As many of you know, for over a year now we've been dealing with a massive flood of queries on the RuleQA server at https://ruleqa.spamassassin.org, with broadly variable success. The original theory was that this was LLM trainers sucking in all the data they can find mindlessly, but the fight has exposed a pattern making it clear that this is a directed attack on the daily updates of rules and scores. As a result, those updates have been sporadically broken, predominantly due to our QA contributors being unable to upload their scoring results. I believe that as of today, we have found a workable tactic to protect that process.
As with most tactics used to resist such attacks, there's a cost. Some queries to the RuleQA server will break, somewhat randomly based on timing and the load on the system. Retrying on any explicit error is likely to succeed. Some networks that may have legitimate users are very much blocked due to abuse (e.g. Huawei Cloud and some other VPS providers as well as some mobile networks) so if you cannot reach the server at all but instead just time out, speak up here and I'll try to fix it. ALSO: don't go to any rule performance detail page cold, without a Referer header. That just won't work. -- Bill Cole [email protected] or [email protected] (AKA @[email protected] and many *@billmail.scconsult.com addresses) Please keep discussion mailing list replies *on-list* Not Currently Available For Hire
signature.asc
Description: OpenPGP digital signature
