1. Build a new server
2. Get a new laptop
3. Sort out a wireless router at home
4. Re-write tEngine (partly started)
5. Try a new Linux distro that isn't Debian based
I'll throw this one to Skeddy, Caolan, Guri and Narelle as it would be interesting to know.
Bookmarked: back to top]
" target="_blank">Blocking IP ranges using htaccess or IPTables ... about 1 year agoBookmarked:
Jan 6 21:18:34 myhostname postfix/cleanup[xxxxx]: xxxxxxxx: reject: header Subject: Swiss Branded Watches from somemailhost.net; from=<somespammer@spamdomain.net> to=<myemail@myhostname.tld> proto=ESMTP helo=<somemailhost.net>: Noted as SPAM - Rule #1
You can clearly see the comment from the rule and the reason it was rejected.
IGNORE will cause that particular header that matches to be removed from the email itself, and will continue to process the email as normal. This can be useful in some situations but not really SPAM. Can be used as part of a re-mailer but that's another article altogether.
WARN can be used and is useful when testing new SPAM rules. An entry will be made in your mail log with a warning on the header, as well as any text that you place after the word "WARN" like with the first rule REJECT. I'd advise using this until you're sure your rule is working in the expected way, especially with more complicated rules that could easily have errors.
HOLD will hold the email in the mail queue, you can choose to relese it or simple delete from the queue.
DISCARD will cause the sending server to assume that the email was sent correctly, however Postfix will delete the email from the queue and the sending server will never know. Very tidy.
FILTER Specifies another instance of Postfix, a filter, or server to which the email should be sent. If you used dspam then you might add a rule like so:
/./ FILTER dspam:dspam
This would let dspam then process the email.
Here are a few example rules for header checking and a brief explanation of why I have used them.
/^Date: .* 200[0-8]/ REJECT Noted as Date SPAM (already passed) - Rule #
/^Date: .* 19[0-9][0-9]/ REJECT Noted as Date SPAM (already passed) - Rule #
These two examples will reject emails that appear to have been sent in the past up until this year. As already mentioned spammers will often forge the date to ensure it sits at the top of your inbox (please see end of article for reminder about these rules [1]).
/^Subject: .*p[ _.*-]+e[ _.*-]+n[ _.*-]+i[ _.*-]+s/ REJECT Noted as SPAM (word hidden in chars) - Rule #
This example shows how some spammers use various characters in between alpha chars to try and beat rules and filters. As many will know Viagra sales pitches are probably the single biggest (no pun intended) content of SPAM. In the above example, the word "penis" can be hidden with various characters in between the letters, and the header check rule should still REJECT it. An example I'm sure 9/10 cats have had delivered enmasse :-)
As you can see, header check rules aren't just about the specific words in the subject line of an email. You can use Regular Expressions to get as finite as you like and can come up complex RegEx's to defeat a great deal of SPAM.
For this you'll once again need to create a new map file and tell Postfix where it is. So in the same dir as last time create a file called: mime_header_checks
touch /etc/postfix/maps/mime_header_checks
This will create an empty file, next you need to add the below line to your main.cf Postfix file:
mime_header_checks = regexp:/etc/postfix/maps/mime_header_checks
Then open your new map file in your favourite editor.
nano /etc/postfix/maps/mime_header_checks
Add this rule:
/name=[^>]*.(bat|com|exe|dll)/ REJECT Unwanted File Types - Rule #
This will REJECT all emails that have an attachment with the designated extensions .bat, .exe, .com .dll - This is especially good for various strains of virus/worms that automatically email themselves as any of the above. Or of course if you just simply have no need to files with these extensions. Please note that if you are an admin your users will probably not be happy if you block them all, only use the above rule if you are 100% of your end-users do not use Windows based OS. However, this rule can be used in a temp situation to block all emails containing nasties while a fix is found for some other issue on your network.
Obviously before any of the above is any use to Postfix you'll need to restart the service.
