You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by "Daryl C. W. O'Shea" <sp...@dostech.ca> on 2006/08/13 10:19:47 UTC
SARE sa-update channels available!
Hello all,
For those of you interested in SpamAssassin's sa-update, I've created
sa-update channels for all of the rules found at the SpamAssassin Rules
Emporium website (http://www.rulesemporium.com/rules.htm).
Brief directions for use are as follows:
- download the channels' GPG key from:
http://daryl.dostech.ca/sa-update/sare/GPG.KEY
- import that key into sa-update's keyring:
sa-update --import GPG.KEY
- add the channels you want to a channel file (text file):
updates.spamassassin.org
70_sare_adult.cf.sare.sa-update.dostech.net
70_sare_spoof.cf.sare.sa-update.dostech.net
etc...
- run sa-update -- tell it to use your channel file and to trust the
channels' GPG key:
sa-update --channelfile your-channel-file.txt --gpgkey 856AA88A
Slightly more verbose directions are available here:
http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt
Also note that you'll want to remove any of the SARE rulesets updated
above from your local site directory (often /etc/mail/spamassassin/) to
keep them from overriding the ones installed by sa-update.
Regards,
Daryl
Re: SARE sa-update channels available!
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
On 8/13/2006 10:14 PM, DAve wrote:
> Daryl C. W. O'Shea wrote:
>
>> On 8/13/2006 4:49 PM, DAve wrote:
> Chainsaws, couldn't live without 'em. I hope all you lost were trees.
For the most part. Still trying to figure out how I'm going to cut up
one of the trees that is 23 feet in diameter, which conveniently is also
a hardwood, though.
>>> Two, the GPG key really only says the rules are valid from your
>>> server, it doesn't guarantee the rules are valid SARE rules. Not sure
>>> how to handle that, or if users/authors will even care. Possibly
>>> authors would be willing to tar, gzip, and sign their rules if they
>>> were provided an upload facility.
>>
>>
>> I suppose they could. It'd be a little more work for the channel users
>> though, having to import each key and include them in a trusted gpgkey
>> file. Additionally it would require documentation to be updated for
>> every new ruleset, saying what key it uses.
>
>
> We were thinking of going another way with that. We didn't consider the
> possibility of providing the author's key. Good point, we will make sure
> we don't.
BTW... the primary use for the GPG signing is to prevent tampering by
mirroring systems that may or may not be controlled by someone we even
know, such as the Coral CDN mirroring system we were trying out with
updates.spamassassin.org for a while.
> We might start using your channel until we get ours working the way we
> want:^) Possibly instead of mirroring you, we could go ahead and offer
> a full set of files providing two independent sources. Just for
> availabilities sake.
If it turns out the channels are used quite a bit, I'll probably mirror
it on my servers in Houston, Atlanta and Toronto once I get some
mirroring code written.
Different channels containing the same content wouldn't really increase
availability since people would be using only one of the channels.
> DAve
>
> PS. If I could have any plugin for SA, it would be a Snopes plugin. Scan
> my inbox, check the message against snopes and score accordingly. I
> don't need another story sent to me by family about people bolting JATO
> packs to their cars or David Bowie and Mick Jagger sleeping together.
Hmm... I'm pretty sure they wouldn't appreciate the load of thousands of
mail servers hammering their systems. It would be nice though.
Daryl
Re: SARE sa-update channels available!
Posted by DAve <da...@pixelhammer.com>.
Daryl C. W. O'Shea wrote:
> On 8/13/2006 4:49 PM, DAve wrote:
>> Daryl C. W. O'Shea wrote:
>>
>>> Hello all,
>>>
>>> For those of you interested in SpamAssassin's sa-update, I've created
>>> sa-update channels for all of the rules found at the SpamAssassin Rules
>>> Emporium website (http://www.rulesemporium.com/rules.htm).
>>
>>
>> Ya stole my thunder. I just came in from running a chainsaw all day
>> and was beginning to work on that again. If you are interested, I'd be
>> happy to mirror for you.
>
> Sorry about that. I've actually had this running for about a month and
> I got all my chainsaw work done last week while waiting five days for
> power to be restored. I wanted to fully test it and talk to some of the
> folks from SARE before I made it public.
Chainsaws, couldn't live without 'em. I hope all you lost were trees.
