We discussed this a year or two ago. The data on there is not sensitive and is cryptographically verified by spamassassin before being used. Can you name a single reason the data needs to be encrypted in transit? KAM
On Thu, Apr 28, 2022, 07:17 Henrik K <h...@hege.li> wrote: > On Thu, Apr 28, 2022 at 12:40:58PM +0200, Fossies Administrator wrote: > > On Wed, 27 Apr 2022, Henrik K wrote: > > > > > > > > There's really no reason these days for not using https. > > > > > > Only three mirrors work with it right now: > > > > > > sa-update.razx.cloud > > > sa-update.pccc.com > > > sa-update.mailfud.org > > > > > > Could maybe others prepare for it? sa-update seems to happily use > https:// > > > mirrors starting from 3.4.0, so there shouldn't be any reason not to > update > > > these. > > > > > > Btw I just updated DNS to https too: > > > mirrors.updates.spamassassin.org. " > https://spamassassin.apache.org/updates/MIRRORED.BY"; > > > > > > Apparently spamassassin.apache.org has had https-redirect for a long > time, > > > which broke the old checkSAupdateMirrors.sh script too. > > > > Unfortunately my server fossies.org currently uses a commercial > certificate > > only usable for the names "fossies.org" and "www.fossies.org" but not > for > > "sa-update.fossies.org" and some first general tests some months ago > using > > Let's Encrypt were not yet successful. > > > > Since I don't know when I have time for a new attempt (probably > > summer/autumn after a big hardware migration) and the https request seems > > understandable you may remove the server "sa-update.fossies.org" > > if meaningful (relatively easy to get over, since it only has a weight > of 1). > > I don't see it as a huge problem if we leave few mirrors as http:// - it > enables ancient 3.3 clients to still get some updates.. dunno if that's > good or bad. Maybe let's try to convert all "this year"? > > Btw about mirror weights, how were they decided? Basically weight=1 means > there's a 1/50 chance to get a request, or 10 times less than the weight=10 > mirrors. Is everyone happy about the amount of traffic they receive? I'll > probably bump mine up a bit since I have no traffic limits/costs.. > > sa-update.verein-clean.net (1/4.8 chance) > sa-update.spamassassin.org (1/4.8 chance) > www.sa-update.pccc.com (1/9.6 chance) > sa-update.ena.com (1/9.6 chance) > sa-update.razx.cloud (1/9.6 chance) > sa-update-asf.snb.it (1/9.6 chance) > sa-update.dnswl.org (1/16.0 chance) > sa-update.mailfud.org (1/16.0 chance) > sa-update.space-pro.be (1/47.2 chance) > sa-update.fossies.org (1/47.4 chance) > > Cheers, > Henrik >