/etc/init.d/postfix restart
The article is written based on a Debian server. You may have a server configured with different paths or things running in CHRoot, please take that in to consideration when testing if you come up with errors or problems. [1]If you choose to use the past date rules please remember that next year you'll need to adjust the rule or you'll notice a significant drop not just in SPAM but email too. ;-)
I make no apologies for bad spelling, grammar or otherwise." target="_blank">Blocking SPAM using Postfix ... about 1 year ago
I guess this year has been quite a disappointment in terms of blogging for me. I'll be back next year with renewed vigour and quite possibly a brand new website.
Have a great Yule and a good New Year.
I found this today, I'll be honest, I had a hard time not bubbling at my desk. I think it was mostly the shock of opening it to find it was a close up.
You're sorely missed Lady and not just by me, your daughter hasn't really been the same no matter how much love I give her :,-(
I'm not an advocate of war but I do believe people should remember those from the two world wars, especially World War One.
With Skeddy's comment a few weeks ago and with me not taking on freelance at the moment I've decided to continue work on the blogging engine that runs this website. I've been designing a "plugin" engine that I'm going to replace Tengine with.
It will then be much easier for me to extend the core engine (which really is just database connectivity) with anything I want. I've been trying different designs for a plugin engine but I think I've settled on the XML features of PHP (so it's strict) and XML's general extensibility. So a basic SAX Parser will process all plugins, do the needed and constructor classes are called, which in turn will provide all the output back to a library that will then fire this through a template plugin (XLST) at the end. Pretty basic but easy to maintain and administrate on the server.
Easy to port tengine to this as well, as all functionality is already split in to classes :-)
Might even refresh the look while I'm tinkering.
Oh and while I'm here you might as well know that shortly that this site will begin to provide SSL connections as well as standard port 80 ones. The CERT will of course be self signed by me but I don't want your bank details. So if you like encrypted connections you'll be able to have them.
Listened to: Rebuild XTengine ... about 1 year ago
After suffering another stroke a week ago and even with all the love and care I've given her since last week, sadly at 17:50 today I had to have her put to sleep. I'm sure every pet owner thinks the same but I can say without a shadow of a doubt she was a dog everyone loved and will miss deeply, a real character with tenacity in buckets; at 20 years of age she'd lived probably one of the best dogs life I've ever known of.
I will miss her deeply every day. Rest in peace Baby Lady.
One of the things that being 100% on Linux and having a Windows based mobile phone has brought me up against is the need to sync my calendar, tasks and contacts at home (mostly to ensure I don't loose them). I had an iPAQ and a Nokia a year or so ago and I could separate work from personal simply by keeping work on the iPAQ and personal on the Nokia. However last year I decided to merge devices and ditch the iPAQ and get the HTC Kaiser. This would provide everything I needed and be compatible with works mobile email server which included push email. Everything is working as expected and I'm impressed with the push service, well it's a fake ping-to-pull rather than a true push, but it works for me! The problem I have is that I want to be able to back up my contacts, calendar & tasks using Linux at home. The reason is that I have a huge mix of work and personal contacts but the personal ones do not get synced with work (stored on SIM). Dangerous... and the reason I say that is that I don't trust Microsoft based software, all too often it fails just when you really don't need it too.
So I've looked in to the vcs/vcf/ics formats and looking around for software to do this only provides Evolution that can, in one package, do all I want but it can only publish in iCal format on to a server and this is not compatible with my device *sigh* (even though it should be considering iCal is a more grown up version of the vCalendar format (.vcs). Sunbird doesn't work out the box on Debian for some reason (which I'll guess is lib based or it requires QT version to be higher than I have – frankly I don't like anything Mozilla offer other than Firefox. I'm not prepared to upgrade a perfectly stable version of Debian just to have another ram killing application from Mozilla.
What to do... what to do... write my fecking own...