>
> Judging on the traffic stats I was provided with, I think I should be
> able to handle the traffic for a while anyway. I do plan on writing
> some code to efficiently update channel mirrors in a timely manner
> though, so once that's done I'll be sure to let you know.
>
>
>> Two things I saw, maybe you covered them, maybe you don't care.
>>
>> One, I had two URL vars in my script. A URL hitting my site so I could
>> download rules as often as I wanted, and another URL that hit
>> rulesemporium. Use the wrong URL too often and you get the following
>> instead of a rules file,
>>
>> AUTOBAN: Over 500 *.cf requests in 48 hours period - Check your CRON
>> CONTACT: webmaster@uribl.com
>>
>> So checking for updates too often can cause you to create a big pile
>> of channel files that will not lint. Sorry Chris, I was trying to do
>> laundry and code at the same time. I knew better too, which was why I
>> had two URLs in the script.
>
> Covered, thanks for pointing it out though.
>
>
>> Two, the GPG key really only says the rules are valid from your
>> server, it doesn't guarantee the rules are valid SARE rules. Not sure
>> how to handle that, or if users/authors will even care. Possibly
>> authors would be willing to tar, gzip, and sign their rules if they
>> were provided an upload facility.
>
> I suppose they could. It'd be a little more work for the channel users
> though, having to import each key and include them in a trusted gpgkey
> file. Additionally it would require documentation to be updated for
> every new ruleset, saying what key it uses.
We were thinking of going another way with that. We didn't consider the
possibility of providing the author's key. Good point, we will make sure
we don't.
>
> I think that I'm familiar enough with a lot of SA users that it won't be
> an issue (heck, I could post crappy rules to the users' list that a lot
> of people would probably blindly use). Of course, I'd listen to
> anyone's concerns otherwise.
>
> Also, FWIW, I won't be modifying the rulesets. Even the
> 70_sare_whitelist_spf.cf file that currently can't be updated (the
> channel update will fail) since the file doesn't pass a --lint test if
> the SPF plugin isn't enabled. I've sent mail to Bob about this. I'm
> hoping that he adds the missing ifplugin lines soon. See SA bug 5044.
>
>
>> Just some thoughts. Thanks for taking the time to do this, I think it
>> will be welcomed once the word gets out.
>
> No problem. Thanks for the comments.
We might start using your channel until we get ours working the way we
want:^) Possibly instead of mirroring you, we could go ahead and offer
a full set of files providing two independent sources. Just for
availabilities sake.
DAve
PS. If I could have any plugin for SA, it would be a Snopes plugin. Scan
my inbox, check the message against snopes and score accordingly. I
don't need another story sent to me by family about people bolting JATO
packs to their cars or David Bowie and Mick Jagger sleeping together.
--
Three years now I've asked Google why they don't have a
logo change for Memorial Day. Why do they choose to do logos
for other non-international holidays, but nothing for
Veterans?
Maybe they forgot who made that choice possible.
Re: SARE sa-update channels available!
Posted by Loren Wilton <lw...@earthlink.net>.
> channel update will fail) since the file doesn't pass a --lint test if
> the SPF plugin isn't enabled. I've sent mail to Bob about this. I'm
> hoping that he adds the missing ifplugin lines soon. See SA bug 5044.
Bob's been REAL busy lately on his day job, but we're hoping he will get a
little breathing time sometime soon.
Loren
Re: SARE sa-update channels available!
Posted by Hamish <ha...@travellingkiwi.com>.
> > Daryl C. W. O'Shea wrote:
> >> Hello all,
> >>
> >> For those of you interested in SpamAssassin's sa-update, I've created
> >> sa-update channels for all of the rules found at the SpamAssassin Rules
> >> Emporium website (http://www.rulesemporium.com/rules.htm).
I just noticed this titbit... ARe there any instructions for getting sa-update
to update the SARE rulesets? It doesn't understand www.rulesemporium.com as a
channel, and the link provided has nothing about sa-update at all. Just
rules_du_jour. (Which I do run, but I'd prefer just one tool).
Re: SARE sa-update channels available!
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
On 8/13/2006 4:49 PM, DAve wrote:
> Daryl C. W. O'Shea wrote:
>
>> Hello all,
>>
>> For those of you interested in SpamAssassin's sa-update, I've created
>> sa-update channels for all of the rules found at the SpamAssassin Rules
>> Emporium website (http://www.rulesemporium.com/rules.htm).
