On 2022-04-28 07:30, Bill Cole wrote:
I see no reason to make HTTPS mandatory for mirrors at this point. It
does mean an extra layer that can break and the impersonation attacks
that it enables would be extremely complicated to mount, so may be
entirely theoretical. I would rather keep
On 2022-04-27 06:29, Henrik K wrote:
On Tue, Apr 26, 2022 at 12:28:44AM -0600, Dave Warren wrote:
On 2022-04-25 22:18, aut...@sa-vm.apache.org wrote:
http://sa-update.razx.cloud/ (172.67.206.130): UP (STALE since 1650939481, 2
hours)
http://sa-update.razx.cloud/ (104.21.69.80): UP (STALE
On Wed, Apr 27, 2022 at 05:34:57PM +0300, Henrik K wrote:
>
> Btw I just updated DNS to https too:
> mirrors.updates.spamassassin.org.
> "https://spamassassin.apache.org/updates/MIRRORED.BY;
Actually it's now:
mirrors.updates.spamassassin.org.
https://sa-update.mailfud.org/ (5.196.88.134): UP (CURRENT)
http://sa-update.dnswl.org/ (116.203.4.105): UP (CURRENT)
https://www.sa-update.pccc.com/ (69.171.29.42): UP (CURRENT)
http://sa-update.space-pro.be/ (176.28.55.20): UP (CURRENT)
http://sa-update.ena.com/ (96.4.1.5): UP (CURRENT)
https://sa-update.mailfud.org/ (5.196.88.134): UP (CURRENT)
http://sa-update.dnswl.org/ (116.203.4.105): UP (CURRENT)
https://www.sa-update.pccc.com/ (69.171.29.42): UP (CURRENT)
http://sa-update.space-pro.be/ (176.28.55.20): UP (CURRENT)
http://sa-update.ena.com/ (96.4.1.5): UP (CURRENT)
https://sa-update.mailfud.org/ (5.196.88.134): UP (CURRENT)
http://sa-update.dnswl.org/ (116.203.4.105): UP (CURRENT)
https://www.sa-update.pccc.com/ (69.171.29.42): UP (CURRENT)
http://sa-update.space-pro.be/ (176.28.55.20): UP (CURRENT)
http://sa-update.ena.com/ (96.4.1.5): UP (CURRENT)
https://sa-update.mailfud.org/ (5.196.88.134): UP (CURRENT)
http://sa-update.dnswl.org/ (116.203.4.105): UP (CURRENT)
https://www.sa-update.pccc.com/ (69.171.29.42): UP (CURRENT)
http://sa-update.space-pro.be/ (176.28.55.20): UP (CURRENT)
http://sa-update.ena.com/ (96.5.1.5): UP (CURRENT)
https://sa-update.mailfud.org/ (5.196.88.134): UP (CURRENT)
http://sa-update.dnswl.org/ (116.203.4.105): UP (CURRENT)
https://www.sa-update.pccc.com/ (69.171.29.42): UP (CURRENT)
http://sa-update.space-pro.be/ (176.28.55.20): UP (CURRENT)
http://sa-update.ena.com/ (96.5.1.5): UP (CURRENT)
https://sa-update.mailfud.org/ (5.196.88.134): UP (CURRENT)
http://sa-update.dnswl.org/ (116.203.4.105): UP (CURRENT)
https://www.sa-update.pccc.com/ (69.171.29.42): UP (CURRENT)
http://sa-update.space-pro.be/ (176.28.55.20): UP (CURRENT)
http://sa-update.ena.com/ (96.4.1.5): UP (CURRENT)
https://sa-update.mailfud.org/ (5.196.88.134): UP (CURRENT)
http://sa-update.dnswl.org/ (116.203.4.105): UP (CURRENT)
https://www.sa-update.pccc.com/ (69.171.29.42): UP (CURRENT)
http://sa-update.space-pro.be/ (176.28.55.20): UP (CURRENT)
http://sa-update.ena.com/ (96.5.1.5): UP (CURRENT)
https://sa-update.mailfud.org/ (5.196.88.134): UP (CURRENT)
http://sa-update.dnswl.org/ (116.203.4.105): UP (CURRENT)
https://www.sa-update.pccc.com/ (69.171.29.42): UP (CURRENT)
http://sa-update.space-pro.be/ (176.28.55.20): UP (CURRENT)
http://sa-update.ena.com/ (96.5.1.5): UP (CURRENT)
On Thu, Apr 28, 2022 at 09:30:21AM -0400, Bill Cole wrote:
>
> and the impersonation attacks that it enables would be extremely
> complicated to mount, so may be entirely theoretical.
Of course it is. It's probably thousand times more likely that a mirror
itself is hacked and it's files
https://sa-update.mailfud.org/ (5.196.88.134): UP (CURRENT)
http://sa-update.dnswl.org/ (116.203.4.105): UP (CURRENT)
https://www.sa-update.pccc.com/ (69.171.29.42): UP (CURRENT)
http://sa-update.space-pro.be/ (176.28.55.20): UP (CURRENT)
http://sa-update.ena.com/ (96.4.1.5): UP (CURRENT)
On 2022-04-28 at 06:40:58 UTC-0400 (Thu, 28 Apr 2022 12:40:58 +0200
(CEST))
Fossies Administrator
is rumored to have said:
On Wed, 27 Apr 2022, Henrik K wrote:
There's really no reason these days for not using https.
