ClamAV, as it stands, does not do on-access scanning. I quite dislike the way the Win32 version (ClamWin) installs a little Clam icon into the system tray, as a false sense of security is worse than no security at all.
MoonSecure is a scanner/heuristics engine that uses Clam's signatures and does perform on-access scanning but, when I last tried it, it had "issues".
Avast is my current recommendation of the freebies for personal use, followed by Avira, if you can stand the constant nagging about upgrading to paid versions. Avira's detection rate, last I looked, was slightly better than Avast's but the nag screens are a bone of contention. Also have a look at Comodo's offerings. Note that none of these are free software, just free to use. MoonSecure is GPL'd and may have become a little better since I tried it, so it may be worth a shot if freedom matters to you.
Rubbish. A package manager is invoked by the user. This kill switch is invoked by a remote entity. *That* is the difference. Not only this, but I find the notion of a handset checking back with its OS vendor a little un-nerving, especially when said vendor is the the web-marketing giant of the world. What else do you suppose they could use this conduit for?
Not that simple. Open a cmd terminal and type:
ipv6 install
XP will obediently install the IPv6 stack and go looking for a rtadv server. If you haven't got an IPv6 gateway, you can configure a tunnel or rely on MS's implementation of Teredo. Only Vasti has IPv6 as standard. XP needs a magical incantation on the command line (gasp!) to get dual stack.
Until such time as some of the larger sites like, say, oh, I don't know, how about SLASHDOT get their finger out and install IPv6, people aren't going to bother. As a probably flawed analogy, would you buy a top-of-the-range games console with wireless everything and teraflops of processing power if there was not a single piece of software to run on it? Actually, this being Slashdot, you probably would just for bragging rights, especially if said CPU had a cool name like cellPwner pro or something. I know, bad analogy.
;; AUTHORITY SECTION:
slashdot.org. 3149 IN SOA ns-1.ch3.sourceforge.com. hostmaster.corp.sourceforge.com. 2008080600 14400 1800 604800 3600
;; Query time: 0 msec
Go figure. This is why IPv6 isn't taking off and a pox on anyone who says otherwise. Trying to blame sysadmins for not deploying IPv6 is a downright insult. We're ready, Slashdot. Google's ready. A whole raft of other sites have connectivity and are ready. Looks like you're not.
...and for those who cannot afford the Happy Hacking 'board, BTC make a rather nice standard keysize mini 'board called the 5100C. I have three of them here and, while they're certainly not Model Ms (but in fairness, would you really expect a Model M for $25), they're as good as any modern keyboard I've ever used. Another plus for those of us who are sick of that silly key between the CTRL and ALT is that they do not have Windows keys. Now move the Caps Lock ^^^ up there somewhere and we'll have an almost perfect *nix 'board.
To the reviewer who wrote this article, some of us do use the scroll lock. A lot. Ever tried to read a console scrollback buffer on BSD without one?
Ports are being developed and currently reside in the area51 repository. Subscribe to the kde-freebsd@kde.org mailing list to follow progress. Currently, the biggest show-stopper is the co-existence of KDE3 and KDE4 on the same system, along with QT3x and QT4x libs in ${LOCALBASE}. I prefer to continue to use 3.5.8 (although arts is broken on 7.0-R for certain configurations of hardware, but arts is well known for being a PoS anyway) until 4.x is stable.
The version of Netcraft the trolls use must be different to the one I see each month which consistently has FreeBSD hosts in the top ten on an equal footing with everyone else. There are currently (2008.05.01.21.13.05 UTC) four BSD hosting sites in the top ten, leaving that other OS and It Isn't Secure to fight over the remaining six places. Assuming the unknowns aren't FreeBSD, of course.
The April Fools' joke started yesterday if I'm not mistaken. Linky in case you missed it (last paragraph of the summary). It's really rather clever in a nerdy, social engineeringesque sort of way.
This from a Linux user... but even from here I can appreciate the poignancy of it all. Cheers!
Thank you, Panoramix. Of course, I don't mean a word of it. What GNU/Linux has achieved, both in terms of "herding cats" and opening the general public's eyes to the way they're being manipulated is both staggering and commendable. RMS, although a bit eccentric and can be quite rigid in his pursuit of perfect freedom, is a very good front man for GNU and free software in general and I respect him enormously.
