You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Adam Katz <an...@khopis.com> on 2011/08/05 19:49:36 UTC
Re: SA-update: failing for khopesh.com rules?
On 07/23/2011 01:05 PM, Benny Pedersen wrote:
> On Sat, 23 Jul 2011 00:35:41 -0700 (PDT), Fenris wrote:
>
>>>>> http://khopesh.com/sa/khop-sc-neighbors/2011062101.tar.gz request
>>>>> failed: 404 Not Found:
>
>> Sorry Adam, I'm still seeing the same problem this morning, for whatever
>> reason it's still asking for
>> the 21st June tar.gz that was causing the problem originally.
>>
>> My end, or your end?
>
> see same problem here, other khop channels are ok with 3.3.2
One of the DNS slaves changed its IP (and my provider didn't tell me
about it), so the zone transfer requests were getting denied. The other
one has been fine for a while, so it's luck of the draw.
I fixed this yesterday and updates are now fully functional.
Re: SA-update: failing for khopesh.com rules?
Posted by John Hardin <jh...@impsec.org>.
On Mon, 8 Aug 2011, Adam Katz wrote:
> (I hear the publishing mechanism now allows for scores set in the
> sandboxes to act as upper limits on published rules. That would solve
> this issue.)
Confirmed.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Where We Want You To Go Today 07/05/07: Microsoft patents in-OS
adware architecture incorporating spyware, profiling, competitor
suppression and delivery confirmation (U.S. Patent #20070157227)
-----------------------------------------------------------------------
7 days until the 66th anniversary of the end of World War II
Re: SA-update: failing for khopesh.com rules?
Posted by Adam Katz <an...@khopis.com>.
On Fri, 05 Aug 2011 10:49:36 -0700, Adam Katz wrote:
>> I fixed this yesterday and updates are now fully functional.
On 08/05/2011 07:36 PM, Benny Pedersen wrote:
> super, i just noticed nopublis in the above file, is this intended ?
Short answer: Yes. The GA is too slow to publish them itself.
Longer answer:
Until subversion repository checkins reliably get published with a
sub-24h turnaround time, the rules in khop-sc-neighbors should not be
published through that mechanism. My sa-update channel is updated a few
times each day and can handle that.
Another issue with upstream is that we'd have to be extra-careful to
retract all of these rules once we stop updating them (i.e. when a new
release comes out and the older one's auto-updates dwindle).
Its regular checkins to the SVN trunk (which are *not* as frequent as
the channel's updates) are for ruleQA purposes only, acting as evidence
that the rules are of high quality.
One further note: The CIDR/8 rules (and the others, to a small degree)
look *very* solid to the scoring mechanism. This is in part due to
sampling bias; we have very little ham coming in from Latin America,
Africa (esp. Nigeria), and Asia (esp. China), which tend to amplify
rules that specifically target those regions. It is also unfair to
penalize somebody for their provider's /8, which would be entirely out
of their control. Both of these reasons mandate the rules stay capped
at low scores.
(I hear the publishing mechanism now allows for scores set in the
sandboxes to act as upper limits on published rules. That would solve
this issue.)
Re: SA-update: failing for khopesh.com rules?
Posted by Benny Pedersen <me...@junc.org>.
On Fri, 05 Aug 2011 10:49:36 -0700, Adam Katz wrote:
> On 07/23/2011 01:05 PM, Benny Pedersen wrote:
>> On Sat, 23 Jul 2011 00:35:41 -0700 (PDT), Fenris wrote:
>>>>>> http://khopesh.com/sa/khop-sc-neighbors/2011062101.tar.gz
>>>>>> request
> I fixed this yesterday and updates are now fully functional.
super, i just noticed nopublis in the above file, is this intended ?