Fighting spam with greylisting and thunderbird

March 10th, 2010

Greylisting is an effective way to fight spams. According to Evan Harris, “The Greylisting method is very simple. It only looks at three pieces of information”, the three pieces of information refers to “The IP address of the host attempting the delivery”, “The IP address of the host attempting the delivery” and “The envelope recipient address”. These three pieces of information called “triplet”, the way greylisting works is very simple: “If we have never seen this triplet before, then refuse this delivery and any others that may come within a certain period of time with a temporary failure.” Here the certain amount time can be a few minutes to more than an hour, if the amount of time to delay the mail delivery is too long, some legitimate emails will be lost, if the time period is too short, it maybe defeated easily.

The principle of greylisting is simple and elegant, because most spams are fire and forget, meaning that spammers send a batch of spams once and never look back, and this behavior is necessary for spammers, if the spams behave  like legitimate emails it will be easy to identify the source and block the spams.

Of course, greylisting is just the first defense against spams, to be exact, those rogue and  random spams, there are also unsolicited emails from ad agencies, email campaigns, etc., these emails are not all spams but most of them are spams, these emails behave just like legitimate emails, and some of them are requested by the recipients, so we can’t just block them, we will have to find another way to fight them, in my case, mozilla thunderbird is the solution.

Mozilla thunderbird has a nice “Junk Setting”, you can enable “adaptive junk mail control” and train thunderbird to recognize legitimate emails(hams) and spams. When you receive an email in your Inbox, say it’s an ad from a company, and you don’t like it and consider it spam but the mail server won’t be able to block this email without losing legitimate emails, you can manually mark the email in question as junk, depends on your settings, the email will be moved into Junk folder automatically or you can move it into the Junk folder manually. You will have to do this a few times before thunderbird will automatically label this kind of emails as spam. Sometimes thunderbird will label legitimate emails as spam, you will have to unmark those emails and move them back from Junk folder, usually thunderbird will do it right after the training.

We’ve been running our own mail server with greylisting, spamassassin and clamav for more than 6 years and using thunderbird as our mail client from the very beginning, we probably will receive 2-3 spams a week per person right now, the  total email volume well exceeds a few thousands a week. So far the combination of greylisting and thunderbird works quite well, in fact we all love the simplicity of the way server and client side handling the emails, greylisting is transparent to end users, thunderbird junk mail control is really convenient to use, no hassle to the end users, together they deliver the real world wonders.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • NewsVine
  • Reddit
  • StumbleUpon
  • Google Bookmarks
  • Yahoo! Buzz
  • Twitter
  • Technorati
  • Live
  • LinkedIn
  • MySpace

Tags: , ,
Posted in Business and Open Source | No Comments »

Paypal police at work

March 8th, 2010

I’ve heard paypal horror stories before, but I haven’t had one yet, but this one got my attention: “Pocketing Police“. It’s pretty scary when paypal can do that kind things at their will.

We’re doing a portion of our business through paypal payment, simply because there are no better choices at the moment, and people still want to use paypal for their own good. And we’re very careful with our paypal balance, whenever it exceeds $10,000 we will transfer money into our bank account, just to be safe.

Now Corporate America is acting as judge and jury, I’m afraid we’re slipping into somewhere deep down.

Off the topic, we’ve had trouble downloading paypal history numerous times, there was one time it took us a few days to download payment history(about 3-4 month worth of data), we always got “connection reset” error message. Come to think of it, it seems that paypal website is overloading at any given time, because we’ve been using paypal for a few years and this problem was there from the very beginning.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • NewsVine
  • Reddit
  • StumbleUpon
  • Google Bookmarks
  • Yahoo! Buzz
  • Twitter
  • Technorati
  • Live
  • LinkedIn
  • MySpace

Tags:
Posted in Business and Open Source | No Comments »

Microsoft wants us to pay them to (not) fix their own security problems

March 3rd, 2010

WOW! This is fantastic: Microsoft’s security chief suggests ‘Net tax to clean computers.

Notice that the security chief said “You could say it’s a public safety issue and do it with general taxation”, WOW! Amazing! MS created the whole malware/spyware/virus universe now they want you to pay for the privileges of being infected ! How nice of them!I almost burst into tears! They do care about our health, ha!

This is really unbelievable. MS wants everyone else to pay for their flawed OS, actually they already did it, now they want everyone else to pay for it’s security “features” again, with a more blatant “Internet usage tax”, even those who are not using their garbage system. I just wonder how did the security chief kept straight face when talking about “Internet usage tax” for their own security problems.