Only three mirrors work with it right now:
sa-update.razx.cloud
https://sa-update.mailfud.org/ (5.196.88.134): UP (CURRENT)
http://sa-update.dnswl.org/ (116.203.4.105): UP (CURRENT)
https://www.sa-update.pccc.com/ (69.171.29.42): UP (CURRENT)
http://sa-update.space-pro.be/ (176.28.55.20): UP (CURRENT)
http://sa-update.ena.com/ (96.4.1.5): UP (CURRENT)
On 2022-04-28 at 07:36:45 UTC-0400 (Thu, 28 Apr 2022 14:36:45 +0300)
Henrik K
is rumored to have said:
On Thu, Apr 28, 2022 at 07:26:41AM -0400, Kevin A. McGrail wrote:
We discussed this a year or two ago. The data on there is not
sensitive and
is cryptographically verified by spamassassin
On Thu, Apr 28, 2022 at 07:41:56AM -0400, Kevin A. McGrail wrote:
> By default, the data is cryptographically verified. An admin has to
> specifically turn off that feature.
>
> There's little benefits of using HTTPS in this specific setting and it's
> just an extra requirement on our volunteer
By default, the data is cryptographically verified. An admin has to
specifically turn off that feature.
There's little benefits of using HTTPS in this specific setting and it's
just an extra requirement on our volunteer mirrors. It will add time, CPU
load, and even a small amount of bandwidth
On Thu, Apr 28, 2022 at 07:26:41AM -0400, Kevin A. McGrail wrote:
> We discussed this a year or two ago. The data on there is not sensitive and
> is cryptographically verified by spamassassin before being used. Can you
> name a single reason the data needs to be encrypted in transit? KAM
It's
We discussed this a year or two ago. The data on there is not sensitive and
is cryptographically verified by spamassassin before being used. Can you
name a single reason the data needs to be encrypted in transit? KAM
On Thu, Apr 28, 2022, 07:17 Henrik K wrote:
> On Thu, Apr 28, 2022 at
https://sa-update.mailfud.org/ (5.196.88.134): UP (CURRENT)
http://sa-update.dnswl.org/ (116.203.4.105): UP (CURRENT)
https://www.sa-update.pccc.com/ (69.171.29.42): UP (CURRENT)
http://sa-update.space-pro.be/ (176.28.55.20): UP (CURRENT)
http://sa-update.ena.com/ (96.5.1.5): UP (CURRENT)
On Thu, Apr 28, 2022 at 12:40:58PM +0200, Fossies Administrator wrote:
> On Wed, 27 Apr 2022, Henrik K wrote:
>
> >
> > There's really no reason these days for not using https.
> >
> > Only three mirrors work with it right now:
> >
> > sa-update.razx.cloud
> > sa-update.pccc.com
> >
On Wed, 27 Apr 2022, Henrik K wrote:
There's really no reason these days for not using https.
Only three mirrors work with it right now:
sa-update.razx.cloud
sa-update.pccc.com
sa-update.mailfud.org
Could maybe others prepare for it? sa-update seems to happily use https://
mirrors starting
https://sa-update.mailfud.org/ (5.196.88.134): UP (CURRENT)
http://sa-update.dnswl.org/ (116.203.4.105): UP (CURRENT)
https://www.sa-update.pccc.com/ (69.171.29.42): UP (CURRENT)
http://sa-update.space-pro.be/ (176.28.55.20): UP (CURRENT)
http://sa-update.ena.com/ (96.4.1.5): UP (CURRENT)
+ promote_active_rules
+ pwd
/usr/local/spamassassin/automc/svn/trunk
+ svn co https://svn.apache.org/repos/asf/spamassassin/trunk/rules
https://svn.apache.org/repos/asf/spamassassin/trunk/rulesrc
Checked out revision 1900353.
Checked out revision 1900353.
+ /usr/bin/perl
https://sa-update.mailfud.org/ (5.196.88.134): UP (CURRENT)
http://sa-update.dnswl.org/ (116.203.4.105): UP (CURRENT)
https://www.sa-update.pccc.com/ (69.171.29.42): UP (CURRENT)
http://sa-update.space-pro.be/ (176.28.55.20): UP (CURRENT)
http://sa-update.ena.com/ (96.5.1.5): UP (CURRENT)
https://sa-update.mailfud.org/ (5.196.88.134): UP (CURRENT)
http://sa-update.dnswl.org/ (116.203.4.105): UP (CURRENT)
https://www.sa-update.pccc.com/ (69.171.29.42): UP (CURRENT)
http://sa-update.space-pro.be/ (176.28.55.20): UP (CURRENT)
http://sa-update.ena.com/ (96.5.1.5): UP (CURRENT)
27 matches
Mail list logo