News
The story of my life. As told by me. For more amusing anecdotes, please visit the archive.
Thu, 21 Aug 2008 11:55:50 GMT - Wonderful SPAM
I started a bit of an experiment a while ago. I'd stop the historical logs on my mailserver from being deleted and then see how much spam I get in a year. I started this on April 21st, and here's where I'm up to.
My mailserver has rejected 143,737 messages from 105,062 hosts. Of those messages; 80,586 messages were rejected because they were attempted to deliver to known blacklisted addresses and 41,543 were blocked for attempting to use me as a relay. Interestingly, this means that 85% of the spams I get through I don't need to run through spamassassin at all, which saves fairly significantly on processing time.
I suppose a quick word about what I use and how it's configured. I use spamassassin and exim4. I like exim, mainly because once you get past it's rather strange configuration setup, it's really powerful.
My mailserver is configured to be the primary MX for my domain. When mail comes in the door, it's inspected to make sure that the target address really is a domain I own and that the full address hasn't been blacklisted. If either of these is true, the connection is closed. If the mail is accepted, it is then run through spamassassin. If the mail was delivered over an authenticated connection, then the server assumes it's coming from a person allowed to use it as a relay, and then forwards it on. Spamassassin is configured to do it's usual bunch of checks, with a few tweaks to scoring. I run bayesian checks against a postgres database of data and that's fairly good at sorting stuff out. If the message goes above a certain threshold, it gets dumped in a spam folder which I then later use for bayesian learning. Anything else gets dumped in my inbox.
On the whole, it works well. I get the occasional false positive and have to copy stuff out of my spam folder. Any mail that I reject normally gets passed onto my secondary MX server, which is just a forwarder to my gmail account. Whilst 95% of that ends up in gmail's spam folder, some mails which I've said are deffinately spam end up in my gmail inbox. Looks like I do this better than Google :)
Things I want to investigate in the future are greylisting and tarpitting. I've just not got round to figuring these out yet and seeing as this is currently working quite well, I've not much motivation. One bored day I will though.
And yes, the BEST MAN DIARY is coming. Soon!
Sun, 17 Aug 2008 17:37:25 GMT - Eee bah gum
Well, it's been a week now since it ended and in many ways, I'm still recovering. The RACE ACROSS EUROPE was certainly an experience and I think a fun one at that. I'll do a full diary with ADDED BONUS GPS TRACKS once I get my act together and figure out how to spell.
In other news, my Eee turned up! In the end, I cancelled my amazon order because they were being stupidly slow. They pushed the date back a number of times, and I just got bored of waiting. Browsing around the internet, I stumbled upon Ebuyer, who excitingly told me that if I ordered in the next 4 hours, I could have it the day after. Add to that, they suggested the right memory upgrade and were cheaper than Amazon. So, I cancelled the previous order and re-bought from Ebuyer. Satisfyingly, it arrived the next day.
It's amazing. It's also tiny. The first thing I did was to wipe Xandros off and stick on Ubuntu. Thankfully, there are some guys over at Ubuntu Eee make a version of Ubuntu that comes with some Eee-friendly pre-configurations, such as making the font smaller and other niceties. However, it doesn't include rather important things like the WLAN or LAN drivers, so you have to get these from somewhere else and move them over with a USB key. The screen's small, but has 1024 pixels width, so sensible things fit on that. The keyboard is also rather small, but with a bit of practice, I can touchtype almost as well as on a fullsize version. My biggest annoyance at the moment is figuring out how to enable the palm detection for the mouse. The mouse area is quite big and as a result it's very easy to accidentally tap the area with your palm as you type, leading to random other things on the screen being selected. I know that palm detection on these sorts of things is possible, it's just a question of figuring out how. The physical mouse buttons are rather stiff, but they'll loosen over time. I've not tried the bluetooth or the webcam yet, so there's plenty to tweak with yet. All in all, a good purchase.
Tue, 29 Jul 2008 17:00:11 GMT - Not long now
So, it's suddenly here. This Friday I have to travel to a part of London at a specified time and for 9 days after that, I have no idea where I'll be. It's the mystical magical RACE AROUND EUROPE!
Of course, there is reason behind this. I would not choose to embark on such a silly and ill-conceived adventure without there being some motivation, some element of CHALLENGE! I mentioned that it's a RACE! and that necessitates the inclusion of other CHALLENGERS in the RACE! We are, naturally, competing to see who is the BEST MAN. The winner will then be appointed the BEST MAN at someone's wedding in October. I make it sound like the wedding will be chosen at random, but it should be made clear that this is not random, this will be a spectacular wedding of HISTORIANS.
