tar.gz on this server.
Apache/2.2.3 (Fedora) Server at daryl.dostech.ca Port 80

I recommend that http://daryl.dostech.ca/ have an email address for
contact shown, so I can tell him directly the next time it happens.

Re: OT Re: Museum piece...

[Chris Hoogendyk]

Steve Lindemann wrote:

I think I still have a Model B in the loft somewhere...

Kevin
   


I've seen CP/M mentioned but no mention of the venerable Kaypro!  Oh 
those were the days  8^)


But my first digital computer (at work) was a Raytheon 703 with paper 
tape to load programs (after you fingered in the boot) and output was 
the lights on the front panel.  I also worked on analog computers for 
a number of years, it wasn't so much programming as re-engineering.  I 
actually do miss those days. 


A skilled practitioner could get 5 digits out of this baby: 
http://en.wikipedia.org/wiki/Slide_rule (I still have the yellow one). 
If you needed more rigorous but still relatively easy and quick, you 
would use this: http://ljkrakauer.com/CRC99ph/CRCbook.htm.


Later, there were Wang digital calculators 
(http://www.oldcalculatormuseum.com/wang362e.html - that one's actually 
newer, smaller  more feature rich) in the chem library with multiple 
keyboard/display units connected by serial cable so that several 
students could be using it at once. The thing is that all those extra 
digits were insignificant and had to be lopped off anyway. ;-)


Computers often encourage innumeracy 
(http://www.amazon.com/Innumeracy-Mathematical-Illiteracy-Its-Consequences/dp/0809074478/ref=tmm_hrd_title_0), 
and make us think we know more than we actually do. (That's quite a good 
book, by the way. If you like numbers/math, get it for yourself for 
Christmas or whatever you celebrate at this time of year.)



--
---

Chris Hoogendyk

-
  O__   Systems Administrator
 c/ /'_ --- Biology  Geology Departments
(*) \(*) -- 140 Morrill Science Center
~~ - University of Massachusetts, Amherst 


hoogen...@bio.umass.edu

--- 


Erdös 4

Re: sa-update 403 forbidden

[Daryl C. W. O'Shea]

On 17/12/2009 1:00 PM, jida...@jidanni.org wrote:
 Sometimes sa-update works, sometimes one gets
 http: GET http://daryl.dostech.ca/sa-update/asf/891585.tar.gz request failed: 
 403 Forbidden:
 You don't have permission to access /sa-update/asf/891585.tar.gz on this 
 server.
 Apache/2.2.3 (Fedora) Server at daryl.dostech.ca Port 80
 
 I recommend that http://daryl.dostech.ca/ have an email address for
 contact shown, so I can tell him directly the next time it happens.

Fixed.  Sorry.  I missed perms on a symlink target when I moved things
to a new server early early this morning.

Daryl

Re: OT Re: Museum piece...

[Gene Heskett]

On Thursday 17 December 2009, hc...@mail.ewind.com wrote:
re: CP/M

No S-100 bus systems mentioned yet?

Sorry, my omission.  The first gizmo I ever built, in 1979, was a Quest Super 
Elf, which has an expansion connector on its board that allowed an s-100 buss 
backplane to be plugged into it.  It had an RCA 1802 cpu, running at a 
whopping 1.79mhz, but its full machine cycle was 8 clocks.  I wrote, in hex 
by looking it up in the excellent rca programmers manual, entering it into 
memory from a hex monitor using a 6 digit led display, a program to take a 
finished tv commercial tape from the production guys, run the tape deck to 
search for and mark the first frame of video to see air, tell it how long the 
commercial was in time with 6 presets from 10s to 2m.  It would then back the 
machine up about 12 seconds, roll it fwd and enable the insert edit mode of 
the machine and lay a new, frame accurate 10 second academy countdown leader 
that I wrote the routine for and built the hardware to display it in 103 line 
high characters, disappearing at T-2.0 seconds, laying a trigger tone for the 
automatic station break machine at T-5.0 secs in the process, and continue to 
the end, laying another trigger tone on the 2nd audio channel 5 seconds from 
the last frame to air.

In use for a decade+ at KRCR in Redding CA where I was the ACE at the time.

I still have a paper copy of the program on one of the higher bookshelves 
above me.  And given enough time  access to graveyard  electronics, I could 
rebuild the cg and interface boards yet.  Simple stuff really, ran in about 
1200 bytes of the $400 4k static ram board I bought and built for it. Lots of 
it was lookup tables, at least 40% of the ram used, was used as lookup.  Self 
modifying code snippets scattered all thru it to conserve ram, designed in 
without ever having a clue as to how much ram it would take to do the job and 
I was surprised that it came in at the size it did.  And dead stable despite 
the self-modifying as it effectively rebooted itself at the end of every job.

It was a job humans were doing, and screwing up the timing of, and it saved a 
generation of dubbing loss, a very valuable feature in the days of u-matic 
tape machines being used in tv broadcasting.  Biggest problem was in getting 
the production people to leave me 15 seconds of good black in front of the 
commercial itself 

I love to remember, but really, this is off topic...

-- 
Cheers, Gene
There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order.
-Ed Howdershelt (Author)
The NRA is offering FREE Associate memberships to anyone who wants them.
https://www.nrahq.org/nrabonus/accept-membership.asp

The sooner you fall behind, the more time you have to catch up.

Re: sa-update 403 forbidden

[jidanni]

OK, thanks. I'd put some contact info on top of http://daryl.dostech.ca/,
above This blog is currently in a static state pending an upgrade
of WordPress, in case something breaks next time.

Re: sa-update 403 forbidden

[Daryl C. W. O'Shea]

On 17/12/2009 1:36 PM, jida...@jidanni.org wrote:
 OK, thanks. I'd put some contact info on top of http://daryl.dostech.ca/,
 above This blog is currently in a static state pending an upgrade
 of WordPress, in case something breaks next time.

I used to have that and I got about 100 messages a day asking for help
setting up sa-update.

Perhaps I'll try it again when I fix the website.

Daryl

Re: Whitelists, not directly useful to spamassassin...

[J.D. Falk]

Very interesting data indeed -- and a testament to the accuracy of the 
SpamAssassin rules weighting process.

On Dec 16, 2009, at 4:10 PM, Warren Togami wrote:

 While whitelists are not directly effective (statistically, when averaged 
 across a large corpus), whitelists are powerful tools in indirect ways 
 including:
 
 * Pushing the score beyond the auto-learn threshold for things like Bayes to 
 function without manual intervention.
 * The albeit controversial method where some automated spam trap blacklists 
 use whitelists to help determine if they really should list an IP address.

Another indirect benefit (according to other users of our whitelists) is that 
when they implement a new spam-blocking method, the whitelists serve as kind of 
a safety valve to let legitimate mail through even when the new rule turns out 
to have false positives.

Site-specific whitelists are important for this, too.

 That being said, whitelists should be constantly policed to maintain their 
 reputation and trust levels.

Agreed.

--
J.D. Falk jdf...@returnpath.net
Return Path Inc

Re: Cooperative data gathering project.

[Jason Haar]

On 12/18/2009 05:31 AM, Marc Perkel wrote:

 In this case the idea is to gather data in real time. So those who
 gather data need to be able to send the data to a central place that
 receives the data and then makes it available to everyone.

