spam

A Saturday mixture

Dave Farquhar General ,

Luke again. As I was making the video about Luke, another member of my church was putting together a Bible study to wrap around it. I delivered that study to my small group last night. It was the first time I’d ever taught–to this group at least–using someone else’s material. I write my own and teach others to write their own, because there’s no way that a book written by distant authors can be in touch with a group’s particular needs. The Bible itself plays by a different set of rules, but taken in its entirety, it’s a pretty intimidating book. But a human taking poignant bits out of it and showing people how to use them–that works.
So last night I delivered the study, and near the end, I played the Luke video. Luke talked for five minutes on how it feels to be Luke. (The transcript appeared here originally–what I played was edited only slightly from that.) The group’s reaction?

Silence.

Video professionals have told me that’s good.

Finally I broke the silence. “Luke is grateful because he has so much. And when you look at the ‘so much’ he has, there isn’t a one of those things that I don’t have. I’ve got great friends. I’ve got a great, supportive family. And I’ve got so much more than that. And yet, Luke’s a lot happier than I am. Something’s wrong here.”

More silence. One of the girls, who has a remarkable story in her own right to tell, looked like she was going to cry.

And how to follow that? You don’t. So I’m not gonna try. Segue, schmegway.

Roll your own mail server. Linux guru extraordinaire Nick Petreley just published a five-part series on setting up an IMAP server in Linux. It’s the best I’ve seen yet. It doesn’t talk about everything one would like to do with a mail server, and I prefer Courier IMAP over Cyrus IMAP, but if you want your own spam-filtering mail server, this is a great start. About the only thing he doesn’t cover is using Fetchmail to pull in mail from foreign accounts.

An interesting take on intellectual property. I’ve told you about Rick Prelinger before; he’s the one responsible for the Internet Archive’s movie archive, which is destined to endear him forever to small-time movie makers around the world. Here’s an article on IP from him which takes a unique take. Worth a read.

If you’re in need of free (and, more importantly, royalty-free) film footage, bookmark this page. Getting MPEG-2 video into Premiere is difficult; Prelinger offers some advice he’s been given.

Encryption on the cheap

Dave Farquhar General , , , , ,

Disspam cruises along. It’s not often that I gush about a program, let alone a 4.5K Perl script, but Disspam continues to make my life easier. Granted, it simply takes advantage of existing network resources, but they’re resources that were previously (to my knowledge) limited to the mail administrator. Literally half my e-mail at home today was spam. Disspam caught every last piece.
A little scripting of my own. I’ve got a client at work who wants absolute privacy guaranteed. He and his assistant have some files they don’t want anyone else to be able to read, period. Well, there’s no way to guarantee that under NT, Unix, or VMS. Under NT, we can take away anyone else’s rights to read the file, but an administrator can give himself rights to read the file once again. We can make it set off all kinds of sirens if he does it, but that security isn’t good enough.

Well, the only way we can guarantee what they want is with encryption. But we’re nervous about making files that one and only one person can read, because last year, one of our executives went on vacation in Florida, fell ill, and died. We don’t want to be in a situation where critical information that a successor would need can’t be unlocked under any circumstance. So we need to encrypt in such a fashion that two people can unlock it, but only two. So the client’s backup is his assistant, and the assistant’s backup is the client. That way, if something ever happens to one of them, the other can unlock the files.

Password-protected Zip files are inadequate, because any computer manufactured within the past couple of years is more than fast enough to break the password through brute force in minutes, if not seconds. The same goes for password-protected Word and Excel documents. Windows 2000’s encryption makes it painfully easy to lock yourself out of your own files.

So I spent some time this afternoon trying to perfect a batch file that’ll take a directory, Zip it up with Info-Zip, then encrypt it with GnuPG. I chose those two programs because they’re platform-independent and open source, so there’s likely to always be some kind of support available for them, and this way we’re not subject to the whims of companies like NAI and PKWare. We’d be willing to pay for this capability, but this combination plus a little skullwork on my part is a better solution. For one, the results are compressed and encrypted, which commercial solutions usually aren’t. Since they may sometimes transfer the encrypted package over a dialup connection, the compression is important.

Plus, it’s really nice to not have to bother with procurement and license tracking. If 40 people decide they want this, we can just give it to them.

The biggest problem I ran into was that not all of the tools I had to use interpreted long filenames properly. Life would have been much easier if Windows 2000 had move and deltree commands as well. Essentially, here’s the algorithm I came up with:

Encrypt:
Zip up Private Documents subdirectory on user’s desktop
Encrypt resulting Zip file, dump file into My Documents
Back up My Documents to a network share

Decrypt and Restore:
Decrypt Zip file
Unzip file to C:Temp (I couldn’t get Unzip to go to %temp% properly)
Move files into Restored subdirectory on user’s desktop

I don’t present the batch files here yet because I’m not completely certain they work the right way every time yet.

