Time to start using the site…

Now that I’ve got a working mobile posting system, and have started seriously on the pastimes, I may be able (and willing) to add posts a bit more often! If the wind is willing to play fair, I should be able to get some photos, videos and GPS logs from the kite buggy soon. I also plan on storing the SCUBA dive records here (once I can find a suitable format).
I really should add that using the HTC Desire is a fair bit easier than the N96 was (although I can’t as yet get the BT keyboard working).

Just a quick update

Just making a quick update to test 2 new toys:

1) WordMobi on the N96 – so far it seems to work well, although I need to verify the image scaling abilities.
2) A nice little Bluetooth keyboard (from Tesco of all places!) It’s a PS3 keypad, but once I installed the Nokia keyboard app, it worked great. The slightly odd layout for the non-alphanumeric characters takes some getting used to, but it’s definitely better than the phone keypad!ови услугивик

Server move

If you can see this post, the new server is now running properly! :)

The new server is running Lenny, and is actually running on identical hardware (but with more RAM). The move to Lenny was a clean install, and resulted in some minor pain:

While migrating user mail there were some changes in UID/GID – easily fixed with ‘chown’ – although I initially didn’t change the group ownership, meaning that the IMAP server wasn’t happy. A quick ‘chgrp’ fixed that one, but I really should have used ‘chown user.group’

The previous server ran djbdns, mainly for the claimed ease of updating compared to BIND v8 (which I have used in a “production” system), so my first instinct was to do the same. This was not a good move – the official Lenny package meant that I couldn’t just transfer the files, and my attempt at migration was not successful. Quickest fix was to go to BIND v9 – which I actually prefer in some ways (the assumption that djbdns was easier to admin was wrong TBH).

CCTV @ Sainsbury’s filling station

I just want to commit to pixels exactly how disgusted I am at the state of so-called security at the local Sainsbury’s filling station. On the 7th of March 2007 at 21:00 I went to the filling station at the Kirkcaldy Sainsbury’s store, to buy some milk. This is now likely to be the most expensive bottle of milk I have ever come across. As I left the position in which I had parked (perfectly legally, I must add, following the blatant insinuation from the staff), I had to drive across the front of the shop/kiosk building. As I did so, the customer who had filled his car at pump number 5 started moving towards me. I assumed that he was going to stop, as his only route out from that position was through my car. As it turned out, that is exactly where he went, leaving me with a damaged rear wheel, rear door and driver’s door. For reasons best known only to him, he decided that stopping just long enough for me to open my door, then flooring it, was a suitable way of dealing with the situation.

I spoke to as many people on the forecourt as I could, but no-one had managed to get his number plate, but I was assured by staff that his details, and possibly the incident, would definitely have been captured on the CCTV system, the tapes of which would be available for the police the next day. Thus reassured, I went home, and contacted the police, who were not able to make it out to take a statement at the time, but were able to take one the next day. Whilst I drove into work on the Thursday, SWMBO contacted the store to ensure that the tapes were secured, and ready for collection by the police. After speaking to the store manager, she was eventually informed that the CCTV system was not actually switched on at the time of the incident.

That’s right, the highly visible, and well publicised security system installed at the Sainsbury’s filling station is not switched on! Some that I have spoken to have voiced the opinion that it may simply be a case of Sainsbury’s policy being to not get involved. If that is the case, they are in for a rude awakening, as the incident has been declared a crime by the police, which means that refusing to hand over any tapes will be a very serious criminal offence. Of course, if the system is not actually used, then the business insurance that is in place for the premises may be null and void. Nice move Sainsbury’s!

Just as an update for this going out of “private”, the police have now had to close the case, and I end up losing out.

Testing some new stuff

Just discovered a couple of useful things, that I’m trying out right now. First off is the Performancing for Firefox (PFF) extension. This seems to be a rather nice addition, and if it works well enough, I may just add it to my Portable Firefox kit. At the same time, I’m trying to persuade my Bluetooth headset to handle Skype properly. Going through 3 drivers (with the ubiquitous XP reboots), I seem to have found one that works. :-) Only trouble now is battery life on the headset itself. So far I’ve managed about 12 minutes per charge, which isn’t exactly earth-shattering. Looks like I’ll have to bite the bullet, and get one of those wonderful stereo headsets!

SPF Finally implemented

Finally got round to implementing SPF (Sender Policy Framework for the uninitiated) on the mail server. This should hopefully cut down on the recent bursts of “backscatter” from spam. I am also planning on adding SPF records for the main Demon account, as that was badly hit with backscatter from MyDoom.A way back, and may well suffer again!

For information on SPF, check out this site.

Adding SPF checks to SpamAssassin was absolutely trivial – install the Mail::SPF::Query perl module! In the case of this server it was just a quick apt-get away (gotta love Debian).

Just as a quick note: I have seen many sites claiming that SPF doesn’t work as it should to prevent spam. In response to those claims, I would suggest that people actually check what it does claim. It merely helps prevent “spoofing”, nothing else, and if used correctly, does work (in my case, spoofed messages have a raised SA score, and are more likely to go into the spam-bucket). End result is no lost mail, and as I know which hosts send mail for the domain, less backscatter (if others use SPF sanely!)

Exim alias lookups

After much pulling of hair, gnashing of teeth, searching on Google, etc…
I have finally got the /etc/aliases file under control :)
As some background, all mail historically went to the one mailbox, and was separated out by the client, and all was good with the world. Then I set up a proper mail server, with more than one mailbox, and everything got silly. Due to the huge range of local usernames we have used (mainly to track who is selling the data), the aliases file was getting beyond what I think of as reasonable.
It finally hit me that we were separating the mail using regexp, and the first 2 or 3 characters was enough to identify the intended destination. Armed with this (bloody obvious) insight, I started looking at getting exim to parse regexps in /etc/aliases. First port of call was to switch from lsearch to wildlsearch, which was great, until I noticed everything was falling through to the catchall mailbox! Rolled the changes back (that’s what notes are for, after all), and left it on a back-burner for a while.
Suddenly (at about 23:00!) I recalled seeing something about “real_local” (yes, I can be somewhat dense at times). Five minutes later, I have it working exactly as planned :)
Of course, that five minutes should have happened in the first place, but at least I got there!

For the record, the settings are:
/etc/exim4/conf.d/router/400_exim4-config_system_aliases:
data = ${lookup{$local_part}lsearch{/etc/aliases}}
becomes
data = ${lookup{$local_part}wildlsearch{/etc/aliases}}

/etc/aliases:
^user.*: real-user

New server

Finally got round to setting up the new server for my home network (also hosting this site) after far too many hand-crafted changes to the original E-Smith SME Server that was in use.

Settled on a proper distro this time (Debian), and planned it carefully to allow smooth migration from one server to the other. For the record, the list of installed debs is available here.

There’s probably a lot of stuff that could be removed, but it’ll do for now.