Fedora Legacy useless? //at 15:16 //by abe

For a (much too long) time, we ran our three AMD 64 bit virus scanners and spam filter boxes with Fedora Core 4. Since the the official support ended a few months ago when Fedora Core 6 Test 2 came out, so we decided to switch them over to support through the Fedora Legacy Project.

For testing purposes we first switched over one of the three boxes. But the test failed: Although the changes (as documented on the Fedora Legacy home page) seemed to work fine, not a single update came until the end of last week, even though there were partially remotely exploitable security issues in OpenSSL, OpenSSH, gzip, etc. during that time. There were also no announcements on the list since FC4 switched over to the Fedora Legacy Project, not for FC4 nor for any other distribution maintained by the Fedora Legacy Project.

So what the heck does the Fedora Legacy Project if not security updates?

I would be very happy if I could switch over those boxes to Debian or even Ubuntu, but there’s no BiArch support (running 32 bit applications on 64 bit operating systems transparently) in Debian (and therefore neither in Ubuntu) yet without a lot of manual fiddling and chroots, so we can’t run our 32 bit virus scanners on those 64 bit boxes with a debianesk operating system yet.

Today we’ve upgraded the last of those three boxes to Fedora Core 5.

Can the spam problem be solved? //at 02:23 //by abe

Many have tried to solve spam problem, even Micrsoft (with a quite strange solution ;-), but except personal solutions like well working and well-kept spam filters, no well-working general technical solution has been found yet.

Although I really would like to see a technical solution and often think about this problem, I currently believe that this primarily is a social problem which cannot be solved solely with technic. UserFriendly’s Erwin seems to see it the same way and proposed today a quite drastical solution.

There are good ideas out there (e.g. SPF, RBL, Greylisting and Teergrubing), but all seem to have their problems, too. Especially RBL often have administrative problems, i.e. if an entry is justified or not. Greylisting simply can be bypassed by being SMTP conform and trying again, so it’s usefulness will decrease permanently. And against Lutz Donnerhacke’s teergrubing, spammers seem to have found workarounds quite quickly. Haven’t heard much about it in the last years. (I just can’t remember what the drawback of SPF was.)

For myself I’ve solved the spam problem with a learning SpamAssassin and sorting mail by spam-level into several mailboxes. The higher the spam-level of such an inbox, the more seldom I look into it. Works fine. For me. No general solution though, since the SpamAssassin needs to be fed with fresh spam regularly.

Cheap blue pills //at 02:22 //by abe

I just got an obvious spam e-mail with subject “cheap blue pills” and it took me quite a moment to realise that they don’t want me to buy pills which let me keep everyone I love and everything that I have built my life upon. What a pity. But why don’t they sell also red pills? ;-)

Image based captchas are evil //at 02:20 //by abe

I always found Captchas annoying. But since I also had or have problems with guestbook or comment spamming, I understood that people and especially companies saw no other choice against comment or wiki spamming, mass account grabbing, etc. But since most captcha are based on the fact that people can still read deformed or garbled texts in images while machines can’t or at least only with a big effort, there is one big drawback with them: They are even more an insuperable obstacle for blinds or visually handicapped people than for machines.

The blind computer science student Sebastian Andres showed at Berlinux how blinds navigate and use the web and where they (must) stop. So because of GMail uses visual captchas as a defense against mass account grabbing, he couldn’t get such a “free” e-mail account. (And yes there exist non-visual captchas. But they’re seldom used.) Thanks Sebastian for this insight.

Implemented a blacklist for blog comment spam //at 02:12 //by abe

Just killed all the remaining comment spams (I hope) and implemented a simple regexp based blacklist which should get most medicaments, potence pills, casinos, lotteries and other frequently posted junk. I hope, it does not hit too many valid posts. If you have problems posting comments, feel free to contact me by e-mail or on IRC.

In other news, I installed the blosxom plugin comments_recent and adapted the mail feature of writeback notify to my (in the meanwhile heavily modified) instance of the comments plugin v0.6. I also made it symlink-safe for use with multcat.

Blacklisting comment spam in blosxom //at 02:12 //by abe

Since the demand for blosxom anti-comment-spam solutions respective appropriate blosxom plugins seems to be really high, I’ve decided to polish up my apparently quite well working although still in beta state being anti-spam enhanced version of the comments plugin (ZIP) by putting the blacklist outside in an external file and writing some (still short) docs.

I use it since 11th of January this year and got only two spam comments and many more normal comments since then, so it should work. Although: I also got a question if my trackback doesn’t work. Hmmm. So no warranties, just an offer for help fighting against comment spam. ;-)

Another feature which is basically ported from the writeback notify plugin is notification of the blog owner about new comments by mail. Since on the server on which my blog runs the used Perl module Mail::Sendmail was not available, I used Mail::Send instead for my version.

