1 |
Pierre-Yves Rofes <py@g.o> wrote: |
2 |
> On Fri, August 3, 2007 2:07 am, Robin H. Johnson wrote: |
3 |
> > The upstream rules_du_jour folk have had issues over the last few |
4 |
> > months with DDoS and other attacks. Additionally, the nature of |
5 |
> > their original update mechanism causes a lot of traffic. |
6 |
> > |
7 |
> > Everybody that is using rules_du_jour is strongly encouraged to move |
8 |
> > to using the sa-update mechanism that is included with recent |
9 |
> > versions of SpamAssassin. |
10 |
> > |
11 |
> > Here is a guide to using SARE rulesets with sa-update: |
12 |
> > http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt |
13 |
> > |
14 |
> > mail-filter/spamassassin-ruledujour will be p.masked on August 4th, |
15 |
> > and removed one month thereafter. |
16 |
> |
17 |
> Do you have references for this security issues? Maybe a bug should be |
18 |
> opened to decide if we release a maskglsa for this one. |
19 |
|
20 |
It's not a vulnerability in Rules du Jour. It's a bunch of spammers |
21 |
attacking the Rules du Jour servers and ISP. SARE has also been down a |
22 |
whole bunch over the last couple of months due to the same attack. |
23 |
|
24 |
-- |
25 |
"Such things have often happened and still happen, |
26 |
and how can these be signs of the end of the world?" |
27 |
-- Julian, Emperor of Rome 361-363 A.D. |