bsd.b3ta.org
Yet another *nix admin blog

On my previous post, I have discussed some of the anti image/PDF spam. I have tried clamav with Sanesecurity’s phishing and scam signatures.

On FreeBSD, I downloaded update shell script by Dan Larsson and made a slight modification as I do not wish to install/use rsync on production servers just to download signature files. I have added these two lines to update shell script under “http_source_urls” and commented out “rsync_source_urls“.

http://download.mirror.msrbl.com/MSRBL-Images.hdb

http://download.mirror.msrbl.com/MSRBL-SPAM.ndb

http_source_urls="
   http://www.sanesecurity.com/clamav/phishsigs/phish.ndb.gz
   http://www.sanesecurity.com/clamav/scamsigs/scam.ndb.gz
   http://clamav.securiteinfo.com/vx.hdb.gz
   http://download.mirror.msrbl.com/MSRBL-SPAM.ndb
   http://download.mirror.msrbl.com/MSRBL-Images.hdb
   http://www.malware.com.br/cgi/submit?action=list_clamav,fetch_interval=86400,target_file=mbl.db

"#rsync_source_urls="
#   rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-Images.hdb
#   rsync://rsync.mirror.msrbl.com/msrbl/MSRBL-SPAM.ndb
#"

(more…)

A lot of spam image/PDFs were slipping through my office MXs since this spamming technique has gained its popularity and it was getting really out of hands. I have decided to put an end to this madness and experimented various tactics to curb image/PDF spam. Generally, this can be achieved with spam scoring from SpamAssassin or clamav via Sanesecurity’s Phishing and Scam Signatures for ClamAV.

On this post, I will share some of the tactics that I have tried with SpamAssassin. With SpamAssassin, fighting image/PDF spam was trivial.

(more…)

Previously on my post on pidgin msn switch error, a lot of pidgin users were affected by the bug/defect. However, there are simple workaround suggested.

1. edit your msn account information

2. click on the advanced tab

3. clear “use HTTP method”

4. make proxy type: no proxy.

Well, it works for me. This won’t help in corporate network environment though. (Outgoing connection on port 1836 is not commonly allowed).

In case you are using Pidgin and using “HTTP method” (In fact that is the only way to get connected to MSN), you might find that you are not able to send message to your friends. You will always get this error message whenever you try to send them message. “Message could not be sent because a connection error occurred:“.

Guess have to wait for next update of pidgin. There is an open ticket on this issue 4 days ago.

White Papers for Success
The free web hosting services may not be able to provide the best email hosting, but they certainly deliver the job. For effective web hosting, ignoring such flaws is important. With the advent of wireless internet, everyone is claiming to provide dedicated hosting, and it is up to us to pick up the best service.

In my previous post on FreeBSD : Compaq Presario V3010AU, the Ricoh SD/MMC card reader attached to my laptop was not functioning on FreeBSD 6.2R. Following the post by Hajimu UMEMOTO on freebsd-mobile mailing list, I’ve tested his driver and able to write on Kingston SD card.

Update :
New driver at http://www.agt.ne.jp/~a-gota/programs/driver/FBSD6.2R/memcard/sdmmc-20070627.tar.gz

Writing speed

coeus# mount_msdosfs /dev/sd0s1 /mnt/card
coeus# cd /mnt/card
coeus# dd if=/dev/zero of=test.img bs=1k count=10k
10240+0 records in
10240+0 records out
10485760 bytes transferred in 10.765308 secs (974033 bytes/sec)

(more…)

I’ve been experimenting with numerous postfix features since Kaeru introduced me to this beast last year. One of them is Address verification. It is a feature that allows the Postfix SMTP server to block a sender (MAIL FROM) or recipient (RCPT TO) address until the address has been verified to be deliverable. The idea is to reject junk mail with an unreplyable sender address.

However, this feature is available in Postfix version 2.1 and later. The implementation is simple and clearcut.

CONFIGURATION

The following configuration is an example for Sender address verification for mail from frequently forged domains where selective domains were picked for address verification.

/usr/local/etc/postfix/main.cf

smtpd_sender_restrictions = permit_mynetworks,
    check_sender_access hash:/usr/local/etc/postfix/sender_access

/usr/local/etc/postfix/send_access:-

hotmail.com    reject_unverified_sender

Note : remember to hash the sender_access file with postmap and reload your postfix.

(more…)

It has been a while since my last maintenance on office debian server. It’s just my plain laziness. :p I was quite happy with apt tool set for debian box maintenance.

Happily, I fired up the command, apt-get update and it complained about NO_PUBKEY for 2 public keys. Am I missing something?

(more…)

Short note on typo upgrade:-

$ sudo gem install typo
$ typo install myblog (Path/you/want/your/blog/to/be)
$ cp /old/typo/blog/config/database.yml /old/typo/blog/config/mongrel_cluster.yml myblog/config/
$ cp -r /old/typo/blog/themes/your_theme myblog/themes/
$ cd myblog && rake migrate

GEEK00L was wondering whether I have messed around with software based RAID5 under FreeBSD. He needs to set up the same on FreeBSD at work. Since I have not touched anything on RAID5, I gave it a shot and it turned out to be relatively easy. More or less the setup concept is similar to gmirror configuration.

(more…)

Just a note for my own reference on dump/restore over ssh. It is fun to dump/restore for remote backup.

(more…)