Log in

No account? Create an account
shell, coming out of - Ambar — LiveJournal
October 14th, 2004
06:39 pm


Previous Entry Share Next Entry
shell, coming out of
Suddenly today it became imperative for me to configure postfix with SASL / TLS support on bulova.clock.org. If I can get authenticated SMTP working on it, I can use it to relay from the laptop, and then maybe I'll configure SPF, because I am damnably tired of logging in to 150+ bounce messages of spam sent by spammers with my very own email address in the From: line. :-P

As Stats test took all of 20 minutes, I decided to head to Palo Alto today for some geeking preliminary to meeting at Dana St. (Since it's now past 6:30pm, I guess it wasn't all that preliminary. Inertia still a force to be reckoned with. Sorry, space_parasite, marith, diony and anyone else I disappointed.)

Retail therapy at Congdon and Crome; replaced my lost and much-mourned Sensa pen. Got a Clairefontaine notebook as well (recommended by elfs). Have looked at the Moleskine notebooks being touted on every other blog on the Internet; am seriously not impressed. If I wanted a tiny notebook, it would be one that was easy to pull pages out of to give to other people. The Hipster PDA makes more sense. If I were to go all yuppie on the concept, I'd use some of Levenger's notecards.

Sill not studying biochem. Not smart, as there's a quiz tomorrow. 8am, bright and shiny. Therefore must not inhale any bad fantasy novels tonight.

Boring food entry:

Breakfast: 3 eggs, 2 pieces bacon.

Lunch: a couple of bites of pot roast, interrupted because a meat bee got into the car and I decided to cover my food and leave. Then I hit Taxi's, virtuously ordering a cobb salad, but forgetting to tell them to hold the garlic toast and croutons. Garlic toast arrived and was MUCH too tempting. *sigh*

Dinner: probably the pot roast from lunch. Haven't dined yet.
Ate a chocolate tart (raspberries, white chocolate shavings, v. decadent) at Coupa Cafe, though. Apparently the law of cause and effect doesn't apply to me when I don't want it to. :-P Also two iced coffees (black) and then a hot coffee with half & half. A fourth coffee (black) has gotten me to the point of No More Caffeine Needed, Thanks. Had an Arepa with meat and cheese in it, very tasty but by no means Atkins-safe (an arepa is apparently a Venezuelan vehicle for cornmeal.)

Current Mood: geekygeeky
Current Music: something bright and busy at Coupa Cafe

(10 comments | Leave a comment)

[User Picture]
Date:October 14th, 2004 06:52 pm (UTC)
Don't worry, I was the only one. Marith and diony were both busy.
Date:October 14th, 2004 08:01 pm (UTC)
*siccing the big black dognose on you* Shame on you for not studying biochem! Yesh... the big black dognose and big soft pointy GSD ears will come for you! BWAHAHAHAHA!

Erm... I need to lay off the coffee... *toodling back to email*
[User Picture]
Date:October 14th, 2004 09:51 pm (UTC)
Imagine how well I could study with 80# of dog in my lap! Yesh!
[User Picture]
Date:October 14th, 2004 08:07 pm (UTC)

Bad Egg, no Ambar

So sorry I didn't respond to your voice mail the other day (last week?) On weekdays the schedule is such that I don't get out until the grading is done and the grading is never done. Just thought I'd let you know, I still love you, I'm just spending all my spoons too quickly.
[User Picture]
Date:October 14th, 2004 10:09 pm (UTC)
Sensa pen! Yay! THis is what saved my hand from cramps on various bar exams.

The only thing is that I hate the refills. These seem to go gross and skippy rather quickly.
[User Picture]
Date:October 14th, 2004 10:21 pm (UTC)
I haven't got sasl working with my postfix yet. I was lazy and took the easy way out - I ssh from my laptop to the server and redirect 10025 and 10143 to the server and set my mail program to talk to localhost.

SPF is cool (and I'm certainly not knocking it - I'm a moderator of spfdiscuss) but probably provides little relief right now. But there is something related called SRS/SES which definitely helps bounce spam. Basically you would stop using your "real" email as a return address and start using signed, temporary return addresses. Then configure your server to let these through while verifying the "signature" and block anything from <> to your traditional address. I can provide info on SES if wanted...
[User Picture]
Date:October 15th, 2004 04:58 pm (UTC)
Websearching on SRS isn't providing any "lazy sysadmin how-tos", so if you have some lying around, I'll bite.
[User Picture]
Date:October 17th, 2004 02:55 pm (UTC)
I don't use SRS myself and I don't have a big problem of bogus bounces coming in. I get the impression that it works fine once it is set up, but getting it set up and working is not trivial. (By that I mean, you should have no problem with it but an entry-level sysadmin might not be able to do it unaided)

Here is a pointer to SRS2 which is the current favorite implementation.
Download: http://www.libsrs2.org/download.html
Documentation: http://www.libsrs2.org/docs/mta-users.html (though see also the README for the postfix patch)

I am not sure if the postfix config described there uses SRS for *all* outgoing mail, or only when it thinks it is "forwarding" (which is what SRS was originally designed for).

I will probably break down and put this on my postfix system eventually. If you get the urge to play with it before I do, I can find a few people who have actually done it and make them answer questions :)
[User Picture]
Date:October 15th, 2004 08:13 pm (UTC)
On second thought, clues on your redirection setup would be more useful.
[User Picture]
Date:October 17th, 2004 02:12 pm (UTC)
Basically I train my email client to use localhost:10025 and localhost:10143 for work mail, and 11025/11143 for personal mail, and I have an SSH session open from laptop to home and (if needed) laptop to work.

I use SecureCRT on my laptop. In "Advanced SSH Options" there is a tab for Port Forwarding. Local port: 11025; Remote hostname: localhost; Remote port: 25. Local port: 11143; Remote hostname: localhost; Remote port: 143. (This is IMAP, something other for pop3, see /etc/services.

I save this session under its own name so that I don't open up more than one of them. (That is, "neko-base" saved session opens a normal ssh window and "proxy neko-base" opens an ssh with the port forwarding). It's a normal ssh session in addition to the port forwarding, and you don't have to type any commands in the ssh window once it is connected. Just make sure you don't get logged out of csh due to idling. You could also have the "login script" set to send "exec sleep 86400" or some other bogus command.

Good luck. Comment/email/chat if you like :)
Ambar's (Wholly Out-Of-Date and In Fact Historical, If Not Downright Archaelogical) Homepage Powered by LiveJournal.com