| Andrew Cooke | Contents | Latest | RSS | Twitter | Previous | Next

C[omp]ute

Welcome to my blog, which was once a mailing list of the same name and is still generated by mail. Please reply via the "comment" links.

Always interested in offers/projects/new ideas. Eclectic experience in fields like: numerical computing; Python web; Java enterprise; functional languages; GPGPU; SQL databases; etc. Based in Santiago, Chile; telecommute worldwide. CV; email.

Personal Projects

Lepl parser for Python.

Colorless Green.

Photography around Santiago.

SVG experiment.

Professional Portfolio

Calibration of seismometers.

Data access via web services.

Cache rewrite.

Extending OpenSSH.

Last 100 entries

Programming, Business, Social Contracts; Distributed Systems for Fun and Profit; XML and Scheme; Internet Radio Stations (Curated List); Solid Data About Placebos; Half of Americans Think Climate Change Is a Sign of the Apocalypse; Saturday Surf Sessions With Juvenile Delinquents; Ssh, tty, stdout and stderr; Feathers falling in a vacuum; Santiago 30m Bike Route; Mapa de Ciclovias en Santiago; How Unreliable is UDP?; SE Santiago 20m Bike Route; Cameron's Rap; Configuring libxml with Eclipse; Reducing Combinatorial Complexity With Occam - AI; Sentidos Comunes (Chilean Online Magazine); Hilary Mantel: The Assassination of Margaret Thatcher - August 6th 1983; NSA Interceptng Gmail During Delivery; General IIR Filters; What's happening with Scala?; Interesting (But Largely Illegible) Typeface; Retiring Essentialism; Poorest in UK, Poorest in N Europe; I Want To Be A Redneck!; Reverse Racism; The Lost Art Of Nomography; IBM Data Center (Photo); Interesting Account Of Gamma Hack; The Most Interesting Audiophile In The World; How did the first world war actually end?; Ky - Restaurant Santiago; The Black Dork Lives!; The UN Requires Unaninmous Decisions; LPIR - Steganography in Practice; How I Am 6; Clear Explanation of Verizon / Level 3 / Netflix; Teenage Girls; Formalising NSA Attacks; Switching Brakes (Tektro Hydraulic); Naim NAP 100 (Power Amp); AKG 550 First Impressions; Facebook manipulates emotions (no really); Map Reduce "No Longer Used" At Google; Removing RAID metadata; New Bike (Good Bike Shop, Santiago Chile); Removing APE Tags in Linux; Compiling Python 3.0 With GCC 4.8; Maven is Amazing; Generating Docs from a GitHub Wiki; Modular Shelves; Bash Best Practices; Good Emergency Gasfiter (Santiago, Chile); Readings in Recent Architecture; Roger Casement; Integrated Information Theory (Or Not); Possibly undefined macro AC_ENABLE_SHARED; Update on Charges; Sunburst Visualisation; Spectral Embeddings (Distances -> Coordinates); Introduction to Causality; Filtering To Help Colour-Blindness; ASUS 1015E-DS02 Too; Ready Player One; Writing Clear, Fast Julia Code; List of LatAm Novels; Running (for women); Building a Jenkins Plugin and a Jar (for Command Line use); Headphone Test Recordings; Causal Consistency; The Quest for Randomness; Chat Wars; Real-life Financial Co Without ACID Database...; Flexible Muscle-Based Locomotion for Bipedal Creatures; SQL Performance Explained; The Little Manual of API Design; Multiple Word Sizes; CRC - Next Steps; FizzBuzz; Update on CRCs; Decent Links / Discussion Community; Automated Reasoning About LLVM Optimizations and Undefined Behavior; A Painless Guide To CRC Error Detection Algorithms; Tests in Julia; Dave Eggers: what's so funny about peace, love and Starship?; Cello - High Level C Programming; autoreconf needs tar; Will Self Goes To Heathrow; Top 5 BioInformatics Papers; Vasovagal Response; Good Food in Vina; Chilean Drug Criminals Use Subsitution Cipher; Adrenaline; Stiglitz on the Impact of Technology; Why Not; How I Am 5; Lenovo X240 OpenSuse 13.1; NSA and GCHQ - Psychological Trolls; Finite Fields in Julia (Defining Your Own Number Type); Julian Assange; Starting Qemu on OpenSuse

© 2006-2013 Andrew Cooke (site) / post authors (content).