You've lost me there - DNS would allow you to do that. You run the DNS
server, SA does the queries, they get routed through the standard DNS
hierarchy, you get to see them (and respond), interpret and make that
data available via any mechanism you want - probably also via (a
different?) DNS. A short TTL would reduce lost data (in fact, the only
possible cached-caused data loss would be for duplicate queries from the
same SA instance)


-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

RE: [sa] Re: habeas - tainted white list

[R-Elists]

 I believe on the whole Warren Togami's posting about a 
 whitelist performance on a masscheck settles the affair. 
 White lists are very reliable. They are also very unnecessary 
 within SpamAssassin. So perhaps the whole topic can die.
 
 I also note that the people complaining about the white lists 
 seem to leave out solid data. Were the spams really 
 confirmed spams or were they merely scored as spams? What 
 scores hit that made them score as spams? What kind of 
 installation do you have? How many emails a day are processed?
 
 It's little details like that which prompt other people to 
 look at assertions somewhat askance or ignore them outright.
 
 With my three personal accounts I have yet to see an email 
 off this list containing HABEAS, spam or ham, since this 
 discussion began. I guess I don't do business with HABEAS 
 customers and no spammers have pushed through anything from a 
 HABEAS site. The mail volume is fairly high (LKML and a 
 couple other Linux lists). And the spam seems to be suddenly 
 up from 60-80 a day to the 90s/day. For those spammers who 
 are listening, I REALLY do not need Via-thingie-alis whether 
 or not it is from he Pf people. If I REALLY need to get it up 
 I do a sexy striptease or something like that. (The V thingie 
 seems to be a new feature of my spam bucket - 10 or more of 
 them a day.)
 
 {^_-}
 

JDow et al,

why do you say on the whole ? what is holding you back in your thinking
there?

...based upon Togami's data processing, the biggest thing that comes to mind
is this...

*IF* these or similar rulesets are not truly not making a difference one way
or the other, then why are they there?

why do we really need them or the other similar rulesets?

...and why should any rules such as these have a default SA installation
value other than zero and then educate admins in the documentation what to
do in regards to enabling and suggested scoring?

 - rh

Re: Whitelists in SA

[J.D. Falk]

On Dec 16, 2009, at 8:35 AM, LuKreme wrote:

 The fact is I *AM* their customer. The people writing them checks are not, 
 they're just their funders. Whitelist companies ha to convince admins to use 
 their list. The only way to do that is to have really really really high 
 quality lists that really do prevent spam delivery. If I don't use their 
 whitelist, and others don't use their whitelist, then their model falls apart 
 and they don't make money

Exactly what Return path has been saying (and acting upon) for years.

(We could debate whether Habeas followed that rule before we bought the 
company, but it's impolite to speak ill of the dead.)

 but no company is enlightened enough to realise this.

Heh.

--
J.D. Falk jdf...@returnpath.net
Return Path Inc

Re: emailreg.org - tainted white list

[J.D. Falk]

On Dec 16, 2009, at 8:11 AM, Christian Brel wrote:

 It's also fair to say any ESP such as Return Path taking money to
 deliver mail should be optimising it {or offering advice on
 optimisation) so it does *not* score high. Otherwise what are their
 customers paying them for?

Return Path is not an ESP by any of the common definitions.

http://en.wikipedia.org/wiki/ESP

(No wonder you're confused.)

--
J.D. Falk jdf...@returnpath.net
Return Path Inc

Re: habeas - tainted white list

[Christian Brel]

On Thu, 17 Dec 2009 12:21:37 -0700
J.D. Falk jdfalk-li...@cybernothing.org wrote:

 On Dec 16, 2009, at 8:11 AM, Christian Brel wrote:
 
  It's also fair to say any ESP such as Return Path taking money to
  deliver mail should be optimising it {or offering advice on
  optimisation) so it does *not* score high. Otherwise what are their
  customers paying them for?
 
 Return Path is not an ESP by any of the common definitions.
 
 http://en.wikipedia.org/wiki/ESP
 
 (No wonder you're confused.)
 
 --
 J.D. Falk jdf...@returnpath.net
 Return Path Inc
 
Would it be rude of me to ask how you make your money? Is it from the
provision and delivery of bulk commercial email or am I confused?


-- 
This e-mail and any attachments may form pure opinion and may not have
any factual foundation. Please check any details provided to satisfy
yourself as to suitability or accuracy of any information provided.
Data Protection: Unless otherwise requested we may pass the information
you have provided to other partner organisations. 

Re: OT Re: Museum piece...

[jdow]

From: Chris Hoogendyk hoogen...@bio.umass.edu
Sent: Thursday, 2009/December/17 10:07


Steve Lindemann wrote:

I think I still have a Model B in the loft somewhere...

Kevin
   


I've seen CP/M mentioned but no mention of the venerable Kaypro!  Oh 
those were the days  8^)


But my first digital computer (at work) was a Raytheon 703 with paper 
tape to load programs (after you fingered in the boot) and output was 
the lights on the front panel.  I also worked on analog computers for 
a number of years, it wasn't so much programming as re-engineering.  I 
actually do miss those days. 


A skilled practitioner could get 5 digits out of this baby: 
http://en.wikipedia.org/wiki/Slide_rule (I still have the yellow one). 
If you needed more rigorous but still relatively easy and quick, you 
would use this: http://ljkrakauer.com/CRC99ph/CRCbook.htm.


I still have my KE Log Log Duplex Decitrig. It still works. And it's
still aligned despite it's being bamboo.

Learning to calculate with slide rules is an important step to being
numerate. You can forget actually using the slide rule. But being able
to hammer out answers on it for complex problems leads to a really good
ability to estimate answers. That way when the nice digital CPU coughs
up a digital hairball answer to a problem you can see the error at a
glance.

{^_^}

Re: [sa] Re: habeas - tainted white list

[jdow]

From: R-Elists list...@abbacomm.net
Sent: Thursday, 2009/December/17 11:21



I believe on the whole Warren Togami's posting about a
whitelist performance on a masscheck settles the affair.
White lists are very reliable. They are also very unnecessary
within SpamAssassin. So perhaps the whole topic can die.

I also note that the people complaining about the white lists
seem to leave out solid data. Were the spams really
confirmed spams or were they merely scored as spams? What
scores hit that made them score as spams? What kind of
installation do you have? How many emails a day are processed?

It's little details like that which prompt other people to
look at assertions somewhat askance or ignore them outright.

With my three personal accounts I have yet to see an email
off this list containing HABEAS, spam or ham, since this
discussion began. I guess I don't do business with HABEAS
customers and no spammers have pushed through anything from a
HABEAS site. The mail volume is fairly high (LKML and a
couple other Linux lists). And the spam seems to be suddenly
up from 60-80 a day to the 90s/day. For those spammers who
are listening, I REALLY do not need Via-thingie-alis whether
or not it is from he Pf people. If I REALLY need to get it up
I do a sexy striptease or something like that. (The V thingie
seems to be a new feature of my spam bucket - 10 or more of
them a day.)

{^_-}



JDow et al,

why do you say on the whole ? what is holding you back in your thinking
there?

...based upon Togami's data processing, the biggest thing that comes to 
mind

is this...

*IF* these or similar rulesets are not truly not making a difference one 
way

or the other, then why are they there?

why do we really need them or the other similar rulesets?

...and why should any rules such as these have a default SA installation
value other than zero and then educate admins in the documentation what 
to

do in regards to enabling and suggested scoring?


