2003530

Postfix + site-wide SpamAssassin + Procmail for individual 'spam' mailboxes. There is an updated addition/simplication suitable for some users/administrators HERE! Please note: File locations are based on my own install. Yours may be different, and should be checked and appropriate changes made. 1. Install postfix and get it working for your domain. See http://www.postfix.org for details. 2. Install SpamAssassin. The easiest way to do this is with the command "perl -MCPAN -e 'install Mail::SpamAssassin'" 3. As root, create a file at /usr/bin/postfixfilter with the following content: #!/bin/bash /usr/bin/spamc | /usr/sbin/sendmail -i "$@" exit $? 4. Run "chmod 755 /usr/bin/postfixfilter" 5. Create a user called 'spamfilter'. Make it a complete user, with home directory and shell. 6. Run "chown spamfilter /usr/bin/postfixfilter" 7. In /etc/postfix/master.cf in the "Services" section, alter the 'smtp' line as follows (the " -o con..." SHOULD be on the next line: # ----------------------------------------------------------------------------------- smtp inet n - n - - smtpd   -o content_filter=spamfilter: # ----------------------------------------------------------------------------------- 8. In /etc/postfix/master.cf in the "Interfaces to non-Postfix software" section add: # ----------------------------------------------------------------------------------- spamfilter unix - n n - - pipe   flags=Rq user=spamfilter argv=/usr/bin/postfixfilter -f ${sender} -- ${recipient} # ----------------------------------------------------------------------------------- 9. Restart postfix and make sure you can still get email. Send a fake spam through the system (from an outside address) to verify that spam is marked as spam. For information on configuring SpamAssassin, go to http://www.spamassassin.org. 10. Install 'procmail' if it is not already installed. To discover this try 'which procmail'. 11. For each user who needs a 'spam' mailbox, follow steps 12 - 13. You can safely stop right here if you do not want any users to have their spam filtered into another mailbox. 12. Create a file in their home directory, owned by them, called '.procmailrc'. Enter the following into it, making sure that the locations listed are what you wish to use for mailbox location (here we are using /home/$username/mail/ as the location for mail folders: # ----------------------------------------------------------------------------------- MAILDIR=$HOME/mail DEFAULT=$HOME/mail/Inbox LOGFILE=$HOME/mail/proc.log # Catch SPAM :0 * ^X-Spam-Flag: YES * ^X-Spam-Level: \*\*\*\*\*\* spam # ----------------------------------------------------------------------------------- Explanation of the above - MAILDIR is the location of mailbox folders DEFAULT is the default mailbox. "* ^X-Spam-Flag: YES" makes sure the email is marked as spam before doing anything with it. "* ^X-Spam-Level: \*\*\*\*\*\*" make sure the spam received a 'spam score' of at least 6 before doing anything with it. This ensures that 'borderline' cases that are more likely to be 'false positives' (meaning they have been falsely marked as spam) do not go into the spam mailbox. 'spam' is the name of the mailbox they are going into. 13. Create a file in their home directory, owned by them, called '.forward'. Enter the following into it, changing 'username' to their username. Include the quotes and the pound ("#") symbol! "|IFS=' ' && exec /usr/bin/procmail || exit 75 #username" 14. As with any change made to user's mailboxes, test! 15. Keep SpamAssassin updated with the same procedure you used to install it in #2. NOTE: anything in red might have a different path on your box! Posted by Greg @ 07:42 PM PST [Link]

2003528

Well, as a brand-new 33 year old, I am officially untrustworthy. I'm now either too old to have fun or too young to be responsible, but absolutely part of the establishment. Interesting day...Jen sent me balloons at work, delivered by a portly man in a strip-club t-shirt. I was hoping the balloons weren't part of his 'act'. :) After work we met a whole bunch of friends at the Buck and Ear for drinks and wings night. I am not sure how many dozens of wings I ate tonight; I feel pretty bloated, but satisfied. Lots of ribald humour and family stories tonight! We're all a bunch of geeky screwups. During our dinner the pub's ordering system went down and I know all of us had an urge to go check out what they were running. Tattoo-whoring: I have agreed to get a tattoo that is decided on by other people (assuming some people will help out with the costs, and Rich has already volunteered to make a donation) and drawn by someone who loves to make embarassing jokes at my expense. Why would I do such a thing? The answer is here. Perhaps I should purchase tattoosomethingembarrasingonme.com? Posted by Greg @ 10:43 PM PST [Link]

2003526

Little to say, more coming :) Ha! It's still a post! Posted by Greg @ 10:36 PM PST [Link]

