Looking at my httpd logs for the sa-update channel for SARE’s 70_sc_top200.cf that I host at 70_sc_top200.cf.sare.sa-update.dostech.net (howto), I’m wondering why about 25% of the IPs (and about 17% of the /24s) use it. If you’re running network tests SpamAssassin already queries SpamCop by default, so if you’re also using this channel (or ruleset via RDJ directly from SARE) you’re just adding a, usually outdated, copy of the same data you’re getting via DNS lookups.
My guess is that there’s a lot of people just not paying too much attention. I can’t imagine that there’s that many systems running without network tests, at least not on purpose (I know there’s a lot of people that think they’re using network test, or all the tests available to them, but don’t realize that their distro disabled network tests by default).
I mentioned that the SpamCop data in this channel/ruleset is usually outdated… here’s a list of the updates since the beginning of December (I don’t know why Fred hasn’t automated the updates, last I heard he was manually uploading the ruleset — which itself is generated automatically):
Dec 1 13:04 200612011100.tar.gz
Dec 1 19:04 200612011700.tar.gz
Dec 2 15:04 200612021300.tar.gz
Dec 2 16:04 200612021400.tar.gz
Dec 5 18:04 200612051600.tar.gz
Dec 6 14:04 200612061200.tar.gz
Dec 6 18:04 200612061600.tar.gz
Dec 9 13:04 200612091100.tar.gz
Dec 13 18:04 200612131600.tar.gz
Dec 23 16:04 200612231400.tar.gz
Jan 2 11:24 200701020900.tar.gz
Jan 8 10:24 200701080800.tar.gz
Jan 9 12:24 200701091000.tar.gz
The update frequency is just weird… in the past I’ve noticed that it is sometimes updated three times in the span of two hours and then not updated again for weeks.
2 comments January 11th, 2007