And your comment really bothers me. There should be ONE function that safely escapes data for your database. Look at perl's DBI. You can ALWAYS rely on $dbh->quote() to do the right thing (though you should really use prepared statements and bind parameters).
Why does a supposedly simpler language make security so much harder?
I'm sorry but that's utter rubbish. Spamhaus did no such thing to OpenBSD users. Any OpenBSD user can still query the Spamhaus blocklist. But Spamhaus has to charge for the rsync access to the list, in part for the cost of bandwidth, and in part to help ensure Spamhaus can continue as an organisation (for example, in paying for lawyers!).
Just because DeRaadt didn't want to re-code his app to use DNS instead of a local copy he put this FUD in his commit message.
Spamhaus uses asynchronous DNS to give you a local mirror to fend off DDoS attacks from spammers. Their web server is in the UK, you're just getting a mirror via DNS.
No, it's just a stupid rant. SpamHaus are very contactable if you have an issue, and the block they were ranting about is clearly not there any more. Problem solved.
SpamHaus are good people, and used by pretty much everyone because they are good and they are trustworthy. If they weren't they wouldn't be used.
FWIW they don't have any "staff" - people donate their free time to them because what they do is valuable.
I'm sorry but BS wasn't solving the problem, despite your desire that it would. You just made the zombie-computer spammers realise that they needed to host on zombie PCs as well as spam through them. And they DID move towards doing that - it's easy enough when you have full control of the PC. So you DoS some poor end user's PC. How is that helping the spam problem?
BS was a video game solution. It made you FEEL good to be sending stuff back to the spammers, but you weren't solving anything.
Except only the slashdot hive-mind thinks that what Blue Security were doing was OK. I know about the whole "one web request for one email" but spam is a problem of traffic, and fighting that by INCREASING the traffic on the network is just utterly bizarre to anyone involved in email except for BS.
As for: You will be attacked by professionals who have more money than you, more resources than you, better programmers than you, and no scruples at all that's not exactly true. There are anti-spam organisations and companies that have been running for years, are very good at keeping peoples inboxes clean, and also work within the industry to find long term solutions to the spam problem. And they haven't been DDoS'd off the internet. Now it's true that Spamhaus and SORBS regularly get attacked, but they're still here, and they will be for the long term because the ISPs are willing to put up with a bit of bad network traffic for them because what they're doing is admirable. What BS were doing wasn't, and I'm sure their ISP wasn't willing to ride out the storm of the DoS.
If it's IMAP scalability you want then you should look into Perdition, particularly their article on clustered mail server farms. This is in use in a lot of high performance, high scaling environments.
I hate reading things like this - the marketers got hold of it and decided that airport checkins were clearly a problem, and this would help. Sorry, but that's BS.
Airport checkins take time because they are a security procedure. The "recognition" part of it takes seconds as it is - just swipe the passport or other form of ID. What takes the time is confirming that the traveller's luggage hasn't been modified, finding a decent seat on the plane, and labelling up the luggage they drop. I've never been held up because they couldn't figure out who I was. Ever.
Re:Benchmarking isn't rocket science
on
WinXP on a Mac, Hoax?
·
· Score: 2, Insightful
I don't get it. It's (presumably) the same code running on the same hardware. All you'll really prove if Photoshop is faster on the PC vs Mac is that the PC version used a better compiler. What are you trying to show exactly?
(Note I use Photoshop as the example because it's what everyone will try to prove is faster on one platform vs the other, but I imagine the code for the filters will be the same tuned assembler across both platforms - even if it's not, all you've proved is that they need to GET the tuned assembler from the other platform).
I for one don't like the idea of dying by having my spinal column driven into my skull.
Actually of all the various ways of dying this is probably right up there with the best of them. Quick, mostly pain free, and you get to make a big red mark on the seat.
As I said, their 12,500 a minute is a pure delivery figure - it does not include spam and virus filtering. These things make a HUGE difference to throughput on a mail server.
I didn't even know there was a SPECmail, but this figure doesn't seem too outstanding to me.
Firstly I assume this is just a raw delivery setup - no spam or virus filtering. You'd be amazed how much of a difference this makes to any real world setup.
Secondly, apache.org does over 2 million mails a day on a dual 2.4Ghz Xeon using an SMTP server written in Perl. And that's with full anti-virus (clamav) and lots of different anti-spam measures including SpamAssassin (which is known to be slow - I know because I used to be one of the developers).
I also know of commercial setups doing over 50m (legit, well - mostly) mails a day. Using an SMTP Server designed with performance in mind. Perhaps they should submit for SPECmail;-)
So 30 million doesn't seem terribly amazing to me. Perhaps Communigate Pro isn't a very fast mail server.
