Thu, 30 Sep 2004
Search Hats
Don Park has an idea about wearing different hats while searching. [via John Battelle's Searchblog]
For example, if I search for 'Eclipse' while wearing the 'Software Developer' hat, I should get Eclipse IDE related links before links related to the astrophysical phenenomon. If even I was interested in the later, results I get back should be different depending on whether I am wearing a Physicist's hat or a Photographer's hat.
That example is rather silly, though. If you're searching for the Elipse IDE, obviously you can just search for eclipse ide or eclipse java development, and if you're searching for astronomical eclipses, you'd search for something like lunar eclipse.
What would be useful is an "I'm not shopping for anything" option. There are many sites that get in the way in Google's search results when you're trying to research certain consumer electronics, for example.
Sun, 19 Sep 2004
JavaHMO and Debian
JavaHMO is an application that allows you to use the Tivo Home Media Option on platforms other than Windows and OS X. (It works on those platforms, too.) The RedHat packages available on the SourceForge site install fine under Debian after being converted by alien, but the RedHat init script doesn't work, so I wrote an init script for Debian.
The init script runs JavaHMO as the javahmo user, so you must create the user before using it.
# adduser --system --home /usr/share/javaHMO --shell /bin/false --group javahmo
Update: I created a proper Debian package for JavaHMO that doesn't require using alien to convert the RPM.
Sat, 18 Sep 2004
Sender Address Verification in the Real World
I've been using sender address verification callbacks for a long time. It helps eliminate a lot of spam by checking if the sender's address is deliverable. Unfortunately, there are a number of systems that send mail with an invalid envelope sender. These are often generated by scripts on a web server where the sender defaults to the-apache-user@the.web.server.name. There are also a number of misconfigured mail server, mostly IMail installations, that do not accept messages with null senders. This not only prevents their users from receiving bounce messages, but also prevents sender address verification from working.
Up until yesterday, I've rejected messages at RCPT time that fail sender address verification. Trying to deal with the number of false positives for a significant number of users has proven to be too dificult. So I decided to continue using sender address verification, but incorporate the result into an overall SpamAssassin score.
Andrew, on the exim-users list provided a helpful Exim ACL snippet which I modified a bit and came up with the following:
acl_callout_test:
warn set acl_m6 = TEMP
accept verify = sender/callout=60s,random
set acl_m6 = OK
warn set acl_m6 = FAIL
acl_check_rcpt:
warn acl = acl_callout_test
warn message = X-Sender-Verification: $acl_m6
This adds an X-Sender-Verification header which I then check for in SpamAssassin.
header POSTICA_SENDER_ADDRESS_FAIL X-Sender-Verification =~ /FAIL/ describe POSTICA_SENDER_ADDRESS_FAIL Sender Address Verification Failure score POSTICA_SENDER_ADDRESS_FAIL 2.0 header POSTICA_SENDER_ADDRESS_TEMPFAIL X-Sender-Verification =~ /TEMP/ describe POSTICA_SENDER_ADDRESS_TEMPFAIL Sender Address Verification Temp Failure score POSTICA_SENDER_ADDRESS_TEMPFAIL 1.0
I may have to tweak the scores, but so far, it's working pretty well.
tech » mail | Permanent Link
Semis for Soccer Moms
Back in 1999, after the Lincoln Navigator was introduced, I joked, "Next year, people will be driving semis around town." Looks like I was only off by a few years.
MSNBC has a picture and
details on the 14,500-pound behemoth.
But does anybody really need a vehicle that is nine feet tall, eight feet wide, 21 1/2 feet long and gets about seven miles on a gallon of diesel?
No.
"Anybody can lease a Hummer now for $500 a month. Soccer moms are driving them," he said. "This is not a soccer mom's vehicle."
We'll see about that.
Tue, 14 Sep 2004
Introduction to Mailgraph
Over at ONLamp, David Ky describes how to setup Mailgraph.