2003525

Well, I've finally done the upgrade. From a PII-400 to an Athlon 2000+ (1.67GHz), plus motherboard and RAM. A bit of an adventure actually...had a hell of a time getting the system to power up at first (solution: make damned sure the power plugs to the CD drives were all the way in), then OS issues reared up and bit me. I was going to let Redhat 9 try and cope with a motherboard and CPU change, but it just wouldn't do it. I'm not really surprised, and I backed up everything, but I wanted to see how far it's progressed. It was smart enough to deal with detecting the new drive locations and many other things, but it just wouldn't get past the kernel panic :) So, a reinstall of Redhat was the only solution. Then hours of trying to fix Postfix so Jen and I would stop losing email. If you use postfix and you get an error like "mail for domain.com loops back to myself", the first thing you should try is adding "$mydomain" to the "mydestination = ..." line. This was the final solution. Really, it's one that should be documented on the Postfix site, since more people have this problem and ask it on Usenet than the number of people who've been served a burger at McDonalds. One more big issue...apt4rpm on Redhat 9 appears broken. It royally screwed up my rpm database, and it took me hours of trying to get it to work before I finally gave up. If the apt4rpm website actually held contact info I'd report this as a bug. Too bad really, because I really liked it before. Speaking of McDonalds, I'm colecting derogatory names for the place and their products. Some examples: - Raunchy Ronnies - McPukes - The Big Puke - McVomit I don't know why I find this so funny. I still have their chicken sandwich on occasion. Posted by Greg @ 11:26 AM PST [Link]

2003523

Sorry for the lack of posts over the past couple days...it's been righteously busy. Interesting tidbits from my life...MS SQL 7.0 is a pig and a half - I hate it. X2 is a good movie - better than the first one, I think. Matrix Reloaded was a good movie, but really it's about half a movie - that was a really crappy way to end it, and the gratuitous sex and party-nudity was stupid and unnecessary. Waiting for a loan from the bank, and they called me today to verify some niggling details about my life - annoying, since I am asking for an amount smaller than the amount that I currently have invested in a term deposit with that bank. I have my new hardware - now I am just waiting for some time to install it; I am very curious to see if my Redhat installation will accept it without problems. Anyway, I'll try to keep up more. I am in serious desperate need of quiet to to let my brain catch up to my life and all the things in it. Posted by Greg @ 11:31 PM PST [Link]

2003520

From the side of the box of chamomile tea we bought: The kettle whistled, calling me. As I made my cup of chamomile tea, I thought about him - so dark and mysterious, with eyes that flashed fire one minute and burned with desire the next. I moved quietly to the couch and the warmth of my grandmother's quilt. I was already anticipating the time I would spend with him. His secrets that only I was privy to. Soon, I would discover the darkest secret of all. The truth that would be made known to everyone in the courtroom. And the jury will make its final judgement. I took a sip of my tea, cuddled up and prepared to lose myself in the last chapter. Well, I don't know about the woman on the tea box, but I take a sip of my tea and feel kind of dirty. Posted by Greg @ 08:17 AM PST [Link]

2003518

This is good. A nice, timely addition to my previous post about the 70's. According to today's regulators and bureaucrats, those of us who were kids in the 40's, 50's, 60's, 70's or even the early 80's, probably shouldn't have survived. Our baby cribs were covered with bright colored lead-based paint. We had no childproof lids on medicine bottles, doors or cabinets, and when we rode our bikes, we had no helmets. (Not to mention the risks we took hitchhiking.) As children, we would ride in cars with no seat belts or air bags. Riding in the back of a pickup truck on a warm day was always a special treat. We drank water from the garden hose and not from a bottle. Horrors! We ate cupcakes, bread and butter, and drank soda pop with sugar in it, but we were never overweight because we were always outside playing. We shared one soft drink with four friends, from one bottle, and no one actually died from this. We would spend hours building our go-carts out of scraps and then rode down the hill, only to find out we forgot the brakes. After running into the bushes a few times, we learned to solve the problem. We would leave home in the morning and play all day, as long as we were back when the street lights came on. No one was able to reach us all day. No cell phones. Unthinkable! We did not have Playstations, Nintendo 64, X-Boxes, no video games at all, no 99 channels on cable, video tape movies, surround sound, personal cell phones, personal computers, or Internet chat rooms. We had friends! We went outside and found them. We played dodge ball, and sometimes, the ball would really hurt. We fell out of trees, got cut and broke bones and teeth, and there were no lawsuits from these accidents. They were accidents. No one was to blame but us. Remember accidents? We had fights and punched each other and got black and blue and learned to get over it. We made up games with sticks and tennis balls and ate worms, and although we were told it would happen, we did not put out very many eyes, nor did the worms live inside us forever. We rode bikes or walked to a friend's home and knocked on the door, or rang the bell or just walked in and talked to them. Little League had tryouts and not everyone made the team. Those who didn't had to learn to deal with disappointment. Some students weren't as smart as others, so they failed a grade and were held back to repeat the same grade. Horrors! Tests were not adjusted for any reason. Our actions were our own. Consequences were expected. The idea of a parent bailing us out if we broke a law was unheard of. They actually sided with the law. Imagine that! This generation has produced some of the best risk-takers and problem solvers and inventors, ever. The past 50 years have been an explosion of innovation and new ideas We had freedom, failure, success and responsibility, and we learned how to deal with it all. And you're one of them! Congratulations. Please pass this on to others who have had the luck to grow up as kids, before lawyers and government regulated our lives, for our own good. I wonder what the world will be like when the pendulum swings back? Anyone know a quick and simple way to get VMware to recognize an already-existing dual-boot operating system? Posted by Greg @ 12:54 PM PST [Link]

