Syndicate content

list

Why are hotmail.com emails blocked by postgrey even though it is whitelisted?

Lately, I received emails from a customer something like 12 hours later...

So I checked closer and could see that the email was from hotmail.com.

Great.

On the server, I edited my whitelist to see what was going on:

vim /etc/postgrey/whitelist_clients.local

Searching the list I could see hotmail.com, so why is it that it gets bounced with a 450 by Postgrey if it is whitelisted?

Looking closer at the logs left behind by Postgrey, I found this line:

Apr 23 06:33:34 m2osw postgrey[1742]: action=greylist,
      reason=new,
      client_name=<secret>.outlook.com,
      ...

Turning sites and modules on and off in Apache2

I always have to looks for the command line option to turn sites and modules on and off (really it is said to be enabled or disabled.)

The commands are as follow:

  • a2ensite -- enable one site
  • a2dissite -- disable one site
  • a2enmod -- enable one module
  • a2dismod -- disable one module

When you use one of the commands in the command line terminal without specifying which site or module to enable, then you are given a list of the sites or modules you can enable or disable. Note that the configuration files have to end with .conf for this mechanism to work as expected.

Installing Solaris to compile your software

Now a day I like to install Solaris to check that my code compiles and generally runs under that OS.

I think that's a good way to prove that the code is multi-OS ready even if it is only for Unices.

OpenSolaris is free and can be downloaded from Oracle. The last URL I use was:

http://www.oracle.com/technetwork/server-storage/solaris11/downloads/index.html

The system, by default, comes with a directory named /usr/sfw which includes a really old version of gcc. It is possible, though, to move forward with a newer version of the compiler by installing a package. Under Solaris 11.2, this ...

How to only upgrade packages with a security requirement in Ubuntu/Debian?

Today I wanted to upgrade some packages that had security issues. Ubuntu (like Debian) provides the apt-get tool that allows you to do upgrades the easy way:

sudo apt-get upgrade

However, that upgrades all the packages present. In some cases, you may want to skip on some packages because you know they are not ready (i.e. your own packages).

In order to only upgrade security issues, you want to get a list of packages that are to be upgraded for security issues:

apt-get -s dist-upgrade | grep "^Inst" | grep -i securi

That apt-get command line lists all the packages ready for ...

CRON Drupal says "HTTP/1.0 302 Found" about "/cgi-bin/ipdiags.ha" (AT&T U-Verse)

I run a few Drupal website and once per hour I run the cron.php script. I do it only once per hour because nothing changes so often on my websites so it would require faster refreshes.

Once in a while (relatively rarely now) I get a list of errors from CRON saying that the checks failed. The errors look something like this:

HTTP/1.0 302 Found
Location: /cgi-bin/ipdiags.ha
Pragma: no-cache
Content-Type: text/html

<html><meta http-equiv=Refresh content=0;url=/cgi-bin/ipdiags.ha>
<body></body></html>

As you can see, this is a 302 so a temporary error. ...

The for() in C, C++, Java, PHP, JavaScript...

As I am working on my as2js compiler, I stumble on a couple of problems with the for() loop parsing because of the in keyword. That made me think and the for() statement was actually a very funny one. Yes! You can actually write something like this and it compiles:

int zero;
for(3;2;1) zero;

As you can see, all 3 entries in the for() statement are valid expressions and therefore the compiler can compile that code. This creates a loop that runs forever, similar to:

for(;;) zero;

but much less clear to read, obviously.

Now that's food for thought, isn't it?

In JavaScript, you ...

List ciphers currently used by Apache2

If you are using Apache and e-Commerce, you probably want to know all the details of the ciphers used by the Apache SSL module.

So listing Apache supported ciphers is done using nmap as follow:

nmap --script ssl-cert,ssl-enum-ciphers -p 443 secure.m2osw.com

This call gives you a complete list of all the ciphers currently accepted by your running version of Apache. For example, the list may look like this:

| ssl-enum-ciphers:
|   SSLv3:
|     ciphers:
|       TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - strong
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA - strong
|       ...

Why would Redirect and RedirectMatch in Apache2 not work?

As we are working on a new website, we had a problem where a redirect would not work. I tried both: a simple Redirect and a RedirectMatch as follow:

Redirect / http://finball.m2osw.com/
RedirectMatch permanent ^(.*)$ http://finball.m2osw.com$1

Both of these entries would not work at all.

I verified, to make sure, that the alias module was turned on. It was.

ls -l /var/apache2/mods-enabled

This did list the alias.conf and alias.load entries as expected.

So? What else?

Well... This was installed on a new server and we left the default entry in there:

ls -l ...

SANE cannot find any scanners

As I upgrade to 13.10 of Ubuntu, I'm having to do work to get my system back to normal...

Today I stumble on the fact that USB ports are now not accessible by everyone by default. So when I tried to scan a document, it told me that I had no scanner. Panic... and then I found out that the permissions were changed, widely, so only users who are root (by default) can access the scanner.

I changed the group to a group I'm in and it worked without having to reboot or relog in. However, it is not unlikely that the group won't stick... TBD!

To find the USB port that has your scanner, ...

Asymmetric Routing—reply via the correct Ethernet connection

I've been looking around every now and then to try to understand how I could create a server that replies on the correct Ethernet port.

The idea is simple, we have very powerful servers that can handle many requests, more requests that one Ethernet port can handle. In other words, we could have 2, 3, 4, probably even 10 Ethernet connections (it really depends on your application, of course: how much RAM you need, how much processing is necessary for each access, etc.)

The solution is to use the ip command line which allows us to add default gateways for each ethernet card based on the ...

Syndicate content Syndicate content

Diverse Realty

Diverse Realty Team

Want a New Home?
Want to Sell Your House?

Call Alex at
+1 (916)
220 6482

Alexis Wilke, Realtor
Salesperson
Lic. # 02024063

Cory Marcus, Broker
Lic. # 01079165

     

Terms of Site Index

Find the page/content you are looking for with our index.

  • Apache
    Apache is the most well known Open Source Web Server.
  • SSL

    Secure Socket Layer, this is a protocol used to transmit secure data between two computers. Both computers will first agree on an encryption secret code, then all the data sent back and forth will be encoded using that code. In order to make it secure, you generate two set of numbers (called keys) one that is public and one that is private. The public key sole purpose is to encrypt the data. The private key sole purpose is to decrypt the data.

  • date
  • force
  • subversion