spamassassin-sysadmins mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Jones <>
Subject Re: SysAdmin Tasklist was Re: Next priority to get running on
Date Sun, 14 May 2017 11:38:47 GMT

On 05/13/2017 08:02 PM, Kevin A. McGrail wrote:
> RESENDING: Scripts were blocked for security reasons
> On 5/13/2017 4:56 PM, Dave Jones wrote:
>> What's the next priority now that the rsync and httpd configs are active?
>> I will work on the build next using this:
> PREFACE: I'm working on the build.  If you would like to help, we need 
> to coordinate first.

Thank goodness!  I took a look at that README and my head started to 
explode.  I am not a perl developer so that was going to be very time 
consuming to get up to speed on that.  I will let you have it...  :)

> Here is the promised list of items I've identified.
> To me, the priority would be getting ruleqa/masscheck better documented 
> and back up and running would be ideal.

I will change to working on this as my next priority.

> If we can get that system running smoother with a shorter lag to 
> publishing rules, I'd like to help more with it.
> DONE - Touch a file called MIRROR.CHECK in 
> /var/www/ on SA-VM1 and test if it is 
> synced to the Mirrors.  NOTE: I sync every 10 mins
> - Document on the wiki that MIRRORED.BY contains the sa update mirror 
> contact names.

This is referenced in DNS by TXT record 
pointing to  Do you 
have the details on how this file gets updated on that server 
so we can add this to the wiki?

> - Get the various files for running the sa-update aka bbmass website 
> into SVN.  This would NOT be the update files but likely everything else 
> including the httpd.conf, MIRRORED.BY, etc.
> - Get the email to root from sa-vm1 to go to sysadmins@ without 
> moderation so we have cron logs, etc. archived.

root email will deliver to this list now.  Need someone to setup the to be allowed without moderation.  See test email 
I recently sent from root to the list.

> - KAM to Get the passwords for crashplan for SA into sysadmins repo 
> encrypted so we have multiple people who have access.
> - Get the sa-update-mirror-check script (attached) running on SA-VM1 and 
> emailing sysadmins@ without moderation
> - Get Darxus' rule update check script (attached) running on SA-VM1 and 
> emailing sysadmins@ without moderation.  See SA Dev list example: Rule 
> updates are too old - 2017-05-08
> - Get Darxus' check script updated for 3.4.2 and 3.3.2.
> - Perhaps update the sa-update-mirror-check to use the MIRROR.CHECK with 
> a timestamp to confirm it's within a reasonable period of time.
> - Find out who wrote the sa-update-mirror-check (likely on the list 
> archives), check the licensing on the post and hopefully ask who wrote 
> it to public domain or Apache license.  Then add 
> attribution/license/copyright and add it to the sysadmins repo.
> - Ask Darxus' if we can repo his script as well with 
> attribution/license/copyright as above
> - Ask Darxus' to turn off his script that runs on his infrastructure
> - Identify what we used to provide on the old servers.  Some things KAM 
> believes we had that need to be verified and likely expanded on:
>    o Masscheck RSYNC for people to send us their Masscheck Logs
>    o An email system for people to email and it would send the results 
> of checking that email
>    o Masscheck Corpora RSYNC or perhaps SSH for people to send us their 
> corpora for us to run our own Masscheck server.  NOTE: This is the most 
> sensitive data we would have I believe since it is other people's real 
> mail.
>    o For the above, I think I myself have this setup.  I'd like to 
> identify where and extend it / improve it / make sure it's working, etc.
>    o Look at the rsync MOTD[1]
>    o Masscheck stuff: 
> - KAM sent notes a 
> few days ago about how he got this running on spamassassin-vm.  if that 
> doesn't suffice, please let me know.

Will check this out today and try to get this working on sa-vm1.

> - Identify what jm was using to provide so I can mimic 
> it.  His cron jobs were disabled last January but I think they were 
> running items related to masscheck.
> - Get the RuleQA Website running again.

Will check this out today.

> - Identify what the server did/does/can do for 
> us.  NOTE: It might be the the same as below.
> - Talk to Grant Kellar with Sonic about the traps they have in place and 
> where they are sent to make sure we are utilizing them.
> - Clean up and remove unnecessary backup data on sa-vm1 - NO NEED TO BE 
> - Identify how much data we need if Infra can shrink the data storage 
> allocated for sa-vm1
> - Talk to AXB about SOUGHT and SOUGHT2
> - Update the documentation for InfraNotes2017 with another pass of 
> updates about machines, etc.
> [1]
> corpus
> nightly mass-check result upload area.  It is password protected.
> If you would like a password, please send a request to
> and request a "nightly" username and password.
> submit
> Score generation mass-check result upload area.  It is password
> protected.  If you would like a password, please send a request to
> and request a "score generation" username
> and password.  Generally these are only granted after a mass-check
> announcement has been made on the spamassassin developer mailing list.
> anoncorpus
> mass-check result download area, available via anonymous access.
> -- 
> Kevin A. McGrail
> Asst. Treasurer, Apache Software Foundation
> Chair Emeritus Apache SpamAssassin Project

View raw message