Web servers is a particularly bad example. Apache was based on the NCSA server (as a bunch of patches, hence "A Patchy Web Server") which was already open source. There were some performance innovations after that (Zeus), but nothing really revolutionary was invented in web serving in a commercial environment.
As an amateur (but keen) photographer I think you're totally off base. Taking good pictures is most definitely a skill, and one that cannot be fixed in photoshop. I may even go as far to say that it's an art, and one that most people will simply never master in their lifetime.
You may think your edited picture looks like a pro's picture, but believe me it won't look like it to anyone with a critical eye.
I spend a lot on equipment, and I'm very proud of the kit I own, and the results I've created so far, but even with photoshop and hours of my own time I couldn't dream of matching up to some of the professional pictures I see posted to some of the photography forums I frequent.
Why not just require a passport for inter-state flight then? This would have the same effect, but have zero cost and not require a new bill (that in turn gives insane levels of power to the Secretary for Homeland Security) for it.
You need to look at the facts a bit closer. AOL *has* cleaned up its act, more than anyone else on the entire internet. It's stunningly clean for an ISP of its size.
This was caused by one spam. Let me just repeat that: out of 60 million users MAPS saw one spam coming from AOL's outbound mail servers.
Now AOL does have a set of IPs out of which some spam does emanate - the rlyIPXX block (64.12.138.(7-9)). This is the IPs that they redirect direct-to-port25 mail through, and they actively encourage people to block this range. It's been publicly stated that they intend to shut this activity down real soon now, but in the meantime most people just block that range and don't see a problem.
Check the anti-spam newsgroups and mailing lists some time. AOL is hugely respected in anti-spam terms these days. And deservedly so.
Slashdot Mirror
Because stored procedures do nothing to prevent SQL injection attacks.
And your comment really bothers me. There should be ONE function that safely escapes data for your database. Look at perl's DBI. You can ALWAYS rely on $dbh->quote() to do the right thing (though you should really use prepared statements and bind parameters).
Why does a supposedly simpler language make security so much harder?
I'm sorry but that's utter rubbish. Spamhaus did no such thing to OpenBSD users. Any OpenBSD user can still query the Spamhaus blocklist. But Spamhaus has to charge for the rsync access to the list, in part for the cost of bandwidth, and in part to help ensure Spamhaus can continue as an organisation (for example, in paying for lawyers!).
Just because DeRaadt didn't want to re-code his app to use DNS instead of a local copy he put this FUD in his commit message.
Spamhaus uses asynchronous DNS to give you a local mirror to fend off DDoS attacks from spammers. Their web server is in the UK, you're just getting a mirror via DNS.
No, it's just a stupid rant. SpamHaus are very contactable if you have an issue, and the block they were ranting about is clearly not there any more. Problem solved.
SpamHaus are good people, and used by pretty much everyone because they are good and they are trustworthy. If they weren't they wouldn't be used.
FWIW they don't have any "staff" - people donate their free time to them because what they do is valuable.
I wish it were that simple. Sadly your question is terribly naive.
r izonbusiness.com for example.
See: http://www.spamhaus.org/sbl/listings.lasso?isp=ve
Yes it's a wonderful theory. Sadly their "servers" are any machine they choose out of the millions of zombie PCs they choose. It could be your PC.
I'm sorry but BS wasn't solving the problem, despite your desire that it would. You just made the zombie-computer spammers realise that they needed to host on zombie PCs as well as spam through them. And they DID move towards doing that - it's easy enough when you have full control of the PC. So you DoS some poor end user's PC. How is that helping the spam problem?
BS was a video game solution. It made you FEEL good to be sending stuff back to the spammers, but you weren't solving anything.
Except only the slashdot hive-mind thinks that what Blue Security were doing was OK. I know about the whole "one web request for one email" but spam is a problem of traffic, and fighting that by INCREASING the traffic on the network is just utterly bizarre to anyone involved in email except for BS.
As for: You will be attacked by professionals who have more money than you, more resources than you, better programmers than you, and no scruples at all that's not exactly true. There are anti-spam organisations and companies that have been running for years, are very good at keeping peoples inboxes clean, and also work within the industry to find long term solutions to the spam problem. And they haven't been DDoS'd off the internet. Now it's true that Spamhaus and SORBS regularly get attacked, but they're still here, and they will be for the long term because the ISPs are willing to put up with a bit of bad network traffic for them because what they're doing is admirable. What BS were doing wasn't, and I'm sure their ISP wasn't willing to ride out the storm of the DoS.