2003516

In the 70's: Ketchup was red. Not green or purple. Cars were all different. You could tell an El Camino from a Corvette from a Volkswagen. Today you can't tell a Neon from an Intrepid from a Cougar. Politicians were politicians. They weren't marketed idols. Some of them had gap-teeth. None of them were big business. One of them was a peanut farmer. If one of them had an affair, it was hushed up. Nowadays, the mistress gets her own TV show. Kids didn't write their nickname on everything they could find. They were smart enough to realize that if they did that someone would recognize the name and their parents would whup their butt when they got home. No one cared what was in SPAM. It was good, crappy, cheap food. Mothers made casserole with it as the primary ingredient. Now you get spam over the internet, and although it's still crap, it's not food. If you were smart, you went to college or university and anyone's smart kid could become a doctor, lawyer, engineer or architect. Now only the richest parents can pay for a professional education for their kid. You could talk to a stranger kid on the street and people wouldn't accuse you of being a child molester. If that kid was being a dumbass you could give them a swat on the butt and send them home. Most parents would come over to your house to thank you - not sue you. One of your friend had a basement you could hang out in. Another friend lived next to a field you could run in. You could build a fort out of couch cushions and a blanket. Now it's just easier to load up a warez version of Bryce and throw together a 3D fortress. No one would bug you if you camped in a pup tent in the front yard. You and a friend could spend quality time with a loop of string or a sprinkler. No electricity involved. Your dad knew a lot of people. Now you don't know the people next door. If you were bullied, the bully would probably punch you. Now he might shoot you, stab you, bury you, carve a swastika in your forehead, or arrive at school to kill you and a bunch of other students and the teachers he hated. .... Dammit. Ketchup was red. Posted by Greg @ 08:29 PM PST [Link]

2003515

1. Top House Members from both sides of the aisle are furious at Defense Secretary Donald Rumsfeld for essentially banning lawmakers from taking fact-finding trips to Iraq, and many believe the Pentagon chief is using the cloak of “security concerns” as an excuse to block Congressional oversight. 2. If your name is David Nelson...ANY David Nelson...expect to be hassled at airports for no good reason. Someone please give the royal smackdown to the US government. Please? How much ridiculousness can the world stand? Posted by Greg @ 11:40 PM PST [Link]

2003514

Links that I have: A postcard site that doesn't spam Kurt Vonnegut takes on the US gov't Chickenhawks: stupid warmonging government freaks who spent a lot of time and influence avoiding the draft as youth Interesting brain info...can brain damage cause pedophilia? Links that I want: A really good CSS reference that includes lots and lots of examples. A list of all the websites (or many of them) that have wishlists. A third party tool for search eBay better (and maybe getting rid of the spammy chaff there). A blog-only search tool that really has a hell of a lot of blogs in it (having mine in there would be a good test). A really good tutorial on migrating a database or set of databases from one MSSQL 7.0 server to another. Step-by-step would be good. Posted by Greg @ 08:58 PM PST [Link]