Some people do need a bit of ego deflation from time to time though and, if anyone thinks I mean GNU folks, just remember which project has Theo DeRaadt;)
Still Alive, BSD version, sung to the tune of Jonathan Coulton's "Still Alive" from the game "Portal," originally vocalised by Ellen McLain in character as GLaDOS.
This was a triumph, I'm logging a note here: Huge success, We had to dummynet the heavy traffic, BSD Unix (R), We code what we must because we can, For the good of all of us, Including vendors as well,
But there's no sense arguing with licensing dinks, You just keep debugging so the PR count shrinks, And releases get done, Raymond gets a new gun, But despite this we are, Still alive!
I'm not even angry, I'm being so sincere right now, Even though we got here first and beat you, Now you say that we're dying, And this is the year GNU succeeds, As you make statistics up, We are so happy for you,
Now these points of data made our code really shine, And we're out of beta, we're releasing on time, So I'm glad you think you won, There's so much needs to be done, But regardless we are, Still alive!
So go post on Slashdot, I think I'd prefer to read the lists, Maybe you'll get your own kernel someday, Maybe that Hurd thing, That was a joke, ha ha, fat chance, Anyway, this code is great, It's so consistent and neat,
Look at me still gloating when there's -CURRENT to plan, When it's said and done you'll know that we're the best "clan", We are organised and clean, We go where you've never been, And you know that we are, Still alive!
Believe me, we are still alive, We're on the server and we're still alive, We're on the desktop and we're still alive, We power MacOS and we're still alive, We're running routers and we're still alive, Still alive, Still alive!
God's teeth, man! Have you really read the article? The vulnerability was reported to Opera a day before Fx 2.0.0.12 was released with full disclosure of Fx and Seamonkey bugs (no mention whatsoever of Opera) on the 7th. It is now the 18th. 18th - 6th = 12. Instead of keeping schtum and coding a fix, they chose to shoot themselves in the foot by disclosing that Opera had this vulnerability and it was the big, bad Mozilla Foundation's fault that it was disclosed because they fixed the browser that has 27% market share and growing [1] in Europe and told people what they had fixed. Nowhere did Mozilla, or anyone else, mention that Opera was vulnerable. I didn't even know, despite being subscribed to a number of vulnerability reporting lists, until they opened their mouths and took a swipe at Mozilla. I know now, of course. Why do you think that is?
The whole point of this entire debacle is that Opera themselves disclosed this and, by complaining about full disclosure, showed their true colours when it comes to vulnerabilities in their flagship browser. Mozilla reported the vulnerability in a professional manner to a competitor to whom they owe nothing but felt ethically it was the right thing to do, then fixed their own product. Opera's actions in this matter show me quite clearly what they would have preferred to do but perhaps I'm just a raving zealot or a tin-foil hatter seeing conspiracies where none exist. There again, perhaps not. Feeling lucky? I hope you are, since you're betting, with apparently very little information, that Opera fixes the bugs in its software instead of simply sitting on reports from security experts trying to do the right thing. Security experts and competitors who may just think twice before submitting findings to Opera in the future.
[1] 94% of statistics are pulled from someone's behind. Suffice to say a significant portion of the web browsing public use Fx. My analog shows it to be much, much higher but my web server hosts predominantly open source software, so that's to be expected.
OK, I hold my hands up to the cheap dig and I apologise for it. However, in mitigation, I personally feel more comfortable with open source simply because, while I may not understand all of it nor will I ever have the time to read the entire source of, for example, Konqueror, I am sure that people far more skilled than I who would never have seen the code had it been proprietary HAVE seen it collectively. That makes me more confident in that code and the resulting binary.
As this shows, it's not perfect, but large projects rarely are. It does get fixed quickly, though, which is another advantage of open source: You don't have to beg the one guy who understands that bit of the parser (who happens to be on vacation, has slipped on the ski slope and won't be back until the bones knit) to fix it when you have the source. You can file a patch with the bug report.
WebKit, upon which Safari is built, isn't closed source. It grew from the KDE project's KHTML and parts of both keep going both ways. MacOS X, yes, you have another valid point, but we're not talking about OSen here, we're talking about web browsers.