>
>
> Ya stole my thunder. I just came in from running a chainsaw all day and
> was beginning to work on that again. If you are interested, I'd be happy
> to mirror for you.
Sorry about that. I've actually had this running for about a month and
I got all my chainsaw work done last week while waiting five days for
power to be restored. I wanted to fully test it and talk to some of the
folks from SARE before I made it public.
Judging on the traffic stats I was provided with, I think I should be
able to handle the traffic for a while anyway. I do plan on writing
some code to efficiently update channel mirrors in a timely manner
though, so once that's done I'll be sure to let you know.
> Two things I saw, maybe you covered them, maybe you don't care.
>
> One, I had two URL vars in my script. A URL hitting my site so I could
> download rules as often as I wanted, and another URL that hit
> rulesemporium. Use the wrong URL too often and you get the following
> instead of a rules file,
>
> AUTOBAN: Over 500 *.cf requests in 48 hours period - Check your CRON
> CONTACT: webmaster@uribl.com
>
> So checking for updates too often can cause you to create a big pile of
> channel files that will not lint. Sorry Chris, I was trying to do
> laundry and code at the same time. I knew better too, which was why I
> had two URLs in the script.
Covered, thanks for pointing it out though.
> Two, the GPG key really only says the rules are valid from your server,
> it doesn't guarantee the rules are valid SARE rules. Not sure how to
> handle that, or if users/authors will even care. Possibly authors would
> be willing to tar, gzip, and sign their rules if they were provided an
> upload facility.
I suppose they could. It'd be a little more work for the channel users
though, having to import each key and include them in a trusted gpgkey
file. Additionally it would require documentation to be updated for
every new ruleset, saying what key it uses.
I think that I'm familiar enough with a lot of SA users that it won't be
an issue (heck, I could post crappy rules to the users' list that a lot
of people would probably blindly use). Of course, I'd listen to
anyone's concerns otherwise.
Also, FWIW, I won't be modifying the rulesets. Even the
70_sare_whitelist_spf.cf file that currently can't be updated (the
channel update will fail) since the file doesn't pass a --lint test if
the SPF plugin isn't enabled. I've sent mail to Bob about this. I'm
hoping that he adds the missing ifplugin lines soon. See SA bug 5044.
> Just some thoughts. Thanks for taking the time to do this, I think it
> will be welcomed once the word gets out.
No problem. Thanks for the comments.
Daryl
Re: SARE sa-update channels available!
Posted by DAve <da...@pixelhammer.com>.
Daryl C. W. O'Shea wrote:
> Hello all,
>
> For those of you interested in SpamAssassin's sa-update, I've created
> sa-update channels for all of the rules found at the SpamAssassin Rules
> Emporium website (http://www.rulesemporium.com/rules.htm).
Ya stole my thunder. I just came in from running a chainsaw all day and
was beginning to work on that again. If you are interested, I'd be happy
to mirror for you.
Two things I saw, maybe you covered them, maybe you don't care.
One, I had two URL vars in my script. A URL hitting my site so I could
download rules as often as I wanted, and another URL that hit
rulesemporium. Use the wrong URL too often and you get the following
instead of a rules file,
AUTOBAN: Over 500 *.cf requests in 48 hours period - Check your CRON
CONTACT: webmaster@uribl.com
So checking for updates too often can cause you to create a big pile of
channel files that will not lint. Sorry Chris, I was trying to do
laundry and code at the same time. I knew better too, which was why I
had two URLs in the script.
Two, the GPG key really only says the rules are valid from your server,
it doesn't guarantee the rules are valid SARE rules. Not sure how to
handle that, or if users/authors will even care. Possibly authors would
be willing to tar, gzip, and sign their rules if they were provided an
upload facility.
Just some thoughts. Thanks for taking the time to do this, I think it
will be welcomed once the word gets out.
DAve
>
> Brief directions for use are as follows:
>
> - download the channels' GPG key from:
>
> http://daryl.dostech.ca/sa-update/sare/GPG.KEY
>
> - import that key into sa-update's keyring:
>
> sa-update --import GPG.KEY
>
> - add the channels you want to a channel file (text file):
>
> updates.spamassassin.org
> 70_sare_adult.cf.sare.sa-update.dostech.net
> 70_sare_spoof.cf.sare.sa-update.dostech.net
>
> etc...
