Good day, all,
(Summary - the sa-blacklist content is moving to new machines. If
you're downloading any of the 15 versions of this list, you'll need to
change the hostname you use in your download; see "What you need to do"
below for instructions.)
I had a chat with my ISP last week. They've known for a long time
that the bandwidth spike at the top of very hour was my web server, but
since they knew the sa-blacklist was hosted there and it was a public
service project, they told me not to worry.
Fast forward to last week. *smile*
When I asked this new contact what amount of bandwidth my hosting
contract would normally allow and how much bandwidth I'd actually been
using over the last few months, he told me that I should be around
10G/month, but I've been using 1000G/month. Woah. Luckily, he wasn't
asking me to pay 100X my current contract. *smile*
They really have been great about it (I mean that sincerely), but
both they and I know that's an unreasonable drain on their bandwidth and
unfair to the other customers. To fix that, I'm transitioning the content
to new machines with more available bandwidth.
I owe a heartfelt thanks to Raymond, David, Panagiotis, Rob, Wim,
Jeff, and Chris for offering to host the content at no cost on much faster
lines than mine and offering suggestions on how to make the process more
efficient. Their generousity makes it possible for me to continue
providing this content.
==== What you need to do ====
I've already set up new hostnames (*) from which the sa-blacklist
files can be pulled. If you're getting any sa-blacklist files over http,
please change the hostname you use to "www.sa-blacklist.stearns.org". If
you are using rsync to pull content, please use
"rsync.sa-blacklist.stearns.org". If you're using ftp, please use
"ftp.sa-blacklist.stearns.org". In other words, the exact same content
should be viewable at
http://www.sa-blacklist.stearns.org/sa-blacklist/
ftp://ftp.sa-blacklist.stearns.org/pub/wstearns/sa-blacklist/
rsync://rsync.sa-blacklist.stearns.org/wstearns/sa-blacklist/
(although this last one is commonly used by the rsync application
and won't work in a web browser.)
There's a real benefit to you in taking the time to make this
switchover. My server was getting pegged for multiple minutes at the top
of the hour, so you'll find your downloads are much faster. Because of
the way the files are distributed, the content on the mirrors should
always be as current as the ones on the main server.
At some point in the near future, I'll be limiting access to or
completely shutting down the old URLs, so it's to your advantage to
switch over sooner rather than later. *smile*
I'd sincerely appreciate it if you could check any automated
download scripts or cron jobs and point them to these new hostnames.
Sorry for the inconvenience, but because these URL's are only used for
this content, you won't need to make this change again.
As one last suggestion, you might want to consider using the
ws.surbl.org dns lookup service which performs the same checks as
sa-blacklist.current.uri.cf , but _much_ faster and with a _lot_ less
memory. More information about this dns-based service is available at
http://www.surbl.org/ .
Cheers,
- Bill
* These aliases will transparently pick a random server out of the
available machines, spreading out the load. As more mirrors come online
you'll be sent to them automatically.
---------------------------------------------------------------------------
(Referring to the 32 bit system that feeds out files for
kernel.org) "We learned that the Linux load average rolls over at 1024.
And we actually found this out empirically."
-- Peter Anvin
--------------------------------------------------------------------------
William Stearns ([EMAIL PROTECTED]). Mason, Buildkernel, freedups, p0f,
rsync-backup, ssh-keyinstall, dns-check, more at: http://www.stearns.org
--------------------------------------------------------------------------