Mailgraph is a
great tool for monitoring your mail servers. It generates graphs showing how
many messages are passing through your servers as well as the number of spam
and viruses blocked. Here's a sample graph:
David didn't mention that there are Debian packages for Mailgraph. I've also modified it to work with Exim log files. The Mailgraph for Exim packages are available from the Postica site.
tech » mail | Permanent Link
Sat, 11 Sep 2004
Beer Tastes Good
Apparently, it is now possible to inhale alcohol. I'm not sure why anyone would want to, though. I can't imagine going into a pub and having the bartender put down a pint of your favorite vaporized beer.
That sounds about as likely as someone listening to a crappy version of their favorite song on their mobile phone.
Thu, 09 Sep 2004
Are All Web Browsers Broken?
According to Derek, hrefs such as
<a href="https:/path"> should be valid and link to the same site using
https as the protocol.
This doesn't work in Mozilla, which converts such links to https://path/, nor in links which interprets it as
http://domain.tld/https:/path.
Interestingly, it does work in Mozilla if the link is the same protocol as
you're currently using.
If it worked, it would make web development easier. You wouldn't have to use tokens in html templates for the server name to avoid hard coding in the production server's domain. I'm sure there are other's who've used output buffering hacks to rewrite relative links.
So, what's the deal? Are all web browsers broken?
Restricting Incoming Mail to MX Hosts using Sendmail
When using an external server or servers to filter your mail, you want to make sure that spammers and worms cannot bypass the filtering servers and deliver unsanitized messages directly to the destination mail server. In order to do this, the destination MTA must check the IP address of the server trying to deliver a message and verify that it is one of the allowed hosts.
If you only have one domain on your sendmail server, or all domains use the same filtering hosts, this is fairly easy to accomplish using either a firewall, TCP wrappers, or a number of not-so-elegant entries in your access table. If you host a number of domains, these methods may not be acceptable.
I have written some sendmail rules to restrict delivery on a per-domain basis. Groups of scanning hosts, known as a scangroup, can be setup and each domain can belong to one scangroup. If a domain does not belong to a scangroup, messages to that domain are accepted as usual.
Two new maps need to be created, scandomain and scanhost. The
scandomain map lists each domain that uses a scangroup and scanhost lists
the IP addresses of each host in a scan group. The left hand side is the
domain and IP address, respectively, and the right hand side is the scangroup
name for both maps.
The rules which reject unauthorized delivery are added to the Local_check_rcpt
ruleset so the rejection occurs after each RCPT TO: command. Because the
mail server may also be used for message submission by MUAs, it accepts
messages from authenticated users and IPs explicitly allowed to relay in either
the relay-domains file or access map.
To enable scangroups, add the contents of
scangroups.mc to the bottom of your
sendmail.mc and regenerate your sendmail.cf. Don't forget to run makemap after
setting up your scandomain and scanhost files.
If you're looking for a service to filter spam and viruses from your mail before they get to your mail server, please check out Postica, which I developed.
Updated - 5/2/2005: I updated the ruleset to reject messages with a temporary failure so that mail doesn't accidentally get rejected if DNS is being changed, and still points directly at the destination server.
tech » mail | Permanent Link
Thu, 02 Sep 2004
How To Print a Book From Postscript
Here's how to print some documentation as a book. The goal was to print two pages per sheet double sided without having the luxury of a printer that supports duplex printing.
In this example, I'm printing about 50 pages
(Chapter 5) from the
sendmail documentation.
psselect -p34-85 op.ps | psbook | psnup -2 | pstops 2:-0 | lpr
So we use psselect to pick the pages we want to print.
Then, we use psbook to rearrange the pages so they end up in the right order
in the finished booklet. The psnup utility is used to to print two pages per
sheet, and finally, pstops selects just the odd pages in reverse order.
In the second step, you feed the pages back through your printer using the
manual feeder. On my printer, a LaserJet 1200, the manual feeder pulls page
from the top, the same as the tray. That is why I used pstops to rearrange the pages.
If your manual feed pulls from the bottom, you can print the odd pages in the normal order.
psselect -p34-85 op.ps | psbook | psnup -2 | psselect -o | lpr
Now, we just put the pages in the manual feeder and print the even pages.
psselect -p34-85 op.ps | psbook | psnup -2 | psselect -e | lpr
P.S (Ha!) I think pstops can do everything that psselect, psbook, and psnup
do, but I didn't bother learning the syntax.