Enabling Network Spam Detection on SuSE

From: "andrew cooke" <andrew@...>

Date: Mon, 15 Jan 2007 11:34:02 -0300 (CLST)

I was revising my email processing (which uses procmail to combine a
variety of different checks, including DNS lookup, Vaipul's Razor, and
Spam Assassin) and realised that things could be much simpler - these days
(I've been using my procmail script for years) Spam Assassin can include
all the other sites, including those based on URL lookup (URL in the email
message are checked against a database - more reliable than IP checks
because it more directly identifies the sender).

To enable network based checks on SuSE you need to edit
/etc/sysconfig/spamd to remove "-L":

## Path:           Network/Mail/Spamassassin
## Description:    Arguments for the spam daemon
## Type:           string
## Default:        "-d -c -L"
## ServiceRestart: spamd
#
# The arguments passed to spamd.
# See spamd(1) man page.
# Default is "-d -c -L"
SPAMD_ARGS="-d -c"

And then that .procmail needs now for spam checking is:

:0fw
* < 100000
| spamc

:0
* ^X-Spam-Status: Yes
.Trash.spam-assassin/

And here's a typical spam header after processing - you can see that
various DNS and URL blacklists were used [I've had to edit the URLs with
.xxx in the log below as otherwise this email too is blocked...]:

Content analysis details:   (25.6 points, 5.0 required)

 pts rule name              description
---- ----------------------
--------------------------------------------------
 3.6 RATWARE_RCVD_PF        Bulk email fingerprint (Received PF) found 0.3
SUBJ_BUY               Subject line starts with Buy or Buying 1.3
INFO_TLD               URI: Contains an URL in the INFO top-level domain
-2.6 BAYES_00               BODY: Bayesian spam probability is 0 to 1%
                            [score: 0.0000]
 0.4 HTML_30_40             BODY: Message is 30% to 40% HTML
 0.0 HTML_MESSAGE           BODY: HTML included in message
 1.9 DNS_FROM_RFC_BOGUSMX   RBL: Envelope sender in
                            bogusmx.rfc-ignorant.org
 1.6 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
             [Blocked - see
<http://www.spamcop.net/bl.shtml?208.104.241.246>]
 1.6 URIBL_SBL              Contains an URL listed in the SBL blocklist
                            [URIs: wranyw.com.xxx moully.cd.xxx]
 3.8 URIBL_AB_SURBL         Contains an URL listed in the AB SURBL blocklist
                            [URIs: wranyw.com.xxx wowmojer.com.xxx
dutyrun.info.xxx] [moully.cd.xxx quiok.hk.xxx]
 4.1 URIBL_JP_SURBL         Contains an URL listed in the JP SURBL blocklist
                            [URIs: wranyw.com.xxx wowmojer.com.xxx
dutyrun.info.xxx] [moully.cd.xxx quiok.hk.xxx]
 2.1 URIBL_WS_SURBL         Contains an URL listed in the WS SURBL blocklist
                            [URIs: moully.cd.xxx]
 3.0 URIBL_OB_SURBL         Contains an URL listed in the OB SURBL blocklist
                            [URIs: wranyw.com.xxx]
 4.5 URIBL_SC_SURBL         Contains an URL listed in the SC SURBL blocklist
                            [URIs: wranyw.com.xxx wowmojer.com.xxx
moully.cd.xxx] [quiok.hk.xxx]

Andrew

Comment on this post