Cramsession Linux Newsletter

home

Aug 29 2002

                    LINUX NEWS
            http://www.Cramsession.com
           August 29, 2002 -- Issue #96

TABLE OF CONTENTS

1) Sean’s Notes

2) Linux News

Attention Students!
What's Up With Caldera?
Linuxcare Resurfaces
Open Source -- Not Just Linux

3) Linux Resources

Remote Administration Tips
What's the Best Way to Learn Linux?
Basic Samba Installation and Usage
Role-Based Access Control
Basic LWP Usage

4) App o’ the Week

~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~

Try our IT Certification Courses FREE! SmartCertify Direct gives you classroom-quality IT training at a fraction of the cost of traditional courses. You’ll get 24-hour online mentoring from certified IT pros, hands-on interactive exercises, the popular Test Prep Exams, and more! Our personalized courses are so powerful that you’ll get certified GUARANTEED. Choose from MCSE, Cisco, A+, CIW, Linux, and many more. Click below to try our courses FREE and register to WIN a Dell PC worth $2,400!

http://ad.brainbuzz.com/?RC06&AIU95

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

For information on how to advertise in this newsletter please contact mailto:adsales@CramSession.com or visit http://cramsession.com/marketing/default.asp

1) Sean’s Notes

Well, I’ve had it with all the spam that comes into my mailbox. I’ve written about it before; the last time I gave Vipul’s Razor a shot. Not happy with the false positives I was starting to get, I turned it off and went back to the “delete key” method of spam detection (ugh). Looks like Razor now implements a trust system, which will certainly alleviate the false positives, but this time around I wanted to try Spam Assassin.

Programs like Razor rely on people to report spam to a central authority. When your mailer goes to process a message, it checks to see if someone has called it spam. Toss in a trust system so that people can’t go piping BUGTRAQ straight into the database (cough cough), and you’ve got a pretty solid system.

Spam Assassin, though, tries to figure out heuristically if a message is spam. It does this by applying many rules to the message, and assigning each rule a score (positive OR negative). Negative scores might be assigned to messages that are sent from known mailers, and things like “MAKE MONEY FAST” are certain to add to the score (and I’ve probably just sent off a few alarms with that outburst). If the score goes above a predefined number, it’s flagged as spam, and you can do what you want with it.

There are two things I like about Spam Assassin. The first is that it can be run as a filter. This means that I can pump a message through, and decide for myself what I want to do with it. Right now, I’m moving the potential spam messages to a folder. Later on, I could delete it, or pass it through something else to report the spam to a database or the person’s ISP. (Spam Assassin can do some of these things if you ask it to.)

The second reason is that it is configurable down to the user. Installed system-wide, each user can define their thresholds for spam, or even alter the score for an individual test. I find it funny that by default, a known mailer knocks 1 off the score, unless it’s Outlook, in which case you only get an 0.5 deduction.

And third (this is starting to sound like a Monty Python sketch), is that it’s written in Perl. In fact, it’s even available on CPAN:

perl -MCPAN -e shell

cpan> install Mail::SpamAssassin

Once that’s all done, it’s pretty easy to get going by dropping the following in your .forward:

“|IFS=’ ‘&&exec /usr/bin/procmail -f-||exit 75 #sean”

(instead of “sean”, put in your username)

Then, set up a .procmailrc:

PATH=/bin:/usr/bin:/usr/bin
MAILDIR=$HOME/mail #you’d better make sure it exists
LOGFILE=$MAILDIR/from #recommended

0fw | spamassassin -P

0: * ^X-Spam-Status: Yes caughtspam

The first few lines set up your environment, nothing fancy. The next two lines make up a procmail recipe, this one passes the text through spamassassin. The next rule looks for a custom header, “X-Spam-Status”, and if it’s yes (meaning SA thought it was spam), it’s moved to the “caughtspam” folder.

From this point on, all your mail will be run through

spamassassin. I immediately found out that some newsletters were being caught as spam, so that’s the first thing that has to be fixed.