It wasn't a deliberate cheap shot. I have thought about the issues long and hard but I shouldn't assume what works for me is universally acceptable so, again, I apologise.
They've had twelve days to fix it. Have they? If you RTFA, you'll see not only have they not, they've expended a greater amount of energy trying to whip up support for their malcontent with Mozilla. So, in reply, yes it does seem that they would rather cover this up than fix the issue in a timely manner. Their actions scream it, even if TFA doesn't.
Seems if they'd kept their whiny mouths shut, nobody would have realised from the vulnerability disclosure that the issue affects Opera. Now EVERYONE knows, from the kiddie scripting 'sploits to the IT manager planning the software deployment for the next few months, who is now seeing why closed-source Opera isn't really such a great choice after all. Even the CVE entry doesn't disclose Opera's vulnerability to this bug. Still, it makes good comedy if nothing else...
Quite, but the reasons for disliking them are legion. My own distaste comes not from the fact they sue people making available copyrighted works. Rather, it's the fact that they keep trying to shift the blame for decreasing revenue from their members churning out crap to the Internet generation and the freedom of information that brings. That they also rarely seem to get the right person to sue and their methods seem to be a technical version of map+pin+blindfold don't help their image, either. I'm yet to see someone in court ask for the RIAA's investigators' ntp logs (admittedly, I haven't looked too hard) to ensure the IP address they request information on is actually accurate at that time, but I'm sure it'll happen once people eventually get their heads around dynamic IP allocation. Can't prove your timestamps are accurate? Off you go, try again and, this time, do it properly. And no, we won't accept your stratum 16 internal server as proof of clock accuracy. External, independent strat 1 or 2 reference or bugger off.
Of course, their whole modus operandi right now relies on the fact that civil cases don't require quite as much "beyond reasonable doubt" proof as criminal cases do. Then, of course, there is the whole "punish the entire Internet" because some clown just HAS to have the latest Britney crap. No, the Recording Industry Ass. of America has nobody to blame but themselves for the way the general public see them and, by association, their members.
The poster who recommended the alternate ISO has the correct advice, although the Linux driver from nVidia in the repo is most certainly not a beta. The open source nv(4x) driver doesn't handle some configurations of the mobility chipsets, especially the 8xxx series, very well so the ncurses based installer on the alternate disk (looks a bit like the Debian installer, which is hardly surprising) will get you up and running enough to {Ctrl}{Alt}{F1} to the console and "sudo apt-get install nvidia-glx-new" which should also pull in the restricted kernel modules package, assuming this is Ubuntu 7.10 (Gutsy) we're talking about. Then just throw "sudo nvidia-xconfig" at the CLI and reboot. Things should go swimmingly after that.
Or not. You specify your OS by the applications you wish to use, not to satisfy some Slashdot flame-warriors. Good luck, whatever you decide to do.
It is my understanding that DKIM is for use in mass mailing where individually encrypting the messages or attaching a relatively large digital signature would not be feasible. Thus, there are better options for personal use.
The point of DKIM is header signing, not encryption. Think the drunken love-child of SPF and DomainKeys on steroids. The public key of the key you sign the headers with appears in your domain as a TXT record. Your milter or whatever takes a hash of the headers, signs it with the private key and puts this into the DKIM-Signature header. The receiving mailserver looks up the public key from DNS and tests the headers against the signed hash. If it matches, it's legit.
Sending a mail to sa-test at sendmail (which also tests DomainKeys and SPF) through a DKIM enabled mail server gets us this:
Neat, huh? It would be quite effective along with DNSSec, but I doubt the spammers will be publishing DKIM TXT records any time soon so their crap will simply be passed by the milter with a shrug and a "nothing to do here" type response. This won't tackle spam but it may tackle Joe jobs quite effectively if it ever reaches critical mass.
Long story short, if you haven't got a domain and a nameserver you can add TXT records to, along with a mail server you can add filters to, this isn't for you.
Time to start a new one. This meme got tiring ages ago...
Still Alive, BSD version, sung to the tune of Jonathan Coulton's "Still Alive" from the game "Portal," originally vocalised by Ellen McLain in character as GLaDOS. I be asserting me fair use right of parody, yarr!