They don’t quite have absolute security with this setup, but that’s where NTFS encryption comes in. If these guys are going to run this script every night to back the documents up, it’s no problem if they accidentally lock themselves out of those files. If their laptops get stolen, all local copies of the documents are encrypted so the thief won’t be able to read them. And the other user will be able to decrypt the copy stored on the server or on a backup tape. Or, I can be really slick and copy their GPG keys up onto the same network drive.

This job would be much easier with Linux and shell scripts–the language is far less clunky, and file naming is far less kludgy–but I have to make do. I guess in a pinch I could install the NT version of bash and the GNU utilities to give myself a Unixish environment to run the job, but that’s a lot more junk to install for a single purpose. That goes against my anti-bloat philosophy. I don’t believe in planning obsolescence. Besides, doing that would severely limit who could support this, and I don’t have to try to plant job security. I always get suspicious when people do things like that.

Stopping spam.

Dave Farquhar General , , , , , ,

Forget what I wrote yesterday. I was going to post the stuff I wrote in Ohio when I realized it isn’t all that good, it’s definitely not useful, and the people who annoy me the most are the people who can’t get over themselves. No one cares what I ate for breakfast, and the only people who care what went on in Ohio already know.
So here’s something useful instead. It’s the coolest thing I’ve found all year. Maybe all decade, for that matter.

Spam begone. I hate spam. It wastes my time and my bandwidth and, ultimately, my money. I’ve seen some estimates that spam costs ISPs as much as $5 per month per account. You’d better believe they’re passing those losses on to you.

There are tons and tons of anti-spam solutions out there, but most of them run on the mailserver side, so for an end-user to use them, they have to set up a mail server and either use it for mail or run fetchmail to pull the mail in from ISP’s mail servers. I’ve done that, but it’s convoluted. But that’s trivial compared to setting up the anti-spam kits.

I was crusing along, vaguely happy, when my local mailserver developed bad sectors on the hard drive, so one day when I went to read my mail, I heard clunking noises. I turned around, flipped on the power switch to the server’s attached monitor, and saw read errors. Hmm. I hope that mail wasn’t important…

Eventually I shut down my mail server and put up with the spam, hoping I’d come up with a better idea.

I found it in a Perl script called disspam.pl, written by Mina Naguib.

It took a little doing to get it running in Debian. Theoretically it’ll run on any OS that has Perl installed. Here’s what I did in Debian:

su (to become root)
apt-get install libnet-perl (Perl couldn’t see the network without this, so the next command in this sequence was failing. This hopefully isn’t necessary on other distros, as I have no idea what the equivalent would be.)
perl -MCPAN -e shell (as per readme–I accepted the defaults, then when it asked for CPAN servers, I told it my continent and country. Then it gave me 48 choices. I picked a handful at random, since none were any more obviously close to me than others.)
install Net::POP3 (as per readme)
quit
cp sample.conf disspam.conf
chmod 755 disspam.pl

Next, I loaded up disspam.conf into a text editor. It looks just like a Windows-ish INI file.

The second line gives me an exclude list. It’ll take names and e-mail addresses. So I put in a few important names that could possibly be blocked (friends with AOL and Hotmail addresses). That way if their ISPs ever misbehave and get blacklisted, their mail will still get to me. Then I popped down to the end of the file and configured my POP3 mailbox. I had an account I hadn’t read in a week, so I figured I’d get a good test. Just drop in your username, password, and POP3 server like you would for your e-mail client. If you have more than one account, copy and paste the section.

Bada bing, bada boom. You’re set. Run disspam.pl and watch. In my case, it flagged and deleted about a dozen messages, typical of what I usually get, like mail offering me Viagra or access to horny cheerleaders or how to find out anything about anyone (which I already know–I have a journalism degree). The only questionable thing it flagged was mail from MLB.com. I can’t get off their mailing list ever since I voted online for the All-Star game. No importa, I never read that mail anyway. I could have always added MLB.com to my exclude list if what they had to say mattered to me.

But if you’re like me and get lots of mail–that was my less-busy account–and about half of it is spam, that stuff’s going to scroll by really fast. So here’s what I recommend doing: when you execute disspam.pl, use the following command line:

~/disspam/disspam.pl ~/disspam/disspam.conf >> ~/disspam/disspam.log

Then you can examine disspam.log. If disspam ever deletes something it shouldn’t have, you can add the person to your exclude list and e-mail them to ask what they wanted. It looks to be less work than deleting all that spam. Probably less embarrassing too. Have you ever accidentally opened one of those horny cheerleader e-mail messages when there were people around? Yikes!

I fired up Ximian Evolution, pulled down my mail, and had 15 new messages. No spam. None. Sweet bliss.

It’s just version 0.05 and the author considers it beta, but I love it already.

Unix’s power allows you to string simple tools together to make powerful ones. Here are some suggestions.