I read Warren's note to indicate their scores were being made sensible
in line with what the masscheck indicates. If they are 100% effective and
only 1% needed the score would be very low despite the accuracy. That makes
sense as a starting point. Then it's up to the administrators to put in
their custom rules to account for effects like one person's spam is
another person's ham, and I don't want to bother to unsubscribe, I'll
just declare this list spam.

The tools might be good as an SMTP transaction time test, though. Use a
positive hit as a gateway through the greylisting wall, perhaps. It might
put a small fraction of a percent more load on SpamAssassin. But it might
be worthwhile.

Heck, I'm only administering a two person net here and I take the time
to learn the tools I am using and write useful configurations for them.
Somebody paid to do this should do no less. Otherwise, do something
silly and purchase a Barracuda if the boss is too dumb to pay you to
do it right.

{^_^} 

Re: Whitelists in SA

[jdow]

From: J.D. Falk jdfalk-li...@cybernothing.org
Sent: Thursday, 2009/December/17 11:21


On Dec 16, 2009, at 8:35 AM, LuKreme wrote:

The fact is I *AM* their customer. The people writing them checks are not, 
they're just their funders. Whitelist companies ha to convince admins to 
use their list. The only way to do that is to have really really really 
high quality lists that really do prevent spam delivery. If I don't use 
their whitelist, and others don't use their whitelist, then their model 
falls apart and they don't make money


Exactly what Return path has been saying (and acting upon) for years.

(We could debate whether Habeas followed that rule before we bought the 
company, but it's impolite to speak ill of the dead.)



but no company is enlightened enough to realise this.


Heh.

jdowLukreme seems to not have much of an engineering education
and zero experience with statistics. It is statistically impossible
to remove all spam perfectly and let all ham through perfectly. Perfect
is a goal you can never reach. If you obsess about it, you will find
yourself round the bend before long. All you can do is adjust the
ratio of missed ham to missed spam one way or the other. Where you
slice is pretty much up to you. What is the cost, the real cost in
lost customers or dollars spent, for a missed ham and for a missed
spam. If you can hit that balance point for minimum overall cost you've
done your job. If you sit and bitch about something not being perfect,
then you're not doing your job.

It is a good thing this issue was raised. It led to appropriate mass
check runs. I expect that will lead to saner scoring within the SA
framework. If not and it bites me, THEN I'll raise the issue again.
Does that seem fair?

{^_^} 

Re: OT Re: Museum piece...

[Robert Ober]

hc...@mail.ewind.com wrote:


My first home computer was a Godbout S-100 bus system running a dual 8085/8088 
CPU board. At that time, the future in operating systems was going to be CP/M 
86.

   

You and Jerry Pournelle :-)

Re: OT Re: Museum piece...

[Chris Hoogendyk]

jdow wrote:

From: Chris Hoogendyk hoogen...@bio.umass.edu
Sent: Thursday, 2009/December/17 10:07


Steve Lindemann wrote:

I think I still have a Model B in the loft somewhere...

Kevin
   


I've seen CP/M mentioned but no mention of the venerable Kaypro!  Oh 
those were the days  8^)


But my first digital computer (at work) was a Raytheon 703 with 
paper tape to load programs (after you fingered in the boot) and 
output was the lights on the front panel.  I also worked on analog 
computers for a number of years, it wasn't so much programming as 
re-engineering.  I actually do miss those days. 


A skilled practitioner could get 5 digits out of this baby: 
http://en.wikipedia.org/wiki/Slide_rule (I still have the yellow 
one). If you needed more rigorous but still relatively easy and 
quick, you would use this: http://ljkrakauer.com/CRC99ph/CRCbook.htm.


I still have my KE Log Log Duplex Decitrig. It still works. And it's
still aligned despite it's being bamboo.

Learning to calculate with slide rules is an important step to being
numerate. You can forget actually using the slide rule. But being able
to hammer out answers on it for complex problems leads to a really good
ability to estimate answers. That way when the nice digital CPU coughs
up a digital hairball answer to a problem you can see the error at a
glance. 


bingo.

I like the way you stated that.


--
---

Chris Hoogendyk

-
  O__   Systems Administrator
 c/ /'_ --- Biology  Geology Departments
(*) \(*) -- 140 Morrill Science Center
~~ - University of Massachusetts, Amherst 


hoogen...@bio.umass.edu

--- 


Erdös 4

Re: sa-update 403 forbidden

[Kai Schaetzl]

Daryl C. W. O'Shea wrote on Thu, 17 Dec 2009 13:28:48 -0500:

 early this morning.

BTW, I was already getting this temporarily when trying to run the first 
sa-update for SA 3.3.0 beta1 a few days ago.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com

Re: sa-update 403 forbidden

[Daryl C. W. O'Shea]

On 17/12/2009 3:31 PM, Kai Schaetzl wrote:
 Daryl C. W. O'Shea wrote on Thu, 17 Dec 2009 13:28:48 -0500:
 
 early this morning.
 
 BTW, I was already getting this temporarily when trying to run the first 
 sa-update for SA 3.3.0 beta1 a few days ago.

Could you tell me, off-list, the public facing IP that this was
happening to, the channel you were using, and approximately when this
happened?  I could potentially expect time-outs on the old host, but not
403s.  Checking the logs I only see 403s for the 5 banned-for-abuse IPs
(the list hasn't changed since Mar 2 2008).

Daryl

RE: emailreg.org - tainted white list

[Michael Hutchinson]

 -Original Message-
 From: LuKreme [mailto:krem...@kreme.com]
 Sent: Thursday, 17 December 2009 4:59 p.m.
 To: users@spamassassin.apache.org
 Subject: Re: emailreg.org - tainted white list
 
 On 16-Dec-2009, at 16:11, Michael Hutchinson wrote:
  So far only 1 person on this list has claimed to have been hit by
 Spam that has been let through by the Habeas rules in SA.
 
 
 I'm the only one? Really? That doesn’t jibe with my memory, but I'm not
 scanning the entire list to prove you wrong.
 
 Really?
 
 Yeah, sorry, not buying it.
 

OK I am probably wrong, but the list certainly hasn't been inundated with 
people saying that they have that exact issue. 

Come on, how many people have been hit with Spam, to find that the only reason 
it has gotten through their Gateway is because of a Habeas rule? I only 
remember Richard complaining about this. 

Everyone else started carrying on about the Habeas rules being present at all, 
when it is more than within their power to disable those rules. 

Buy what you want, but I'm not selling anything. 

Cheers,
Mike

Re: habeas - tainted white list

[Daryl C. W. O'Shea]

On 17/12/2009 2:21 PM, R-Elists wrote:
 ...based upon Togami's data processing, the biggest thing that comes to mind
 is this...
 
 *IF* these or similar rulesets are not truly not making a difference one way
 or the other, then why are they there?
 
 why do we really need them or the other similar rulesets?

We can't and aren't really sure that they don't make a difference.  Our
ham corpus isn't really all that big.  For the most part it's probably
made up largely of types of mail that Return-Path wouldn't be dealing
with on their lists.  Clearly it's not containing much mail that
Return-Path deals with.  The corpus isn't big enough to say that most
people (and most people aren't technical people, rather are just common
Internet users) won't get mail that Return-Path doesn't deal with though.

 ...and why should any rules such as these have a default SA installation
 value other than zero and then educate admins in the documentation what to
 do in regards to enabling and suggested scoring?

SA is designed to be safe for most users.  Most as in general Internet
users and safe as in it would rather not tag mail than tag it.