This was a triumph, I'm logging a note here: Huge success, We had to dummynet the heavy traffic, BSD Unix (R), We code what we must because we can, For the good of all of us, Including vendors as well,
But there's no sense crying over closed source code, You just keep debugging 'till the core dumps are old, And releases get done, Raymond gets a new gun, But despite this we are, Still alive!
I'm not even angry, I'm being so sincere right now, Even though we got here first and beat you, Now you say that we're dying, And this is the year of Linux' dreams, As you make statistics up, We are so happy for you,
Now these points of data made our code really shine, And we're out of beta, we're releasing on time, So I'm glad you think you won, There's so much needs to be done, But regardless we are, Still alive!
So go post on Slashdot, I think I'd prefer to read the lists, Maybe you'll get your own kernel someday, Maybe that Hurd thing, That was a joke, ha ha, fat chance, Anyway, this code is great, It's so consistent and neat,
Look at me still gloating when there's -CURRENT to plan, When it's said and done you'll know that we're the best "clan", We are organised and clean, We go where you've never been, And we'll always be, Still alive!
Believe me, we are still alive, We're all legit now and we're still alive, We're on the server and we're still alive, We're on the desktop and we're still alive, We're helping Apple and we're still alive, We're running routers and we're still alive, We're on your gateway and we're still alive, We've got your e-mail and we're still alive, And when you're dying we'll be still alive, Still alive, Still alive!
(I hope you bastards appreciate this; it took me ages to get it to scan properly.)
cool, blue, semi-translucent baubles and a Star Trek reference
You missed these then?
make Windows so it works underwater
Doesn't get much more blue (OK, electric arcs contain more UV, but it *looks* blue) or translucent and, if it's the North Atlantic, cool is an understatement.
[and] in space
As in lost. Danger, Will Robinson! (IMHO, the first iteration of GPF)
Actually, Dan, it's us they're disconnecting. This is phase 2. Phase 3 of the plan is to move the root DNS inside the isolated segments.
1) Redefine "Internet" as countries who don't download Britney albums. 2) Disconnect world+dog from new Internet. 3) Move roots into new Internet. 4) ??? 5) PROPHET!
Slashdot Mirror
ClamAV, as it stands, does not do on-access scanning. I quite dislike the way the Win32 version (ClamWin) installs a little Clam icon into the system tray, as a false sense of security is worse than no security at all.
MoonSecure is a scanner/heuristics engine that uses Clam's signatures and does perform on-access scanning but, when I last tried it, it had "issues".
Avast is my current recommendation of the freebies for personal use, followed by Avira, if you can stand the constant nagging about upgrading to paid versions. Avira's detection rate, last I looked, was slightly better than Avast's but the nag screens are a bone of contention. Also have a look at Comodo's offerings. Note that none of these are free software, just free to use. MoonSecure is GPL'd and may have become a little better since I tried it, so it may be worth a shot if freedom matters to you.
Rubbish. A package manager is invoked by the user. This kill switch is invoked by a remote entity. *That* is the difference. Not only this, but I find the notion of a handset checking back with its OS vendor a little un-nerving, especially when said vendor is the the web-marketing giant of the world. What else do you suppose they could use this conduit for?
And that is an admonition to the user, not a corporate reminder. It has a subtext: "Don't be evil... because we're watching you."
Not that simple. Open a cmd terminal and type:
ipv6 install
XP will obediently install the IPv6 stack and go looking for a rtadv server. If you haven't got an IPv6 gateway, you can configure a tunnel or rely on MS's implementation of Teredo. Only Vasti has IPv6 as standard. XP needs a magical incantation on the command line (gasp!) to get dual stack.
Until such time as some of the larger sites like, say, oh, I don't know, how about SLASHDOT get their finger out and install IPv6, people aren't going to bother. As a probably flawed analogy, would you buy a top-of-the-range games console with wireless everything and teraflops of processing power if there was not a single piece of software to run on it? Actually, this being Slashdot, you probably would just for bragging rights, especially if said CPU had a cool name like cellPwner pro or something. I know, bad analogy.