You can e-mail the log to yourself with these commands:

mail -s disspam [your_address] rm ~/disspam/disspam.log

If you want the computer to do all the work for you, here’s the command sequence:

cronttab

Then add these entries:

0 0 * * * mail -s disspam [your_address] * 0 * * * ~/disspam/disspam.pl ~/disspam/disspam.conf >> ~/disspam/disspam.log

If you read your mail on the same machine that runs disspam, you can substitute your user account name for your e-mail address and save your ISP a little traffic.

You’ll have to provide explicit paths for disspam.pl and disspam.conf.

The first entry causes it to mail the log at midnight, then delete the original. The second entry filters your inbox(es) on the hour, every hour. To filter more frequently you can add more lines:


* 10 * * * ~/disspam/disspam.pl ~/disspam/disspam.conf >> ~/disspam/disspam.log
* 20 * * * ~/disspam/disspam.pl ~/disspam/disspam.conf >> ~/disspam/disspam.log
* 30 * * * ~/disspam/disspam.pl ~/disspam/disspam.conf >> ~/disspam/disspam.log
* 40 * * * ~/disspam/disspam.pl ~/disspam/disspam.conf >> ~/disspam/disspam.log
* 50 * * * ~/disspam/disspam.pl ~/disspam/disspam.conf >> ~/disspam/disspam.log

This program shouldn’t be necessary for very long. It’s short and simple (4.5K worth of Perl) so there’s no reason why mail clients shouldn’t start incorporating similar code. Until they do, you run the risk of disspam and your mail client getting out of sync and some spam coming through. If you read your mail on a Linux box with an mbox-compliant client like Sylpheed or Balsa or Kmail, you can bring fetchmail into the equation. Then create a .fetchmailrc file in your home directory (name it ~/.fetchmailrc to ensure it goes to the right place). Here’s the format of .fetchmailrc:

poll SERVERNAME protocol PROTOCOL username NAME password PASSWORD

So here’s an example that would work for me:

poll mail.swbell.net protocol pop3 username dfarq password censored

Next, set your mail client to no longer check for mail automatically, then type crontab and edit your disspam lines so they read like this:

* 20 * * * disspam.pl disspam.conf >> ~/disspam.log ; fetchmail (your server name)

In case you’re interested, the semicolon tells Unix not to execute the second command until the first one is complete. If you have more than one mail account, add another fetchmail line.

As an aside, Evolution seems to use the mbox file format but it doesn’t store its file where fetchmail will find it. I think you could symlink /var/spool/mail/yourusername to ~/evolution/local/Inbox/mbox and it would work. I haven’t tried that little trick yet.

But even if you’re not ambitious enough to make it run automatically and integrate with all that other stuff, it’s still a killer utility you can run manually. And for that matter, if you can get Perl running on NT or even on a Mac, this ought to run on them as well.

Check it out. It’ll save you time and aggravation. And since it only reads the headers to decide what’s spam and what’s not, it’ll save bandwidth and, ultimately, it’ll save your ISP a little cash. Not tons, but every little bit can help. You can’t expect them to pass their savings on to you, but they’ll certainly pass their increased expenses on to you. So you might as well do a little something to lower those expenses if you can. Sometimes goodwill comes back around.

Trolling the web for nothing in particular

Dave Farquhar Linux , , , , , , , , , , ,

Yes, Brian, baseball will soon return. I hate the things Major League Baseball does (Bob Costas once likened choosing sides between the players and the owners to choosing sides between Iran and Iraq), but we’ve chosen to stay together for the kids. I’m sure everyone who cares (and some who don’t) can guess what I think of Bud Selig, but I’ll tell you anyway, soon enough.
In the meantime, I look like Ars Technica today. Oh well. I don’t do this very often.

Blogging. Wired News had its take on the phenomenon, and threw out some interesting stats.


In January alone, at least 41,000 people created new blogs using Blogger, and that number is always increasing, [Blogger founder Evan] Williams said. Some have put the total number of weblogs at more than 500,000.

Alongside the boom, however, there have recently been a few faint signs of backlash. As increasing hordes take on the task of trying to keep new sites looking nice, sounding original and free from banalities, more hordes just seem to fail.

Blog critic Dave Linabury offered a recipe for success:


“It really can take a lot of time,” he said. “I spend two hours a day on my weblog. Many people don’t realize this, they think it’s a quick way to get popular. And after awhile they get really discouraged and say, ‘he got 2,300 hits today, I got four.’ The bulk of people out there get less than two dozen hits.”

“I don’t want to be elitist,” Linabury added, “but all these people out there with popular weblogs, they’ve been doing it longer and they stick to their guns.”

