1 files changed, 144 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/20110311/003222.html b/zarb-ml/mageia-dev/20110311/003222.html
new file mode 100644
index 000000000..b54c6e135
--- /dev/null
+++ b/zarb-ml/mageia-dev/20110311/003222.html
@@ -0,0 +1,144 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<HTML>
+ <HEAD>
+   <TITLE> [Mageia-dev] The solution of the epoll voting issue
+   </TITLE>
+   <LINK REL="Index" HREF="index.html" >
+   <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20The%20solution%20of%20the%20epoll%20voting%20issue&In-Reply-To=%3C1299815821.12163.123.camel%40akroma.ephaone.org%3E">
+   <META NAME="robots" CONTENT="index,nofollow">
+   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+   <LINK REL="Previous"  HREF="003219.html">
+   <LINK REL="Next"  HREF="003223.html">
+ </HEAD>
+ <BODY BGCOLOR="#ffffff">
+   <H1>[Mageia-dev] The solution of the epoll voting issue</H1>
+    <B>Michael Scherer</B> 
+    <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20The%20solution%20of%20the%20epoll%20voting%20issue&In-Reply-To=%3C1299815821.12163.123.camel%40akroma.ephaone.org%3E"
+       TITLE="[Mageia-dev] The solution of the epoll voting issue">misc at zarb.org
+       </A><BR>
+    <I>Fri Mar 11 04:57:01 CET 2011</I>
+    <P><UL>
+        <LI>Previous message: <A HREF="003219.html">[Mageia-dev] Yet another list of missing packages
+</A></li>
+        <LI>Next message: <A HREF="003223.html">[Mageia-dev] Contributors using real name/working email? or not? or	maybe?
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#3222">[ date ]</a>
+              <a href="thread.html#3222">[ thread ]</a>
+              <a href="subject.html#3222">[ subject ]</a>
+              <a href="author.html#3222">[ author ]</a>
+         </LI>
+       </UL>
+    <HR>  
+<!--beginarticle-->
+<PRE>Hi,
+
+when we voted for packagers representatives, several people had issues
+with epoll and with mail being sent. It turn out that I found the
+problem by chance tonight and it was a conjunction of several problems :
+
+- our setup was ( and is still ) sub-optimally configured. We do check
+spam when receiving mail, and also when sending mail. While this could
+help the system by giving him normal mail ( ie ham ), this waste some
+ressources. 
+
+- we have a quite strict antispam, ie the latest version of
+spamassassin, and we disabled nothing. There is a impressive range of
+plugins nowadays.
+
+For people that do not know the principle, spamassassin take the mail to
+look, check it against a huge corpus of rules and plugins, and assign a
+score for each. If the score cross a threshold, it is discarded ( or
+tagged ). 
+
+It seems that some ballots sent with Anne email ( being <A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">ennael1 at gmail</A> ,
+the 1 is important ) triggered 3 checks : 
+
+ NML_ADSP_CUSTOM_MED=1.2
+
+this one is related to DKIM ( a norm about cryptographic authentication,
+see wikipedia for details ). I guess it was badly configured on our
+side. 
+
+ FREEMAIL_ENVFROM_END_DIGIT=2.223,
+
+SA detected that the From was using gmail, a popular free webmail, and
+that the email was finished by a number. And SA developpers think that
+statically sign of a spam ( based on a corpus of spam, see with them for
+the details ).
+
+ FREEMAIL_REPLY=2.499, 
+
+This one is slightly more subtle. SA detected that From: header was a
+free webmail address, but that there was another email in body, and that
+email was also a free webmail ( if you read your spam, you may have seen
+this pattern : &quot;I am John, the CTO of this foreign company, I want to
+invest in your country, please answer me on
+<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">john at free_web_mail.example.org</A> &quot;, and that's what is detected right
+now ). Again, that's based on their stats.
+
+
+Total score : 4.924 ( there was a -1 as this was from a trusted ip, and
+some 0.001 )
+
+Score to be killed : 4.7 
+
+Headshot.
+
+
+So that explain why people who were affected were those on gmail, yahoo
+or  laposte.net, and while the one with their own domain ( me, boklm,
+etc ), were not affected. That doesn't explain why we didn't think to
+look at this however :/
+
+Sorry about that, now we established the problem was on our side.
+
+
+So, what is plan to prevent this for next time. 
+First, we will make sure that people who use epoll :
+- are not scrubbed for spam ( but I tought I did it )
+- do not use a email that will trigger SA checks.
+
+
+A naive solution would be to lower the score on our server, but this
+will not solve the problem that the rest of the network will use a
+default spamassassin ( or a version with the same settings ), and so
+would likely refuse the spam on their side.  So in the end, the result
+will likely just make us receive more spam.
+
+-- 
+Michael Scherer
+
+</PRE>
+
+
+
+
+
+
+
+
+
+
+
+
+<!--endarticle-->
+    <HR>
+    <P><UL>
+        <!--threads-->
+	<LI>Previous message: <A HREF="003219.html">[Mageia-dev] Yet another list of missing packages
+</A></li>
+	<LI>Next message: <A HREF="003223.html">[Mageia-dev] Contributors using real name/working email? or not? or	maybe?
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#3222">[ date ]</a>
+              <a href="thread.html#3222">[ thread ]</a>
+              <a href="subject.html#3222">[ subject ]</a>
+              <a href="author.html#3222">[ author ]</a>
+         </LI>
+       </UL>
+
+<hr>
+<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
+mailing list</a><br>
+</body></html>