Once again I am left with the task of writing my own. I want an online service that I can upload/email contacts, tasks, calendar events and have it automatically added to my account, I want to be able to log in and see all my current tasks, latest contacts and so on. I want to be able to email vcf cards to other folks as well. All of which I want to be able to export back and sync with my mobile... never had this problem with my Palm... grumble grumble...
I've always loved street art, even better when it has a real message.
I'm toying with the idea of developing a micro blogging application at work. For those that don't know I work at a University. Anyway, at present we offer no social networking services and my thoughts are... well, we ought to. Our logs show an amazing amount of traffic to social networking sites, obviously we can never replace that and nor would I want us to even try. However I think internally there is large slice of the student community (inc. staff I guess) that would like something maybe a little more "us" related.
So we'll see... Anyone know of any cheap SMS gateways? :-)
I can see by the way you've been acting of late that you need to be repatriated to the motherland. In fact I think that's a fine fine idea...*
Pesky French should never had gotten involved ;-)
*Just kidding
I've been looking at the Twitter API in depth and I think it might actually make a good service to make a bot on. Using a combination of posts, RSS and text messages to control what the bot does and information it sends back, via it's responses like any other user does. So I might start writing one.
Ideas?
Yes, I suppose you could say I am back again. After having a Twitter conversation with Neil the other night I swapped back to the old system and template (I'd found a copy of it on USB). I really hated the look, it felt so old (looking at the datestamps in the source, it was!) - So I quickly slapped this together and I quite like it. One of the main points of going to this type of design is mobile devices. I don't know about you but I find most sites are still appalling when it comes to viewing them on a mobile device. My aim is to ensure it's not with this design.
Also I have decided to change some of the way in which you navigate and how much information, blog wise, you see when you arrive. It will soon have a "prev / next entry" link so you can flick to the next entry. The reason for this is after examining my logs its plain to see that the majority of people are accessing this site via feeds. With this is in mind only the latest entry is shown and I will be adding a lot more of them. For example, a feed for each post with comments; so you can subscribe to that single entry. Obviously I will keep the last five posts one working and all feeds will be available in all four of the flavours they currently are.
The articles section will have useful things posted in it, when I get around to moving some the entries to it.
So yeah, carry on.
See the title... :-)
My birthday was yesterday so I think today is a fitting time to complete the circle and end this blog. Bye for now.
I don't think I'm ever going to think life was just 7 years ago today. So many things you didn't get to see or do. If you could only see us now Dad, we're all storming life as much as we can. Taking no prisoners.
We're going to back to India where we spread your ashes next year, I've put it off for too long now, but I think I need to do it.
I'll always miss you Dad, we all do. x
"The world is so empty if one thinks only of mountains rivers and cities; but to know someone who thinks and feels with us, and who, though distant, is close to us in spirit, this makes the earth an inhabited garden."
AB 03/02/53 - 22/08/00
"You have a website full of information, and you want to make it easier for people to reuse it - but what format should you publish it in?
You've looked at various XML schemas and microformats, but none of them really describes all the information that you want to publish. Should you invent a new format? It's tempting, but if you could use an existing standard, your data would be immediately interoperable with other data published in the same way; people could reuse the tools, parsers and stylesheets built around that standard. But unfortunately, nothing seems to really fit your needs.
This is where RDF comes in."
Read the rest of RDF For The Rest Of Us over at Digtal Web Magazine.
"The past few years have seen a huge increase in the number of search engine optimisers preaching about the vital importance of W3C Compliance as part of any effective web promotion effort. But is compliant code really the 'Magic SEO Potion' so many promoters make it out to be?"
Read the rest of: The Myth of W3C Compliance? article.