I can attest to that. The people who get more traffic than I get almost all have been doing this longer. But I can tell you one thing: It’s never enough. Back when I was getting 80 visits a day I wanted 150. When I was getting 150 visits a day, I wanted 250. Now that I get about 500 visits a day, I’m awfully distressed to see people are getting 2,300. And by the time I reach 2,300, I’m sure there will be people getting 5,000 or even 10,000. (Note that visits are the number of unique visitors; hits are the number of files served up. Hit count is deceptive. I get 500 visits per day but closer to 1,000 or even 1,500 hits per day, due to people visiting, reading comments, and then often reading something from a previous week. And if they do a search, that’s at least two additional hits.)

Link

Another feather in Internet Explorer’s cap. To my knowledge, no new security vulnerabilities have been reported in Internet Explorer this week, but the newest security patch, released last week, contains a bug that can cause a VBscript directive that previously worked to crash the browser.

Microsoft says Webmasters need to modify their pages not to use the directive.

That’s nice (I don’t use VBscript on this site) but there are embedded devices, such as HP’s JetDirect card, that use the directive. So early adopters of this patch may find themselves unable to do their jobs.

Better webmaster recommendation: Don’t use VBscript or ActiveX or other Microsoft-owned languages in your Web pages at all. Better end-user recommendation: Use Mozilla or a derivative instead of Internet Explorer.

Link

Recompiling Debian for your hardware. This thread comes up every so often, and with the popularity of Linux From Scratch and Gentoo, the appeal of a compiled-from-scratch Debian is undeniable. But does the small speed improvement offset the increased difficulty and time in upgrading?

The consensus seems to be that recompiling gzip, bzip2, and gnupg with aggressive options makes sense, as does recompiling your kernel. Recompiling XFree86 may also make some sense. But expending time and energy in the perfectly optimized versions of ls and more is foolhardy. (Especially seeing as speed demons can just get assembly language versions of them from www.linuxassembly.org.)

Link

A Guide to Debian. This is a guide, still incomplete, that gives a number of tips for someone who’s just installed Debian. The tips are applicable to other many other Linux (and even Unix) flavors as well.

Link

Spam. A coworker walked into my cube today and asked me how he could keep web robots from harvesting e-mail addresses from his web site. I found myself referring once again to the definitive piece on the subject, from Brett Glass (who gets my nomination for the greatest computer columnist of all time, for what that’s worth).

Link

The RULE project. A project has emerged to bring Red Hat Linux back to its roots, and allow it to run on older, less-powerful hardware.

From their site:


This install option is meant to benefit primarily two classes of users:

* GNU/Linux newbies who cannot afford modern computers, but still need, to get started more easily, an up to date, well documented distribution.
* System administrators and power users who have no interest in eye candy, and want to run updated software on whatever hardware is available, to minimize costs, or just because it feels like the right thing to do.

I love their FAQ. Check this out:


1.0 Hardware is so cheap today, why bother?

1. This is a very limited and egoistic attitude. Eigthy per cent of the world population still has to work many months or years to afford a computer that can run decently the majority of modern, apparently “Free” software.
2. Many people who could afford a new computer every two years rightly prefer to buy something else, like vacations, for example…. Hardware should be changed only when it breaks, or when the user’s needs increase a lot (for example when one starts to do video editing). Not because “Free” Software requires more and more expensive hardware every year.

These guys have the right idea. I can only hope their work will influence other Linux distributions as well.

Link

Linux uptime. (Sure, a little original content.) When I was rearranging things months ago, I unplugged the keyboard and monitor from my webserver, then I never got around to plugging them back in because I didn’t have to do anything with it.

The other day, I had occasion to plug a keyboard and mouse back into it. I went in, did what I wanted to do, then out of curiosity I typed the uptime command. 255 days, it told me. In other words, I haven’t rebooted since last May, which, as I recall, was about when I put the machine into production.

How to pad your resume while meeting chicks.

Dave Farquhar General , , , , , , ,

Padding your resume while meeting chicks. I got a phone call last night offering me just that. Seriously. I didn’t hang up or ask to be taken off the calling list because it was a friend. Not a male friend with a harebrained, sleazy scheme. It was Jeanne. So it was a female friend with a sleazy scheme.
I guess it helps to know Jeanne. She has the distinction of being the only female friend who’s ever offered to lend me a copy of Playboy. She said she bought it for the articles. One of those articles was an interview with some film hunk. Another article was an interview with Aimee Mann. But I think it was all a diabolical plot to see what it would take to get me to read a copy of Playboy in front of her.

This time, Jeanne’s plotting to get me to serve on a committee. She tells me there are virtually no males on the committee. “Sixty to one, Dave! With odds like those you can’t lose!” she said.

Didn’t I hear someone say that about the Red Sox earlier this year?

Let’s change the subject to something more cheerful. How about if I list my qualifications?

1. I’m a male of the species homo sapiens.
2. I’m a sucker for dogs that are smarter than my former landlords my eighth grade science teacher the creeps who dated my sister when I was in college. That’s not every dog I’ve ever seen, but it’s a sizable percentage.

