You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by "Dan Mahoney, System Admin" <da...@prime.gushi.org> on 2009/04/27 06:36:37 UTC
Code Rot?
Hey all,
While there's a decent amount of spamassassin list traffic to imply
otherwise, is the SA project falling dormant?
the sare-rules claim they won't be updated due to lives, wives, and
hockey.
the fuzzyOCR project claims the only thing that works with 3.2 is the SVN
version, and on the same page claims you shouln't really expect the SVN
version to work.
The wiki pages show the last release as almost a year ago, with no notice
of any betas, pending releases, or whatnot.
Many commercial products have happily used SA in their core offering, is
that where the future of development is?
-Dan
--
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------
Re: Code Rot?
Posted by Justin Mason <jm...@jmason.org>.
cool. good to hear it guys ;) I'll get this rigged up soon... right now I'm on
jury service :(
--j.
On Tue, Apr 28, 2009 at 16:29, John Hardin <jh...@impsec.org> wrote:
> On Tue, 28 Apr 2009, Matt wrote:
>
>> Steve Freegard wrote:
>>>
>>> Is it possible to get SVN access just to the sandboxes though? I'd be
>>> happy to submit rules for testing.
>>
>> Ditto
>>
>
> +1
>
> --
> John Hardin KA7OHZ http://www.impsec.org/~jhardin/
> jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
> key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
> -----------------------------------------------------------------------
> Windows Genuine Advantage (WGA) means that now you use your
> computer at the sufferance of Microsoft Corporation. They can
> kill it remotely without your consent at any time for any reason;
> it also shuts down in sympathy when the servers at Microsoft crash.
> -----------------------------------------------------------------------
> 10 days until the 64th anniversary of VE day
>
>
Re: Code Rot?
Posted by John Hardin <jh...@impsec.org>.
On Tue, 28 Apr 2009, Matt wrote:
> Steve Freegard wrote:
>> Is it possible to get SVN access just to the sandboxes though? I'd be
>> happy to submit rules for testing.
>
> Ditto
>
+1
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Windows Genuine Advantage (WGA) means that now you use your
computer at the sufferance of Microsoft Corporation. They can
kill it remotely without your consent at any time for any reason;
it also shuts down in sympathy when the servers at Microsoft crash.
-----------------------------------------------------------------------
10 days until the 64th anniversary of VE day
Re: Code Rot?
Posted by Yet Another Ninja <sa...@alexb.ch>.
On 4/28/2009 12:52 PM, Matt wrote:
> Steve Freegard wrote:
>> Is it possible to get SVN access just to the sandboxes though? I'd be
>> happy to submit rules for testing. My membership of the -dev list was
>> after the PreflightByMail announcement and I would have definitely used
>> it had I been aware of it.
>>
>>
> Ditto on both counts.....
>
<aol>
met too!
</aol>
Re: Code Rot?
Posted by Matt <sp...@coders.co.uk>.
Steve Freegard wrote:
> Is it possible to get SVN access just to the sandboxes though? I'd be
> happy to submit rules for testing. My membership of the -dev list was
> after the PreflightByMail announcement and I would have definitely used
> it had I been aware of it.
>
>
Ditto on both counts.....
matt
Re: Code Rot?
Posted by Steve Freegard <st...@stevefreegard.com>.
Justin Mason wrote:
> On Mon, Apr 27, 2009 at 17:38, John Hardin <jh...@impsec.org> wrote:
>> On Mon, 27 Apr 2009, Justin Mason wrote:
>>
>>> On Mon, Apr 27, 2009 at 17:03, Yet Another Ninja <sa...@alexb.ch> wrote:
>>>
>>>> SARE had a nice system where you could submit a rule via email and got
>>>> the masscheck results via email. Sadly all the boxes which did this are
>>>> dead.
>>> actually, I _did_ come up with one of those, but nobody used it :(
>>>
>>> http://wiki.apache.org/spamassassin/PreflightByMail
>> Did you announce it to the users list?
>
> nope -- on the dev list. A couple of SARE folks responded saying
> "cool!" though.
>
>>> btw, don't bother trying it now -- I turned it off again after it was
>>> never used.
>> Ooo. Can it be resurrected?
