Posts filed under 'Technology'
We released new versions of SpamAssassin for both the 3.1 and 3.2 branches on Monday. 3.1.9 pretty much just includes the fix for CVE-2007-2873 (which only affects people who using the spamd –allow-tell or -l option) while 3.2.1 has a few additional fixes. Specifically 3.2.1 fixes a bug that caused the included URIBL.com (who are still under a severe DDoS attack, BTW) tests from working along with a handful of things that affect various non-default setups. Some more fixes (for problems most people will never see) to the spamd pre-forking server are also included.
Unfortunately you can’t successfully run make test as root in 3.2.1 due to the fix for bug 5480. This makes installing SA 3.2.1 via CPAN, um, difficult. I never noticed this since I always build from source as a non-root user. I don’t think any vendors, like RedHat, noticed it either since they probably all do the same thing.
If you normally install SA via CPAN, my advice would be to stick with 3.2.0 for now, avoid doing anything that triggers the local symlink vulnerability described in CVE-2007-2873 and just run sa-update to get most of the rule fixes included in 3.2.1. I expect that there will be a 3.2.2 release in a month or so.
June 13th, 2007
In case you ever find yourself the lucky recipient of a used 35mm print with leaders that may or may not be on the correct reels and with no ID frames to verify which reel is which you would be well served to know how to read the DTS timecode. 99.99% of mainstream film has DTS timecode on it. Some smaller art/other films have it too.
The last four bits of the 20 bits between mark positions indicate the reel number. Look for a series of frames that the first bit toggles between 0 and 1 and use one of those frames. If you find a frame that has more than one bit difference it’s the title serial number.
A one is indicated by a transition (a small white dot before or after a slightly longer black spot) while a 0 is indicated by no transition (a long white OR black spot). A sync mark is indicated by the combination of a really long white and black spot.
June 8th, 2007
In case you ever needed evidence that URI blacklists are effective or that spammers don’t like Spamhaus, you’ve now got a DDoS SYN flood attack to back up that argument.
The web mirrors for the three sites have been down for most of the day due to what’s reported by URIBL as “heavy syn floods for anyone operating a web mirror for uribl, surbl, or spamhaus”.
The SpamAssassin Rules Emporium (SARE) website is also down. It is hosted on one of the URIBL mirrors.
As of tonight, Spamhaus’ website is back up and running on a new IP.
I’m really surprised that this didn’t happen a lot sooner.
June 6th, 2007
Maybe I won the SPC challenge and got the bad one, but it’s D-Link so there’s a pretty good chance you could win too.
One of the D-Link “HD” BoPL adapters that I got for my wireless link to bridge the network between the guy’s house (where the cable connection is) and his garage (where the antenna and radio are mounted) called it quits a couple of weeks ago after 6 weeks of use. When I first got them and plugged them in they ran so hot that I immediately assumed that D-Link’s BoPL adapters are the force behind climate change.
The thing got so hot that it managed to reflow the solder around the pins of header J2 on the board opposite the one with the heat sink.
Even ignoring the fact that the thing ultimately failed, it sucked anyway. Typical latencies of 80ms were just acceptable given that it was just a bridge to a cable internet connection, but frequent occurrences over multiple consecutive hours of 3000+ ms latencies just blew. More than once I got pissed off enough waiting that I switched to using my dial-up connection. The problem was probably noise from something, but there was nothing different running off of his electrical panel when it happened. It could have been a neighbor that shares the same transformer, but given that the signal doesn’t seem to make it past where the neutral is bonded to ground I’d hope that they’ve got enough signal headroom to overcome outside noise.
So with one of the units non-functional (the BoPL side of the unit is non-responsive) I’ve now run some indoor cat5e across the guy’s yard (which is both cheaper at about $10 of cable as opposed to 2 of the $100 DHP-300s and a heck of a lot more responsive with <1ms latencies) until he digs a hole to add onto his house this summer (at which point I’ll bury some outdoor cat5e). I don’t even really have a use for them anymore (nor want to use them anywhere with their sucky 3000+ ms latencies) I’m not even sure if I’m going to bother dealing with getting D-Link to warranty them. Perhaps I can convince them to send me some network cards instead. If you work for D-Link give me a shout!
In any case, I guess I’ll go back to my assertion that pretty much the only reliable thing that D-Link sells is their DFE-538TX 10/100 PCI network cards.
