On 05/13/2017 08:02 PM, Kevin A. McGrail wrote:
RESENDING: Scripts were blocked for security reasons

On 5/13/2017 4:56 PM, Dave Jones wrote:
What's the next priority now that the rsync and httpd configs are active?

I will work on the build next using this:

https://svn.apache.org/repos/asf/spamassassin/trunk/build/README

PREFACE: I'm working on the build. If you would like to help, we need to coordinate first.


Thank goodness! I took a look at that README and my head started to explode. I am not a perl developer so that was going to be very time consuming to get up to speed on that. I will let you have it... :)

Here is the promised list of items I've identified.

To me, the priority would be getting ruleqa/masscheck better documented and back up and running would be ideal.


I will change to working on this as my next priority.

If we can get that system running smoother with a shorter lag to publishing rules, I'd like to help more with it.


DONE - Touch a file called MIRROR.CHECK in /var/www/bbmass.spamassassin.org/updates on SA-VM1 and test if it is synced to the Mirrors. NOTE: I sync every 10 mins

- Document on the wiki that MIRRORED.BY contains the sa update mirror contact names.


This is referenced in DNS by mirrors.updates.spamassasin.org TXT record pointing to http://spamassassin.apache.org/updates/MIRRORED.BY. Do you have the details on how this file gets updated on that apache.org server so we can add this to the wiki?

- Get the various files for running the sa-update aka bbmass website into SVN. This would NOT be the update files but likely everything else including the httpd.conf, MIRRORED.BY, etc.

- Get the email to root from sa-vm1 to go to sysadmins@ without moderation so we have cron logs, etc. archived.


root email will deliver to this list now. Need someone to setup the [email protected] to be allowed without moderation. See test email I recently sent from root to the list.

- KAM to Get the passwords for crashplan for SA into sysadmins repo encrypted so we have multiple people who have access.

- Get the sa-update-mirror-check script (attached) running on SA-VM1 and emailing sysadmins@ without moderation

- Get Darxus' rule update check script (attached) running on SA-VM1 and emailing sysadmins@ without moderation. See SA Dev list example: Rule updates are too old - 2017-05-08

- Get Darxus' check script updated for 3.4.2 and 3.3.2.

- Perhaps update the sa-update-mirror-check to use the MIRROR.CHECK with a timestamp to confirm it's within a reasonable period of time.

- Find out who wrote the sa-update-mirror-check (likely on the list archives), check the licensing on the post and hopefully ask who wrote it to public domain or Apache license. Then add attribution/license/copyright and add it to the sysadmins repo.

- Ask Darxus' if we can repo his script as well with attribution/license/copyright as above

- Ask Darxus' to turn off his script that runs on his infrastructure

- Identify what we used to provide on the old servers. Some things KAM believes we had that need to be verified and likely expanded on:

   o Masscheck RSYNC for people to send us their Masscheck Logs
o An email system for people to email and it would send the results of checking that email o Masscheck Corpora RSYNC or perhaps SSH for people to send us their corpora for us to run our own Masscheck server. NOTE: This is the most sensitive data we would have I believe since it is other people's real mail. o For the above, I think I myself have this setup. I'd like to identify where and extend it / improve it / make sure it's working, etc.
   o Look at the rsync MOTD[1]
o Masscheck stuff: https://wiki.apache.org/spamassassin/NightlyMassCheck - KAM sent notes a few days ago about how he got this running on spamassassin-vm. if that doesn't suffice, please let me know.


Will check this out today and try to get this working on sa-vm1.

- Identify what jm was using talon1.pccc.com to provide so I can mimic it. His cron jobs were disabled last January but I think they were running items related to masscheck.

- Get the RuleQA Website running again.


Will check this out today.

- Identify what the incoming.spamassassin.org server did/does/can do for us. NOTE: It might be the the same as below.

- Talk to Grant Kellar with Sonic about the traps they have in place and where they are sent to make sure we are utilizing them.

- Clean up and remove unnecessary backup data on sa-vm1 - NO NEED TO BE HASTY ON THIS, I'M JUST WRITING A COMPLETE LIST.

- Identify how much data we need if Infra can shrink the data storage allocated for sa-vm1

- Talk to AXB about SOUGHT and SOUGHT2

- Update the documentation for InfraNotes2017 with another pass of updates about machines, etc.


[1]
corpus
nightly mass-check result upload area.  It is password protected.
If you would like a password, please send a request to
[email protected] and request a "nightly" username and password.

submit
Score generation mass-check result upload area.  It is password
protected.  If you would like a password, please send a request to
[email protected] and request a "score generation" username
and password.  Generally these are only granted after a mass-check
announcement has been made on the spamassassin developer mailing list.

anoncorpus
mass-check result download area, available via anonymous access.


--
Kevin A. McGrail
Asst. Treasurer, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project

Reply via email to