>
> - run sa-update -- tell it to use your channel file and to trust the
> channels' GPG key:
>
> sa-update --channelfile your-channel-file.txt --gpgkey 856AA88A
>
>
> Slightly more verbose directions are available here:
>
> http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt
>
>
> Also note that you'll want to remove any of the SARE rulesets updated
> above from your local site directory (often /etc/mail/spamassassin/) to
> keep them from overriding the ones installed by sa-update.
>
>
> Regards,
>
> Daryl
>
>
>
--
Three years now I've asked Google why they don't have a
logo change for Memorial Day. Why do they choose to do logos
for other non-international holidays, but nothing for
Veterans?
Maybe they forgot who made that choice possible.
Re: SARE sa-update channels available!
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
70_sare_whitelist_spf.cf has now been updated to include the necessary
ifplugin line so it can now be updated via sa-update using the
70_sare_whitelist_spf.cf.sare.sa-update.dostech.net channel.
Regards,
Daryl
Daryl C. W. O'Shea wrote:
> I noticed a number of people have been trying to update the
> 70_sare_whitelist_spf.cf ruleset. In case any one had missed it
> mentioned in this thread, the ruleset is broken upstream (it's missing
> some required ifplugin lines) so updating that ruleset/channel will fail
> until it is fixed.
>
>
> Daryl
>
>
> On 8/13/2006 4:19 AM, Daryl C. W. O'Shea wrote:
>> Hello all,
>>
>> For those of you interested in SpamAssassin's sa-update, I've created
>> sa-update channels for all of the rules found at the SpamAssassin Rules
>> Emporium website (http://www.rulesemporium.com/rules.htm).
>>
>> Brief directions for use are as follows:
>>
>> - download the channels' GPG key from:
>>
>> http://daryl.dostech.ca/sa-update/sare/GPG.KEY
>>
>> - import that key into sa-update's keyring:
>>
>> sa-update --import GPG.KEY
>>
>> - add the channels you want to a channel file (text file):
>>
>> updates.spamassassin.org
>> 70_sare_adult.cf.sare.sa-update.dostech.net
>> 70_sare_spoof.cf.sare.sa-update.dostech.net
>>
>> etc...
>>
>> - run sa-update -- tell it to use your channel file and to trust the
>> channels' GPG key:
>>
>> sa-update --channelfile your-channel-file.txt --gpgkey 856AA88A
>>
>>
>> Slightly more verbose directions are available here:
>>
>> http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt
>>
>>
>> Also note that you'll want to remove any of the SARE rulesets updated
>> above from your local site directory (often /etc/mail/spamassassin/) to
>> keep them from overriding the ones installed by sa-update.
>>
>>
>> Regards,
>>
>> Daryl
>>
>
Re: SARE sa-update channels available!
Posted by "Daryl C. W. O'Shea" <sp...@dostech.ca>.
I noticed a number of people have been trying to update the
70_sare_whitelist_spf.cf ruleset. In case any one had missed it
mentioned in this thread, the ruleset is broken upstream (it's missing
some required ifplugin lines) so updating that ruleset/channel will fail
until it is fixed.
Daryl
On 8/13/2006 4:19 AM, Daryl C. W. O'Shea wrote:
> Hello all,
>
> For those of you interested in SpamAssassin's sa-update, I've created
> sa-update channels for all of the rules found at the SpamAssassin Rules
> Emporium website (http://www.rulesemporium.com/rules.htm).
>
> Brief directions for use are as follows:
>
> - download the channels' GPG key from:
>
> http://daryl.dostech.ca/sa-update/sare/GPG.KEY
>
> - import that key into sa-update's keyring:
>
> sa-update --import GPG.KEY
>
> - add the channels you want to a channel file (text file):
>
> updates.spamassassin.org
> 70_sare_adult.cf.sare.sa-update.dostech.net
> 70_sare_spoof.cf.sare.sa-update.dostech.net
>
> etc...
>
> - run sa-update -- tell it to use your channel file and to trust the
> channels' GPG key:
>
> sa-update --channelfile your-channel-file.txt --gpgkey 856AA88A
>
>
> Slightly more verbose directions are available here:
>
> http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt
>
>
> Also note that you'll want to remove any of the SARE rulesets updated
> above from your local site directory (often /etc/mail/spamassassin/) to
> keep them from overriding the ones installed by sa-update.
>
>
> Regards,
>
> Daryl
>