May 30th, 2007
For those of you who missed it, we released Apache SpamAssassin 3.2.0 on May 2nd after a few RCs and a bit of pestering people to test it out. Most of the bugs people encountered in the final release were with their integration software not adhering to API requirements that haven’t changed in ages. There’s a few other bugs that will be fixed in a soon to be released (I hope) 3.2.1… nothing of major concern to most people that would prevent you from upgrading to 3.2.0 now though.
Justin Mason outlined a number of key features introduced in 3.2.0 in his posting here. Two other things I’d add off the top of my head are the support of Mail::SPF which is the current SPF reference implementation (it does away with a lot of legacy crude present in Mail::SPF::Query and generally works a lot better) and the new “whitelist_auth” option that allows a user to whitelist a sender that passes any of DKIM, DomainKeys or SPF. It’s basically whitelist_from_dkim, whitelist_from_dk and whitelist_spf all rolled into one. The benefit is that an end-user doesn’t have to know which (or keep track of changes in which) form of email auth a user/domain is using.
It looks like I was pretty close on calling the release time frame too. In this post, on September 1, 2006, I guessed at late winter or early spring. I went skiing the last week of April and we released during the first week of May. Can’t get much better than that! I just hope I didn’t delay the release on some subconscious level.
Oh, the newest release of SpamAssassin will catch more spam (than older versions) for you too. Go figure.
May 27th, 2007
…and it does. Below is the header from a mail generated by an “email this tracking page to somebody” web request via their website. WTF is “+0000 (EST)” in the Date field value. Really. Is it Canada Post that sucks, SAP, or both. Well I know for the most part Canada Post sucks and, well, SAP sucking on this point wouldn’t surprise me at all.
This really reinforces my feeling that their panic inspired product e-Post probably sucks and is likely prone to getting caught up in anti-spam systems.
In any case, being dumb costs you. For this stupidity SpamAssassin awards you with:
50_scores.cf:score INVALID_TZ_EST 2.601 2.065 2.265 2.696
50_scores.cf:score DATE_IN_PAST_03_06 2.299 1.394 1.306 0.044
Which is:
4.9 for set 0 — which lucky for them is the only thing that hits in set 0.
3.459 for set 1 — it’s a good thing the body is formatted to avoid checksum database hits.
Set 2 and 3 scores are pretty safe as long as the user’s bayes database doesn’t take off in the wrong direction (I hit BAYES_50).
Oh yeah, they forge the mail from: too! Idiots.
Return-Path: <sender@example.net>
Received: from OT1LF900.CPC (mailoutcpc.canadapost.ca [66.110.6.70])
by mx-04.dostech.net (8.13.8/8.13.8) with SMTP id l4FKMgXq005778
for <recipient@example.com>; Tue, 15 May 2007 16:22:43 -0400
Received: from (10.130.62.19) by OT1LF900.CPC via smtp
id 0969_7d2e5b8a_034c_11dc_8ee3_0002b3da1013;
Tue, 15 May 2007 21:26:36 -0400
Received: from canadapost.ca ([10.100.21.29]) by cpcw1003.cpggpc.ad with Microsoft SMTPSVC(6.0.3790.211);
Tue, 15 May 2007 16:22:42 -0400
Date: Tue, 15 May 2007 16:22:41 +0000 (EST)
From: sender@example.net
Subject: =?iso-8859-1?Q?Event_Notification_/_Avis_d’activit=E9?=
To: recipient@example.com
Reply-To: sender@example.net
Message-ID: <ADR32000002408715@canadapost.ca>
MIME-Version: 1.0
Importance: Normal
X-Priority: 3 (Normal)
X-Mailer: SAP Web Application Server 6.40
Content-Type: text/plain;
charset=”iso-8859-1″
Content-Description:
=?iso-8859-1?Q?Event_Notification_/_Avis_d’activit=E9?=
X-OriginalArrivalTime: 15 May 2007 20:22:42.0226 (UTC) FILETIME=[CA55D120:01C7972E]
May 15th, 2007
After years of sitting on my wallet not wanting to spend the money on any of the available outdoor 2.4Ghz or 900Mhz radios intended for long range use, I finally had a bit to drink on my birthday and started ordering stuff to setup a wireless link from my house to work so that I could get a better than 19,200bps internet connection. It turns out I couldn’t get high enough to get a stable link between my house and work due to a heck of a lot of noise in the direction of the office (and a lot of tall trees cutting down the SNR) so I gave up hope on free high speed internet access and went knocking on my closest neighbors’ doors. I found a guy willing to let me put an antenna on his garage in exchange for me paying for his cable internet.