If it's IMAP scalability you want then you should look into Perdition, particularly their article on clustered mail server farms. This is in use in a lot of high performance, high scaling environments.
I hate reading things like this - the marketers got hold of it and decided that airport checkins were clearly a problem, and this would help. Sorry, but that's BS.
Airport checkins take time because they are a security procedure. The "recognition" part of it takes seconds as it is - just swipe the passport or other form of ID. What takes the time is confirming that the traveller's luggage hasn't been modified, finding a decent seat on the plane, and labelling up the luggage they drop. I've never been held up because they couldn't figure out who I was. Ever.
I don't get it. It's (presumably) the same code running on the same hardware. All you'll really prove if Photoshop is faster on the PC vs Mac is that the PC version used a better compiler. What are you trying to show exactly?
(Note I use Photoshop as the example because it's what everyone will try to prove is faster on one platform vs the other, but I imagine the code for the filters will be the same tuned assembler across both platforms - even if it's not, all you've proved is that they need to GET the tuned assembler from the other platform).
It's turtles all the way down.
I for one don't like the idea of dying by having my spinal column driven into my skull.
Actually of all the various ways of dying this is probably right up there with the best of them. Quick, mostly pain free, and you get to make a big red mark on the seat.
Everyone knows that to detect water in a deep crater you drop a stone in it and wait for the plopping noise.
Jeez, and these guys call themselves scientists!
It may seem bizarre to you, but apache.org's mail servers already run on an SMTPD that runs in the apache2 process. It's called Qpsmtpd.
So? Still no spam scanning. Still no AV. These figures aren't good, and I think CommuniGate is the bottleneck.
Replying to myself...
So reading the full disclosure they used 4 quad xeons. That's 16 CPUs. Compared to apache.org's 2.
So using a pure perl SMTPD you can have this kind of throughput (~1m mails per day per CPU) with spam and virus filtering enabled.
No, I am not impressed with this benchmark.
As I said, their 12,500 a minute is a pure delivery figure - it does not include spam and virus filtering. These things make a HUGE difference to throughput on a mail server.
I didn't even know there was a SPECmail, but this figure doesn't seem too outstanding to me.
;-)
Firstly I assume this is just a raw delivery setup - no spam or virus filtering. You'd be amazed how much of a difference this makes to any real world setup.
Secondly, apache.org does over 2 million mails a day on a dual 2.4Ghz Xeon using an SMTP server written in Perl. And that's with full anti-virus (clamav) and lots of different anti-spam measures including SpamAssassin (which is known to be slow - I know because I used to be one of the developers).
I also know of commercial setups doing over 50m (legit, well - mostly) mails a day. Using an SMTP Server designed with performance in mind. Perhaps they should submit for SPECmail
So 30 million doesn't seem terribly amazing to me. Perhaps Communigate Pro isn't a very fast mail server.
Web servers is a particularly bad example. Apache was based on the NCSA server (as a bunch of patches, hence "A Patchy Web Server") which was already open source. There were some performance innovations after that (Zeus), but nothing really revolutionary was invented in web serving in a commercial environment.
Note that Samba and MySQL are the only GPL projects listed.
As an amateur (but keen) photographer I think you're totally off base. Taking good pictures is most definitely a skill, and one that cannot be fixed in photoshop. I may even go as far to say that it's an art, and one that most people will simply never master in their lifetime.
You may think your edited picture looks like a pro's picture, but believe me it won't look like it to anyone with a critical eye.
I spend a lot on equipment, and I'm very proud of the kit I own, and the results I've created so far, but even with photoshop and hours of my own time I couldn't dream of matching up to some of the professional pictures I see posted to some of the photography forums I frequent.
Why not just require a passport for inter-state flight then? This would have the same effect, but have zero cost and not require a new bill (that in turn gives insane levels of power to the Secretary for Homeland Security) for it.
You need to look at the facts a bit closer. AOL *has* cleaned up its act, more than anyone else on the entire internet. It's stunningly clean for an ISP of its size.
This was caused by one spam. Let me just repeat that: out of 60 million users MAPS saw one spam coming from AOL's outbound mail servers.
Now AOL does have a set of IPs out of which some spam does emanate - the rlyIPXX block (64.12.138.(7-9)). This is the IPs that they redirect direct-to-port25 mail through, and they actively encourage people to block this range. It's been publicly stated that they intend to shut this activity down real soon now, but in the meantime most people just block that range and don't see a problem.
Check the anti-spam newsgroups and mailing lists some time. AOL is hugely respected in anti-spam terms these days. And deservedly so.