Gatermann says this is the most pathetic thing Jeanne’s ever asked me to do. And yes, Gatermann was there when Jeanne conned me into reading that magazine in front of her. (Yes, I gave in. I had to know what Aimee Mann had to say about Jewel, OK? And yes, her interview was just that–an interview.)

I serve on several committees, few of which work as well as I’d like, so it’s probably a good idea for me to participate, just to see if anyone else knows how to make a committee work right. The time commitment is small, so it just makes sense. In a sick sort of way.

Or maybe you can just say I’m easily finding ways to justify padding my resume while meeting women.

Harry Connick Jr. One of my coworkers pulled out a package he’d just received from Amazon. “I ordered two Harry Connick Jr. CDs,” he said. “This is what they sent.” He whipped out two CDs. They got that much right. But the CDs he received were (drum roll) The Bee Gees and LeAnn Rhimes.

He talked about how much he likes Harry Connick Jr. and how he has two tickets to go see him in some faraway city and he’s bringing a date.

“That’s what you think those tickets are for,” I said. Then, in my best concert-announcer voice, I said, “One night only! The Bee Gees! With very special guest LeAnn Rhimes!”

He glared at me.

Speaking of annoying… I got mail from someone who claims to have invented the “compressed ramdisk” technique I’ve talked about here and in my book, said something at least mildly disparaging about Andre Moreira–one of the other Windows-in-a-ramdisk pioneers–and he says he’s patented the technique, and wants me to download a trial copy of his software and link to it off my site.

I e-mailed him and asked him to set the record straight. It sounded to me like he’s claiming to have invented the compressed ramdisk–something CP/M owners were doing way back in 1984, if not earlier–and he wants free advertising from me for his commercial product.

Now, I could be wrong about that. I was wrong about OS/2 being the next big thing, after all. But if I’ve got the story more or less right, then the answer is no.

Now how did CP/M owners do compressed ramdisks? You’d just put your must-have utilities and applications into an .LBR file, then you’d run SQ on it to compress it. Then in profile.sub–the CP/M equivalent of autoexec.bat–you copied the archive to M: (CP/M’s built-in ramdisk) and then you decompressed it. In the days when applications were smaller than 64K, you could put your OS’ crucial utilities, plus WordStar and dBASE into a ramdisk and smoke all your neighbors who were running that newfangled MS-DOS.

I rediscovered the technique on my Commodore 128 (which was capable of running CP/M) in the late 1980s and thought I was really hot stuff with my 512K ramdisk.

Anyone who thinks the compressed ramdisk was invented in 1999 or 2000 either doesn’t remember his history or is smoking crack.

SCSI! SCSI vs. IDE is a long debate, almost a religious war, and it always has been. I remember seeing SCSI/IDE debates on BBSs in the early 1990s. Few argued that IDE was better than SCSI, though some did–but when you’re using an 8 MHz bus it doesn’t really matter–but IDE generally was less expensive than SCSI. The difference wasn’t always great. I remember seeing an IDE drive sell for $10 less than the SCSI version. The controller might have cost more, but back in the days when a 40-meg drive would set you back $300, a $10 premium for SCSI was nothing. To me, that settled the argument. It didn’t for everyone.

Today, IDE is cheap. Real cheap. A 20-gig drive costs you 50 bucks. A 7200-rpm 40-gig drive is all the drive many people will ever need, and it’s 99 bucks. And for simple computers, that’s great. If it fails, so what? Buy two drives and copy your important data over. At today’s prices you can afford to do that.

SCSI isn’t cheap. It’s hard to find a controller for less than $150, whereas IDE is included free on your motherboard. And if you find a SCSI drive for less than $150, it’s a closeout special. A 20-gig SCSI drive is likely to set you back $175-$200.

Superficially, the difference is philosophy. The IDE drive is designed to be cheap. Good enough to run Word, good enough to play Quake, quiet enough to not wake the baby, cheap enough to sell them by the warehouseful.

SCSI is designed for workstations and servers, where the only things that matter are speed, reliability, speed and speed. (Kind of like spam egg spam and spam in that Monty Python skit). If it costs $1,000 and requires a wind tunnel to cool it and ear protection to use it, who cares? It’s fast! So this is where you see extreme spindle rates like 10,000 and 15,000 RPM and seek times of 4.9 or even 3.9 milliseconds and disk caches of 4, 8, or even 16 MB. It’s also not uncommon to find a 5-year warranty.

In all fairness, I put my Quantum Atlas 10K3 in a Coolermaster cooler. It’s a big bay adapter that acts like a big heatsink and has a single fan, and it also dampens the sound. The setup is no louder than some of the 5400 RPM IDE drives Quantum was manufacturing in 1996-97.

OK, so what’s the practical difference?

