spamassassin-sysadmins mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Jones <da...@apache.org>
Subject Re: SysAdmin Tasklist was Re: Next priority to get running on sa-vm1.apache.org
Date Sun, 14 May 2017 11:38:47 GMT


On 05/13/2017 08:02 PM, Kevin A. McGrail wrote:
> RESENDING: Scripts were blocked for security reasons
> 
> On 5/13/2017 4:56 PM, Dave Jones wrote:
>> What's the next priority now that the rsync and httpd configs are active?
>>
>> I will work on the build next using this:
>>
>> https://svn.apache.org/repos/asf/spamassassin/trunk/build/README
> 
> PREFACE: I'm working on the build.  If you would like to help, we need 
> to coordinate first.
> 

Thank goodness!  I took a look at that README and my head started to 
explode.  I am not a perl developer so that was going to be very time 
consuming to get up to speed on that.  I will let you have it...  :)

> Here is the promised list of items I've identified.
> 
> To me, the priority would be getting ruleqa/masscheck better documented 
> and back up and running would be ideal.
> 

I will change to working on this as my next priority.

> If we can get that system running smoother with a shorter lag to 
> publishing rules, I'd like to help more with it.
> 
> 
> DONE - Touch a file called MIRROR.CHECK in 
> /var/www/bbmass.spamassassin.org/updates on SA-VM1 and test if it is 
> synced to the Mirrors.  NOTE: I sync every 10 mins
> 
> - Document on the wiki that MIRRORED.BY contains the sa update mirror 
> contact names.
> 

This is referenced in DNS by mirrors.updates.spamassasin.org TXT record 
pointing to http://spamassassin.apache.org/updates/MIRRORED.BY.  Do you 
have the details on how this file gets updated on that apache.org server 
so we can add this to the wiki?

> - Get the various files for running the sa-update aka bbmass website 
> into SVN.  This would NOT be the update files but likely everything else 
> including the httpd.conf, MIRRORED.BY, etc.
> 
> - Get the email to root from sa-vm1 to go to sysadmins@ without 
> moderation so we have cron logs, etc. archived.
> 

root email will deliver to this list now.  Need someone to setup the 
root@sa-vm1.apache.org to be allowed without moderation.  See test email 
I recently sent from root to the list.

> - KAM to Get the passwords for crashplan for SA into sysadmins repo 
> encrypted so we have multiple people who have access.
> 
> - Get the sa-update-mirror-check script (attached) running on SA-VM1 and 
> emailing sysadmins@ without moderation
> 
> - Get Darxus' rule update check script (attached) running on SA-VM1 and 
> emailing sysadmins@ without moderation.  See SA Dev list example: Rule 
> updates are too old - 2017-05-08
> 
> - Get Darxus' check script updated for 3.4.2 and 3.3.2.
> 
> - Perhaps update the sa-update-mirror-check to use the MIRROR.CHECK with 
> a timestamp to confirm it's within a reasonable period of time.
> 
> - Find out who wrote the sa-update-mirror-check (likely on the list 
> archives), check the licensing on the post and hopefully ask who wrote 
> it to public domain or Apache license.  Then add 
> attribution/license/copyright and add it to the sysadmins repo.
> 
> - Ask Darxus' if we can repo his script as well with 
> attribution/license/copyright as above
> 
> - Ask Darxus' to turn off his script that runs on his infrastructure
> 
> - Identify what we used to provide on the old servers.  Some things KAM 
> believes we had that need to be verified and likely expanded on:
> 
>    o Masscheck RSYNC for people to send us their Masscheck Logs
>    o An email system for people to email and it would send the results 
> of checking that email
>    o Masscheck Corpora RSYNC or perhaps SSH for people to send us their 
> corpora for us to run our own Masscheck server.  NOTE: This is the most 
> sensitive data we would have I believe since it is other people's real 
> mail.
>    o For the above, I think I myself have this setup.  I'd like to 
> identify where and extend it / improve it / make sure it's working, etc.
>    o Look at the rsync MOTD[1]
>    o Masscheck stuff: 
> https://wiki.apache.org/spamassassin/NightlyMassCheck - KAM sent notes a 
> few days ago about how he got this running on spamassassin-vm.  if that 
> doesn't suffice, please let me know.
> 

Will check this out today and try to get this working on sa-vm1.

> - Identify what jm was using talon1.pccc.com to provide so I can mimic 
> it.  His cron jobs were disabled last January but I think they were 
> running items related to masscheck.
> 
> - Get the RuleQA Website running again.
> 

Will check this out today.

> - Identify what the incoming.spamassassin.org server did/does/can do for 
> us.  NOTE: It might be the the same as below.
> 
> - Talk to Grant Kellar with Sonic about the traps they have in place and 
> where they are sent to make sure we are utilizing them.
> 
> - Clean up and remove unnecessary backup data on sa-vm1 - NO NEED TO BE 
> HASTY ON THIS, I'M JUST WRITING A COMPLETE LIST.
> 
> - Identify how much data we need if Infra can shrink the data storage 
> allocated for sa-vm1
> 
> - Talk to AXB about SOUGHT and SOUGHT2
> 
> - Update the documentation for InfraNotes2017 with another pass of 
> updates about machines, etc.
> 
> 
> [1]
> corpus
> nightly mass-check result upload area.  It is password protected.
> If you would like a password, please send a request to
> pmc@spamassassin.apache.org and request a "nightly" username and password.
> 
> submit
> Score generation mass-check result upload area.  It is password
> protected.  If you would like a password, please send a request to
> pmc@spamassassin.apache.org and request a "score generation" username
> and password.  Generally these are only granted after a mass-check
> announcement has been made on the spamassassin developer mailing list.
> 
> anoncorpus
> mass-check result download area, available via anonymous access.
> 
> 
> -- 
> Kevin A. McGrail
> Asst. Treasurer, Apache Software Foundation
> Chair Emeritus Apache SpamAssassin Project
> 

Mime
View raw message