Whew. I think I finally got spamass-milter talking to spamd. At least, there's no errors in the logs and my test emails arrive in a reasonable time frame.
Now just to wait for more spam.
Administered by:
#spamassassin
0 posts0 participants0 posts today
Bill Cole 
Does anyone know if #Copilot or any other supposed “AI" LLM is anything but total dogshit with Perl?
I ask because so far we have not had any bug reports or rule contributions or *anything* seemingly LLM-generated for #SpamAssassin. This is good. However, it makes me wonder if it isn't a larger issue. Which would also be good.
The people committed to DDoSing the #Apache #SpamAssassin RuleQA server seem to have substantial resources. I’ve blocked a lot of them, but they keep coming, asking about things like the May 7 2017 performance of a single rule in one contributor's stats. Not stuff real people want.
Of course, there's a resource they do not have. Our sysadmins, both those employed by #TheASF to watch all of our infra and the volunteer cadre focused on SA. We'll keep whacking the moles...
Replied in thread
@mwl @m That’s quite a feat. The past few years it seems like each release has deprecations that hit formerly normal stuff. We’ve had a couple of these hit #SpamAssassin hard.
We’ve had a few hair-on-fire bug reports for #SpamAssassin and twice people have tried nagging me personally into “fixing” their pet problems RIGHT NOW because it was supposedly world-ending.
Thankfully, none of these have even been real bugs.
But even if they were, having the cultural permission to say “No” is critical. https://mastodon.social/@mhoye/114705284226501374
Mastodonmhoye (@mhoye@mastodon.social)Because someday, somebody's going to come to you and say, I'm from Apple, I'm from Amazon, I'm from Project Zero and you need to drop everything because your project is the new heartbleed or Log4j or who knows what and the world is falling over and if that psychological offramp isn't there, if you haven't laid out clearly what PROVIDED AS-IS means and how you're going to act about it ahead of time, saying "I'll be at my kid's recital" or "I'm on vacation" or just "no" is extremely difficult.
They (or an intentional DDoS) have been pounding the #SpamAssassin RuleQA site into catatonia. They construct URLs which are legitimate and which each cause the site to go digging for the specific performance of a rule on an arbitrary date in the past. Hundreds of rules tested daily for ~20 years. https://tldr.nettime.org/@tante/114698748278993833
tldr.nettimetante (@tante@tldr.nettime.org)"AI bots that scrape the internet for training data are hammering the servers of libraries, archives, museums, and galleries, and are in some cases knocking their collections offline"
#AI is ruining our digital world
(Original title: AI Scraping Bots Are Breaking Open Libraries, Archives, and Museums)
https://www.404media.co/ai-scraping-bots-are-breaking-open-libraries-archives-and-museums/
Also: anyone who feels like donating anti-DDoS services to the #ASF #SpamAssassin project could find interest from the PMC and sysadmin team... https://toad.social/@grumpybozo/114683478386406020
toad.social🆘Bill Cole 🇺🇦 (@grumpybozo@toad.social)I have a trick for getting into a box that’s being clobbered by a crawler DDoS: set the ITerm2 profile to auto-restart and open a half-dozen duplicate sessions. Basically: put a bunch of my SYNs in the queues to compete with the bots.
Ugly as sin, but it ultimately works.
Also: fuck those guys. And fuck their ISPs for being so comatose that they don't notice.
#InfoSec #BlueTeam
Last week we enabled PRs on our read-only GH #ASF #SpamAssassin repo so that people who are most comfortable using git rather than svn can easily contribute.
Today we got the first garbage PR, apparently created by some LLM. It includes deleting everything.
It will not be merged.
But if you are NOT a LLM and want to help with SA, you can now use Github to submit PRs. HOWEVER, I suggest that those doing so provide comprehensible explanations of your intended contributions.
I finally got my first bit of legitimate spam (is that even a thing?) since installing SpamAssassin on my mail server. SpamAssissin did its job and correctly tagged the message as spam.
Honestly, when I first set up my mail server, I thought I'd get a lot more spam. Either I've been lucky, or my internet hygiene is pretty okay.
Woohoo! I got spamassassin working. Now to wait for some more spam. I never thought that would be something I'd write. 
Continued thread
Now coming from AWS Bahrain.
I guess they got tired of being whacked at a fast pace and hamfisted scale.
Anyway, the volume is much less now, so if you wanted to interact with the #SpamAssassin RuleQA system as a sane human might, you now can. Probably. For now.
Continued thread
Gee, I hope no legitimate #SpamAssassin users are trying to get to RuleQA from these places...
Prefix: 94.74.80.0/20
Prefix: 101.44.176.0/20
Prefix: 111.119.192.0/20
Prefix: 159.138.96.0/20
Prefix: 166.108.192.0/20
Prefix: 188.239.32.0/20
If you are having trouble getting the the #SpamAssassin infra in recent days, thank AS136907 (Huawei) for hosting so many DDoS-bots asking rule-qa.cgi impossible questions
This may get me to do something evil in that script....
Is it me or is BAYES for Spamassassin absolutely useless? It seems to tag spam as ham just as much as it tags ham as spam.
I have it trained on thousands and thousands of spam/ham emails, too. No difference.
Replied to Santiago
@santiago FWIW, the automated rescoring that we (the SA Project of #TheASF) do for the default rule channel works on the assumption that the threshold is 5. If you reduce the threshold you should put in proactive work to improve (i.e. reduce) the scores of mail that you value.
E.g. I use a level of 4 & I use the supplementary KAM rules channel. I can only do that because the vast majority of the legit mail on my server is aimed at "more_spam_to" addresses.
If you use #SpamAssassin and actually want mail sent to you from a subdomain of #wordpress.com, you will want to add that specifically to your local welcomelist. We've had reports of signed spam from such domains, so we cannot leave the wildcard in the "default welcomelist" in SA's rule channel.
This change just went into SVN and will take a day or two to appear in the channel.
Anyone who followed me in recent days for my #SpamAssassin lore and related #spam and #InfoSec hot takes should know that I'm one of those "everything is political" guys who does not believe in falsely limiting myself...
I'm a good one to mute for the day when you've heard enough terrible news.
Replied in thread
@nielsk @neel @jwz Right. Both SPF and DKIM can be useful as *positive* signals. That's why we have welcomelist_{spf,dkim,auth} directives in #SpamAssassin: so you can protect mail from known-good domains only when it passes some sort of authentication.
I have never had any social media posting blow up over anything like this post about mail authentication and #SpamAssassin.
Glad people aren't angry at me...