;; global options: printcmd
;; Got answer:
;; ->>HEADER ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION: ;slashdot.org. IN AAAA
;; AUTHORITY SECTION:
;; Query time: 0 msec
; > DiG 9.3.4-P1 > slashdot.org AAAA
; (1 server found)
slashdot.org. 3149 IN SOA ns-1.ch3.sourceforge.com.
hostmaster.corp.sourceforge.com. 2008080600 14400 1800 604800 3600
Go figure. This is why IPv6 isn't taking off and a pox on anyone who says otherwise. Trying to blame sysadmins for not deploying IPv6 is a downright insult. We're ready, Slashdot. Google's ready. A whole raft of other sites have connectivity and are ready. Looks like you're not.
You said what? I don't see much fecal material but, then, I may not be looking in the right places :-)
I'm not defending Grisoft, simply pointing out that this sort of balls-up is more common than many think.
...and for those who cannot afford the Happy Hacking 'board, BTC make a rather nice standard keysize mini 'board called the 5100C. I have three of them here and, while they're certainly not Model Ms (but in fairness, would you really expect a Model M for $25), they're as good as any modern keyboard I've ever used. Another plus for those of us who are sick of that silly key between the CTRL and ALT is that they do not have Windows keys. Now move the Caps Lock ^^^ up there somewhere and we'll have an almost perfect *nix 'board.
To the reviewer who wrote this article, some of us do use the scroll lock. A lot. Ever tried to read a console scrollback buffer on BSD without one?
Impossible! He hasn't got around to releasing the iCoffin yet.
Ports are being developed and currently reside in the area51 repository. Subscribe to the kde-freebsd@kde.org mailing list to follow progress. Currently, the biggest show-stopper is the co-existence of KDE3 and KDE4 on the same system, along with QT3x and QT4x libs in ${LOCALBASE}. I prefer to continue to use 3.5.8 (although arts is broken on 7.0-R for certain configurations of hardware, but arts is well known for being a PoS anyway) until 4.x is stable.
The version of Netcraft the trolls use must be different to the one I see each month which consistently has FreeBSD hosts in the top ten on an equal footing with everyone else. There are currently (2008.05.01.21.13.05 UTC) four BSD hosting sites in the top ten, leaving that other OS and It Isn't Secure to fight over the remaining six places. Assuming the unknowns aren't FreeBSD, of course.
Never mind. You didn't stand a chance getting into her OpenBSD knickers anyway.
The April Fools' joke started yesterday if I'm not mistaken. Linky in case you missed it (last paragraph of the summary). It's really rather clever in a nerdy, social engineeringesque sort of way.
Because we all know who will end up paying for this, don't we? Hint: It won't be the tier one manufacturers.
Thank you, Panoramix. Of course, I don't mean a word of it. What GNU/Linux has achieved, both in terms of "herding cats" and opening the general public's eyes to the way they're being manipulated is both staggering and commendable. RMS, although a bit eccentric and can be quite rigid in his pursuit of perfect freedom, is a very good front man for GNU and free software in general and I respect him enormously.
Some people do need a bit of ego deflation from time to time though and, if anyone thinks I mean GNU folks, just remember which project has Theo DeRaadt ;)
Still Alive, BSD version, sung to the tune of Jonathan Coulton's "Still Alive" from the game "Portal," originally vocalised by Ellen McLain in character as GLaDOS.
:)
This was a triumph,
I'm logging a note here: Huge success,
We had to dummynet the heavy traffic,
BSD Unix (R),
We code what we must because we can,
For the good of all of us,
Including vendors as well,
But there's no sense arguing with licensing dinks,
You just keep debugging so the PR count shrinks,
And releases get done,
Raymond gets a new gun,
But despite this we are,
Still alive!
I'm not even angry,
I'm being so sincere right now,
Even though we got here first and beat you,
Now you say that we're dying,
And this is the year GNU succeeds,
As you make statistics up,
We are so happy for you,
Now these points of data made our code really shine,
And we're out of beta, we're releasing on time,
So I'm glad you think you won,
There's so much needs to be done,
But regardless we are,
Still alive!
