Archive for June, 2007

Blocked by Hotmail? Use a Microsoft mail client instead.

After being told that “SmartScreen technology” had blocked his server from sending mail to Hotmail, this guy found that if he used Outlook 2003, rather than Thunderbird, he could get his mail delivered. Not that you should be surprised by that. It’s not like Microsoft client headers appear in a whole lot more spam than Mozilla headers. Oh wait a second, Microsoft headers do appear in at least half of all spam.

“I started playing around with clients rather than concentrating on server setup, and I’ve had some interesting results. I can send to Hotmail without a problem using Outlook 2003, but no cigar with Mozilla Thunderbird. I think that this suggests that the headers the email clients add to an email also play a crucial role in determining if the mail gets through or not. This is BAD news because as a system admin there is generally very little you can do about this.”

2 comments June 20th, 2007

Toronto Colocation Recommendations Anyone?

I’m currently looking into colocation for a few of my critical services. 1U with 50 GB a month of transfer would be more than sufficient right now, but growth to 100 GB a month within a year would be a good thing to plan for.

Does anyone have any recommendations for reliable colocation in the Toronto, Ontario area (or the unlikely availability of reliable colocation in the Barrie, Ontario area)?

If anyone has any suggestions and knows of pricing, please post here or send me an email.

2 comments June 14th, 2007

Apache SpamAssassin 3.2.1 and 3.1.9 released!

We released new versions of SpamAssassin for both the 3.1 and 3.2 branches on Monday. 3.1.9 pretty much just includes the fix for CVE-2007-2873 (which only affects people who using the spamd –allow-tell or -l option) while 3.2.1 has a few additional fixes. Specifically 3.2.1 fixes a bug that caused the included (who are still under a severe DDoS attack, BTW) tests from working along with a handful of things that affect various non-default setups. Some more fixes (for problems most people will never see) to the spamd pre-forking server are also included.

Unfortunately you can’t successfully run make test as root in 3.2.1 due to the fix for bug 5480. This makes installing SA 3.2.1 via CPAN, um, difficult. I never noticed this since I always build from source as a non-root user. I don’t think any vendors, like RedHat, noticed it either since they probably all do the same thing.

If you normally install SA via CPAN, my advice would be to stick with 3.2.0 for now, avoid doing anything that triggers the local symlink vulnerability described in CVE-2007-2873 and just run sa-update to get most of the rule fixes included in 3.2.1. I expect that there will be a 3.2.2 release in a month or so.

Add comment June 13th, 2007

Determining reel number by reading DTS timecode on 35mm film

In case you ever find yourself the lucky recipient of a used 35mm print with leaders that may or may not be on the correct reels and with no ID frames to verify which reel is which you would be well served to know how to read the DTS timecode. 99.99% of mainstream film has DTS timecode on it. Some smaller art/other films have it too.

The last four bits of the 20 bits between mark positions indicate the reel number. Look for a series of frames that the first bit toggles between 0 and 1 and use one of those frames. If you find a frame that has more than one bit difference it’s the title serial number.

A one is indicated by a transition (a small white dot before or after a slightly longer black spot) while a 0 is indicated by no transition (a long white OR black spot). A sync mark is indicated by the combination of a really long white and black spot.

Decoded DTS timecode

2 comments June 8th, 2007

URIBL, SURBL and Spamhaus suffer SYN floods

In case you ever needed evidence that URI blacklists are effective or that spammers don’t like Spamhaus, you’ve now got a DDoS SYN flood attack to back up that argument.

The web mirrors for the three sites have been down for most of the day due to what’s reported by URIBL as “heavy syn floods for anyone operating a web mirror for uribl, surbl, or spamhaus”.

The SpamAssassin Rules Emporium (SARE) website is also down. It is hosted on one of the URIBL mirrors.

As of tonight, Spamhaus’ website is back up and running on a new IP.

I’m really surprised that this didn’t happen a lot sooner.

Add comment June 6th, 2007


June 2007
« May   Jul »

Posts by Month

Posts by Category

Ohloh profile for Daryl C. W. O'Shea


Apache SpamAssassin