IDE is faithful and dumb. You give it requests, it handles them in the order received. SCSI is smart. You send a bunch of read and write requests, and SCSI will figure out the optimal order to execute them in. That’s why you can defrag a SCSI drive while running other things without interrupting the defrag process very much. (Out of order execution is also one of the main things that makes modern CPUs faster than the 486.)

And if you’re running multiple devices, only one IDE device can talk at a time. SCSI devices can talk until you run out of bandwidth. So 160 MB/sec and 320 MB/sec SCSI is actually useful, unlike 133 MB/sec IDE, which is only useful until your drive’s onboard cache empties. Who cares whether a 2-meg cache empties in 0.0303 seconds or 0.01503 seconds?

There’s another advantage to SCSI with multiple devices. With IDE devices, you get two devices per channel, one interrupt per channel. With SCSI, you can do 7 devices per channel and interrupt. Some cards may give you 14. I know a lot of us are awfully crowded for interrupts, so being able to string a ton of devices off a single channel is very appealing. IRQ conflicts are rare these days but they’re not unheard of. SCSI giving you in one interrupt what IDE gives you in four is very nice in a crowded system.

An easy DIY mailserver

Dave Farquhar Christianity , , , , ,

Mail the easy way. It figures that I would find this now, after blowing most of a Saturday trying to get a mailserver set up. This won’t give you any nifty spam filtering, but if you want a fast, reliable, secure, mail server with every other nifty feature you could want, run to Qmail the Easy Way. There, you can download a script that goes and gets all the sources you need and compiles them for you. You get Qmail for SMTP (the fastest and most secure mail server available for Linux), Courier IMAP and POP for receiving, DJBDNS for name resolution, and a nifty Webmail interface. Combine that with your favorite Linux-from-sources distro, and you’ll have a rock-solid, fast-as-possible mail server for a whole lot less money than an Exchange server. And the hardware requirements are far lower. Dan Bernstein, the author of Qmail and DJBDNS, claims Red Hat used a 486 to test Qmail and it performed so well they just threw it into production.
If I had a lot of IMAP clients connecting I know I’d want a Pentium-class machine, but I remember back in the day running Domino under OS/2 on Pentium-90s. When we moved to Domino on NT running on a 533 MHz Alpha, it made our heads spin because we thought 90 MHz was good enough. This was with about 200 people connecting to it. This qmail setup would be a whole lot more efficient than Domino running under NT.

And if you want it all? All you’re missing (possibly) is fetchmail for grabbing mail from foreign mailservers, procmail for a filtering language, and a spamfilter package.
Incidentally, Bernstein writes highly secure, highly efficient software, and he’s really dictatorial about what changes go in it. That’s partly because he guarantees its security–he’ll pay you $5,000 if you can compromise it and he can replicate what you did. Yes, it’s open source, and he gives it away, but since you can’t modify it unconditionally, the BSD people hate him. And since you can’t do anything you want with it except close it, Stallman and his FSF hate him. Since I try to offend the BSD and FSF zealots any time I can, I think that would be reason enough to use Bernstein’s software, assuming it was capable. But it’s not just capable. It’s smaller, faster, and more secure than any alternative and he’s even willing to warrant it–something the likes of Microsoft and Oracle will never do–and you can compile it on any architecture with whatever optimizations you want, and it’s free, so I say you and I are fools not to be using it.

Time to be offensive. It’s been a really long time since I’ve offended people by talking about religion. I was talking with one of my good friends from church (and another part of the conversation reminded me that if I ever decide I want to try to make a living by writing, I need to offer him a job as beg him to be my agent) and we were talking about God’s will. His son had been having some problems, and he was questioning his attitude a little. I understand. My attitude would be similar, and I’d be questioning it afterward too.

I don’t remember what he said, but I paraphrased it back to him to see if I understood what he meant: “I ask for God’s will, but I admit that a lot of times I’m afraid of what God’s will is, and that it might be different from mine.”

“Perfectly said,” he said. (He always says I state things perfectly. I’d better not ever read him that e-mail I wrote at around 9:30 on Wednesday that I’ve been regretting ever since…)

“I know where you’re coming from,” I said. “I’m afraid of it too, most of the time.”

He stopped for a minute and asked if that was OK. I thought about it for a minute. It’s definitely natural to want something different from what God wants. And if you think you might be wrong but want to be right, sure, you’ll be afraid of God’s will. And that’s certainly preferable to being hostile to God’s will, insisting on your way or the highway. You have to reach a certain level of maturity to be willing to ask God’s will, even when you’re afraid of it.

