« March 23, 2005 | Main | March 27, 2005 »

Saturday, March 26, 2005

Reading list: Les Nouvelles preuves sur l'assassinat de J. F. Kennedy

Lebeau, Caroline. Les nouvelles preuves sur l'assassinat de J. F. Kennedy. Monaco: Éditions du Rocher, 2003. ISBN 2-268-04915-9.
If you don't live in Europe, you may not be fully aware just how deranged the Looney Left can be in their hatred of Western civilisation, individual liberty, and the United States in particular. This book, from the same publisher who included a weasel-word disclaimer in each copy of Oriana Fallaci's La Force de la Raison, bears, on its cover, in 42 point white type on a red background, the subtitle «Le clan Bush est-il coupable?»--"Is the Bush clan guilty?" This book was prominently displayed in French language bookstores in 2004. The rambling narrative and tangled illogic finally pile up to give an impression reminiscent of the JFK assassination headline in The Onion's Our Dumb Century: "Kennedy Slain by CIA, Mafia, Castro, Teamsters, Freemasons". Lebeau declines to implicate the Masons, but fleshes out the list, adding multinational corporations, defence contractors, the Pentagon, Khrushchev, anti-Casto Cuban exiles, a cabal within the Italian army (I'm not making this up--see pp. 167-168), H.L. Hunt, Richard Nixon, J. Edgar Hoover, the mayor of Dallas . . . and the Bush family, inter alia. George W. Bush, who was 17 years old at the time, is not accused of being a part of the «énorme complot», but his father is, based essentially on the deduction: "Kennedy was killed in Dallas. Dallas is in Texas. George H. W. Bush lived in Texas at the time--guilty, guilty, guilty!"

"Independent investigative journalist" Lebeau is so meticulous in her "investigations" that she confuses JFK's older brother's first and middle names, misspells Nixon's middle name, calls the Warren Report the product of a Republican administration, confuses electoral votes with Senate seats, consistently misspells "grassy knoll", thinks a "dum-dum" bullet is explosive, that Gerald Ford was an ex-FBI agent, and confuses H. L. Hunt and E. Howard Hunt on the authority of "journalist" Mumia Abu-Jamal, not noting that he is a convicted cop killer. Her studies in economics permit her to calculate (p. 175) that out of a total cost of 80 billion dollars, the Vietnam war yielded total profits to the military-industrial complex and bankers of 220 trillion dollars, which is about two centuries worth of the U.S. gross national product as of 1970. Some of the illustrations in the book appear to have been photographed off a television screen, and many of the original documents reproduced are partially or entirely illegible.

Posted at 22:28 Permalink

Linux: /var-acious Dictionary Spam

Every site which operates a mail transfer agent such as sendmail will eventually be targeted by "dictionary spam". These are spam hosts which connect to your inbound SMTP port and try a huge list of user names in the hope of "getting lucky" and hitting one which works, whereupon it can be spammed and sold to other spammers. You can see the evidence of this in your mail log, for example /var/log/maillog on Linux, as an endless litany of messages like: 
sendmail[2185]: <deb@fourmilab.ch>... User unknown
sendmail[3406]: <tully@fourmilab.ch>... User unknown
sendmail[3770]: <burns@fourmilab.ch>... User unknown
sendmail[4875]: <mjf@fourmilab.ch>... User unknown
sendmail[4912]: <nizu@fourmilab.ch>... User unknown
sendmail[9148]: <gelu@fourmilab.ch>... User unknown
sendmail[11133]: <homer@fourmilab.ch>... User unknown
sendmail[12697]: <vigo@fourmilab.ch>... User unknown
sendmail[15784]: <tall@fourmilab.ch>... User unknown
sendmail[15784]: <tallie@fourmilab.ch>... User unknown
sendmail[16836]: <izzy@fourmilab.ch>... User unknown
sendmail[17229]: <tobi@fourmilab.ch>... User unknown
sendmail[18716]: <kale@fourmilab.ch>... User unknown
(I have elided the date, time, and unique identifier fields from these log items so the lines don't wrap around; these were all received in a ten minute period.) Dictionary spam arrives in irregular waves; frequently at peaks I'll see three consecutive attempts of each name a few seconds apart.

Apart from how wasteful of resources this is and the sense it gives you of living in a slum where people are constantly trying keys and picks in the lock on your door, there's a practical consequence for server administrators as well, in that essentially any local account with a common name and inbound mail capability will have its mailbox filled up with spam. Most Unix-like systems have a variety of administrative accounts pre-defined, such as adm, mail, news, etc. which, even though they are set up as "no login" accounts, are still able to receive mail with the default configuration of sendmail, which will store all the spam which arrives in its mail queue directory, for example /var/spool/mail. Since nobody logs into these accounts, they can accumulate a huge amount of spam without your ever noticing. One day last year on the former Sun server, I received a WatchFull report warning that the /var filesystem was more than 90% full. On investigation, I discovered more than 120 megabytes of spam queued to various administrative accounts!

Take a look at your server's inbound mail queue directory; you may be surprised at what you find there. One way to deal with this problem, as long as the accounts in question have no legitimate need to receive mail, is to simply alias them to the bit bucket, /dev/null, in your /etc/mail/aliases (or whatever) file. Note that you should run newaliases after modifying this file to put the new aliases into effect. Here is a list of targeted accounts I've so aliased on the Fourmilab server farm. 

adm: /dev/null
apache: /dev/null
gopher: /dev/null
mail: /dev/null
daemon: /dev/null
news: /dev/null
ftp: /dev/null
If you do need to occasionally receive mail to an administrative account or feel uncomfortable jettisoning mail without examining it, you can alias these accounts to the administrator's account and rely upon its own junk mail filtering (for example, Procmail and/or Annoyance Filter) to deal with the forwarded spam.

Posted at 16:30 Permalink