Showing posts from September, 2004

Suri, a Spamvertised URIs filter using SURBL

I am making a pair of postfix (and related) tools in perl that could be useful for some people, in some cases.

One is a "SURBL" technique filter to be plugged into amavis, that will check for spamvertised URI's against a "SURBL" server. It acts as an antivirus, checking for the content of the message. If it's configuerd for denial, it could lead to false positives, if the SURBL list in used is not very precise.

It was written based on a qpsmtpd plugin developed by Devin Carraway.

The other, which is in early stages of development, has the same objective, but is supposed to be used as a transparent (or not) SMTP proxy for postfix. Messages will be filtered and content will be DENIED in real time, so the sender will know the message was not delivered. Spammers don't care about smtp error codes, and real senders will be notified of the error.

I am aware that using transparent proxy is a bad idea in very loaded servers, so I am making different tools for …

Wikipedia daily articles: pills of knowledge

I've subscribed a few weeks ago to the Wikipedia daily articles list.

It's a nice way to relax and have a good reading, while taking courage to read all those bugtraq or postfix-users messages.

Fedora Core with Mysql 4

David Martínez was kind enough to put up a repository of MySQL 4 and further dependencies compiled for FC2.

You may get the files directly from:

These packages fixed a very ugly behaviour I was getting with my mixed mysql lib's.
Every time I ran a perl with a MySQL DBI, it ended with Segmentaion Fault.
Now it's fine. Thanks David!

Another GMAIL INVITATION - gmail account

Follow this:

Everybody deserves a GMAIL account!

There were errors

Weeee. Blogger couldn't publish anything for several hours.

001 Connection timed out

It still can't.

To my usual thousands of daily readers, I can only apologize.

Please stop commenting at every posts. I can't read all your comments!

Domain hijackers

While testing for a better layout for the google ad you see in the left, I've got interested in one very evil service.

They call it Expired Domains Traffic. They are most of the times a disservice for the internet users, but I'm linking to them for public interest.

The idea is quite simple. They have a bot searching for the expiration of domains. When a domain expire, they buy it, and them make it redirect the traffic to their customers site.

What's the point there? Let them explain it:

About "Expired DomTraffic" Every day 1000s of previously registered domains expire, because the owner did not extend domain registration . If the owner does not pay the annual fee, the domain registrar will put the name on hold. With most registrars, an "on hold" domain stops working. Most registrars allow an additional grace period of 30-90 days for the domain owner to pay the annual fee. During this period, the registrar will generally contact the domain owner many ti…

Dedicated Servers

I've start making a Dedicated Servers research, looking for good prices and interesting service.

The first I knew about was ServerMatrix. They have a nice site, the company is big (a subsidiary of The Planet) and the service seems fine. They even publish a live cam picture of their data center. Quite impressive.

The problem is their prices were raised lately. There was a no-setup promotional fee for one of the server options, and that is gone. Also, I believe they removed the cheapest server option. Finally, even the setup fee is now USD199.00. AFAIR, it used to be USD149.

Then I've found HiVelocity. I believe it was in either a google banner, or a simple google search link. As I was looking for a cheap server, the one that fit was 2.0 GHz Celeron with 1000gb metered bandwidth.

What impressed me was their very good use of PHP Live. I've talked to a sales person there, Drew Adams, who was a very competent guy at his job. It's obvious that sales team is very important, b…

Another Antispam Solution, or anti-spam solution

The amount of spam targeted to our servers is huge.

Sometimes, as much as 80% of e-mail that would be delivered to the servers is either spam or virus.

Dealing with that is part of my job, as the mail system admin. It's interesting, because it's challenging and results are fast and noticeable, if you apply the right techniques.

In our servers, we have some very old mail boxes that are in ALL spam lists. So we have a very worthy tool in our hands. We can use these accounts as tests for current tools and use them to train whatever other tool we'll be deploying.

In the last few days, I've been developing a new antispam solution that would be amazingly easy to manage and would give us dozens of possibilities on what to do with the information generated by the logs.

In a usual mail content scanning sollution, even if it's as powerful as DSPAM, you can't be sure wether you will have false positives, so you can't use that for black listing sources or whatever.

This tech…

Free Gmail Invitation

I have some spare Gmail invitations.
Follow this link. If you're lucky, you will get yourself a gmail account.