I consider __dict__ an implementation detail
Almost all Python objects implement their namespace as a Python
dictionary, which they expose as their __dict__ member. You can do
interesting things by playing around with this dictionary directly,
for example adding bulk name/value mappings to an object by just doing
I don't like doing this, because I consider __dict__ to be an
implementation detail, or at least fairly magical, and thus I feel that
I shouldn't be playing around with it; I prefer to get the same results
with more general higher-level things like
setattr. Seeing code that
uses __dict__ makes me vaguely twitchy.
In some sense __dict__ isn't merely an implementation detail, because it is sufficiently well documented (and necessary for things like __setattr__) that it will be sticking around. In another sense it is, because not all objects have a __dict__ (and even when they have one, not all of their attributes necessarily show up there), so you can't assume that you can use it to fish around in an arbitrary object. If you do anyways, you're making assumptions about how other code implements its objects that may come to bite you someday.
(The most obvious case of objects without a __dict__ is instances of classes that use __slots__.)
I'm aware that this is just a personal twitch, and possibly a silly one at that. A lot of Python programmers are perfectly happy to use __dict__, and I've committed worse hacks in my own code without thinking too hard.
Weekly spam summary on March 10th, 2007
This week, we:
- got 14,862 messages from 263 different IP addresses.
- handled 21,019 sessions from 1,246 different IP addresses.
- received 197,155 connections from at least 66,752 different IP addresses.
- hit a highwater of 11 connections being checked at once.
Volume is definitely down from last week, although the session volume is up slightly. The per day numbers have some significant fluctuations:
Kernel level packet filtering top ten:
Host/Mask Packets Bytes 184.108.40.206 39471 2165K 220.127.116.11/24 24821 1488K 18.104.22.168/24 14936 677K 22.214.171.124 11163 581K 126.96.36.199 5392 259K 188.8.131.52 5374 273K 184.108.40.206 3248 156K 220.127.116.11 3207 154K 18.104.22.168/24 3121 187K 22.214.171.124 2898 155K
This is up from last week, although it's unevenly distributed; the low end is about the same, but the high end is much more active.
- 126.96.36.199 and 188.8.131.52 return from last week.
- 184.108.40.206 kept trying with a bad
- 220.127.116.11 is a charter.com something or other.
- 18.104.22.168 has inconsistent reverse DNS.
- 22.214.171.124 is a place we no longer talk to because it sent us phish spam.
- 126.96.36.199 kept trying with an origin address that had already tripped our spamtraps.
188.8.131.52/24 deserves special mention: various hosts in there slammed us as part of an aggressive spam run, and then once they had tripped our spamtraps they demonstrated that they were partially ignoring SMTP responses. This is a quick recipee for getting your own set of kernel packet filtering rules; if they come back this week, I'll probably make the block permanent.
Connection time rejection stats:
62956 total 37668 dynamic IP 17559 bad or no reverse DNS 5173 class bl-cbl 1049 class bl-sbl 353 acceleratebiz.com 198 class bl-dsbl 132 class bl-pbl 121 cuttingedgemedia.com 112 class bl-sdul 78 class bl-njabl 27 verticalresponse.com
Overall volume is slightly down from last week. The SBL breakdown is as uninteresting as last week; 962 hits from SBL50892 (colocentral.com, who apparently feel spammer hosting is fine with them), then the next highest is 18 hits from SBL43107 (listed February 16th as 'Gestour Portal spam source').
Four of the top 30 most rejected IP addresses were rejected 100 times
or more: 184.108.40.206 (2,190 times, a wanadoo.fr dynamic IP address),
220.127.116.11 (114 times, no reverse DNS), 18.104.22.168 (106 times, a
charter.com cablemodem or something), and 22.214.171.124 (106 times, a
verizon.net DSL something or other). Fourteen of the top 30 are currently
in the CBL, 11 are currently listed by
bl.spamcop.net, 11 are in the
Spamhaus PBL, and a grand total of 17 are in zen.spamhaus.org.
This week Hotmail managed:
- 3 messages accepted.
- no messages rejected because they came from non-Hotmail email addresses.
- 26 messages sent to our spamtraps.
- no messages refused because their sender addresses had already hit our spamtraps.
- 1 message refused due to its origin IP address being in the CBL.
This is a lot better than their numbers last week.
And the final numbers:
|what||# this week||(distinct IPs)||# last week||(distinct IPs)|
Now that's the sort of numbers on bad bounces that I like to see.
There were no really big sources of bad
HELOs this week; the highest
were 126.96.36.199 (113 times), 188.8.131.52 (82 times), 184.108.40.206
(76 times), and 220.127.116.11 (75 times).
Bad bounces came from four different places to four different usernames; three of the bad usernames are ex-users, and one is a reasonably plausible username.