2003512

This weekend I did the unexpected and wipe my computer clean and installed Redhat 9. Normally I don't go for the newest releases, but I decided that I should enjoy my home system a little more and the bugs in RH7.3 were dragging me down badly. So far it's been quite clean and stable (crosses fingers). As part of that, included a complete fresh install of Spamassassin, and this time it included switching mailservers. Previously I was using Exim...now I'm using Postfix. Some pros and cons there...Exim is highly configurable, but extremely complicated (note to Exim fans: you may disagree all you want, but no one yet has given me a very simple <10 line description of how to write a director. Not all the ins-and-outs of it, but just a rough outline that is understandable. When that happens maybe I'll reconsider.). Postfix is still quite configurable, but quite readable. Postfix's big flaw is absolutely awful website organization and lack of decent documentation. Or more to the point, they rely on other sites that may or may not be functional for their documentation. Relying on your users to bring up important issues is one thing...relying on them to provide all your How-Tos is another. On top of that is that they don't even have a good complete list of that external documentation. I searched like mad for a decent, simple, how-to on integrating Postfix and SpamAssassin and eventually found one, but only by looking at about the 14th page of Google search results. The page I found was http://www.dulug.duke.edu/~mstenner/sa-docs/setup.html. Clean, simple, nice. A point...Google operates on the concept that if a link is good and cool and useful people will link to it. If you find a useful link somewhere deep in Google's bowels by a search - give that site a boost by linking to it. Of course, Google is failing a little by being overwhelmed by the intense cross-linking inherant in blogs and is likely going to have to implement a -noblogs switch to its engine. Anyway, the day after I get SpamAssassin 2.53 installed, 2.54 comes out. Supposedly worth an upgrade, though I haven't done so yet. I've still got a small problem I haven't worked out yet...'spamassassin -r' fails, with a "Warning, unable to report spam" error. Apparently there is another missing detail in SpamAssassins docs that talks about razor and how to connect with it. The Postfix documentation project needs help. If I get some time I'll get something together, though hopefully stuff I post here helps. Posted by Greg @ 10:16 PM PST [Link]

2003510

Apparently I'm "You are a David Weinberger. You are smart, savvy, interested in why people do what they do, enjoy questioning yourself and are not balding" Find out for yourself here Last night I was awake pretty late. I have the unfortunate problem of restless legs syndrome, where my legs feel like they've been pumped full of electricity and my feet are boiling hot (they aren't really, they feel hot in my mind, but not to the touch). The only bonus from that very annoying problem is that it gives me time to think quietly and I come up with some excellent ideas. At 1am I came up with a concept that links two of the ideas floating around work in a Very Nice Way, I believe. Sent this off to the president of the company before 1:30am :) Hope something comes of it! My life's been pretty unremarkable today. I just don't have anything to say. My mind is like a bunch of nothing, but shrug. Maybe tomorrow. As depressing as the above is, I didn't write it...it's a product of the The Apathetic Online Journal Entry Generator by the Brunching Shuttlecocks. None of you bloggers shall ever skip a day again! Posted by Greg @ 11:48 AM PST [Link]

200359

Don't (at least on a Redhat system) install SpamAssassin via 'perl -MCPAN -e "install Mail::SpamAssassin"' then follow it up by installing the RPMs. It's the wrong thing to do, trust me on this. Anyway, if you DID do that, remove the RPMs (rpm -e) go to /root/.cpan/build/Mail-SpamAssassin-2.53/ (or whatever version you are running)... # make clean # make # make test # make install You can repair many of the perl modules you've installed this way. Dwight York: I saw a homeless guy holding a sign that said "Will work for food." So I gave him a coconut. I will think for you! Posted by Greg @ 10:39 PM PST [Link]

200357

Took a couple geekleaps today, and am currently playing with Spamassassin. I first installed in in April 2002, and it's been loyally marking my spam for over a year...but getting worse and worse at it while I've been getting more and more spam. So I did a few things: 1) change my regular email from greg@... to gwebster@..., 2) fix how various emails address that I have appear on the web, and 3) update Spamassassin. I expect #1 will have a decent impact, but I will still get a fair bit of spam from other addresses. #2 is simply because the spambots are getting better - email@NOSPAMdomain.com is no longer effective at preventing them from auto-parsing your email. So I've done things like email@thedomainyougotthis.from. The bot would have to be pretty damned smart to get that covered. The thing that really pisses me off about this is that obviously people who do this both understand how spambots work and are willing to do things to prevent spam, like reporting it to the postmasters and upstream providers. Spammers do themselves NO favours by parsing this stuff. I report every single spam I receive, spammers would help themselves by getting me off their lists, not trying to make sure I am on them. It was silly of me not to have done #3 a long time ago. Spamassassin has changed dramatically. It's gained Bayesian (self-learning) filtering, better and nicer configuration, and much ease of use for users. The easiest way I've found to update this on any system (including the rather annoyingly never-updated Debian) is, as root, "perl -MCPAN -e 'install Mail::SpamAssassin'". I suggest doing this every month or so. Posted by Greg @ 10:49 PM PST [Link]