I am one of the CHALLENGERS. There are five (5) other CHALLENGERS. We know nothing. Most of the ENTOURAGE accompanying us on this trip also know nothing. All I know is that I don't yet have nearly enough of the things that I need to ultimately successful in the RACE. I do not even know if I will have access to the INTERNET once I am out on the road. If I do, you can expect frequent updates to this particular publishing venue. If I do not, there will be only silence. Rest assured though, the RACE! will be heavily documented for later publication. I will occasionally take copious notes and may even entertain the idea of taking PHOTOGRAPHS or VIDEO-like material.
I must go now, to buy THINGS for the RACE!
Sat, 12 Jul 2008 15:42:06 GMT - Getting a Huawei E220 3G working on 3 with Ubuntu 8.04
I've never pre-ordered anything in my life. But when I saw that the Eee 901 was on pre-order at Amazon, I seized the moment and ordered. A little expensive, compared to the 900, but should be worth it. I've gotten a bit annoyed with having to carry a huuuuuge laptop everywhere, so something tiny that I can just use for web / email / ssh out and about would be ideal.
However, this is all fine if I were to be near a wireless access point. But what if I'm in the park? Enter the Huawei E220 HSDPA 3G modem. These USB thingies tend to come with the mobile internet bundles you see from the various mobile companies. The one I've got is hooked up to 3. I know this works on windows - there's software on the modem itself that you can pull down and run. However, I've no plans to run windows on the Eee, so I've just spent the last hour figuring out how to get it working in Ubuntu. Turns out that if you know how, it's surprisingly easy:
- Go to https://forge.betavine.net
- Download and install the latest VMC Card Driver Linux
- Plug in the modem - you should see some messages in the syslog about finding the device. If you're not sure, check to see if /dev/ttyUSB0 exists. If it does, you're in business. If not, you're screwed.
- Load up the Vodafone app - I found it in my applications menu
- Give it a phone number of *99#, any username / password you want and an APN of three.co.uk. The DHCP DNS servers didn't work for me for some reason, so I put in the OpenDNS servers as static instead. Try it DHCP first though
- Press 'connect'
- Yay!
All I need to do now is wait 10 days for the Eee to show up :)
Sat, 28 Jun 2008 18:08:00 GMT - It's cold up here, and why the internet will fall over
I had the exciting chance to visit the great city of Nottingham on Friday. Turns out that my employer also employs a bunch of people based there, who write lots of software. As part of an awareness and education drive, a few of us visited to tell lots of coders what the term 'security' is meant to mean.
I digress slightly from reality - it was actually a pretty useful day and a good amount of valuable work was done. I do need to rant about train fares however. I turned up at St Pancras on Thursday to catch the fast train up to Nottingham. Having frequently visited Stockport from London, I was expecting to pay about £40 or so. So I was slightly surprised to find that the cheapest fare was an open single at £63 and that if I wanted a return, I would need to hand over about £120. Thankfully, I was going on to Stockport on the Friday, so I bought a single. When I came to buy my ticket to Stockport, it came to £14. That's 20% of the price to go basically half the distance. I know people like to think Londoners are rich, but that's capitalising on it a bit far.
And in true spirit of being h'up norf, it started pouring with rain the instant I left London.
I feel I must comment on this story about how Icann hopes to allow anyone to buy a TLD. One the one hand, this is a genius move. Make tonnes of money by selling something that effectively costs nothing to manufacture and allow companies to release themselves of the pesky naming restraints imposed by those silly .com, .uk or whatever domains. However, I foresee two problems. Firstly, what stops me buying .bank, then buying SSL certs for natwest.bank, barclays.bank, hsbc.bank etc. etc. and firing off a bunch of emails to the rest of the world inviting them to log into the brand new internet banking site? The domain will look like the bank, the user won't get any SSL warnings in their browser and everything will look just fine. Of course, Icann could always decide to not issue me with .bank on the basis that I might abuse it, but I'm sure someone will think of a way around that.
The second problem I predict is that it just won't work. There were a number of TLDs that were made available a few years back (.mobi, .travel, .name I think) and you hardly see any high-profile sites using these. In fact, I saw one commentary that hypothesised that people were swayed away from sites using these TLDs on the basis that the company behind them couldn't afford a 'real' .com domain. And even if there is takeup of the new TLDs, I don't see companies abandoning their existing domains. So maybe this problem will sort out the phishing problem. See someone using a non-traditional TLD, and they're probably trying to take all your money.