Chronophage.net Blog

So, some of my users are avid World of Warcraft players. They’ve been complaining that they keep getting phishing schemes in their email accounts. Since Bayesian Filtering isn’t catching on, I think it’s time for custom SpamAssassin rules.

First, a quick scan of SARE rulesets to see if one fits the bill. I picked the the “Forged” rules simply because they are logical and simple. I like logical and simple

Then some quick adapting…

and this is what I came up with:

header __RCVD_WOW Received =~ /worldofwarcraft\.com/i
header __FROM_WOW From =~ /worldofwarcraft\.com/i
uri __URI_WOW /worldofwarcraft\.com/i
meta CUSTOM_FORGED_WOW (__FROM_WOW && __URI_WOW && !__RCVD_WOW)
score CUSTOM_FORGED_WOW 1.4

I have similar rules for blizzard.com and battle.net. What I’m looking for is the domain in the “From” field in the headers, and the domain in the body of the message but the domain NOT in the “Received” field. Most phishing schemes have a hotmail/yahoo/gmail address in the “Received” (and the “Reply To” field)

The only caveat I see with this, is that the base64 encoding of the message may screw up the body check, but I’m almost positive Spam Assassin decodes the message first.

I assigned a relatively small score of 1.4 to the messages, just to see if they show up in the “X-SpamScore” header. Remember, only one should hit at a time.

We’ll see if that works.

[Originally Appeared 02/04/2010 blogs.iphouse.net]

One of the many terms you’ll hear thrown around an internet service provider is Request For Comments, aka, RFC: “This isn’t per the RFC!” or “We follow the RFC!” or “Read the RFC!” So what is an RFC, and why do you want to know what it says.

RFCs are, in a nutshell, the description of how a program, or procedure should work. The history of RFC is long and boring, but basically, they’ve been around since the ARPANET Project began, as written or typed memo that were literally Requests for Comments, open ended questions that someone wanted to solicit answers to. As ARPANET grew, RFCs became the standard way to record procedure, and a way for people to implement the fundamental technologies that make up the Internet as it stands today. Today, RFCs are managed by the Internet Engineering Task Force.

RFCs are numbered in chronological order, and serve as sort of a timeline of the Internet and its protocols, and their modifications. Many a bar bet has been settle by referring to an RFC index.

RFCs are referred to by their number, and many of these numbers pop up, especially in error messages. For example, mail headers (the information that records how an email was processed) was originally covered by RFC 821, so you’ll often see errors in a mail log that references RFC 821. The same goes for HTML, USENET, DNS, etc… The errors are written that way because the creators want to emphasize that they follow the RFCs, and so should you.

Why are RFCs important? Well, it boils down to communication theory. The Internet at large is basically an anarchy. There are no overriding rules. It’s just data going back and forth. The only way that too entities can communicate with each other is if they agree to. RFCs are a way to manage these agreements. It’s a way to say: “I follow these rules, and if you don’t, don’t expect me to understand what you’re saying.” If you write a program that follows the RFCs properly, you can expect other correctly written programs to understand what’s going on.

Some companies don’t follow RFCs, they try to use their marketing positions and user base to, what one calls “Embrace and Extend” certain protocols. They more or less want to pollute the internet with their own way of doing things, so that they can control who talks to their users, and who their users talk to. Many others are very strict about their interpretation of the RFCs, causing users to get caught in the middle of Open Standards vs Commercial Protocols. This war is hardly limited to RFCs, there are all sorts of standards bodies that companies ignore. Furthermore, RFCs tend to be vague about specific actions. There’s a lot of “you can,” “you should,” and “it is recommended,” talk in most of them. This often leads to arguments about what is allowed and what is not “per an RFC.”

Like I said, anarchy.

Ultimately, RFCs are holy writ to some, and merely “guidelines” to others. Most UN*X Admins follow RFCs and “Best Practices” as best they can. Many others do not. How important is it to follow them? Well, most of the Internet is still run on programs that use open protocols. So far, most initiatives to commandeer them by commercial entities have failed.

I personally believe in open standards, so if you expect to talk to me, or any my systems, you better read the RFC!

I hope that helps.

I recently read an article explaining why FreeBSD was not more popular. The conclusion of said article was that the installer was daunting, and archaic, and that it was too intimidating to utilize. So, basically, whoever wrote this article (I don’t like calling professionals out) didn’t get past installing the operating system. He assumes, that once it’s up and running, it’s the same as Linux. Nothing about the Ports system, nothing about administration. The sum total of his experience was that that installer was intimidating. He went on to state, and I am paraphrasing here, that only old, wizened Unix admins would use FreeBSD, sitting on high from their ivory corner of the office, replete with Star Trek posters, and choice snippets of their homemade 1994 BoFH day-by-day calendars strewn about their desks,  as they are the only ones who would defend such a terrible installer. This is the type that would utilize an operating system that requires disk slices and network configuration. The rest of us “modern” geeks don’t want to bother with such incantations, abjurations and divinations. They just want an operating system that works out of the box. Point-and-click-and-go!

