Retired virtual server

This actually a ret-con repost since I managed to mung my database again (hooray)... Anyhow, some time last month I finally did get everything moved off of Jessica (a VirtualBox VM) and onto Alia (actual hardware). It's all good.

Deleting Data and Wireless Bridge

This is my lesson to you: When cleaning up one's database, don't delete your data. As you may be able to infer, the last backup I have on-hand for this database is from July 2007... Stinks! I know there's a better backup around *somewhere*, probably the "off-site" backup, so hopefully I'll get more of my db back.

So, don't delete your data, and test your backups, or at least verify you've got a recent one handy before deleting the data.

In other news, I finally snagged a new wireless router for home. I already had one, so this one, I've used to create a wireless bridge the eliminating the need to have a ratty old 10m network cable running from my dinning room to my living room. And it was easy!
Just flashed on DD-WRT,

changed the router's IP address (to not conflict with the existing router),

"scanned" the available wireless networks and "joined" the existing network,

Set the WEP password for the wireless "security",

And changed to "client bridged" mode.

Presto Magico! A total pain in the ass that the firmware provided by Linksys with their routers is so shitty, but it really is pretty easy to replace it with DD-WRT (just do a "firmware upgrade"). You do, however, have to get a WRT54GL router for it to be that easy. Their other routers have very little memory and it is *slightly* harder to upgrade those to DD-WRT and even then you're stuck on the "Micro" version which has less functionality. The WRT54GL model router (instead of the plain G) is normally about 10$ more (60$ instead of 50$), but I got it on sale from NCIX for 55$, so there you go.

Fun!

Using Procmail to Notify Senders of a Change of Address

Here is a procmail recipe that auto-responds to email messages addressed to an email address that is going to be removed. It's totally simple, it just avoids looping and auto-responding to mail daemons. This can just go at the end of your .procmailrc file (in your home directory).

Basically, the lines starting with * are the conditions so it reads do not match FROM_DAEMON, FROM_MAILER or our X-Loop headers, and only take messages addressed To: (including CC:) . Then the line starting with | is the action which is to use formail to send a reply, insert our X-Loop header then use a file (or two in this case) for the message body.

The one thing to point out is that if you want to setup this reply for many email addresses at once just put a | between them. This is a "regex" pattern so you can do fancier matching criteria if you want.

# bounce messages addressed to archangel@uro.mine.nu
:0
* !^FROM_DAEMON
* !^FROM_MAILER
* !^X-Loop: email-dsn
* ^TO_(archangel@uro.mine.nu)
| (formail -rt -A"Precendence: junk (autoreply)"\
-A"X-Loop: email-dsn" ; \
cat $HOME/.procmail/change-of-address.txt $HOME/.signature) | $SENDMAIL -t


Processing Arguments in BASH

There are many ways to skin a cat, but in a bash script, this is probably the "most right" way to processes command line arguments:

#!/bin/bash

while getopts vf: opt ; do
        case "$opt" in
          v) echo "verbose set" ;;
          f) echo "f: $OPTARG" ;;
         \\?) echo "Error: unknown flag" >&2 ;;
        esac
done

shift `expr $OPTIND - 1`

Basically, you run "getopts" giving it a "parameter string" and a variable name. The parameter string is a list of letters you want to pull arguments from and each one that takes an argument itself is followed by a colon (:).

Loop through the arguments as above, and then use "shift" and the "OPTIND" to shift off all the arguments that were processed, leaving only the "regular" arguments, e.g. take out all the "-v" and such but leave the list of file names.

Props: SHELLdorado

Configuring Postfix to Relay to a Server with SMTP AUTH

If your system has a mail server installed and is not an actual mail server, it is preferable that your system relays through a host that is a regular mail server. In this example, we are configuring Postfix to relay to a host that requires SMTP and TLS.

Make these changes to your Postfix configuration, either by editing /etc/postfix/main.cf or using "postconf -e":
relayhost = [smtp.dl.nibble.bz]
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_use_tls = yes

The given password map file will need to be created and it is in the format of:
mailserver.example.com username:password

The name of the mail server must match your "relayhost" above, and the username and password are the credentials of some user with permission to relay mail. You can use your own credentials or create an account on the server to specifically allow mail relaying.

Once you have created the password map file, run:
postmap /etc/postfix/sasl_passwd

This should create a corresponding "sasl_passwd.db" file. Since both these files contain the above password in plaintext, you should protect them as much as possible:
chmod 600 /etc/postfix/sasl_passwd
chmod 640 /etc/postfix/sasl_passwd.db
chgrp mail /etc/postfix/sasl_passwd.db

Once you have edited your Postfix configuration and created the password map, just restart or reload postfix (just run "postfix reload") and you're done!

Optionally, you can enable SSMTP (on port 465) in addition to TLS on the standard SMTP port (25) which is useful for users who are connecting from sites which block outbound SMTP. It's trivial, un-comment these lines in master.conf and do "postfix reload" again:

smtps inet n - - - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject


Props to the following resources:
http://www.postfix.org/postconf.5.html#smtp_use_tls
http://wiki.zimbra.com/index.php?title=Outgoing_SMTP_Authentication
http://ben.franske.com/blogs/bensbits.php/2005/09/06/postfix_smtp_auth_support_for_relayhost
http://dl.nibble.bz/~archangel/archive.php?news=219

Connect to Nibble Jabber with iChat on a Mac

Connecting to Nibble Jabber with iChat on a Mac requires OS X 10.4 or above and it is super easy to setup. The screenshots below are for OS X 10.4 (Tiger). Note: If you are already using iChat for other types of instant messaging, scroll down to the end to see how to enable Jabber.

When iChat is first run, it will come up and tell you how great it is:


Then it will ask you for your name, just check that it is correct, and your .Mac account info which is optional:


Then you can enable a Jabber account. Just check the box as show, and provide your Jabber ID:


Basically you're done at this point. You will get a couple screens asking you about enabling Bonjour (optional) and configuring your web-camera (if you have one), and then you're done:


When iChat connects, you will probably get this warning about security, choose "continue":


And then you will be logged in and you should see your buddy list:



On the other hand, if you are already using iChat, you just need to go in to "Preferences" to enable Jabber. Open the "Preferences" for iChat, and go to the "Accounts" tab as shown:


Now just choose "Jabber" from the drop-down box and provide your Jabber ID:


That's it! You should get the security warning and buddy list as shown above.

The ReadyNAS Does Everything

Infrant, a subsidiary of NetGear, makes this NAS (a file-server in a box) called the "ReadyNAS NV+". If you need a network file server and are willing to look at ~$1,000 price range, this is the way to go, hands down.

Just let this Jesuit tell you how great it is:



No, really, he's serious. It does *everything*. One-touch external drive backup, expandable by attaching a USB drive, or many through a USB hub... It will fold your laundry and walk the dog!

Not to be a product whore or anything, but I want me one of these!