The Linux Letter for January 14, 2004

Welcome to yet another Linux Letter.  In this month's edition, we'll look at more news from SCO versus the world, filtering out spam with Spamassassin and how to make Java work under Fedora Core 1.  Ready?  Let's go!

The Santa Cruz Operation's lawsuit against IBM seems to be morphing into less a legal action and more a desperate attempt to keep the company's credibility from drowning in a sea of ludicrous claims and counterclaims.  Among the latest, SCO responded to a court order requiring them to reveal to IBM all of the Linux code that is alleged to infringe upon UNIX System V.  As you may recall, SCO's position was that millions of lines of code of Linux were infringing.  SCO's initial response was, apparently, to actually print out the entire kernel source tree and send it in hardcopy form to IBM...thousands of pages of code.  Unfortunately for SCO, IBM challenged this action, saying that SCO couldn't claim that every single line of code was infringing.  The court agreed and SCO's response was to submit a 60 page document listing the infringing code.  It should seem obvious that millions of lines of code won't fit into 60 pages.

In another move, Novell, the company who sold certain rights for System V to Caldera (which then changed its name to SCO) has jumped into the fray with both feet.  I say "certain rights" because it appears that there is plenty of confusion about just exactly what SCO purchased.  Last month, Novell applied for copyrights to sweeping portions of System V, claiming that they had not sold the copyrights to SCO.  And, to confound the issue further, Novell also claims that they have the power to limit enforcement of any System V licensing contracts.  With that power, Novell promptly absolved IBM of any licensing violation.  Of course, SCO contends that Novell has no power at all to do such a thing, although the reasoning seems to be along the lines of "we spent $150 million on System V...why would we spend that much money and not get the whole works?"  This will almost certainly also end up in court.

And just to twist things a bit more, Novell purchased SuSe Linux.  SCO, in an apoplectic fury, pointed out that this acquisition seems to violate a non-compete clause in the System V purchase contract, a position that Novell, as expected, completely disagrees with.

At this point, the score appears to be something like this:

SCO has sued IBM, IBM has sued SCO, RedHat has sued SCO, Novell has forgiven IBM for any alleged contract violation, Novell says SCO doesn't own what it thinks it owns and Novell owns a major Linux distribution.  Oh, and SCO is still pursuing its $699 per CPU licensing scheme, both domestically and abroad.  And the company also seems poised to file a lawsuit against Google, claiming that the vast array of computers that the search giant runs are using Linux with SCO-owned code, in violation of SCO licenses.  I'm sure that from here the case can do nothing but get stranger.

A few weeks ago, SCO pointed out that by refusing to indemnify their customers, the major companies that distributed Linux were obviously afraid that they were really infringing upon SCO's code.  This week, several companies, including IBM and Hewlett-Packard announced an indemnification fund that would provide up to $1.5 million in protection to their customers.  SCO promptly issued a press release stating that by indemnifying their customers, the companies showed that they were afraid that they were infringing upon SCO's code.  You figure it out.

On to less frustrating things.

Spam sucks.  Besides eating up bandwidth, some of the stuff that comes into my mailbox is just about the most offensive junk that I never, ever wanted to see.  While I could stand to lose a few pounds, I don't need message after message trumpeting the fact.  And my bodily appendages are quite nicely proportioned, thank you.  And I don't know about everybody else, but my voyeuristic tendencies aren't anywhere nearly twisted as the spam that I receive might indicate.

I'm lucky because I run my own mail server.  I administer mail.nospin.org (in fact, it whirrs away on a Sun Ultra 1 server in the spare bedroom), so I have control over what comes into the server.  That gives me the opportunity to use a great program called Spamassassin.

If you run your own mail server, you can run Spamassassin.  If you don't, check with your ISP...chances are good that they run the program and you can configure it to analyze your email and stop spam.

Spamassassin uses several different methods to identify spam.  It has a Bayesian filter that examines the text of the message for patterns indicative of spam (a Bayesian filter actually "learns" over time), connections to several databases that maintain lists of known spam sources and header searches that search for inconsistencies in email headers that are typical of spam.  Each detail is given a point score and any message that exceeds a configurable threshold is identified as spam.  You can chose to filter the spam into a folder for later examination or to delete it at the mail server so that you never even download it.

Installing Spamassassin isn't difficult, but it's not trivial either.  I installed it on a Sun Ultra 1 server running Aurora Linux (a clone of RedHat 7.3).  It should work on virtually any version of Linux, including Fedora.  The documentation provides some instructions on how to "train" the Bayesian filter to recognize the difference between spam and "ham" (mail that isn't spam).  After about a week of training, Spamassassin was catching more than 99% of my spam.  Better yet, it did not identify any legitimate messages as spam.

Spamassassin also supports whitelists and blacklists.  This allows you to enter email addresses that you know will never send spam, as well as those that always send spam.  After using Spamassassin for about a month and a half, I'm confident enough in its abilities that I simply have it delete spam at the mail server.  I've gone from downloading about 1000 messages per day to around 250 - and only one or two of them are actual spam that was not caught.

You can find out more about Spamassassin at http://www.spamassassin.org.

 

Fedora Core 1 does not ship with Java.  That's because Java is not Open Source software.  That keeps in line with the Fedora Project's goal of delivering an Open Source-only distribution, but it doesn't do much for us when we run into web pages that use Java applets (or for my Neuros audio player which uses Java for its Linux application).  The problem is that if you use Netscape to download the plugin for Java, it won't work.  The fix?  Download and install the latest version from Sun's web site.

The download page is here.  The link for Linux is listed under "Download J2SE v 1.4.2_03".  Select the first entry in that section and download the JRE (Java Runtime Environment).  After you agree to the license, you can download a self extracting RPM.  For your own sanity's sake, select that option.  Once you've downloaded j2re-1_4_2_03-linux-i586-rpm.bin, change the permissions on it to make it executable.  You'll have another license agreement to accept, then the RPM file will extract.  Install the RPM as root using the options -ivh which will preserve any existing Java installation that you already have.

Once you've installed Java, you'll need to link the plugin to your browser's plugin directory.  If you are using the latest version of Netscape, Mozilla or Firebird, change to the browser's plugin directory, then create a link by typing:

ln -sf /usr/java/j2re-1.4.2_03/plugin/i386/ns610-gcc32/libjavaplugin_oji.so

You'll need to restart your web browser for it to detect the plugin.  After that, you're set to view Java applications in all their glory!

Happy computing!

Drew Dunn