>>
>> But this is only part of the problem. How difficult is it for third parties
>> to submit rules for review and inclusion in the base ruleset without
>> necessarily joining the dev group? Is posting the proposed rule to bugzilla
>> sufficient?
>
> getting the rule into the "rulesrc" area is all that's needed. it
> gets auto-promoted
> based on linting ok, getting good performance etc....
>
> it's a hell of a lot easier to use SVN these days though. Would it
> really be impossible
> to do it that way? that's as simple as
>
> svn up
> edit rulesrc/sandbox/jm/20_whatever.cf
> svn commit rulesrc/sandbox/jm/20_whatever.cf
>
> and wait ;)
>
Is it possible to get SVN access just to the sandboxes though? I'd be
happy to submit rules for testing. My membership of the -dev list was
after the PreflightByMail announcement and I would have definitely used
it had I been aware of it.
Cheers,
Steve.
Re: Code Rot?
Posted by Justin Mason <jm...@jmason.org>.
On Tue, Apr 28, 2009 at 02:33, RW <rw...@googlemail.com> wrote:
> On Mon, 27 Apr 2009 18:04:36 +0100
> Justin Mason <jm...@jmason.org> wrote:
>
>> that's pretty much it. low FPs and a useful number of hits (ie. over
>> 1% iirc).
>
> Unfortunately, that doesn't necessarily mean that the rule is useful.
> It's easy to create rules that match the above criteria, but most of
> them never make a difference as they only fire on spam that's already
> caught with a high score. It's much harder to create new rules that
> really make a difference - I've found that those that do are mostly
> specific to my own mail.
>
> I'm not really convinced that a *lot* of new rules are really needed,
> particularly when you consider that the main complaint against SA is
> the number cpu cycles it consumes.
yes. we have ways to measure and mitigate this -- once we have the rules
in SVN.
--j.
Re: Code Rot?
Posted by RW <rw...@googlemail.com>.
On Mon, 27 Apr 2009 18:04:36 +0100
Justin Mason <jm...@jmason.org> wrote:
> that's pretty much it. low FPs and a useful number of hits (ie. over
> 1% iirc).
Unfortunately, that doesn't necessarily mean that the rule is useful.
It's easy to create rules that match the above criteria, but most of
them never make a difference as they only fire on spam that's already
caught with a high score. It's much harder to create new rules that
really make a difference - I've found that those that do are mostly
specific to my own mail.
I'm not really convinced that a *lot* of new rules are really needed,
particularly when you consider that the main complaint against SA is
the number cpu cycles it consumes.
Re: Code Rot?
Posted by Justin Mason <jm...@jmason.org>.
On Mon, Apr 27, 2009 at 18:00, John Hardin <jh...@impsec.org> wrote:
> On Mon, 27 Apr 2009, Justin Mason wrote:
>
>> On Mon, Apr 27, 2009 at 17:38, John Hardin <jh...@impsec.org> wrote:
>>
>>> But this is only part of the problem. How difficult is it for third
>>> parties
>>> to submit rules for review and inclusion in the base ruleset without
>>> necessarily joining the dev group? Is posting the proposed rule to
>>> bugzilla
>>> sufficient?
>>
>> getting the rule into the "rulesrc" area is all that's needed. it
>> gets auto-promoted based on linting ok, getting good performance etc....
>>
>> it's a hell of a lot easier to use SVN these days though. Would it
>> really be impossible to do it that way? that's as simple as
>>
>> svn up
>> edit rulesrc/sandbox/jm/20_whatever.cf
>> svn commit rulesrc/sandbox/jm/20_whatever.cf
>>
>> and wait ;)
>
> That's cool too. I was just wondering how much manual review newly-submitted
> rules would/should be subject to.
>
> Does "good performance" mean it has to meet a minimal hit rate? Are there
> other metrics?
that's pretty much it. low FPs and a useful number of hits (ie. over 1% iirc).
any further review takes place after-commit -- ie if someone notices that it
causes problems, or queries a dead DNSBL, or runs really slowly etc. they may
mark it "nopublish" afterwards so it doesn't get published.
--j.
Re: Code Rot?
Posted by John Hardin <jh...@impsec.org>.