On the first invocation, Spam Assassin creates a file called ~/.spamassassin/user_prefs, which has your user specific settings in it. The man page for Mail::SpamAssassin::Conf details the syntax, but adding:

whitelist_from subscriptions@lockergnome.com whitelist_from listboss@list.cramsession.com whitelist_from schneier@counterpane.com

took care of getting my regular newsletters through the filters.

I also thought I’d err on the side of caution, so I increased the default score of 5 to 8 by adding:

required_hits 8

I’ve had Spam Assassin running for a day and a half now, and only a couple of spam have got through. More importantly, I haven’t had any important messages get trashed.

http://www.spamassassin.org

has all the documentation and news about the project. If you’re using a mailer other than procmail and sendmail, there are probably more detailed instructions on how to get you going.

Open Source can provide innovative solutions to common problems, and with very little cost. Spam Assassin is a shining example of this.

Long live the Penguin,

Sean mailto:swalberg@cramsession.com

2) Linux News

Attention Students!

In college or university? IBM has a contest for you. Make some sort of improvement, application, or tool for Linux, and you could win a summer internship, laptop, even get your school a 16-node cluster.

http://www-3.ibm.com/software/info/students/contests/linux/

What’s Up With Caldera?

Caldera, the driving force behind United Linux, has changed its name and focus to align itself with SCO Unix. According to the article, Linux is not out of the picture, though.

http://newsforge.com/newsforge/02/08/27/005227.shtml?tid#

Linuxcare Resurfaces

I haven’t heard much about Linuxcare in quite some time, other than a blurb on Linux support that mentioned their name. Seems they’re getting into bed with IBM by providing tools that will help people manage their Linux-based mainframes.

http://www.linuxcare.com/about-us/press-center/press-release/2002/0 8-07-02-levanta.epl

Open Source – Not Just Linux

Open Source doesn’t necessarily mean an Operating System. Take for example, Ogg-Vorbis, a competing standard to MP3. Ogg is completely open, MP3 is patented. The owners of the MP3 patent are now looking at charging for use, and the creators of Ogg couldn’t be happier, as they explain in this tongue-in-cheek article.

http://www.linuxandmain.com/modules.php?name=News&file=article&sid 0

3) Linux Resources

Remote Administration Tips

Sooner or later, you’re likely going to have to manage a remote server. This article provides some great tips on doing so, both in graphical and text mode, along with some security pointers.

http://www.linuxplanet.com/linuxplanet/tutorials/4400/1/

What’s the Best Way to Learn Linux?

The question was posed on the Linux-General board on Wednesday. Pass along your advice, and read what others have to say!

http://boards.cramsession.com/boards/vbm.asp?mb5772

Basic Samba Installation and Usage

Samba comes with most, if not all, Linux distributions. However, it’s one of the packages I find myself compiling by hand just because of upgrades. This article covers the compilation and setting up of Samba.

http://www.linuxhelpnetwork.net/tutorials/samba-install.php

Role-Based Access Control

Right now, RBAC is a Solaris feature, but there are projects to bring it to Linux. Rather than using sudo to delegate root access, RBAC allows the administrator to handle it in a more convenient manner.

http://www.nathanlindstrom.com/rbac_introduction.html

Basic LWP Usage

LWP is an amazing Perl library that can download a myriad of online content, such as from http, ftp, and nntp sources. This article, by the author of the O’Reilly book on the same topic, explains the basics.

http://www.perl.com/pub/a/2002/08/20/perlandlwp.html

4) App o’ the Week

Sometimes you want to inspect a network based application to see how it works, or more importantly, why it’s not working. A sniffer will do the job, but this tool, the Simple TCP re-engineering tool, is designed for the task.

http://www.simphalempin.com/dev/tcpreen/

(C) 2002 BrainBuzz.com, Inc. All Rights Reserved.

      This message is from CramSession

You are currently subscribed to the following list Hottest Linux News and Resources as: sean@ertw.com

To un-subscribe from this newsletter by e-mail, send a blank email message to: mailto:leave-linuxnews-3825955Y@list.cramsession.com

To subscribe to this newsletter and many others visit our site at: http://newsletters.cramsession.com/signup/default.asp

github.com/swalberg
twitter.com/seanwalberg