IMO whitelists have a place in SA, even whitelists that we cannot
determine due to a small corpus size whether or not they're actually
making a difference... at least when based on our corpus there's no
evidence that they're statistically and drastically causing a
significant amount of spam to pass that otherwise wouldn't.

We treat blacklists the same way.  We include blacklists in the default
install to stop spam.  We include whitelists because of our core
principle of being safe for most users in general.

I think the current score changes are a good step.  Another step may be
including in the release notes that there are whitelists and that people
may want to disable them by score whatever rules (a list of them) 0.

BTW, I will not waste any cycles defending individual instances on spam
getting by because of whitelists for the exact same reason that I do not
do the same for ham that gets caught by whitelists.

Daryl

Re: OT Re: Museum piece...

[David B Funk]

On Thu, 17 Dec 2009, jdow wrote:

 I still have my KE Log Log Duplex Decitrig. It still works. And it's
 still aligned despite it's being bamboo.

Ah, you've got the newer cheaper model. I inherited mine from my father
(40's vintage) and it has a rosewood core.

In my freshman year of college, (1970) we had to take a slide-rulesmanship
class, given pages of number problems were graded on speed and accuracy
of working those problems (shades of grade school ;).

 Learning to calculate with slide rules is an important step to being
 numerate. You can forget actually using the slide rule. But being able
 to hammer out answers on it for complex problems leads to a really good
 ability to estimate answers. That way when the nice digital CPU coughs
 up a digital hairball answer to a problem you can see the error at a
 glance.

That's because the slide rule doesn't give you the exponent, only the
mantissa. So part of that slide-rulesmanship class was learning to
do the exponent calculations in your head rapidly and accurately.
Great for looking at gobs of numbers and figuring out the OOM of
the answer.

-- 
Dave Funk  University of Iowa
dbfunk (at) engineering.uiowa.eduCollege of Engineering
319/335-5751   FAX: 319/384-0549   1256 Seamans Center
Sys_admin/Postmaster/cell_adminIowa City, IA 52242-1527
#include std_disclaimer.h
Better is not better, 'standard' is better. B{

Re: OT Re: Museum piece...

[Gene Heskett]

On Thursday 17 December 2009, jdow wrote:
From: Chris Hoogendyk hoogen...@bio.umass.edu
Sent: Thursday, 2009/December/17 10:07

 Steve Lindemann wrote:
 I think I still have a Model B in the loft somewhere...

 Kevin

 I've seen CP/M mentioned but no mention of the venerable Kaypro!  Oh
 those were the days  8^)

 But my first digital computer (at work) was a Raytheon 703 with paper
 tape to load programs (after you fingered in the boot) and output was
 the lights on the front panel.  I also worked on analog computers for
 a number of years, it wasn't so much programming as re-engineering.  I
 actually do miss those days.

 A skilled practitioner could get 5 digits out of this baby:
 http://en.wikipedia.org/wiki/Slide_rule (I still have the yellow one).
 If you needed more rigorous but still relatively easy and quick, you
 would use this: http://ljkrakauer.com/CRC99ph/CRCbook.htm.

I still have my KE Log Log Duplex Decitrig. It still works. And it's
still aligned despite it's being bamboo.

So do I, but mine is alu, and corrosion over about 50 years has taken its 
toll on how smoothly it operates.  But like yours, it still worrks, just 
needs a shot of wd-40 occasionally.

Learning to calculate with slide rules is an important step to being
numerate. You can forget actually using the slide rule. But being able
to hammer out answers on it for complex problems leads to a really good
ability to estimate answers. That way when the nice digital CPU coughs
up a digital hairball answer to a problem you can see the error at a
glance.

Yup, great teacher, for a kid with a grammer school education way back when 
the 50L6-gt was a brand new tube.

{^_^}



-- 
Cheers, Gene
There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order.
-Ed Howdershelt (Author)
The NRA is offering FREE Associate memberships to anyone who wants them.
https://www.nrahq.org/nrabonus/accept-membership.asp

Q: How does a Unix guru have sex?
A: unzip;strip;touch;finger;mount;fsck;more;yes;umount;sleep
-- unknown source

Re: OT: Museum piece...

[Jari Fredriksson]

On 16.12.2009 18:15, Benny Pedersen wrote:
 On ons 16 dec 2009 16:49:52 CET, Charles Gregory wrote
 
 On Tue, 15 Dec 2009, Chris Hoogendyk wrote:
 Marc Perkel wrote:
 http://www.vintage-computer.com/asr33.shtml
 There was actually a time when I had one of those in my house.

 For your amusement:

 I still have my old Commodore 64 and 1541 drive sitting in the basement.
 
 my commodore 128 have basic 7.0 copyrighted from microsoft, i bet bill
 gates have seen one of them with a reu 1750 and sayed the final words of
 640k ram ougth to be enough for anyone :)
 
 i still have 8bit computers that works, and also cpm where i have
 pascal, fortran, autocad wordstar, you name it, best of all it works !
 

I still have my Nokia MikroMikko I with 64 kilos RAM and Intel 8085
processor (8-bit). CP/M 2.2 with Cobol, Fortran, Pascal, C, MS-Basic
(both compiler and interpreter), WordStar and Multiplan and the Basic
game Keke (a Rosberg formula one simulation ;))

Still works. If it had a NIC and TCP/IP I would use it. Now it's
useless. If it worked, I'd port Firefox for it ;)

-- 
http://www.iki.fi/jarif/

You will pay for your sins.  If you have already paid, please disregard
this message.



signature.asc
Description: OpenPGP digital signature

Re: OT Re: Museum piece...

[Gene Heskett]

On Thursday 17 December 2009, Robert Ober wrote:
hc...@mail.ewind.com wrote:
 My first home computer was a Godbout S-100 bus system running a dual
 8085/8088 CPU board. At that time, the future in operating systems was
 going to be CP/M 86.

You and Jerry Pournelle :-)

Yeah, but Jerry is relatively new.  I started out reading all of Doc Smiths 
stuff as soon as I could read, eagerly awaiting the next issue of whatever SF 
rag my uncle was subbed to in the early 40's, when they could find enough 
paper to publish it.

-- 
Cheers, Gene
There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order.
-Ed Howdershelt (Author)
The NRA is offering FREE Associate memberships to anyone who wants them.
https://www.nrahq.org/nrabonus/accept-membership.asp

Maybe you can't buy happiness, but these days you can certainly charge it.

Re: OT: Museum piece...

[Jari Fredriksson]

On 17.12.2009 23:10, Jari Fredriksson wrote:
 
 
 On 16.12.2009 18:15, Benny Pedersen wrote:
 On ons 16 dec 2009 16:49:52 CET, Charles Gregory wrote

 On Tue, 15 Dec 2009, Chris Hoogendyk wrote:
 Marc Perkel wrote:
 http://www.vintage-computer.com/asr33.shtml
 There was actually a time when I had one of those in my house.

 For your amusement:

 I still have my old Commodore 64 and 1541 drive sitting in the basement.

 my commodore 128 have basic 7.0 copyrighted from microsoft, i bet bill
 gates have seen one of them with a reu 1750 and sayed the final words of
 640k ram ougth to be enough for anyone :)

 i still have 8bit computers that works, and also cpm where i have
 pascal, fortran, autocad wordstar, you name it, best of all it works !