On Mon, 27 Apr 2009, Justin Mason wrote:
> On Mon, Apr 27, 2009 at 17:38, John Hardin <jh...@impsec.org> wrote:
>
>> But this is only part of the problem. How difficult is it for third parties
>> to submit rules for review and inclusion in the base ruleset without
>> necessarily joining the dev group? Is posting the proposed rule to bugzilla
>> sufficient?
>
> getting the rule into the "rulesrc" area is all that's needed. it
> gets auto-promoted based on linting ok, getting good performance etc....
>
> it's a hell of a lot easier to use SVN these days though. Would it
> really be impossible to do it that way? that's as simple as
>
> svn up
> edit rulesrc/sandbox/jm/20_whatever.cf
> svn commit rulesrc/sandbox/jm/20_whatever.cf
>
> and wait ;)
That's cool too. I was just wondering how much manual review
newly-submitted rules would/should be subject to.
Does "good performance" mean it has to meet a minimal hit rate? Are there
other metrics?
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
It is not the business of government to make men virtuous or
religious, or to preserve the fool from the consequences of his own
folly. -- Henry George
-----------------------------------------------------------------------
96 days since Obama's inauguration and still no unicorn!
Re: Code Rot?
Posted by Justin Mason <jm...@jmason.org>.
On Mon, Apr 27, 2009 at 17:38, John Hardin <jh...@impsec.org> wrote:
> On Mon, 27 Apr 2009, Justin Mason wrote:
>
>> On Mon, Apr 27, 2009 at 17:03, Yet Another Ninja <sa...@alexb.ch> wrote:
>>
>>> SARE had a nice system where you could submit a rule via email and got
>>> the masscheck results via email. Sadly all the boxes which did this are
>>> dead.
>>
>> actually, I _did_ come up with one of those, but nobody used it :(
>>
>> http://wiki.apache.org/spamassassin/PreflightByMail
>
> Did you announce it to the users list?
nope -- on the dev list. A couple of SARE folks responded saying
"cool!" though.
>> btw, don't bother trying it now -- I turned it off again after it was
>> never used.
>
> Ooo. Can it be resurrected?
>
> But this is only part of the problem. How difficult is it for third parties
> to submit rules for review and inclusion in the base ruleset without
> necessarily joining the dev group? Is posting the proposed rule to bugzilla
> sufficient?
getting the rule into the "rulesrc" area is all that's needed. it
gets auto-promoted
based on linting ok, getting good performance etc....
it's a hell of a lot easier to use SVN these days though. Would it
really be impossible
to do it that way? that's as simple as
svn up
edit rulesrc/sandbox/jm/20_whatever.cf
svn commit rulesrc/sandbox/jm/20_whatever.cf
and wait ;)
--j.
Re: Code Rot?
Posted by John Hardin <jh...@impsec.org>.
On Mon, 27 Apr 2009, Justin Mason wrote:
> On Mon, Apr 27, 2009 at 17:03, Yet Another Ninja <sa...@alexb.ch> wrote:
>
>> SARE had a nice system where you could submit a rule via email and got
>> the masscheck results via email. Sadly all the boxes which did this are
>> dead.
>
> actually, I _did_ come up with one of those, but nobody used it :(
>
> http://wiki.apache.org/spamassassin/PreflightByMail
Did you announce it to the users list?
> btw, don't bother trying it now -- I turned it off again after it was
> never used.
Ooo. Can it be resurrected?
But this is only part of the problem. How difficult is it for third
parties to submit rules for review and inclusion in the base ruleset
without necessarily joining the dev group? Is posting the proposed rule to
bugzilla sufficient?
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
It is not the business of government to make men virtuous or
religious, or to preserve the fool from the consequences of his own
folly. -- Henry George
-----------------------------------------------------------------------
96 days since Obama's inauguration and still no unicorn!
Re: Code Rot?
Posted by Justin Mason <jm...@jmason.org>.
On Mon, Apr 27, 2009 at 17:03, Yet Another Ninja <sa...@alexb.ch> wrote:
> On 4/27/2009 5:47 PM, Theo Van Dinter wrote:
>>
>> These days there is basically no rule development going on, it seems.
