Here’s a perl script I put together that uses Email::Simple to extract the headers from a message. See link below. I’m using it to examine spam. It parses all the headers, with a focus on the Received headers. It should be easy to alter it to examine any header you want. As it is currently written, it: finds all the Received headers finds the first Received header that was added to the mail (presumably the header added by the first MTA that received it) extracts the IP from that header does an rDNS lookup if there’s a hostname, it looks up the nameservers for the base domain.

I’ve read a number of articles over the past few days about the possible Android botnet and Yahoo! mail. No consensus yet but that’s not necessary to stop the spam at the server level, at least in my case. Of the spam I received so far, these characteristics stand out: Only one of my mail accounts is receiving the spam. It’s not an account that usually receives spam. My long-time mail addresses that seem to have made it to most of the spam lists don’t get this spam.

Geez. I’m feeling somewhat frustrated in dealing with an ISP that has a clearly compromised IP. I’ve been getting dictionary attacks on my mailserver for the past four days from the same IP. It’s assigned to a domain name. So I did what I normally do at first - let CSF (ConfigServer Security & Firewall - a fantastic free piece of software) handle it. The IP gets blocked for an hour.

Ran across these posts today on virtual memory overcommit in linux. Interesting reading and I learned quite a few things. How Linux handles virtual memory overcommit Understanding the virtual memory overcommit issue Thanks to Chris Siebenmann for helping me to understand things a bit better. Originally published 2012-06-16

Configuration file: nginx.conf Block: main Value type: number Default: none - system determined (see notes section below) What it does: sets the value for the maximum file descriptors that can be opened by a single worker process Example: worker_rlimit_nofile 1024; NOTES: When any program opens a file, the operating system (OS) returns a file descriptor (FD) that corresponds to that file.