 
 I still have my Nokia MikroMikko I with 64 kilos RAM and Intel 8085
 processor (8-bit). CP/M 2.2 with Cobol, Fortran, Pascal, C, MS-Basic
 (both compiler and interpreter), WordStar and Multiplan and the Basic
 game Keke (a Rosberg formula one simulation ;))
 
 Still works. If it had a NIC and TCP/IP I would use it. Now it's
 useless. If it worked, I'd port Firefox for it ;)
 

I wrote my 'BAG' compression software for CP/M with it, using the
LZH-algorithm, ported LZH uncompression named 'UnYoshi', and ported
UNZIP, those from MS/DOS. It was not easy, as the BDS-C compiler did not
have 'overlay' -technogy, had to implement my own.

Also wrote a VT-100 emulator, but that did not succeed, no matter how
much assembly I added to it, it was sluggish. Nokia's own VT-52 terminal
was super fast, and I never could get there. There was no VT-100 for
MikroMikko available :( The BBS-systems on MS-DOS era needed one, though.


-- 
http://www.iki.fi/jarif/

You are only young once, but you can stay immature indefinitely.



signature.asc
Description: OpenPGP digital signature

Re: Reminder:: 3.3.0 pre-release cut: December 17th

[Mark Martinec]

Suggesting to postpone the wrapup date till tomorrow (December 18)
to give us one more day to digest the latest changes and see
where we stand.

  Mark

Re: Reminder:: 3.3.0 pre-release cut: December 17th

[Warren Togami]

On 12/17/2009 04:24 PM, Mark Martinec wrote:

Suggesting to postpone the wrapup date till tomorrow (December 18)
to give us one more day to digest the latest changes and see
where we stand.

   Mark


Seconded.  I guess I'm spinning the rc1 unless jm wants to do it.

I'm reluctantly going to call the first cut rc1.proposed1 after the 
previous discussion.  After the 3 day period has passed with no 
objections then it will be renamed to rc1 and released.


Warren Togami
wtog...@redhat.com

Re: OT: Museum piece...

[Gene Heskett]

On Thursday 17 December 2009, Jari Fredriksson wrote:
On 17.12.2009 23:10, Jari Fredriksson wrote:
 On 16.12.2009 18:15, Benny Pedersen wrote:
 On ons 16 dec 2009 16:49:52 CET, Charles Gregory wrote

 On Tue, 15 Dec 2009, Chris Hoogendyk wrote:
 Marc Perkel wrote:
 http://www.vintage-computer.com/asr33.shtml

 There was actually a time when I had one of those in my house.

 For your amusement:

 I still have my old Commodore 64 and 1541 drive sitting in the
 basement.

 my commodore 128 have basic 7.0 copyrighted from microsoft, i bet bill
 gates have seen one of them with a reu 1750 and sayed the final words of
 640k ram ougth to be enough for anyone :)

 i still have 8bit computers that works, and also cpm where i have
 pascal, fortran, autocad wordstar, you name it, best of all it works !

 I still have my Nokia MikroMikko I with 64 kilos RAM and Intel 8085
 processor (8-bit). CP/M 2.2 with Cobol, Fortran, Pascal, C, MS-Basic
 (both compiler and interpreter), WordStar and Multiplan and the Basic
 game Keke (a Rosberg formula one simulation ;))

 Still works. If it had a NIC and TCP/IP I would use it. Now it's
 useless. If it worked, I'd port Firefox for it ;)

I wrote my 'BAG' compression software for CP/M with it, using the
LZH-algorithm, ported LZH uncompression named 'UnYoshi', and ported
UNZIP, those from MS/DOS. It was not easy, as the BDS-C compiler did not
have 'overlay' -technogy, had to implement my own.

Also wrote a VT-100 emulator, but that did not succeed, no matter how
much assembly I added to it, it was sluggish. Nokia's own VT-52 terminal
was super fast, and I never could get there. There was no VT-100 for
MikroMikko available :( The BBS-systems on MS-DOS era needed one, though.

I took the os-9 version of VT-100 and with relatively little added code, made 
it into a VT-220 that the CBS programmed devices I was programming with it 
couldn't tell that it wasn't a real VT-220.  But it was a coco3 on the end of 
the cable.  I ran our network satellite system that way for several years.

-- 
Cheers, Gene
There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order.
-Ed Howdershelt (Author)
The NRA is offering FREE Associate memberships to anyone who wants them.
https://www.nrahq.org/nrabonus/accept-membership.asp

Kiss a non-smoker; taste the difference.

Re: OT: Museum piece...

[Ted Mittelstaedt]

Jari Fredriksson wrote:


On 16.12.2009 18:15, Benny Pedersen wrote:

On ons 16 dec 2009 16:49:52 CET, Charles Gregory wrote


On Tue, 15 Dec 2009, Chris Hoogendyk wrote:

Marc Perkel wrote:

http://www.vintage-computer.com/asr33.shtml

There was actually a time when I had one of those in my house.

For your amusement:

I still have my old Commodore 64 and 1541 drive sitting in the basement.

my commodore 128 have basic 7.0 copyrighted from microsoft, i bet bill
gates have seen one of them with a reu 1750 and sayed the final words of
640k ram ougth to be enough for anyone :)

i still have 8bit computers that works, and also cpm where i have
pascal, fortran, autocad wordstar, you name it, best of all it works !



I still have my Nokia MikroMikko I with 64 kilos RAM and Intel 8085
processor (8-bit). CP/M 2.2 with Cobol, Fortran, Pascal, C, MS-Basic
(both compiler and interpreter), WordStar and Multiplan and the Basic
game Keke (a Rosberg formula one simulation ;))

Still works. If it had a NIC and TCP/IP I would use it.


The oldest Ka9Q code for CP/M has a TCP/IP stack in it, you can get it
from here:  http://www.gaby.de/ecpmlink.htm

More goodies on this issue here:

http://www.retrotechnology.com/dri/cpm_tcpip.html

It will talk out the serial port, but you can then setup an old Cisco
2501 as a router between it's serial aux port and it's ethernet port to 
get on the Internet.


Ted


 Now it's

useless. If it worked, I'd port Firefox for it ;)

RE: OT Re: Museum piece...

[R-Elists]

as far as museum pieces go, i submit that my first was an Apple 2E if i
remember correctly..

BRUN BEERRUN

was an interesting game, or something to that effect...   ;-)

...and (snore) i also programmed a helicopter to fly across the top and drop
a bomb on a space invader and go boom...

wow huh?

anyways, my FAVORITE was always the VAX !!!

DEC VAX 11/785 to be more concise... although 11/780's and 11/750's and
microVAXes were fun to play, errr work with too...

set proc /priv=ALL

eh?

 - rh

Re: OT Re: Museum piece...

[Gene Heskett]

On Thursday 17 December 2009, R-Elists wrote:
as far as museum pieces go, i submit that my first was an Apple 2E if i
remember correctly..

BRUN BEERRUN

was an interesting game, or something to that effect...   ;-)

...and (snore) i also programmed a helicopter to fly across the top and
 drop a bomb on a space invader and go boom...

wow huh?

anyways, my FAVORITE was always the VAX !!!

DEC VAX 11/785 to be more concise... although 11/780's and 11/750's and
microVAXes were fun to play, errr work with too...