But that’s not all there is. God will take that if it’s all He can get, but what God really wants is unconditional surrender. The Lord’s Prayer says, “Thy will be done.” No strings attached. Jesus prayed, “If it’s possible, take this away from me. But not my will, but Yours be done.” No strings attached there either.
One of us cited Abraham as the human who got as close to that ideal as is humanly possible. But I pointed out how Abraham got there. For 99 years of his life, Abraham didn’t trust God completely, and he did things on his own. At least twice he felt his life was in danger, and he lied to protect his skin and nearly forced his wife into adultery in so doing. We can look back and say, “Abraham! God said he’d make you a great nation! You’re sitting there childless, and Sarah’s not pregnant yet either. Are you a great nation yet? No way! And God’s at least 9 months away from being able to deliver on that promise. You know what, Abraham? You’re invincible! Those guys could try to kill you and they absolutely would fail.” But we’ve got the advantage of hindsight.

At some point, Abraham must have looked back over his life and come to that conclusion himself. Because by the time he was about 110, he unconditionally did anything and everything God told him to do.

I’m convinced that Abraham became the superhero of faith by looking back over his life objectively and being observant enough to see God’s hand in everything, and being far enough along in years to be able to see a whole lot of God’s work, and see that God’s way was good, better than anything he could have possibly put together on his own.

So yeah, I feel bad about being 26 and attaching strings to my surrender. I’ve got a whole book of God’s made-and-kept promises, and I have read the whole thing, cover to cover. But nothing’s more convincing than your own experience, and at 26 I’ve still got some of that to gain. He’s further along than I am in the experience department and in the miracles department–he’s got two kids that no doctor can explain. The second is less than a year old, but if he’s like a cat and has nine lives, he’s already used up two or three.

Hopefully neither of us needs a whole lot more convincing. I think we’ll both get there before we turn 110, but I’m not surprised that neither of us is there yet.

Mail server successful!

Dave Farquhar General , , , , , ,

A lightweight Windows web browser. Windows!? What’s that? Yes, I still use it at work, even though my Windows time at home is dwindling. A couple of weeks ago I told you about Dillo, a superfast, minimalist Web browser for Linux that’s in development. It’s still considered alpha-quality; I’ve had absolutely no trouble with it but some readers report it crashes on them occasionally. I’ve had enough success with it that I want it at work.
Well, I didn’t get my wish exactly, but yesterday at work after following a link to a link to a link while looking for something else (you know how that goes–you never find what you’re looking for when you’re looking for it, on the Web or in real life) I found Off By One a free standards-compliant HTML 3.2 browser. Its executable is a full 1.1 megs in size. There are sites it won’t render quite right, because it lacks Java and JavaScript and it’s an HTML 4.0 and CSS world out there these days, but it’s the fastest browser I’ve ever seen on Win32. If I had to live with Windows 9x on a 486 or a slow Pentium, this is the browser I’d want.

A nice-looking Weblog package. I found a blogger on Freshmeat called Supasite. It doesn’t look like it does a nice calendar by default like Greymatter, but it does categories, natively. And it looks like nothing would stop me from changing the system date and putting in entries from way back when, so I could start moving content in from this site’s previous incarnations (including some stuff that hasn’t been online for most of this year). Greymatter breaks when you try to do that.

The downside? Setup is much more difficult, since it relies on PHP and MySQL, in addition to Apache and Perl.

Local mail server revisited. I figured out what I was doing wrong. To get exim, procmail, fetchmail, and courier-imap all working together, I had to do a couple more steps. First, I had to create a maildir for my non-priveliged account with the maildirmake command. Next, I created a .forward file:
# Exim filter
save $home/Maildir/new/

Next, I created a .procmailrc file:
MAILDIR=$HOME/Maildir
DEFAULT=$MAILDIR/new/
LOGFILE=$MAILDIR/Maillog

Then I ran fetchmail manually. It pulled down three messages from my SWBell account. I connected to the experimental server with Sylpheed and… I had mail! Suh-weeet!

Now if I can just get one of those canned spam filters running, I’ll be a very happy camper…

Head for the forums…

Dave Farquhar General

I’m not posting for Thursday. If you want to talk about what’s happened the last couple of days, you can go here. I’ve set up a thread in my forums for just those purposes. I figure since that’s what all the morning radio shows are doing, probably people want to talk about it here too. If you find any good links, feel free to share them. I know a bunch of us are news junkies, so we’ll probably appreciate a new fix.
Registration’s quick and easy (required only to keep spammers out). You don’t have to put in a valid e-mail address–just type something–and you can use pseudonyms, or just your first name, if you want.

Getting back into business…

Dave Farquhar Linux ,

My mail’s working again. My mail server problems seem to be mostly solved. It was indeed a hardware problem–with my Linksys router. My mail server couldn’t talk to the outside world, and my Windows boxes couldn’t talk to (couldn’t even ping) the mail server. But my Web server could. But since my Web server is a Web server, it doesn’t have a mail client on it. Oh well. So I pulled the plug on the Linksys router, called it a few names, then plugged it back in. Soon I had a flood of mail, telling me all about how I can make $5K a month online, get high legally, drive my Web counter ballistic, get out of debt… And a really weird one: I love you and I don’t want you to die! I had to check that one. Weight-loss spam. Hmm. I guess that spammer doesn’t know that if I lost 40 pounds, I probably would die…
You know, I wonder if maybe I liked my mail server better when it didn’t work. Nah. There was some legit stuff buried in it, and I’m slowly replying to it all.

