2002 08 29

                    LINUX NEWS
           August 29, 2002 -- Issue #96


1) Sean’s Notes

2) Linux News

Attention Students!
What's Up With Caldera?
Linuxcare Resurfaces
Open Source -- Not Just Linux

3) Linux Resources

Remote Administration Tips
What's the Best Way to Learn Linux?
Basic Samba Installation and Usage
Role-Based Access Control
Basic LWP Usage

4) App o’ the Week

~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~

Try our IT Certification Courses FREE! SmartCertify Direct gives you classroom-quality IT training at a fraction of the cost of traditional courses. You’ll get 24-hour online mentoring from certified IT pros, hands-on interactive exercises, the popular Test Prep Exams, and more! Our personalized courses are so powerful that you’ll get certified GUARANTEED. Choose from MCSE, Cisco, A+, CIW, Linux, and many more. Click below to try our courses FREE and register to WIN a Dell PC worth $2,400!


For information on how to advertise in this newsletter
please contact mailto:adsales@CramSession.com or visit

1) Sean's Notes

Well, I've had it with all the spam that comes into my mailbox.
I've written about it before; the last time I gave Vipul's Razor
a shot.  Not happy with the false positives I was starting to
get, I turned it off and went back to the "delete key" method of
spam detection (ugh).  Looks like Razor now implements a trust
system, which will certainly alleviate the false positives, but
this time around I wanted to try Spam Assassin.

Programs like Razor rely on people to report spam to a central
authority.  When your mailer goes to process a message, it checks
to see if someone has called it spam.  Toss in a trust system so
that people can't go piping BUGTRAQ straight into the database
(cough cough), and you've got a pretty solid system.

Spam Assassin, though, tries to figure out heuristically if a
message is spam.  It does this by applying many rules to the
message, and assigning each rule a score (positive OR negative).
Negative scores might be assigned to messages that are sent from
known mailers, and things like "MAKE MONEY FAST" are certain to
add to the score (and I've probably just sent off a few alarms
with that outburst).  If the score goes above a predefined
number, it's flagged as spam, and you can do what you want with it.

There are two things I like about Spam Assassin.  The first is
that it can be run as a filter.  This means that I can pump a
message through, and decide for myself what I want to do with
it.  Right now, I'm moving the potential spam messages to a
folder.  Later on, I could delete it, or pass it through
something else to report the spam to a database or the person's
ISP.  (Spam Assassin can do some of these things if you ask it to.)

The second reason is that it is configurable down to the user.
Installed system-wide, each user can define their thresholds for
spam, or even alter the score for an individual test.  I find it
funny that by default, a known mailer knocks 1 off the score,
unless it's Outlook, in which case you only get an 0.5 deduction.

And third (this is starting to sound like a Monty Python sketch),
is that it's written in Perl.  In fact, it's even available on

# perl -MCPAN -e shell
cpan> install Mail::SpamAssassin

Once that's all done, it's pretty easy to get going by dropping
the following in your .forward:

"|IFS=' '&&exec /usr/bin/procmail -f-||exit 75 #sean"

(instead of "sean", put in your username)

Then, set up a .procmailrc:

MAILDIR=$HOME/mail      #you'd better make sure it exists
LOGFILE=$MAILDIR/from   #recommended

| spamassassin -P

\* ^X-Spam-Status: Yes

The first few lines set up your environment, nothing fancy.  The
next two lines make up a procmail recipe, this one passes the
text through spamassassin.  The next rule looks for a custom
header, "X-Spam-Status", and if it's yes (meaning SA thought it
was spam), it's moved to the "caughtspam" folder.

>From this point on, all your mail will be run through
spamassassin.  I immediately found out that some newsletters
were being caught as spam, so that's the first thing that has to
be fixed.

On the first invocation, Spam Assassin creates a file called
~/.spamassassin/user_prefs, which has your user specific
settings in it.  The man page for Mail::SpamAssassin::Conf
details the syntax, but adding:

whitelist_from	subscriptions@lockergnome.com
whitelist_from  listboss@list.cramsession.com
whitelist_from  schneier@counterpane.com

took care of getting my regular newsletters through the filters.

I also thought I'd err on the side of caution, so I increased
the default score of 5 to 8 by adding:

required_hits 8

I've had Spam Assassin running for a day and a half now, and
only a couple of spam have got through.  More importantly, I
haven't had any important messages get trashed.


has all the documentation and news about the project.  If you're
using a mailer other than procmail and sendmail, there are
probably more detailed instructions on how to get you going.

Open Source can provide innovative solutions to common problems,
and with very little cost.  Spam Assassin is a shining example
of this.

Long live the Penguin,


2) Linux News

Attention Students!

In college or university? IBM has a contest for you.  Make some
sort of improvement, application, or tool for Linux, and you
could win a summer internship, laptop, even get your school a
16-node cluster.


What's Up With Caldera?

Caldera, the driving force behind United Linux, has changed its
name and focus to align itself with SCO Unix. According to the
article, Linux is not out of the picture, though.


Linuxcare Resurfaces

I haven't heard much about Linuxcare in quite some time, other
than a blurb on Linux support that mentioned their name. Seems
they're getting into bed with IBM by providing tools that will
help people manage their Linux-based mainframes.


Open Source -- Not Just Linux

Open Source doesn't necessarily mean an Operating System. Take
for example, Ogg-Vorbis, a competing standard to MP3. Ogg is
completely open, MP3 is patented. The owners of the MP3 patent
are now looking at charging for use, and the creators of Ogg
couldn't be happier, as they explain in this tongue-in-cheek


3) Linux Resources

Remote Administration Tips

Sooner or later, you're likely going to have to manage a remote
server. This article provides some great tips on doing so, both
in graphical and text mode, along with some security pointers.


What's the Best Way to Learn Linux?

The question was posed on the Linux-General board on Wednesday.
Pass along your advice, and read what others have to say!


Basic Samba Installation and Usage

Samba comes with most, if not all, Linux distributions. However,
it's one of the packages I find myself compiling by hand just
because of upgrades. This article covers the compilation and
setting up of Samba.


Role-Based Access Control

Right now, RBAC is a Solaris feature, but there are projects to
bring it to Linux. Rather than using sudo to delegate root
access, RBAC allows the administrator to handle it in a more
convenient manner.


Basic LWP Usage

LWP is an amazing Perl library that can download a myriad of
online content, such as from http, ftp, and nntp sources. This
article, by the author of the O'Reilly book on the same topic,
explains the basics.


4) App o' the Week

Sometimes you want to inspect a network based application to see
how it works, or more importantly, why it's not working. A
sniffer will do the job, but this tool, the Simple TCP
re-engineering tool, is designed for the task.


(C) 2002 BrainBuzz.com, Inc. All Rights Reserved.

          This message is from CramSession

You are currently subscribed to the following list
   Hottest Linux News and Resources
   as: sean@ertw.com

To un-subscribe from this newsletter by e-mail,
   send a blank email message to:

To subscribe to this newsletter and many others visit
our site at: