I should have already left.

I’m up at Dark:30 this morning so that I can go into the office to change a tape. Yep, that’s it. You see, I need the tape drive at a customer office, and can’t take it until our backups are finished. So the earlier I change the tape, the sooner the backups will be done, and the sooner I can leave for the customer office. And it seems that the first tape gets done around 5:30.

Have I ever mentioned how much I love my job? No? I didn’t think so.

Ok, here’s what’s involved in logging in to Citrx, EVERY MORNING.

Application menu -> Citrix
Dialog comes up with available connections (there’s only one). Select connection, and press the connect button.
Citrix window opens.
A dialog box opens displaying the message “Private system”. I don’t know what this means. There’s an “ok” button that I have to press.
Login dialog pops up, requesting username and password.
RSA SecureID dialog pops up, requesting my PIN and SecureID code.
Dialog pops up, informing me that I’m using a not-for-resale license. I don’t know why I care, but I have to click OK to proceed.

Now, while all of that was irritating, here’s the truly inexplicable part. Because this is the Citrix client on Linux, and if this is the first time logging in for the day, the entire Citrix client will now hang, and I have to kill it. Because there are several processes running, I have to kill all of the processes. Because I have to do this every morning, I’ve written a little shell script to do this bit for me. So at this point in the process, I open a shell and run ‘killICA’.

Then, I return to step one above, and do all of that over again.

When I arrive at the “not-for-resale” dialog the second time, it doesn’t hang.

Then, I click an icon to launch Internet Explorer. It asks me for a username and password, and I’m logged into the system that I did all of this for.

That’s right, boys and girls. All of this is so that I can load a web-based application. So, why couldn’t I just do this from Linux? Well, because the sagacious software vendor has opted to make their product web-based, but only via Internet Explorer. So it’s not *really* web-based, it’s ActiveX, or some other such monstrosity, so that I can’t run it from any other browser.

That’s right folks. The great thing about Internet Standards is that if you don’t like them, you can feel free to make your own.

Seems that Verisign is suing ICANN for doing their job. Pretty ironic really.

As I remember it, ICANN was created in the first place because InterNIC/Verisign/NetworkSolutions was abusing the power that they had. So, this time around, Verisign again abused their power by putting the misnamed “Sitefinder” “service” in place.

For those of you who missed it, the basics of this “service” were that if you mistyped a domain name, you’d end up on Verisign’s web site.

Of course, there’s slightly more to it than that, because the internet is more than just the web. So if you mistyped an email address, that email would end up going to Verisign too. That strikes me as a tad of a security problem, to say the least.

So ICANN stepped in, did their job, and shut down this service, which was causing breakage across the Internet.

So now Verisign is suing ICANN.

And it’s even more ironic, because the only reason Verisign even still has a company is that ICANN granted them the rights to manage the .com TLD in the last reshuffle. And so Verisign is, in a very real sense, biting the hand that feeds it.

I sincerly hope that ICANN sees that the right thing to do here is to simply hand .com to some other company that can manage it responsibly, since Verisign has not only shown that they cannot, but has shown no respect for the organization that they are supposed to answer to, as well as for the Internet standards that they are supposed to be upholding.

Morons.

This morning, between fighting spam on a mailing list I manage, managing my own personal spam, and trying to get rid of all the blog-comment-spam, I burned more than 2 hours on spam. To the folks that claim that a few seconds deleting spam each day adds up, and represents the cost of spam, well, yeah, that’s true, but the hundreds of hours a month spent by admins on spam management dwarfs that in comparison. I’m *really* steamed, but, there’s really nothing at all that I can do about it. Which makes it worse.

The legislation that supposedly was going to reduce spam, which was passed earlier this year, has made absolutely no impact on the time that I spend dealing with spam. Spam volumes have been in the 90% range so far this year, and that’s just what my mail server catches. The quantity that’s getting through the filters continues to grow as spammers use better techniques to get around the filters. The kind of sick evil twisted mind that thinks that it’s OK to alter message contents *specifically* to get it to people that are trying to block it, continues to boggle my mind. I mean, if I am specifically trying not to receive a certain kind of mail, doesn’t that indicate to these morons that I’m not a reasonable target audience?

Must. Calm. Down.

This evening, just by chance:

[rbowen@eris rbowen]$ uptime
6:40pm up 400 days, 0 min

What are the chances of that?

I remember that night, too. A drive failed in the RAID array, and Sarah and I sat on the cold floor in the QX.net coloc room while the server beeped incessantly and restored the data from the other drives.

Wow. That was No Fun.

Apparently it got done at 6:40pm.

I don’t get terribly excited about new browsers very often. If it loads most pages, that’s probably enough for me. But the new version of Firefox is just amazing. It is multiple times faster than anything I’ve used, and the plugins Just Work without any tweaking. Apparently it went out on my system and found plugins to use. I’m impressed.

This business of renaming it seems very odd, but, frankly, I don’t care enough to think about it much more than to say that it’s odd.

why is it that every few years some yahoo thinks that it’s a good idea to charge for email? I’ll give you a clue. It’s not out of a sense of civic duty and doing the right thing. It’s because they think that they have the corner on the market.

So here’s a clue. SMTP, for all its shortcomings, is an open standard. That means that anyone can write mail clients and mail servers. That means that, whatever pay service you may set up, there will always be free email delivery over the Intenet.

If your model is wonderful enough, sure, you’ll get customers and make a few bucks. Are you going to reject email coming in from the open internet? That could have some rather serious repurcussions to your business customers, dontcha think?

And who gets the penny per message? Surely not the recipient, which would make sense given the claim that this is for the customer.

No, whatever Mr Gates may say (and says every few years, ever since he discovered the Internet) some things have been free from the outset, and without very unpleasant legislation to the contrary, are going to stay free.

Hmm. I wonder if someone can figure out a way to classify unsolicited email as terrorism?

As some of you may know, I graph statistics on all sorts of things.

This morning I discovered that my temperature graphs don’t know what to do when it gets below zero. Which is just as well, since I don’t either.

I’ve added a new measure to my stats page. Up until now, I’ve been graphing email/spam as a cumulative for the month, which completely fails to reflect the seriousness of the latest flood of spam.

Although, on the graph, you can very clearly identify where the flood started, and although the spam percentage gradually creeps up, it has an entire month worth of 62% spam that is has to offset to make any changes. However, from watching the logs, I felt that spam levels were much closer 90%.

Turns out I was right. In the new graphs, you can seldom see any daylight between the spam graph and the total email graph, and spam levels are right around 91%. At my peak, I’m processing about 60 email messages in 5 minutes, but only 3 of those made it into anyone’s inbox.

Given that email is such an important part of what the internet carries, 90+% of it being essentially stolen resources is pretty serious. I’m hoping that the courts will authorize public floggings of spammers and virus authors.

As I am being innundated by the latest Windows virus, I wonder, yet again, who is to blame for this nonsense.

This particular virus does not take advantage of any Microsoft vulnerability, but, instead, relies on the user to save the attachment, and then run it.

I find myself leaning towards Ron’s take on this. He’s right, I suppose. The user shouldn’t have to know this sort of stuff.

Mail server admins, on the other hand, should know about this stuff. If, for example, your mail server has in place the very basic precaution of dropping Windows binary attachments, you’ll drop a significant percentage of this particular virus.

As per my earlier note, just adding a line to drop .zip attachments will get the rest of it.

It also requires a bit of vigilance. I noticed that my mail server was suffering under some additional load, and investigated why that was the case. And then I took action. With the ENORMOUS volume of these messages that I’m seeing, apparently a lot of mail admins didn’t do that.

I’m seeing about 2 of these a second now. So 7200 an hour. And I usually process about 2000 messages a day.

The following should go into mime_header_checks.regexp assuming you’re running Postfix. Which you should be.

/filename=”?body.zip”/ DISCARD Virus spam discarded (W32.Novarg.A@mm)

No point REJECTing it, since you’d just be sending it back to an already-infected victim.

=========================
*update*

OK, it turns out that the filename varies. For the moment, I’m dropping everything with a .zip attachment. I’ve gotten a HUGE surge in inbound email in the last 2 or 3 hours, MOST of it consisting of this virus message, and almost all of it is coming from two addresses: 63.164.145.33 and 63.164.145.161 I don’t know who this is, but they are making dozens of connections per second to deliver mail. Or at least, they were, until I told the firewall about them.

I hope they stop soon.