FSL's copy of RulesDuJour outdated?
Stephen Swaney
steve.swaney at fsl.com
Fri Oct 26 20:46:46 IST 2007
Matt,
Thanks for pointing that out. We do need to update. We're actually not using
the rules_du_jour script anymore but rather, updating SARE rules using the
new SA update mechanism. I'll try and remove the old material and update the
links.
Thanks,
Steve
Steve Swaney
steve at fsl.com
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
> bounces at lists.mailscanner.info] On Behalf Of Matt Kettler
> Sent: Friday, October 26, 2007 3:28 PM
> To: MailScanner discussion
> Subject: FSL's copy of RulesDuJour outdated?
>
> In FSL's "resources" page, they have a link to download RDJ:
>
> http://www.fsl.com/resources.html
>
> However, the RDJ script contained there is out-of-date, containing
> Version 1.28.
>
> The current release of RDJ is Version 1.30, as distributed at:
>
> sandgnat.com/rdj/rules_du_jour
>
> (Note: sandgnat.com is run by Chris Thielen, the original author of
> RDJ. He
> doesn't have exit0.us anymore, so he hosts it at sandgnat.com).
>
> I point the problem out because the version of RDJ distributed by FSL
> still
> supports fetching antidrug.cf from comcast.net. Although not enabled by
> default,
> someone might be misled into enabling it.
>
> I no longer have control of the account on comcast that the script
> points to,
> which would make it a very bad thing if someone tries to fetch antidrug
> from
> there. Any spammer might be the next person who has control of that
> comcast
> account, and they could publish any config file they wanted there,
> possibly
> including one with a regex designed to exploit SpamAssassin itself..
> Running
> untrusted rules as root could possibly be dangerous...
>
> Can someone at FSL either remove or update their RDJ packages?
>
> You might also want to keep on top of it, as the SA devs have been
> trying to
> encourage Chris to comment-out the support for Will Stearns's blacklist
> and
> blacklist-uri as well.
>
> (They're interesting for research, but are also sure-fire ways to kill
> SpamAssassin due to their size. About once a week we see someone asking
> why SA
> is so slow and it turns out they have enabled this ruleset in RDJ..).
>
>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list