The absolute, without a doubt, biggest POS I ever had to live with was an 
11/23 that had more hdwe bugs than all issues of windows combined since 
DOS5.0.  Dec field engineers changed every piece in that thing except the 
frame rail with the serial number and all they managed to do was convert a 
daily crash into an every 10 minute crash.  When it started costing us money 
because we were selling tooth paste instead of dog food when a switch didn't 
get done, I blew up, and before I was off the phone, the head computer guy at 
CBS was packing up his test mule to send to me that he used to check stuff 
out with before sending it out to the affiliates.  We got the legal dicks at 
DEC at accept that CBS and WDTV were trading seriel numbers so we still had a 
support contract.  A contract which at the time I considered worthless, but 
at the time, the docs on that 11/23 were not for sale except possibly at 
gunpoint in the parking lot, so my hands were also rather effectively tied.

Hugo's machine worked flawlessly, but because the machine I sent Hugo was a 
genuine lemon, he could no longer fix other stations problems  CBS was 
forced into replacing the whole maryann at all affiliates with an industrial 
IBM, and an artic card.  So Dec's ineptness at honoring a service contract at 
a single affiliate out in the WV mountains cost CBS at least $300K, and that, 
multiplied a few times no doubt contributed to the demise of DEC.  Couldn't 
have happened to nicer folks. Field office was 30 miles away in Morgantown 
but they often didn't show up in the same week they were called.  Funny 
thing, the the service contract said 4 hour response.

They treated us like stray dogs AFAIAC.

-- 
Cheers, Gene
There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order.
-Ed Howdershelt (Author)
The NRA is offering FREE Associate memberships to anyone who wants them.
https://www.nrahq.org/nrabonus/accept-membership.asp

Ad astra per aspera.
[To the stars by aspiration.]

Re: HTML in Messages

[Thomas Harold]

On 12/16/2009 10:50 AM, Marc Perkel wrote:


I had thought that at one time I already set it to text only on this
list and I had. But that was before the list name changed many years
ago. I'm been on this list since 2001.



One of the (many) reasons why I've switched over to having a dedicated 
email account just for list subscriptions.  I tell Thunderbird to only 
compose in plain-text on this account.  Which then applies to all 
mailing lists, even if I forget to set their text type in the address book.


It also nicely segregates the dozens of mailing lists away from my 
primary work account.

Re: Site-wide Bayes

[Thomas Harold]

On 12/17/2009 10:30 AM, RW wrote:

On Wed, 16 Dec 2009 09:36:12 -0500
Michael Scheidellscheid...@secnap.net  wrote:


On 12/16/09 9:27 AM, Thomas Harold wrote:

I'm guessing that you'd also want to change the autolearn
thresholds to be stricter?  Like only auto-learning if it scores
below -2 or above +10?

(That might be an amavisd-new feature.)

I still use 0, but have the high score at +15.


The default is 0.1 IIRC, and I wouldn't recommend setting it lower
without negative-scoring custom rules - it's set positive for good
reasons.

BAYES and userconf whitelisting rules don't count for autolearning, so
if you set a negative threshold with the default rules, you rely on
DNS whitelisting to define ham - the likes of HABEOUS.

Setting it at exactly 0.0 is also problematical since the decision to
learn is commonly going to be determined by nominally scored rules that
score 0.001 and -0.001.


Looking at the wiki...

http://wiki.apache.org/spamassassin/BasicConfiguration

We're not using userconf whitelisting, our whitelisting is done by 
amavisd-new mappings (where we score specific domains/addresses with a 
small -2 to -5 score).


The wiki, as it is currently, makes it sound like the +0.1 default for 
ham auto-learn is not conservative enough.  And that the +6.0 default 
for auto-learning spam is too risky.


(We run with -0.5 and +9.5 as our boundaries for auto-learning.)

RE: OT Re: Museum piece...

[R-Elists]

 

 The absolute, without a doubt, biggest POS I ever had to live 
 with was an
 11/23 that had more hdwe bugs than all issues of windows 
 combined since DOS5.0.  Dec field engineers changed every 
 piece in that thing except the frame rail with the serial 
 number and all they managed to do was convert a daily crash 
 into an every 10 minute crash. 
snip
 --
 Cheers, Gene

wow, Gene, that is a bummer, sincerely sorry to hear about that episode...

i was just a wee tiny lad when you (cough) more experienced folks were using
tin cans  string...

;-

did 11/23 meant it was 23 months off the engineering board?

i dont recall ever having an issue with DEC stuff yet maybe that was because
they had pocket burns up to the elbow on their arms ?

 - rh

Re: Sharing and merging bayes data?

[Matt Kettler]

On 12/17/2009 11:17 AM, RW wrote:
 If you're using file-based bayes, there's no good way to share
  updates between one DB and the other. The information needed to make
  such a merger successful isn't stored, because it is not needed for
  any reason within SpamAssassin. The database merely stores the token,
  it's spam count, it's nonspam count, and a last-seen timestamp. If
  you look at the same token in 2 different databases, you can't really
  merge these counts, because you don't know how many occurred since
  your last merge.
 
 I'm not saying it's a good idea, but it is possible provided that you
 retained the result of the previous merge. It should be simple to
 script too.

   
Agreed I didn't mean to say that a merge is impossible, it's just not
with the tools that SA comes with, and you need more info than just
what's in the current database.

 As you mentioned, you'd need a custom script  (not wildly complicated
for a good perl scripter, but beyond the bounds of someone with only
crude scripting skills.) as well as historical copies of each database
from the last merge.

Setting up SQL would be much easier.

Re: OT Re: Museum piece...

[Gene Heskett]

On Thursday 17 December 2009, R-Elists wrote:
 The absolute, without a doubt, biggest POS I ever had to live
 with was an
 11/23 that had more hdwe bugs than all issues of windows
 combined since DOS5.0.  Dec field engineers changed every
 piece in that thing except the frame rail with the serial
 number and all they managed to do was convert a daily crash
 into an every 10 minute crash.

snip

 --
 Cheers, Gene

wow, Gene, that is a bummer, sincerely sorry to hear about that episode...

i was just a wee tiny lad when you (cough) more experienced folks were
 using tin cans  string...

We were just a slight more advanced than that.  I went to Kalifornia to make 
my million and didn't, but that's another story.  While there in '60 I got to 
work for several months as a bench tech for an outfit building the first pair 
of the then smallest tv cameras in the world. BW of course, 2.5 in diameter 
 about a foot long out of the case.  We had the breadboard working fairly 
well but it was ugly as sin with parts flying out of it nearly everywhere.  
About 10 minutes after I arrived one morning the front door opened up and a 
couple of civilians plus about 6 copies of some navy folks with silver  gold 
on their shoulders walked in.  Wanted to see it work.  In the dark.  So as it 
was showing a good pix of the shop area on a monitor, Joe picked it up, 
cleared one side of one of the benches drawers out, set it in gently and 
closed the drawer on the coax cable that was both video and power supply.  3 
seconds later the auto target finally got there and a very nice pix of the 
wood grain of the drawers plywood back was showing on the monitor, slightly 
out of focus.  Joe offered to trim the focus but the silvered gent said it 
won't be necessary, but do you have an office with a few chairs so we can 
talk.  Later I found out that one of those civies was Jacques Cousteau, who 
was one of the 2 guys in that 6 foot pressure ball in Feb '61 when that dive 
was made.