Having read the article I do have to say I know plenty of companies that have literally frightened money out of people using SEO and compliance in the same sentence (that's not limited to SEO, plenty of other people have used it to publically speak and as career moves..*cough* - then abandoned them for cash, fame and ego. You need only view some (read ONE) of the links further down the page on the right). However, I think Web Standards are important and should remain so, and they should be pushed; and perhaps using SEO as the leverage to do so isn't a 100% bad thing. I do believe in accessibility (which should come higher in the chain than SEO) and that doesn't ALWAYS mean strict Web Standards, it means much more; like good UI design, good navigation, well thought out and structured text - web standards provide the optimal platform for that.
I totally disagree with this article.
What do you? The cow is sacred to the Hindu faith, it also has bovine TB. Having been to India and seen how they treat cows (they stop in the road and WAIT FOR THEM, no beeping, no reving) I know this must be horrible for them. I know it's only a matter of time before they get a warrant to enter the property, but good on em' for showing a decent amount of resistance!
"Early on Thursday a picket blocked the road outside the site at Llanpumsaint, and inspectors arriving to take away the animal were also facing a locked gate and locked temple door."
Read the rest of the article at the BBC
They lied to us
This was supposed to be the future
Where is my jetpack
Where is my robotic companion
Where is my dinner in pill form
Where is my hydrogen fueled automobile
Where is my nuclear-powered levitating house
Where is my cure for my disease
Everything is not under control!
Listened to: Solar Temple - Intermix ... about 2 years ago
Listened to: Elevator (13th Floor Mix) - Uvx ... about 2 years ago
Listened to: Moondragon (Early Phase) - Spice Barons ... about 2 years ago
Listened to: Ho Doi [Edit] - Yulara ... about 2 years ago
Listened to: Nu Dawn - Syt ... about 2 years ago
Listened to: Data Stream - Selway ... about 2 years ago
Listened to: Shark Infested - Real Life ... about 2 years ago
Listened to: Introductory Nomenclature - Telefon Tel Aviv ... about 2 years ago
Listened to: Watchlar - Cocteau Twins ... about 2 years ago
Listened to: Trip 8 - Pete Namlook ... about 2 years ago
Listened to: Dark Emotion (Ruxpin Remix) - Gate Zero ... about 2 years ago
Listened to: Pixels - Instinct Records ... about 2 years ago
Listened to: Once Along The Way [Goodbye Mr. Grimmenstein] - Lemongrass ... about 2 years ago
Listened to: The Shortest Romance - AGK ... about 2 years ago
Listened to: Monday - Ulrich Schnauss ... about 2 years ago
Listened to: The Shortest Romance - AGK ... about 2 years ago
Listened to: One - Johnny Cash ... about 2 years ago
Listened to: Monday - Ulrich Schnauss ... about 2 years ago
Listened to: Spiritual Move - Cell ... about 2 years ago
Listened to: Billy The Kid Strikes Back - Ott ... about 2 years ago
Listened to: Big Healing (featuring Sophie Moleta) - Sophie & Ives ... about 2 years ago
Listened to: Hot Wind - Colin Mansfield ... about 2 years ago
Listened to: Iform - Spacetime Continuum ... about 2 years ago
Almost forgot I had a blog then. I've been so busy settling in to my new job that life is just flying at the moment. Training, new office, new job title, new systems and no time for anything other than working and sleeping!
I'm seriously thinking of canning this blog. For good!
