Language Selection

English French German Italian Portuguese Spanish

Admins try another weapon against spam

Filed under
Security

With the volume of spam showing no sign of abating any time soon, system administrators are beginning to turn to one more weapon - greylisting, a technique which some have found to be remarkably successful.

Craig Sanders, a Melbourne-based independent IT consultant and a long-time sysadmin, said greylisting worked by keeping track of how many times a particular combination of IP address, sender, and recipient had appeared.

"The first time a given combination is seen, the sender is told to 'try again later'. If they try again later (after a configurable time period, usually around five minutes) then the message is accepted. The combination is then remembered and, if seen again, is allowed in without any further delay. Since most viruses only try once for each victim address, and also send from random/forged sender addresses, greylisting is extremely effective at blocking them."

Sanders said greylisting was an important part of any anti-spam/anti-virus arsenal. "It's not the whole solution - nothing is - but it is an essential component," he said.

"I implement it on every mail server I build and currently use the postgrey greylisting program (which works with the Postfix mail server)."

He said greylisting seemed to be popular on the Postfix mailing list and on other mail expert lists, "but that's representative of the experts who are really into mail systems and how they work, rather than representative of the bulk of mail server operators."

Full Story.

More in Tux Machines

BeagleBone Black Wireless SBC taps Octavo SiP, has open design

BeagleBoard.org’s “BeagleBone Black Wireless” SBC uses Octavo’s OSD335x SiP module and replaces the standard BeagleBone Black’s Ethernet with 2.4GHz WiFi and BT 4.1 BLE. BeagleBone Black Wireless is the first SBC to incorporate the Octavo Systems OSD335x SiP (system-in-package) module, “which integrates BeagleBone functionality into one easy-to-use BGA package,” according to BeagleBoard.org. Announced on Sep. 26, the OSD3358 SiP integrates a TI Sitara AM3358 SoC along with a TI TPS65217C PMIC, TI TL5209 LDO (low-drop-out) regulator, up to 1GB of DDR3 RAM, and over 140 passives devices including resistors, capacitors, and inductors, within a single BGA package. The Linux-driven hacker SBC also adds TI WiLink 8 WL1835MOD wireless module with 2.2 MIMO. Read more Also: Epiq Solutions' Sidekiq M.2 NAS-targeted Skylake Mini-ITX loads up on SATA, GbE, PCIe

Android Leftovers

  • 6 open source fitness apps for Android
    A key part of developing a good fitness routine is creating a solid workout plan and tracking your progress. Mobile apps can help by providing readily accessible programs specifically designed to support the user's fitness goals. In a world of fitness wearable devices like FitBit, there are plenty of proprietary apps designed to work with those specific devices. These apps certainly provide a lot of detailed tracking information, but they are not open source, and as such, do not necessarily respect the user's privacy and freedom to use their own data as they wish. The alternative is to use open source fitness apps. Below, I take a look at six open source fitness apps for Android. Most of them do not provide super detailed collection of health data, but they do provide a focused user experience, giving the user the tools to support their workouts or develop a plan and track their progress. All these apps are available from the F-Droid repository and are all licensed under the GPLv3, providing an experience that respects the user's freedom.
  • Roku Express, Roku Premiere, and Roku Ultra announced, starting at $29.99
    Roku Inc, maker of the popular Roku line of home media players, has just refreshed their entire product lineup at once. The existing lineup of flagship Roku boxes (but not the Roku Streaming Stick) has been replaced by three new products (with upgraded models for each); the Roku Express, the Roku Premiere, and the Roku Ultra.
  • This is what the Chromecast Ultra will look like
    Google is ramping up for their major October 4th event. In addition to seeing the Pixel and the Pixel XL formally unveiled, we’re also expecting a new Chromebook and the Chromecast Ultra. Until today, we had no idea what to really expect from the new Chromecast device in terms of design, but now we’re finally getting a sneak peek.
  • Android + Chrome = Andromeda; merged OS reportedly coming to the Pixel 3
    It has been almost a year since The Wall Street Journal dropped a bomb of a scoop on the Android community, saying Chrome OS would be "folded into" Android. The resulting product would reportedly bring Android to laptops and desktops. According to the paper, the internal effort to merge these two OSes had been underway for "roughly two years" (now three years) with a release planned for 2017 and an "early version" to show things off in 2016. It seems like we're still on that schedule, and now Android Police claims to have details on the new operating system—and its first launch device—coming Q3 2017.

Fedora 26 Linux OS to Ship with OpenSSL 1.1.0 by Default for Better Security

Fedora Program Manager Jan Kurik informs the Fedora Linux community about a new system-wide change for the upcoming Fedora 26 operating system, namely the addition of the OpenSSL 1.1.0 libraries by default. It appears that current Fedora Linux releases ship with OpenSSL 1.0.2h, which has been patched with the latest security fixes, but the team decided it was time to upgrade the OpenSSL libraries (libssl and libcrypto) to a newer, more advanced branch. Therefore, Fedora 26 Linux will ship with OpenSSL 1.1.0 by default, which will have a massive impact on the overall stability and security of the OS. "Update the OpenSSL library to the 1.1.0 branch in Fedora to bring multiple big improvements, new cryptographic algorithms, and new API that allows for keeping ABI stability in future upgrades. We will also add compat openssl102 package so the applications and other dependencies which are not ported yet to the new API continue to work," reads the proposal. Read more Also: GLPI version 9.1