We did, and 3 hours later had a contract to put those two cameras on the 
Trieste as soon as we could get the pressure cases built.  Those were headed 
for the bottom of the Challenger Deep, 37,000+ feet in the big pond.  Short 
story, we did, and they worked.  And don't let anyone tell you water is not 
compressible.  The Trieste ran on big banks of sears die hard batteries and 
were not protected from the pressure.  Each cell had a small extension neck 
screwed into it, and a small balloon with about a cup of battery acid in it 
was snapped on. A wire cage kept the balloons from being carried too far by 
the currents.  One of the pix they brought back showed one rack of batteries, 
with the balloons either out of sight or  only about 1/4 high above the 
neck, the squeeze of 17,000 psi was on.  The batteries didn't care, they Just 
Worked(TM).

;-

did 11/23 meant it was 23 months off the engineering board?

At this late date, I haven't a clue exactly what the 11/23 meant.  That was a 
weird beastie, the app was written in pascal, and it was recompiled at boot 
time.  So they could call it up, upload a new version of the app, and reboot 
it as they were logging out.  The reboot of course took several minutes, so 
they had to choose a time when the schedule was empty for an hour or more 
when they did that.  We had a vt-220 that stayed logged in all the time so we 
could make emergency schedule changes, but that turned out to be no job at 
all, and when it was the vt-220 that failed, the HOT went up in smoke, was 
when I re-wrote the vt-100 proggy we had for the coco3, and turned it into a 
vt-220.  That was fairly easy cuz the only real change in the protocol was 
the esc sequence, it became a full 8 bit byte but 99% of the rest of it was 
identical.

i dont recall ever having an issue with DEC stuff yet maybe that was
 because they had pocket burns up to the elbow on their arms ?

My impression of the field engineers knowledge was that it was nil, other 
than the rote stuff, DEC had taught him.  And I suspect Joanne would back me 
up on that.  Those guys couldn't replace a stuck output cuz it had an open 
collector in a 7406 with a gun to their head, no idea how to troubleshoot to 
the critters part level with a good scope, and little or no idea which end of 
a soldering iron got hot.  He drug out a wood burning kit from ungar once to 
do something and I unplugged it 3 times before he got the message that he 
wasn't going to use that piece of blow every chip in the building crap on my 
watch.  I went and got my bench iron, a fairly fancy, grounded tip, variable 
temp controlled iron and a roll of silver bearing solder and did it my self.  
And he was surprised as all get out when a pair of 5 curved nose suture 
clamps came off my T-shirt collar and grabbed that stuff about 10x tighter 
than he would ever get with his worn out radio shack special long noses.  
Ditto the pair of 4 flush cut diagonals I used to clean up the surplus leads 
on the other side of 

Re: Sharing and merging bayes data?

[Rajkumar S]

On Fri, Dec 18, 2009 at 9:29 AM, Matt Kettler mkettler...@verizon.net wrote:
  As you mentioned, you'd need a custom script  (not wildly complicated
 for a good perl scripter, but beyond the bounds of someone with only
 crude scripting skills.) as well as historical copies of each database
 from the last merge.

Is the file format of bayes db available some where? google did not
turn up any thing. It would be great if some more information about
how to go about merging the db can be posted.

thanks and regards,

raj

Re: habeas - tainted white list

[Christian Brel]

On Thu, 17 Dec 2009 15:51:35 -0500
Daryl C. W. O'Shea spamassas...@dostech.ca wrote:


 I think the current score changes are a good step.  Another step may
 be including in the release notes that there are whitelists and that
 people may want to disable them by score whatever rules (a list of
 them) 0.

Why not default them to zero and include in the release notes/man that
there are whitelists and they can *enable* them?
 

-- 
This e-mail and any attachments may form pure opinion and may not have
any factual foundation. Please check any details provided to satisfy
yourself as to suitability or accuracy of any information provided.
Data Protection: Unless otherwise requested we may pass the information
you have provided to other partner organisations. 

Re: habeas - tainted white list

[Christian Brel]

On Fri, 18 Dec 2009 09:46:03 +1300
Michael Hutchinson packetl...@ping.net.nz wrote:


 Everyone else started carrying on about the Habeas rules being
 present at all, when it is more than within their power to disable
 those rules.

But they should not have to disable a whitelist that assists
with the delivery of bulk commercial mail in an anti-spam application!
If the sender is relying on such rules to keep the mailout under the
radar then clearly there is something very wrong with that?

The issues here are clear:
*The inclusion of white list that pretty much favours a single
commercial mail organisation.
*The default score applied to that listed senders being hideously
favourable(are there any other rules with such mad negative scores in
the mix by default?)
*The lack of any other commercial white lists from the competitors of
Return Path being used in the product.

I'm interested but equally suspicious as to why a small set of people
involved in this anti-spam product are keen to try and move on from
this and sweep it under the carpet. Could this be AssassinGate??? Lol.



 
 Buy what you want, but I'm not selling anything. 
 
 Cheers,
 Mike
 
 


-- 
This e-mail and any attachments may form pure opinion and may not have
any factual foundation. Please check any details provided to satisfy
yourself as to suitability or accuracy of any information provided.
Data Protection: Unless otherwise requested we may pass the information
you have provided to other partner organisations. 

Re: Cooperative data gathering project.

[Henrik K]

On Fri, Dec 18, 2009 at 08:20:47AM +1300, Jason Haar wrote:
 On 12/18/2009 05:31 AM, Marc Perkel wrote:
 
  In this case the idea is to gather data in real time. So those who
  gather data need to be able to send the data to a central place that
  receives the data and then makes it available to everyone.
 
 You've lost me there - DNS would allow you to do that. You run the DNS
 server, SA does the queries, they get routed through the standard DNS
 hierarchy, you get to see them (and respond), interpret and make that
 data available via any mechanism you want - probably also via (a
 different?) DNS. A short TTL would reduce lost data (in fact, the only
 possible cached-caused data loss would be for duplicate queries from the
 same SA instance)

Ok, while DNS would allow that, it would be a real waste of a protocol.
Why would you want to make the sending party wait for a response that only
adds delays and has no purpose? Simply send a UDP packet and be done with
it. No TCP or DNS overhead. One or two lines of perl.

Re: OT Re: Museum piece...

[jdow]

From: Gene Heskett gene.hesk...@verizon.net
Sent: Thursday, 2009/December/17 21:21


My impression of the (DEC) field engineers knowledge was that it was nil, 
other
than the rote stuff, DEC had taught him.  And I suspect Joanne would back 
me

up on that.  Those guys couldn't replace a stuck output cuz it had an open
collector in a 7406 with a gun to their head, no idea how to troubleshoot 
to
the critters part level with a good scope, and little or no idea which end 
of  a soldering iron got hot.  He drug out a wood burning kit from ungar 
once to

do something and I unplugged it 3 times before he got the message that he
wasn't going to use that piece of blow every chip in the building crap on 
my
watch.  I went and got my bench iron, a fairly fancy, grounded tip, 
variable
temp controlled iron and a roll of silver bearing solder and did it my 
self.   And he was surprised as all get out when a pair of 5 curved nose 
suture

clamps came off my T-shirt collar and grabbed that stuff about 10x tighter
than he would ever get with his worn out radio shack special long noses.
Ditto the pair of 4 flush cut diagonals I used to clean up the surplus 
leads  on the other side of the board.  Not to mention the alky and 
q-tips used to

clean up after myself.  He/they had just enough knowledge to be dangerous.



Gene, it's HP 2100S computers that I know. And I was able to accurately
diagnose at least one problem before the substitute tech figured it out.
He looked at me with a strange expression on his face. The usual guy
had not prepared him. The usual fellow and I had a good rapport. I learned
to describe problems well enough he could diagnose them quickly and fix
them. (Aside from the digital tape drives in those old 8500 consoles the
basic setup was quite reliable. Even the Versatec wet printers did their
job very well on simple routine maintenance.)