Listened to: Sundial - Essa 3 ... about 2 years ago
Listened to: Hol Baumann - Another ... about 2 years ago
12th planet 16Bit 16bit 64-bit 80s 1984 2007 6280 Accessibility accessibility adult advert afgan ajax Alexis K A Made Up Sound ambient angry annoyed apache apple apps arch arcticmonkeys argh art article articles artlab attack awesome b3ta backgrounds banning bash bass battery bbc beagleboard beast bed bees big-brother bigbrother bind biowar black sun empire blog blogging blogs blogsphere blues bnp bob dylan Boer boneyard bookmarklets booze bot-net botnet bots boycott brain brain fart brightkite browsers bt buddist bugs builder bulger bunnies burial bush bye campaigners censor censorship checkin chelsea tractor Chernobyl chilcot childhood china closure cloud cloud player club cms coding coffee cold collie buddz colony collapse disorder community conspiracy cool copyright corrupt Cosmin TRG cpu cracker craving css cunts custom cyberwar d&b D1 dad dark arts darkstep datsik day DDoS death debian Deep Teknologi deftones design designer Desto development diamonds diy dog dogpile dogs domain Don Ross dragon dreams drm drones drugs.punk drum dub dubstep Ebaumsworld economy electronic electronica electron microscope email emo en encryption end enquiry epic Eprom essex everything excellent exploit extradition F fail FaltyDL family Fantastic Mr Fox fastest gun fbpanel Feeling Good filters Firefox firefox fixes flash flies flu fluxbox fnm fog formats forums free freedom freelance friday frugal fsf fuck you funny furQ G1 gaza gdm geek generator george.carlin germs glitch gnome goa trance google Google google earth GoogleOS gravatar greasemonkey greek greenpeace grunge hacked hacker hackers hah hain handset hangover hawkwind headers Helm help hindu history Holocaust horse the band hospital hosting hotlinkers house htaccess humour hype iceweasel idiot idiots ie ie6 ie7 ill images independence indie industry insane insurrection intranet ip ipaq iphone iptables iraq iraq war ireland israel japan javascript job Joy Orbison jquery justice kanotix kernel keywords KG800 king crimson Kingdom knoppix Kuedo labour lada lady lady would have been older lasers layar layout legal levi-strauss lfs LG LGChocolate LHC libnofity-bin lies lifestream linux Linux lions list live location Lohan london lyrics m4w mac macs malware man in the middle marketing Mark Instinct Mark Pritchard Martyn massive masters of war media meme micro Microsoft microsoft minimal mj12 moblog mod_rewrite Mosca moscow mossad mothership motorola mozilla mum music myspace mysql napm neil net neutrality network new year new_year Nina Simone nirvana NiT GriT nokia nokia6280 none northwest note nothing nuclear Numan office move oldest omg oops open web oracle oss outkast p2p palestine palm pants paperless office parties patches pathetic pearl jam perl phishing photos php php-gtk pics picture piercings pigs pioneer pirate plane planes plasticpeople pmwiki popstep postfix power hour preemptive preston privacy project promotion protest protests python qr qr codes question time quitting quote r100 ranges rant ravens Razr rdf record record grooves redhat regex remembrance renegade resistence resources review right rising risingdragon rising dragon hosting rob dougan robots rock rocket war ror router Royal-T rss ruby Rude Kid rules russia sad santa sarge save scam scrabble screenshot script script kiddie Sduk sea shepherd security send-nofity SEO server seven deadly sins shambo shit showcase shutdown site skillz slashdot slaughter sleep Slugabed smart meters smoking sms snow snow leopard Somme so what space spam spammers SPDY speakers spydrone ssh ssl Starkey statement steampunk stream strike students stuff stupid suck sucks sun sunday surname sync T-Mobile tablet tasks tattoo techno technorati tek tengine Terror Danjah terrorism testing the cure theme The Month in Dubstep the prodigy thinking thoughts tikiwiki tim berners-lee time tls topsecret torture toshiba touchbook town planners trade union training transparency tribe tunes twins twitter UAV ubuntu unix unpopulartruth uptime URI US usa USSR v3 V3 van vanishing varroa veneables vets viagra video voodoo voyager220v vulnerability waiting man wales war War WC3 weapons web web-app web-tribe web.slashes web 2.0 web2.0 webapps webmaster Web Standards wedding weed ween weird we kill sluts whales whaling whiskey wifi win3.11 win7 windows wokingham woo woody wordpress work wow WP wp wtf WWI xfce xfce.debian xhtml XI xmas xml xp your Ypres ytmnd.com yule zero-day