For installation you first need to download the ZIP file of the original comments plugin, install it’s templates and then install my anti-spam enhanced version of the plugin itself.

Now playing: Rockapella — Come on Eileen

Bei manchem Spam ist man froh, daß SpamAssassin ihn nicht erwischt… //at 01:38 //by abe

Mir ist zwar noch nicht klar, warum der SpamAssassin diesen Spam nicht erwischt hat, aber ich bin froh drüber. Denn diese automatisierte Übersetzung ist zum totlachen:

Date: Wed, 21 Sep 2005 13:17:30 +0000
Subject: LifeProfit Inc.
X-Spam-Status: No, hits=1.6 required=5.0 tests=BAYES_44,DNS_FROM_RFCI_DSN,
        HTML_MESSAGE,MIME_BOUND_NEXTPART,MIME_HTML_NO_CHARSET,NO_REAL_NAME
        autolearn=no version=2.64

LifeProfit Inc. kann Ihnen helfen, Ihre Traume zu zwingen, sich, bekommend
das monatliche Gehalt, das das Internet einwirkt, zu verwirklichen.

Um mit LifeProfit Inc. zu arbeiten, brauchen:
? Ein B?rger Deutschlands zu sein
? das Vorhandensein der Rechnung in der Bank
? die Vereinigung des Computers zum Internet
? ist ein wenig es Ihre freie Zeit

Wie es arbeitet:

Arbeitend f?r uns wie die Bezahlung, Die den Manager bearbeitet, werden Sie
Teil Aus der neuen Tendenz im weltumfassenden Banksystem. Die Pflichten Die
Lage ist einfach, und das Einkommen hangt nur von Ihren Bem?hungen ab.

Sie Sollen - die Zahlungen der Sendung zwischen unseren Kunden, die Ihr
Interesse von jeder Operation bekommen, machen.
Hauptsachlich werden es 5 %, mit jeder Sendung, die Ihr Interesse z?chten
wird. Unsere Kunden bekommen 1000 EURO zu 20000.

www.lifeprofit.com

LifeProfit Inc. sorgt sich um Ihr Bl?hen. Machen Sie Ihr Leben besser
zusammen mit der LifeProfit Inc.!

Und daß Postbank und Deutsche Bank jetzt zur Deutschen Postbank fusioniert haben, weiß ich auch erst seit dieser netten Mail:

From support@deutsche-bank.de Tue Sep 20 21:53:14 2005
From: PostBank <support@deutsche-bank.de>
Date: Tue, 20 Sep 2005 15:45:19 -0400
Subject: PostBank online banking
X-Mailer: Microsoft Outlook, Build 10.0.2616
X-Spam-Level: ****
X-Spam-Status: No, score=4.7 required=5.0 tests=BAYES_50,FORGED_OUTLOOK_HTML,
        FORGED_OUTLOOK_TAGS,HTML_MESSAGE,MIME_HTML_ONLY,RATWARE_RCVD_PF
        autolearn=no version=3.0.2

[-- Attachment #1 --]
[-- Type: text/html, Encoding: quoted-printable, Size: 3.3K --]

[-- Autoview using /usr/bin/lynx -dump -force_html '/home/abe/Mail/tmp/muttu0uPo7' --]

   Sehr geehrte Damen und Herren,
   In Verbindung damit, daß wir in unserem Land in eine schwierige
   Situation mit online - Banking geraten sind, wurde uns empfohlen, alle
   online - Konten von unserer Bank zu kontrollieren, um die
   "Tageskonten" festzustellen, die von den Betrügern dazu benutzt
   werden, das gestohlene Geld zu waschen. Demzufolge bitten wir unsere
   Kunden inständig, das Formular einer Kontobestätigung, das sich auf
   unserer offiziellen Web-Seite befindet, auszufüllen.
   Jene Konten, die bis zum 27.08.05 auf diesem Formular nicht angegeben
   werden, werden bis zur Feststellung der Bedingungen ihrer Eröffnung
   und Benutzung blockiert. Diese Revision betrifft sowohl die
   Privatkunden, als auch die Firmenkunden.

   Wir bitten um Verzeihung für die Unannehmlichkeiten, die wir Ihnen
   bereitet haben, wir hoffen auf Ihre Hilfe und gegenseitiges
   Verständnis.
   Mit freundlichen Grüßen,
   Sicherheitsabteilung,
   Postbank.de
      © 2005 Deutsche Postbank AG

References

   Visible links
   Hidden links:
   1. http://postbanking.net/

[-- Attachment #2: Enkidu.gif --]
[-- Type: image/gif, Encoding: base64, Size: 2.8K --]

[-- image/gif is unsupported (use 'v' to view this part) --]

[-- Attachment #3: fray.jpg --]
[-- Type: image/jpeg, Encoding: base64, Size: 37K --]

[-- image/jpeg is unsupported (use 'v' to view this part) --]

Klasse, nicht?