The funeral was yesterday. Since I wasn’t quite the only one who had trouble figuring out when to sit and when to stand, I take it I wasn’t the only Protestant there. It was a very nice service.

And there’s this, courtesy of Dan He sent me the first installment in a series about using Linux as a thin client. Well, technically, I suppose the machines he’s describing are fat clients, since they do have some local storage. No importa. Dan asked if I’ve made this point before. I think I have. I know I started to make it in my second book, The Linux Book You’ll Never Read, but it was cancelled before I started on the research to tell how to implement it.

So here’s the story. You get yourself a big, honkin’ server. Go ahead and go all out. I’m talking dual CPUs, I’m talking 60K RPM Ultra1280 SCSI drives (OK, you can settle for 15K RPM Ultra320 SCSI, since that’s all they make), I’m talking a gig or two of RAM if you’ve got the slots–build a powerhouse.

Then you go round up the dinkiest, sorriest bunch of PCs you can find. Well, actually, since video performance is fairly important, the ideal system would be a P100 with 24 MB RAM, a fairly nice PCI video card, a smallish hard drive, and a network card. The most important component is the video card, far and away. The fat clients connect to your network and run applications off that honkin’ server. The apps run on the server and display on the fat client. Data is stored on the applications server.

Yes, you’ll want a good sysadmin to keep that honkin’ applications server happy. But desktop support virtually ceases to exist. When you have problems with your PC, someone comes, swaps out the unit, and you get back to work. You’re supposed to have one desktop support guy for every 25 end users (in reality most places have one for every 75). That’s 40,000 smackers plus benefits annually for an army of people whose job it is to make sure NT keeps running right. These people are expensive, hard to find, and if they’re any good, even harder to keep.

Move to fat clients, and you can probably replace desktop support with one desktop support guy (to play Dr. Frankenstein on the dead systems and support the remaining few who can’t get by with a fat client) and a kick-butt sysadmin.

I think I’m going to take a couple of days off again…

Dave Farquhar General , , ,

There’s an old Oasis lyric that I’ve hated for most of the past four years, mostly because of the memories it conjurs up, and now it really bugs me that it seems appropriate: “‘Cos I need more time just to make things right.”
The other fragments of the song that have survived my efforts to blot them out also seem fitting. “Don’t go away… Say that you’ll stay… Forever and a day…”

So, to ward off those perpetual rumors/fears/whatever that I’m hanging things up, I’ll just say this. I’ve “hung it up for good” before. The longest it ever lasted was 6 months, and that time was due to serious injury. Right around that time, someone insinuated that I should hang it up. We haven’t spoken since that time, and I’m better for it and I don’t give a rip about how he feels.

I fully expect this break to last through Saturday, then run out of gas sometime late Sunday afternoon.

I’ve overextended myself the past month or so. I’m tired. My Web server is running fabulously (it never hiccups, so long as Union Electric keeps the power flowing) but I haven’t come up with an effective way to upload content to it or add new features. I can live with that.

Meanwhile, my mail server’s a royal piece of… Nah. That doesn’t go far enough. My mail server is a Backstreet Boys Fan. It runs like a 16 MHz 386, and I can’t tell if it’s a configuration problem or if it’s just overwhelmed with spam. No matter. I’m overwhelmed with spam. On a good day I get 7. On a bad day I get 60+. I got 38 copies of the same spam message from some stupid online casino Tuesday. I absolutely have to get some spam filters in place, and some priority filters in place.

So the mail needs to be archived, a bare-essentials mail server built (Linux 2.4.8 kernel, sendmail, IMAP, fetchmail, procmail, and whatever else those five things force me to install so they can run, all built from the newest sources of course, using the most aggressive compiler settings known to man), then the archives restored, then spam filters put in place and run. Then I will have regained my ability to communicate and will be able to do something about my guilt over having week-old e-mail sitting around unanswered because it’s buried in worthless spam.

I need to tend to my servers. I need to rebuild a couple of workstations. I really ought to try to salvage the Baseball Mogul season that’s sitting on the corrupted hard drive in one of those workstations… (Though I hesitate to call anything that runs Microsoft Wintendo 2000 a “workstation…”)

Meanwhile, a couple of other projects need to get done, and I just realized today that I haven’t talked to Gatermann in more than a week and for all that group of friends knows, I’ve run off to the ends of the Earth only to find an Internet cafe, so I continued posting. I need to do something about that too.

I’ll be back. I have the same love/hate relationship with writing that most writers have. It’s like breathing after running a couple of miles on a brisk day in early March. I always hated breathing after that, because it hurt so badly. But no matter how much it hurt, I couldn’t stop.