>> Justin's sought rules are the only ones really being updated, and
>> that's because they're computer generated. :)
>>
>> That's actually something else I'm sad about -- we had such a huge
>> corpus of mail, I would really like to have seen something that took
>> advantage of it.
>>
>>
>> So anyway ... Yeah, IMO, if more people don't get involved, and
>> specifically to work on rule development, SA is going to completely
>> stagnate.
>
> Theo,
> For the same reasons, SARE lost interest.
>
>
> One for sure, the process to submit rules is complicated and cumbersome,
> unless you have a backdoor.
>
> SARE had a nice system where you could submit a rule via email and got the
> masscheck results via email. Sadly all the boxes which did this are dead. I
> wonder if the SA masscheckers could be taught to do something like that. It
> could possibly inspire ppl if they see fast results and publishing of new 0
> hour rules.
actually, I _did_ come up with one of those, but nobody used it :(
http://wiki.apache.org/spamassassin/PreflightByMail
btw, don't bother trying it now -- I turned it off again after it was
never used.
--j.
Re: Code Rot?
Posted by Igor Chudov <ig...@chudov.com>.
I have a few computers that I can volunteer for checking spam rules.
i
> SARE had a nice system where you could submit a rule via email and got
> the masscheck results via email. Sadly all the boxes which did this are
> dead. I wonder if the SA masscheckers could be taught to do something
> like that. It could possibly inspire ppl if they see fast results and
> publishing of new 0 hour rules.
>
> Axb
Re: Code Rot?
Posted by Yet Another Ninja <sa...@alexb.ch>.
On 4/27/2009 5:47 PM, Theo Van Dinter wrote:
> These days there is basically no rule development going on, it seems.
> Justin's sought rules are the only ones really being updated, and
> that's because they're computer generated. :)
>
> That's actually something else I'm sad about -- we had such a huge
> corpus of mail, I would really like to have seen something that took
> advantage of it.
>
>
> So anyway ... Yeah, IMO, if more people don't get involved, and
> specifically to work on rule development, SA is going to completely
> stagnate.
Theo,
For the same reasons, SARE lost interest.
One for sure, the process to submit rules is complicated and cumbersome,
unless you have a backdoor.
SARE had a nice system where you could submit a rule via email and got
the masscheck results via email. Sadly all the boxes which did this are
dead. I wonder if the SA masscheckers could be taught to do something
like that. It could possibly inspire ppl if they see fast results and
publishing of new 0 hour rules.
Axb
Re: Code Rot?
Posted by Theo Van Dinter <fe...@apache.org>.
fwiw, I was going to say "Yes" to the first question. Not sure about
the second question, though I've always wanted to see more
sharing/give-back from those folks.
While there have been a bunch of mails on the dev list, most of it is
incorrectly opened bugs, or other randomness.
IMO, there hasn't been a lot of actual development going on in quite a
while -- it's definitely *way* less than it was back in the 2004-2005
days (wow, really? I didn't realize that was so long ago...)
I only speak for myself here, but SA mostly accomplished the goal that
I wanted it to -- the vast (*vast*) majority of my spam was dealt with
automatically, so I didn't have to think about it much anymore. That
combined w/ several job-related changes, kind of pulled me away, which
is why I haven't been very active since 2005.
With sa-update, I had hoped that there'd be more effort in bug fixing
and maintenance releases of older versions, along with more focus on
rule development ... but that didn't really happen. That's actually
the big killer, IMO: lack of rule development. New SA releases just
update the engine, which is great, but there's diminishing returns to
update something which works pretty well already. This is really why
I wanted the third-party rule folks to get more involved w/ the main
project (thereby being less "third-party" and thus giving more
momentum to the project), but that never really happened either.
These days there is basically no rule development going on, it seems.
Justin's sought rules are the only ones really being updated, and
that's because they're computer generated. :)
That's actually something else I'm sad about -- we had such a huge
corpus of mail, I would really like to have seen something that took
advantage of it.
So anyway ... Yeah, IMO, if more people don't get involved, and
specifically to work on rule development, SA is going to completely
stagnate.
On Mon, Apr 27, 2009 at 7:56 AM, Matt Kettler <mk...@verizon.net> wrote:
> Dan Mahoney, System Admin wrote:
>> Hey all,
>>
>> While there's a decent amount of spamassassin list traffic to imply
>> otherwise, is the SA project falling dormant?