So go post on Slashdot,
I think I'd prefer to read the lists,
Maybe you'll get your own kernel someday,
Maybe that Hurd thing,
That was a joke, ha ha, fat chance,
Anyway, this code is great,
It's so consistent and neat,
Look at me still gloating when there's -CURRENT to plan,
When it's said and done you'll know that we're the best "clan",
We are organised and clean,
We go where you've never been,
And you know that we are,
Still alive!
Believe me, we are still alive,
We're on the server and we're still alive,
We're on the desktop and we're still alive,
We power MacOS and we're still alive,
We're running routers and we're still alive,
Still alive,
Still alive!
So there.
...of Warcraft. Sorry, I just couldn't resist.
The whole point of this entire debacle is that Opera themselves disclosed this and, by complaining about full disclosure, showed their true colours when it comes to vulnerabilities in their flagship browser. Mozilla reported the vulnerability in a professional manner to a competitor to whom they owe nothing but felt ethically it was the right thing to do, then fixed their own product. Opera's actions in this matter show me quite clearly what they would have preferred to do but perhaps I'm just a raving zealot or a tin-foil hatter seeing conspiracies where none exist. There again, perhaps not. Feeling lucky? I hope you are, since you're betting, with apparently very little information, that Opera fixes the bugs in its software instead of simply sitting on reports from security experts trying to do the right thing. Security experts and competitors who may just think twice before submitting findings to Opera in the future.
[1] 94% of statistics are pulled from someone's behind. Suffice to say a significant portion of the web browsing public use Fx. My analog shows it to be much, much higher but my web server hosts predominantly open source software, so that's to be expected.
OK, I hold my hands up to the cheap dig and I apologise for it. However, in mitigation, I personally feel more comfortable with open source simply because, while I may not understand all of it nor will I ever have the time to read the entire source of, for example, Konqueror, I am sure that people far more skilled than I who would never have seen the code had it been proprietary HAVE seen it collectively. That makes me more confident in that code and the resulting binary.
As this shows, it's not perfect, but large projects rarely are. It does get fixed quickly, though, which is another advantage of open source: You don't have to beg the one guy who understands that bit of the parser (who happens to be on vacation, has slipped on the ski slope and won't be back until the bones knit) to fix it when you have the source. You can file a patch with the bug report.
WebKit, upon which Safari is built, isn't closed source. It grew from the KDE project's KHTML and parts of both keep going both ways. MacOS X, yes, you have another valid point, but we're not talking about OSen here, we're talking about web browsers.
It wasn't a deliberate cheap shot. I have thought about the issues long and hard but I shouldn't assume what works for me is universally acceptable so, again, I apologise.
They've had twelve days to fix it. Have they? If you RTFA, you'll see not only have they not, they've expended a greater amount of energy trying to whip up support for their malcontent with Mozilla. So, in reply, yes it does seem that they would rather cover this up than fix the issue in a timely manner. Their actions scream it, even if TFA doesn't.
Seems if they'd kept their whiny mouths shut, nobody would have realised from the vulnerability disclosure that the issue affects Opera. Now EVERYONE knows, from the kiddie scripting 'sploits to the IT manager planning the software deployment for the next few months, who is now seeing why closed-source Opera isn't really such a great choice after all. Even the CVE entry doesn't disclose Opera's vulnerability to this bug. Still, it makes good comedy if nothing else...
Of course, their whole modus operandi right now relies on the fact that civil cases don't require quite as much "beyond reasonable doubt" proof as criminal cases do. Then, of course, there is the whole "punish the entire Internet" because some clown just HAS to have the latest Britney crap. No, the Recording Industry Ass. of America has nobody to blame but themselves for the way the general public see them and, by association, their members.
The poster who recommended the alternate ISO has the correct advice, although the Linux driver from nVidia in the repo is most certainly not a beta. The open source nv(4x) driver doesn't handle some configurations of the mobility chipsets, especially the 8xxx series, very well so the ncurses based installer on the alternate disk (looks a bit like the Debian installer, which is hardly surprising) will get you up and running enough to {Ctrl}{Alt}{F1} to the console and "sudo apt-get install nvidia-glx-new" which should also pull in the restricted kernel modules package, assuming this is Ubuntu 7.10 (Gutsy) we're talking about. Then just throw "sudo nvidia-xconfig" at the CLI and reboot. Things should go swimmingly after that.