What next? Here is the news for all of us: MS spokesperson announces  “‘Net Tax” is not enough to fight the global malware/spyware/virus pandemic, we’re running huge deficit, the tax rate will be hiked to compensate all the work done by MS. Sounds familiar? Yes, wherever there is government, there are corruptions, anything MS touches, it corrupts, looks all too familiar.

How do we fight all these parasites? Education is the key. When the people know better, they will do better. All I can do now is to recommend GNU/Linux whenever I have a chance. A few days ago my boss came back from a business trip to China, he used his laptop in China for a few times, and he was running IE on Windows, lately his machine found to infected by spyware deployed by the Chinese government. Before this incident I tried a few times to get him put Linux on his laptop but failed, this time he’s asking for more information about the Linux thing, especially the security features. Though no decision yet, he’s considering get a Mac or just put Linux on his laptop.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • NewsVine
  • Reddit
  • StumbleUpon
  • Google Bookmarks
  • Yahoo! Buzz
  • Twitter
  • Technorati
  • Live
  • LinkedIn
  • MySpace

Tags: , , , , , ,
Posted in Uncategorized | No Comments »

Ratchet Straps and Cargo Bars

March 3rd, 2010

Lately we moved a lot of stuff from our old warehouse to our new warehouse, lots of them are pretty heavy and bulk,  we hired a semi trailer to help us move everything. It’s about 40 minutes driving from old place to new warehouse, the driver told us we would have to secure our load before we hit the road.

Now we don’t have much experience with moving big stuff in the big truck, we really need help from someone who knows how to move the load. Of course the first person we turned to is the driver, we were told we needed ratchet straps to secure our load, and we have some big boxes we also needed cargo bars to secure them, and he recommended a nice website which sells tie down stuff  for us to buy the ratchet straps and cargo bar, we called their number on the front page as asked for help, there were really nice people there and they helped us out, they recommended the right stuff for our needs and shipped the package real fast, we got everything in just 2 days!

We were very happy with the purchase, and the driver loved  the  straps and bars, actually when we finished moving we just let the driver took half of the ratchet straps and cargo bars as gifts!

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • NewsVine
  • Reddit
  • StumbleUpon
  • Google Bookmarks
  • Yahoo! Buzz
  • Twitter
  • Technorati
  • Live
  • LinkedIn
  • MySpace

Tags: , , ,
Posted in Business and Open Source | No Comments »

Install ioncube loaders under SELinux

February 28th, 2010

When you install free ioncube loaders under CentOS 5.x, which has SELinux enabled by default, you will see following error message:

“cannot restore segment prot after reloc: Permission denied”

You have a few choices here.

You can disable SELinux, edit /etc/selinux/config, look for” SELINUX=”, put disabled at the left of “=”, it reads like this “SELINUX=disabled”, when you restart the machine, SELinux will be totally disabled. But when you want to enable SELinux lately, the system will relabel all the files at the boot time, it will take very long time to finish the relabeling process, so disable SELinux is not recommended.

Then you can put “permissive” in place of “disabled”, or run “setenforce 0” on command line(“setenforce 1” re-enable it),  you will see warning messages but SELinux won’t do anything to stop unauthorized access. If you are serious about security, probably you won’t feel comfortable when SELinux is not enforcing it’s rules.

Now you’re ready for the real solution.

When you see the error messages when you restart your HTTP server, run following command:

audit2allow -l -a -r

You should see the required types and classes being displayed and the permissions you need to load into selinux module, you’re not going to see them all at once, you will have to try a few times to get all the required types, classes and permissions. Following I will show you how make it work, step by step:

You need to create an file “local.te”, which will hold all the required types, classes and permissions to be loaded in to SELinux module, in our case, you need to add following into local.te:

module local 1.0;

require {

class process {execstack execmem execheap};

class file { ioctl lock append create getattr setattr link relabelfrom unlink write read rename execmod };

type unconfined_t;

type httpd_t;

type httpd_sys_content_t;

};

allow unconfined_t httpd_sys_content_t:file execmod;

allow httpd_t self:process {execstack execmem execheap};

End of code.

When you have the local.te ready, run following command:

checkmodule -M -m -o local.mod local.te
semodule_package -o local.pp -m local.mod
semodule -i local.pp

Now you HTTP server will load ioncube loader just fine.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • NewsVine
  • Reddit
  • StumbleUpon
  • Google Bookmarks
  • Yahoo! Buzz
  • Twitter
  • Technorati
  • Live
  • LinkedIn
  • MySpace

Tags: , , ,
Posted in Business and Open Source | No Comments »