| Andrew Cooke | Contents | Latest | RSS | Twitter | Previous | Next


Welcome to my blog, which was once a mailing list of the same name and is still generated by mail. Please reply via the "comment" links.

Always interested in offers/projects/new ideas. Eclectic experience in fields like: numerical computing; Python web; Java enterprise; functional languages; GPGPU; SQL databases; etc. Based in Santiago, Chile; telecommute worldwide. CV; email.

Personal Projects

Lepl parser for Python.

Colorless Green.

Photography around Santiago.

SVG experiment.

Professional Portfolio

Calibration of seismometers.

Data access via web services.

Cache rewrite.

Extending OpenSSH.

C-ORM: docs, API.

Last 100 entries

Small Success With Go!; Re: Quick message - This link is broken; Adding Reverb To The Echo Chamber; Sox Audio Tools; Would This Have Been OK?; Honesty only important economically before institutions develop; Stegangraphy via PS4; OpenCL Mess; More Book Recommendations; Good Explanation of Difference Between Majority + Minority; Musical Chairs - Who's The Privileged White Guy; I can see straight men watching this conversation and laffing; When it's Actually a Source of Indignation and Disgust; Meta Thread Defending POC Causes POC To Close Account; Indigenous People Of Chile; Curry Recipe; Interesting Link On Marginality; A Nuclear Launch Ordered, 1962; More Book Recs (Better Person); It's Nuanced, And I Tried, So Back Off; Marx; The Negative Of Positive; Jenny Holzer Rocks; Huge Article on Cultural Evolution and More; "Ignoring language theory"; Negative Finger Counting; Week 12; Communication Via Telecomm Bids; Finding Suspects Via Relatives' DNA From Non-Crime Databases; Statistics and Information Theory; Ice OK in USA; On The Other Hand; (Current Understanding Of) Chilean Taxes / Contributions; M John Harrison; Playing Games on a Cloud GPU; China Gamifies Real Life; Can't Help Thinking It's Thoughtcrime; Mefi Quotes; Spray Painting Bike Frame; Weeks 10 + 11; Change: No Longer Possible To Merge Metadata; Books on Old Age; Health Tree Maps; MRA - Men's Rights Activists; Writing Good C++14; Risk Assessment - Fukushima; The Future of Advertising and Surveillance; Travelling With Betaferon; I think I know what I dislike so much about Metafilter; Weeks 8 + 9; More; Pastamore - Bad Italian in Vitacura; History Books; Iraq + The (UK) Governing Elite; Answering Some Hard Questions; Pinochet: The Dictator's Shadow; An Outsider's Guide To Julia Packages; Nobody gives a shit; Lepton Decay Irregularity; An Easier Way; Julia's BinDeps (aka How To Install Cairo); Good Example Of Good Police Work (And Anonymity Being Hard); Best Santiago Burgers; Also; Michael Emmerich (Vibrator Translator) Interview (Japanese Books); Clarice Lispector (Brazillian Writer); Books On Evolution; Looks like Ara (Modular Phone) is dead; Index - Translations From Chile; More Emotion in Chilean Wines; Week 7; Aeon Magazine (Science-ish); QM, Deutsch, Constructor Theory; Interesting Talk Transcripts; Interesting Suggestion Of Election Fraud; "Hard" Books; Articles or Papers on depolarizing the US; Textbook for "QM as complex probabilities"; SFO Get Libor Trader (14 years); Why Are There Still So Many Jobs?; Navier Stokes Incomplete; More on Benford; FBI Claimed Vandalism; Architectural Tessellation; Also: Go, Blake's 7; Delusions of Gender (book); Crypto AG DID work with NSA / GCHQ; UNUMS (Universal Number Format); MOOCs (Massive Open Online Courses); Interesting Looking Game; Euler's Theorem for Polynomials; Weeks 3-6; Reddit Comment; Differential Cryptanalysis For Dummies; Japanese Graphic Design; Books To Be Re-Read; And Today I Learned Bugs Need Clear Examples; Factoring a 67 bit prime in your head; Islamic Geometric Art; Useful Julia Backtraces from Tasks; Nothing, however, is lost with less discomfort than that which, when lost, cannot be missed

© 2006-2015 Andrew Cooke (site) / post authors (content).

Enabling Network Spam Detection on SuSE

From: "andrew cooke" <andrew@...>

Date: Mon, 15 Jan 2007 11:34:02 -0300 (CLST)

I was revising my email processing (which uses procmail to combine a
variety of different checks, including DNS lookup, Vaipul's Razor, and
Spam Assassin) and realised that things could be much simpler - these days
(I've been using my procmail script for years) Spam Assassin can include
all the other sites, including those based on URL lookup (URL in the email
message are checked against a database - more reliable than IP checks
because it more directly identifies the sender).

To enable network based checks on SuSE you need to edit
/etc/sysconfig/spamd to remove "-L":

## Path:           Network/Mail/Spamassassin
## Description:    Arguments for the spam daemon
## Type:           string
## Default:        "-d -c -L"
## ServiceRestart: spamd
# The arguments passed to spamd.
# See spamd(1) man page.
# Default is "-d -c -L"
SPAMD_ARGS="-d -c"

And then that .procmail needs now for spam checking is:

* < 100000
| spamc

* ^X-Spam-Status: Yes

And here's a typical spam header after processing - you can see that
various DNS and URL blacklists were used [I've had to edit the URLs with
.xxx in the log below as otherwise this email too is blocked...]:

Content analysis details:   (25.6 points, 5.0 required)

 pts rule name              description
---- ----------------------
 3.6 RATWARE_RCVD_PF        Bulk email fingerprint (Received PF) found 0.3
SUBJ_BUY               Subject line starts with Buy or Buying 1.3
INFO_TLD               URI: Contains an URL in the INFO top-level domain
-2.6 BAYES_00               BODY: Bayesian spam probability is 0 to 1%
                            [score: 0.0000]
 0.4 HTML_30_40             BODY: Message is 30% to 40% HTML
 0.0 HTML_MESSAGE           BODY: HTML included in message
 1.9 DNS_FROM_RFC_BOGUSMX   RBL: Envelope sender in
 1.6 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
             [Blocked - see
 1.6 URIBL_SBL              Contains an URL listed in the SBL blocklist
                            [URIs: wranyw.com.xxx moully.cd.xxx]
 3.8 URIBL_AB_SURBL         Contains an URL listed in the AB SURBL blocklist
                            [URIs: wranyw.com.xxx wowmojer.com.xxx
dutyrun.info.xxx] [moully.cd.xxx quiok.hk.xxx]
 4.1 URIBL_JP_SURBL         Contains an URL listed in the JP SURBL blocklist
                            [URIs: wranyw.com.xxx wowmojer.com.xxx
dutyrun.info.xxx] [moully.cd.xxx quiok.hk.xxx]
 2.1 URIBL_WS_SURBL         Contains an URL listed in the WS SURBL blocklist
                            [URIs: moully.cd.xxx]
 3.0 URIBL_OB_SURBL         Contains an URL listed in the OB SURBL blocklist
                            [URIs: wranyw.com.xxx]
 4.5 URIBL_SC_SURBL         Contains an URL listed in the SC SURBL blocklist
                            [URIs: wranyw.com.xxx wowmojer.com.xxx
moully.cd.xxx] [quiok.hk.xxx]


Comment on this post