Well, that tells me that you don’t get it. I’m not wasting my time with my installer. You’re wasting your time with yours. And with your point-and-click Linux install, you’ve installed an “operating system” dedicated to wasting time.

It’s all about the futz factor. And you just declared “I live to futz!”

<Here comes the biography>

I am not a wizened UNIX admin. I’m a Macintosh kid. I grew up with GUI objects, and hypercard. I thought that the most efficient way to work with a computer was with a graphic interface. I did some work with DOS, and frankly, thought it archaic, and backwards. Setting base pages for memory, batch scripting, who needed it?

My first experience with UN*X was MKLinux on a Mac LC (the pizza box) I futzed and futzed with it until I got it to boot. No idea what to do with it. 2 years later, my uncle gave me a PII 200Mhz and I put Mandrake Linux on it, to use it as a NAT’ing router and I thought: Cool! Windows sneaked into my life in my late teens, as I could not resist the lure of Counterstrike, Duke Nuke’m and Quake. Still, I enjoyed futzing with Linux. Breaking things, trying to figure out how they were put together, tinker tinker tinker.

I was still mostly a Mac guy when I started my latest job. And, actually, I still am. They were nice enough to furnish a Mac for me, which I happily use, as I like to keep my work environment “tinker free.” My new boss, frowned when he saw that I liked to play with Linux. “Linux is for people who’s time costs nothing.” I didn’t understand.

I fired up an old AMD 2200 based system, and decided to try FreeBSD. My Boss rolled up his sleeves and showed me how to install it. “The Handbook has too many reboots, it wastes time.” he muttered as we plowed through it. At first I was a bit confused, disk slices? Ports? Buildworld? Why??? But the more I worked with it, the more I realized that it was a recipe. A to B to C and you’ve got a fully patched, binary compatible operating system. And it ran Ports!

No hunting down programs that the “distro” didn’t want to install for political reasons; no RPM dependency issues. No graphical nonsense that got in the way. No looking for security vectors that automatically installed. I could have a single task server up in a fraction of the time for a linux install. And if I had to install anything additional, /usr/ports was right there: make config, make, make install distclean. Everything was where it was supposed to be! There was a unified file structure under /usr/local, no /opt /usr/etc /etc nonsense. Clean and neat and ready to rock and roll. Easy to administer, update and upgrade, and NO MAGIC.

What’s more, is that the three versions that have come out since I first started my FreeBSD odyssey have all had more or less the same install template. So I can push out a working server in a fraction of the time I can with Centos or Ubuntu or Gentoo. You want rapid deployment, go with FreeBSD.

Now, Linux is better for some applications. I don’t do Java on FreeBSD unless I know it will work for a certain app. Tomcat, no. I avoid some Perl apps, because BSDPAN is still a little…eh… But all of my LAMP stuff is BAMP, my mail is Postfix/Dovecot and I am happier for it.

I still futz, and when I futz, I tend to play with Linux. I have an Ubuntu workstation at home and an Ubuntu and Centos VM somewhere out there… I’m not opposed to running Linux, but if I want something cookie cutter, reliable and easy to manage, FreeBSD all the way. I don’t care about benchmarks, or raw IO, or sheer device compatibility on my servers. I just want something that doesn’t take up my time. I want more time to futz with other things. Because my time *is* worth something.

Keep your GUI installer. I’ll take my maintainability, upgradability, consistency and, frankly, sanity over it any day.

And before you decry *any* OS/Distro again, Mr Professional Columnist, do more than kick the tires. It’s ok if you don’t like the OS, but when you stop at the installer, and say “this ain’t no good!” you’re just plain ignorant.

From XKCD. Used for Advocacy

Sometimes, especially on X.X upgrades, WordPress Automatic Update does not work.

Oh, it claims to work. But it doesn’t. So you have to upgrade manually. Now, a manual upgrade is trivial in WordPress. Just download the zip (or gzipped tar,) unpack it, copy the files, go to the admin interface, and click two buttons.

But what if you have multiple users, who have WordPress in their home directories? Use sudo!

Sudo is a tool that administrators can use to execute commands as root. However, you can also the -u parameter to execute a command as another user.

So, if I put WordPress in a neutral folder, then I can simply do this:

>sudo -u username cp -r wordpress/* /home/username/www/example.com/

Voila! Nice and easy.

I should script this…