Pictured below is the gear located at my house. It’s a 24 dBi grid antenna connected to a Linksys WRT54-GL via 10 feet of LMR-400 all mounted to the windsock tower on the far side of the runway next to my house, about 400′ away. The remote site is located on the right side at the tree line on the horizon 3km away. The link SNR is 30 dB. It runs at 54 Mbps.
Pictured below is the Linksys WRT54-GL, a Linksys 12 volt PoE adapter, an ethernet lightning protector and a 0-3Ghz coax lightning protector all mounted in a gutted Federal Pioneer disconnect box. So far the Linksys gear has had no problems with -10 degree celsius temperatures.
Cost for just the link (two radios, two antenna, two coax lightning protectors, two 10′ LMR-400 cables) was about $600 CDN. Another $700 or so was spent on 500′ of outdoor Cat5e (no problems with a 380′ ethernet segement between the Linksys WRT54-GL and a DLink Switch II 5 port switch), a pair of ethernet surge protectors, a PoE adapter, some surge protector power bars, another WRT54-GL to act as a NAT router at the remote end with the cable connection, and a pair of D-Link PowerLine HD Ethernet Adapters (BoPL adapters) to make a connection between the guy’s house with the internet connection and his garage that I attached the antenna and radio to.
April 27th, 2007
I’m an idiot. How over the span of 4 years I didn’t figure out that it was my Creative SB Audigy 2 causing my system to lock up I don’t know. I could have sworn that the card had sat on my desk while the problems continued. As far as I know (and I really don’t care to really look into it) the Audigy 2 doesn’t like whatever chipsets were used by Asus for their A7A266s and A7Vs. Nor do they like to run on MSI KT4Vs. Setting PCI latency to an insane value of 256 doesn’t help (at least on the KT4V). As soon as the system asks the card to do something there’s a good chance it’s going to hang the system.
Of course I never noticed the correlation between “sound” and “crash” since, before two weeks ago, I very rarely had my stereo switched to the computer sound. Usually it was on the radio or television. After getting a high speed wireless link setup on April 7th and listening to radio stations over the internet, and experiencing 6+ system lockups a day a couple days in a row, I finally clued in.
Frickin’ Creative. Not even the absurdity of buying THX from Lucas Film and giving THX approval to all your sound cards (how does that work… I’ve got the requirements for cinema THX specs and they don’t appear to apply very well to computer sound cards) could make me want to run out and buy another one from you. I can’t believe that the best sound card I ever had was an Adlib Gold (straight from the 80’s).
April 18th, 2007
After months of people bugging me to join Facebook I finally joined on the weekend. My first impression was, “wow they’ve really got a nice, well layed out, clean interface”. That changed last night while I was browsing the site at the same time they changed to their new layout which, in a word, blows.
The old layout had everything in a small compact column along the top left side. Now there’s some stuff in the old location, some stuff along the top left of the page, and some stuff on the top right of the page. So now, instead of ever so slightly rolling your hand and clicking you’ve got to move the pointer all over the place. Maybe I’m lazy, or maybe it really does suck. This Facebook group seems agree that it sucks.
April 11th, 2007
It’s about f*#cking time.
As announced back in December, wireless number portability (WNP) is to be available today in BC, AB, ON and QC. The rest of the country (and population wise, that’s probably less than a quarter of the country) will likely have to wait a while (probably until at least September 12, 2007 or for one provider to try to beat their competition to the punch) for port-in facilities since they are currently only being offered port-out facilities; “here’s your number, you can’t use it”.
I can’t wait to stick with my current provider while knowing that if I wanted to I could switch providers, go through the hassle of finding, and of course buying, a non-flip/slide/stupid GSM phone while getting to keep the number I’ve had for a long time. Really, it’s good news. No really, it is, I just don’t imagine there’s much to gain (for me) from a different providers’ rate plan. Technology isn’t an issue… I like CDMA. I like that my CDMA phone also has analog capabilities (which could stop working everywhere in a year or less anyway). In the event that I ever find myself in GSM only land, well, I hope it’s on vacation.
Anyway… I can’t wait to see all the people who switch between Bell Mobility and Telus or Rogers Wireless and Fido looking for better call quality from the same cellular network, rather than for rate plan/whatever else reasons.
March 14th, 2007
Next Posts
Previous Posts