Or not. You specify your OS by the applications you wish to use, not to satisfy some Slashdot flame-warriors. Good luck, whatever you decide to do.
Sending a mail to sa-test at sendmail (which also tests DomainKeys and SPF) through a DKIM enabled mail server gets us this:
Authentication System: DomainKeys Identified Mail
Result: DKIM signature confirmed GOOD
Description: Signature verified, message arrived intact
Reporting host: [obscured]
More information: http://mipassoc.org/dkim/
Sendmail milter: https://sourceforge.net/projects/dkim-milter/
On the return leg, since Sendmail signed the headers, the same milter does the verification:
Authentication-Results: [obscured]; dkim=pass (1024-bit key) header.i=@[obscured]
X-DKIM: Sendmail DKIM Filter v2.4.4 [obscured] m1BJCJag066363
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=[obscured];
s=gatsby; t=1202757140; bh=3bfPubCinmFllm+OAJ5a16nWwmRaevHew7R6NkVl
29A=; h=Date:Message-Id:MIME-Version:X-Mailer:From:To:Subject:
Content-Type; b=Un2E/56NB7fR07Cwyng9jdF1O5iI8Mfg6crF+yI6BvTrmNX/e2
jkc5QGuE5efKlUxFTJus1nC/h5PrJxw5zex2UpU3g6tfI8dedYQfA4wHJwQdE4wcvSz
tfNRnbPHV0NdoygIlAsD8T24uohOxMfBAotE3Y2zdBDVxBnxEzPdYE=
Neat, huh? It would be quite effective along with DNSSec, but I doubt the spammers will be publishing DKIM TXT records any time soon so their crap will simply be passed by the milter with a shrug and a "nothing to do here" type response. This won't tackle spam but it may tackle Joe jobs quite effectively if it ever reaches critical mass.
Long story short, if you haven't got a domain and a nameserver you can add TXT records to, along with a mail server you can add filters to, this isn't for you.
Time to start a new one. This meme got tiring ages ago...
Still Alive, BSD version, sung to the tune of Jonathan Coulton's "Still Alive" from the game "Portal," originally vocalised by Ellen McLain in character as GLaDOS. I be asserting me fair use right of parody, yarr!
This was a triumph,
I'm logging a note here: Huge success,
We had to dummynet the heavy traffic,
BSD Unix (R),
We code what we must because we can,
For the good of all of us,
Including vendors as well,
But there's no sense crying over closed source code,
You just keep debugging 'till the core dumps are old,
And releases get done,
Raymond gets a new gun,
But despite this we are,
Still alive!
I'm not even angry,
I'm being so sincere right now,
Even though we got here first and beat you,
Now you say that we're dying,
And this is the year of Linux' dreams,
As you make statistics up,
We are so happy for you,
Now these points of data made our code really shine,
And we're out of beta, we're releasing on time,
So I'm glad you think you won,
There's so much needs to be done,
But regardless we are,
Still alive!
So go post on Slashdot,
I think I'd prefer to read the lists,
Maybe you'll get your own kernel someday,
Maybe that Hurd thing,
That was a joke, ha ha, fat chance,
Anyway, this code is great,
It's so consistent and neat,
Look at me still gloating when there's -CURRENT to plan,
When it's said and done you'll know that we're the best "clan",
We are organised and clean,
We go where you've never been,
And we'll always be,
Still alive!
Believe me, we are still alive,
We're all legit now and we're still alive,
We're on the server and we're still alive,
We're on the desktop and we're still alive,
We're helping Apple and we're still alive,
We're running routers and we're still alive,
We're on your gateway and we're still alive,
We've got your e-mail and we're still alive,
And when you're dying we'll be still alive,
Still alive,
Still alive!
(I hope you bastards appreciate this; it took me ages to get it to scan properly.)
Actually, Dan, it's us they're disconnecting. This is phase 2. Phase 3 of the plan is to move the root DNS inside the isolated segments.
1) Redefine "Internet" as countries who don't download Britney albums.
2) Disconnect world+dog from new Internet.
3) Move roots into new Internet.
4) ???
5) PROPHET!