>>
>> the sare-rules claim they won't be updated due to lives, wives, and
>> hockey.
>>
>> the fuzzyOCR project claims the only thing that works with 3.2 is the
>> SVN version, and on the same page claims you shouln't really expect
>> the SVN version to work.
>>
>> The wiki pages show the last release as almost a year ago, with no
>> notice of any betas, pending releases, or whatnot.
>>
>> Many commercial products have happily used SA in their core offering,
>> is that where the future of development is?
>
> Well, I can't speak for third-party efforts like SARE and fuzzyOCR.
> However, you can check out the SA devel effort over on our dev list
> archives:
>
> http://mail-archives.apache.org/mod_mbox/spamassassin-dev/200904.mbox/browser
>
> I'd say our effort has been a little lower than normal lately, but it's
> hardly dead. We're trying to wrap 3.3 up, see the "3.3.0 plans" thread.
>
>
Re: Code Rot?
Posted by Justin Mason <jm...@jmason.org>.
On Mon, Apr 27, 2009 at 12:56, Matt Kettler <mk...@verizon.net> wrote:
> Dan Mahoney, System Admin wrote:
>> Hey all,
>>
>> While there's a decent amount of spamassassin list traffic to imply
>> otherwise, is the SA project falling dormant?
>>
>> the sare-rules claim they won't be updated due to lives, wives, and
>> hockey.
>>
>> the fuzzyOCR project claims the only thing that works with 3.2 is the
>> SVN version, and on the same page claims you shouln't really expect
>> the SVN version to work.
>>
>> The wiki pages show the last release as almost a year ago, with no
>> notice of any betas, pending releases, or whatnot.
>>
>> Many commercial products have happily used SA in their core offering,
>> is that where the future of development is?
>
> Well, I can't speak for third-party efforts like SARE and fuzzyOCR.
> However, you can check out the SA devel effort over on our dev list
> archives:
>
> http://mail-archives.apache.org/mod_mbox/spamassassin-dev/200904.mbox/browser
>
> I'd say our effort has been a little lower than normal lately, but it's
> hardly dead. We're trying to wrap 3.3 up, see the "3.3.0 plans" thread.
As Matt says, the dev list is where the action's at for core SA. we don't
really use the wiki for "live" development discussion; we use it more as
a storage for FAQ info.
We could always do with more help, too. In particular we need rule
developers willing to commit their rules to SVN, test them using the ruleqa
system, and use that to come up with new and cool high-accuracy, low-FP
rules for the core ruleset ;)
--j.
Re: Code Rot?
Posted by Matt Kettler <mk...@verizon.net>.
Dan Mahoney, System Admin wrote:
> Hey all,
>
> While there's a decent amount of spamassassin list traffic to imply
> otherwise, is the SA project falling dormant?
>
> the sare-rules claim they won't be updated due to lives, wives, and
> hockey.
>
> the fuzzyOCR project claims the only thing that works with 3.2 is the
> SVN version, and on the same page claims you shouln't really expect
> the SVN version to work.
>
> The wiki pages show the last release as almost a year ago, with no
> notice of any betas, pending releases, or whatnot.
>
> Many commercial products have happily used SA in their core offering,
> is that where the future of development is?
Well, I can't speak for third-party efforts like SARE and fuzzyOCR.
However, you can check out the SA devel effort over on our dev list
archives:
http://mail-archives.apache.org/mod_mbox/spamassassin-dev/200904.mbox/browser
I'd say our effort has been a little lower than normal lately, but it's
hardly dead. We're trying to wrap 3.3 up, see the "3.3.0 plans" thread.
Re: Code Rot?
Posted by LuKreme <kr...@kreme.com>.
On 26-Apr-2009, at 22:36, Dan Mahoney, System Admin wrote:
> While there's a decent amount of spamassassin list traffic to imply
> otherwise, is the SA project falling dormant?
No. Development is proceeding on 3.3.
> the sare-rules claim they won't be updated due to lives, wives, and
> hockey.
SARE != SpamAssassin.
> the fuzzyOCR
fuzzyOCR != SpamAssassin
--
If there's a bustle in your hedgerow don't be alarmed now.