200356

Post. How many prices do you remember from your childhood? More than a $0.25 popsicle? How about a '74 Volkswagen? Was discussing this with a coworker today...I grew up well away from anything bigger than a corner convenience store, and I remember very little of the prices from when I grew up. I remember "licorice babies" (we used a un-nice, more-offensive term for them when I was young) were a penny each. A payphone cost a quarter, but you always put the money in after you were connected, not before. That's about it. Friends of mine who grew up in town, or in larger areas, remember much, much more. Late addition for some links: DJs suspended for playing Dixie Chicks IT workers fired for reporting child-rape porn professor to police Iraqi men stripped naked, scrawled on, forced to walk through the streets Posted by Greg @ 06:16 PM PST [Link]

200354

Grammar/spelling notwithstanding, the above is a line from Lord of the Rings: Fellowship of the Ring that I had not previously noted. Amazing the things you see when you have the subtitles on. This was about the 5th time I've seen this movie, and I always notice new things in it. This is the first time on DVD, hence the subtitles. I searched like mad and they removed the car driving by they accidently put in the movie in the theatres. I had also thought that in the battle with the Balrog, Gandalf said "Run, you fools!" before falling from the bridge. Nope, it was "Fly, you fools!". Quiet and slow today. I just felt tired and kind of crappy. Low-level 24 hour virus I suppose. Got a few things around the house done; tidied up some cron jobs for UF auto-posts, made some plans and baked some baking powder biscuits for an evening snack (we are out of popcorn). Downloading Redhat 9.0 right now. Expecting that I want to wipe and reinstall this system sometime, and also intending to set up Jen's old computer as a server soon. Not sure I'll use 9.0 for that though. Posted by Greg @ 11:16 PM PST [Link]

200352

chunk it together shift my forehead against the wall see if I can get my thoughts captured before I'm called out again my palms are tingling so I cringe and the bricks scrape the skin and make fists before I turn around gonna throw a punch this time you want a piece of me? sorry...I have none left. Dunno why, but we just watched Being John Malkovich (a repeat for me, new to Jen) and it reminded me of high school bullying. Some seriously crappy times there. Maybe it's the fact that I think the real theme of the movie is 'loss of control', not (as many would think of it) gaining control. Way back I ran a site called GeekRights.org that was mostly about adult bullying at its start, but eventually talked a lot more about high school bullying. That shift happened because a lot of things happened here in North America and locally that started bringing bullying to the media. Columbine was definitely the big one, because everyone was seeking an excuse or a reason for it happening. Were those two bullied? Hard to say - I don't think there's been any proof either way. Certainly if there are bullies, they didn't come forward and announce it. Bullies don't do that. The one that struck me most though was a local kid named Hamed Nastoh who took his own life because he just couldn't handle it any more. In some ways that story is a tiny bit worse than even the horrific killing of Reena Virk by bullies who are still fighting to ignore the responsibility they had for her death. While both stories are horrific (and local to me), I feel most for Hamed. I feel a tiny bit of the fear he felt and the dread that he lived with. In some people's lives there is no other option available to them. Be nice to geeks. Posted by Greg @ 11:46 PM PST [Link]

200351

Ok, so you're in a hurry and you don't have time to think up something l33+ so you can get online and pretend to be a script kiddie in order to soil their unsullied (!) name...what do you? Well.... The haxor handle of Slutmonkey Haberdashery is "S3cret Mani@c". What's yours? Enter your name: It's just that simple! You too can have a name that makes you look stupid and immature! Thanks to Silverstr for this :) Hmmm...the above makes me want to write those sorts of 'utilities'. The kites arrived! We took the Stealth kite (pic below) out today for a bit, as well as my first dual line kite, the Beetle 2100. Very light wind. I did ok in about a 2 mph wind, but Jen was getting frustrated with the light touch required. Another day with more airflow and she'll be much happier I think. Didn't take out the Chute, since it will almost definitely require more wind and practice to get going. Hope there is something this weekend! Posted by Greg @ 08:59 PM PST [Link]

LINKS and STUFF

Aspectus - This is Illiad's (of Userfriendly fame) other project, which is like Slashdot in some ways and like a personal blog in some ways, but cooler than either. Needs more content, and more visitors, but that'll come.

RED MEAT - Oh my. I imagine there is a FBI file on the artist. I never, ever want to meet him. But I will glory in his comic strip. Brilliance and intelligence wrapped up in the tattooed skin of a circus freak and tied with a bow made of blown O-rings.

Imparte.com - Rich's site. Not going to talk about it until he says I can. But go visit anyway.