I have experience on DEC PDP-11 machines and VAXen. But it's limited.

Now, if you want to get me rolling about an incompetent computer
company just mention GRiD and their Compass not really a laptop computer.
Even the bugs were themselves buggy. (We had to own 6 of them to keep 5
running most of the time. The displays went out regularly. And the OS
would lock up at peculiar times just because it felt like it when
trying to talk to an HPIB device. (It had built in HPIB to talk to its
disk drive etc.) Wikipiddle accuses it of being a laptop. All I can do
is snicker about that assertion. Then they continue the phrase to call
it a computer. Admittedly it was, on brief occasions, a computer. But
it spent too much time emulating a doorstop to be worthy of its price.

{^_^} 

Re: habeas - tainted white list

[jdow]

From: Christian Brel brel.spamassassin091...@copperproductions.co.uk
Sent: Thursday, 2009/December/17 22:11



On Thu, 17 Dec 2009 15:51:35 -0500
Daryl C. W. O'Shea spamassas...@dostech.ca wrote:



I think the current score changes are a good step.  Another step may
be including in the release notes that there are whitelists and that
people may want to disable them by score whatever rules (a list of
them) 0.


Why not default them to zero and include in the release notes/man that
there are whitelists and they can *enable* them?


Because we enjoy tweaking the nose of idiots?

{O,o}- being wonked out silly, which is all you deserve.

Re: habeas - tainted white list

[jdow]

From: Christian Brel brel.spamassassin091...@copperproductions.co.uk
Sent: Thursday, 2009/December/17 22:22



On Fri, 18 Dec 2009 09:46:03 +1300
Michael Hutchinson packetl...@ping.net.nz wrote:



Everyone else started carrying on about the Habeas rules being
present at all, when it is more than within their power to disable
those rules.


But they should not have to disable a whitelist that assists
with the delivery of bulk commercial mail in an anti-spam application!
If the sender is relying on such rules to keep the mailout under the
radar then clearly there is something very wrong with that?

The issues here are clear:
*The inclusion of white list that pretty much favours a single
commercial mail organisation.
*The default score applied to that listed senders being hideously
favourable(are there any other rules with such mad negative scores in
the mix by default?)
*The lack of any other commercial white lists from the competitors of
Return Path being used in the product.

I'm interested but equally suspicious as to why a small set of people
involved in this anti-spam product are keen to try and move on from
this and sweep it under the carpet. Could this be AssassinGate??? Lol.


Christian, you sound, for all the world, as sensible as the idiots
who claim that 9/11 was organized by the White House or Israeli spies
or both. Maybe it's time you retired to the more conspiracy theory
friendly realm the Trufers maintain. You're for /dev/null here.

{^_^}

Re: habeas - tainted white list

[Christian Brel]

On he subject of Spammy whitelists...

 * -1.0 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/,
low
 *  trust
 *  [212.159.7.100 listed in list.dnswl.org]

Yet the same IP is on and off SORBS and part of an ongoing spam
problem. Perhaps this can be reviewed and given a zero score by default?



-- 
This e-mail and any attachments may form pure opinion and may not have
any factual foundation. Please check any details provided to satisfy
yourself as to suitability or accuracy of any information provided.
Data Protection: Unless otherwise requested we may pass the information
you have provided to other partner organisations. 

Re: habeas - tainted white list

[Daryl C. W. O'Shea]

On 18/12/2009 1:11 AM, Christian Brel wrote:
 On Thu, 17 Dec 2009 15:51:35 -0500
 Daryl C. W. O'Shea spamassas...@dostech.ca wrote:
 
 
 I think the current score changes are a good step.  Another step may
 be including in the release notes that there are whitelists and that
 people may want to disable them by score whatever rules (a list of
 them) 0.
 
 Why not default them to zero and include in the release notes/man that
 there are whitelists and they can *enable* them?

I'm pretty sure I brought up the SA developers' *long* standing
principle of being as safe as possible for the majority of users by
erring on the side of missing spam rather than tagging ham while still
putting out a useful product.

From the data we have from mass-checks we are erring a very small amount
on the side of caution by not disabling the whitelists by default.

If we had more mass-check data from a wider number of mail recipients
maybe it would change things, statistically, maybe it wouldn't.  New
mass-check contributors are always welcome.  They take very little
effort to manage once you've set it up (I ignore mine for years at a time).

Daryl

Re: habeas - tainted white list

[Daryl C. W. O'Shea]

On 18/12/2009 1:22 AM, Christian Brel wrote:
 The issues here are clear:
 *The inclusion of white list that pretty much favours a single
 commercial mail organisation.

At present, to my knowledge Return Path is the only organization which
has approached us for inclusion in SpamAssassin.  We would more than
welcome other commercial vendors provided that their lists are free for
use by the majority of our users (like any blacklists we include) and
that they provide reasonable good results (the same criteria for
blacklists but s/spam/ham/).

 *The default score applied to that listed senders being hideously
 favourable(are there any other rules with such mad negative scores in
 the mix by default?)

Reputation type rules (such as DNSWLs) are probably the only (or
certainly one of the very few) types of rules that you can weight
heavily negatively.  This is due to the nature of an open source product
(or even given enough time to game a closed source product).  Content
based rules are very often easily beaten.  If we could have a body rule
that looks for this mail is good and assign a -20 score we would.
Clearly that would not work.

I think that the new scores are inline with what is needed to correct
the high scores that some of the wanted commercial crap currently scores
at.  I see stuff at upwards of 8 or more regularly.

 *The lack of any other commercial white lists from the competitors of
 Return Path being used in the product.

Again, find me a commercial white list that wants to be included in
SpamAssassin on a free for use basis and I'll pay for the phone call
to talk to them.  Seriously.

 I'm interested but equally suspicious as to why a small set of people
 involved in this anti-spam product are keen to try and move on from
 this and sweep it under the carpet. Could this be AssassinGate??? Lol.

You do realize that there's only a small set of active developers, right?

Daryl

Re: habeas - tainted white list

[Daryl C. W. O'Shea]

On 18/12/2009 2:13 AM, Christian Brel wrote:
 On he subject of Spammy whitelists...
 
  * -1.0 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/,
 low
  *  trust
  *  [212.159.7.100 listed in list.dnswl.org]
 
 Yet the same IP is on and off SORBS and part of an ongoing spam
 problem. Perhaps this can be reviewed and given a zero score by default?

Forgot individual occurrences of FPs or FNs.  They're statistically
meaningless.

In last week's net-enabled mass-check the -1.0 score for
RCVD_IN_DNSWL_LOW RBL caused only 10 of 148025 (0.00675%) spams to fall
below 5.0 (and that could have happened with as small as a -0.1 score, I
don't have data, so at approx -0.5 the same thing could have happened).

On the other hand, it moved 101 of 199558 (0.05061%) hams below the 5.0
mark.  That's an S/O of 0.035 which is pretty good (we wouldn't be
questioning a spam hitting rule with an S/O of 0.965, at least not at a
score of 1).

http://ruleqa.spamassassin.org/20091212-r889898-n/RCVD_IN_DNSWL_LOW/detail

Again, to anyone, if our statistics are way off from the reality our
users are seeing we need more mass-check contributors.

Daryl