amdavidson

Gem Issues with Passenger

posted on 2009-03-31 - amd.im/c3fH

I was ignorantly happily letting my gems be pulled in automatically on my previous server using Nginx + Mongrel_Cluster and this seemed to pose no problems.

BUT! when I switched to a new host, I went with an Apache + Passenger (mod_rails) setup and my servers would start but would just offer "Error 500".

I checked the logs and it seemed that it wasn't loading RedCloth so I added the following to my environment.rb file and it all worked fine!

In config/environment.rb:

require 'rubygems'
require 'redcloth'

Configuring Postfix, Courier, and Courier-Maildrop for Virtual Users

posted on 2009-03-23 - amd.im/u27r

Here are some highlights for configuring Postfix to use Courier-Maildrop for local delivery.

This allows some advantages over just having postfix deliver, because you can do server-side filtering of spam and mailing list messages to de-clutter your inbox.

All these notes are based on configuring the setup on Ubuntu 8.10 (Intrepid Ibex) with Debian Lenny's courier-maildrop

The following are snippets from my configuration files, highlighting the changes that I had to make, from an already existing mail server. If these look unfamiliar, or you need more assistance setting up the basic framework of a Postfix + Courier-IMAP mail server, start here.

/etc/courier/maildroprc:

EXTENSION="$1"
RECIPIENT=tolower("$2")
USER="$3"
HOST="$4"
SENDER="$5"
DEFAULT="/home/vmail/$HOST/$USER/."

/etc/postfix/main.cf:

virtual_transport = maildrop
maildrop_destination_recipient_limit = 1

/etc/postfix/master.cf:

maildrop unix   -       n       n       -       -       pipe
flags=ODRhu user=vmail argv=/usr/bin/maildrop -w 90 -d ${user}@${nexthop} ${extension} ${recipient} ${user} ${nexthop}

So if you have a working mail server: make these changes, sudo /etc/init.d/postfix restart, and then get to work writing your .mailfilters!

Intrepid's courier-maildrop and authlib

posted on 2009-03-23 - amd.im/gbUh

Ubuntu 8.10's courier-maildrop is not compiled against courier-authlib and so cannot read from many of the supported authentication schemes that authlib can support.

Fortunately, Debian Lenny's can. So if you're having trouble you can try and install the package from that distribution, YMMV.

To save you the effort of going out and locating it, I'll attach a version of it here. Use it at your own risk, but it's working for me.

courier-maildrop_0600-2_amd64

Migrating an Email Server

posted on 2009-03-21 - amd.im/mFMA

Here are the steps that I went through to migrate my Postfix/Courier server from Slicehost to Mosso.

  1. Check current DNS MX records for applicable domains. I had mine set to all go through a central A record (my mail server) so it was easy.
  2. Set MX records to expire quickly (I think the minimum is 60 minutes). This can take 24 hours to propogate, so do this early, and then you'll have time to do the rest of the processing.
  3. Configure Postfix/Courier/IMAP as desired on new server. There are a lot of howtos on this, and some hints on this site, so I won't go over how to do this here.
  4. Test server to ensure that email can go in and out and that any spam filtering or other processes are operating well.
  5. I use MySQL for managing users and forwardings, so I dumped and locked my existing database, and copied that to the new database.
  6. Rsync maildirs over from the old server to the new server. This can take a while, depending on server speed and bandwidth.
  7. Ensure that Postfix and Courier are up and running on the new server.
  8. Change central DNS record to point to new server IP address.
  9. Stop Postfix and Courier on old server. This could lead to a couple of bounced emails, but in all likelihood the sending email servers will retry and find their way to the new server.
  10. Watch closely.

There should be very little loss of email, connectivity, or data using this path.

If anyone has any better suggestions, let me know.

Courier IMAP SSL Certificate Issues

posted on 2009-03-20 - amd.im/1Ku2

If you are having issues getting an SSL connection to Courier IMAP. Check your certificate files.

In /etc/courier/imapd-ssl:

TLS_CERTFILE=/etc/ssl/private/certificate.pem

Courier is expecting a PEM file for TLS_CERTFILE with your certificate and private key. Do not use just your certificate.

Also, if you require intermediate certificates to complete the trust chain, you can include them in this file.

MAKE SURE that you have proper permissions on this file to the security of your private key.

Configuring Spamassassin as a Daemon on Ubuntu Intrepid

posted on 2009-03-20 - amd.im/26U9

Here is the process I took to install Spamassassin as a daemon working with Postfix to process incoming mail.

I'll also be trying to reduce the memory footprint while still getting acceptable performance. Mind you, this is being implemented on a low volume server, so these settings may not be applicable to a production server with lots of users.

First, let's do some prep work on the command line:

$ sudo aptitude install spamassassin spamc
$ sudo groupadd -u 5001 spamd
$ sudo useradd -u 5001 -g spamd -s /sbin/nologin -d /var/lib/spamassassin spamd
$ sudo mkdir /var/lib/spamassassin
$ sudo chown spamd:spamd /var/lib/spamassassin

Now edit /etc/default/spamassassin and change the lines below

ENABLED=1
SAHOME="/var/lib/spamassassin"
OPTIONS="--create-prefs --max-children 2 --username spamd -H ${SAHOME}"

Edit /etc/spamassassin/local.cf

ENABLED=1
rewrite_header Subject **SPAM _SCORE_**
required_score 5.0
use_bayes 1
bayes_auto_learn 1
use_dcc 0
use_pyzor 0
use_razor2 0

Now edit /etc/postfix/master.cf and change it to look like this:

# /etc/postfix/master.cf
26   inet  n - - - - smtpd
   -o content_filter=spamassassin

# Add this segment to end of file:

# Spamassassin processing filter
spamassassin unix - n n - - pipe
   user=spamd argv=/usr/bin/spamc -e
   /usr/sbin/sendmail -oi -f ${sender} ${recipient}

Now reboot some stuff

$ sudo /etc/init.d/spamassassin restart
$ sudo postfix reload

Now test by sending email to yourself. If you view the full headers it should now have X-SPAM headers in it.

If you send an email with "XJSC4JDBQADN1.NSBN32IDNENGTUBE-STANDARD-ANTI-UBE-TEST-EMAILC.34X" in the body of the email, it is guaranteed to be flagged as SPAM, and is a great way to test your spam filter.

Make Postfix Listen to Multiple Ports

posted on 2009-03-20 - amd.im/Sp8a

If you need postfix to listen on multiple ports (like I do) add lines like the following (replace numbers with whatever ports you desire):

In /etc/postfix/master.cf:

25        inet  n       -       -       -       -       smtpd
26        inet  n       -       -       -       -       smtpd

Make sure to open the ports in iptables as well.

Men and Ladies

posted on 2009-03-10 - amd.im/Q3Q4

Saw a couple of amusing signs for the men's and women's rooms in Chiangsu yesterday.

Identity Theft?

posted on 2009-03-10 - amd.im/vFj5

So... here's a story.

I get an email from ebay.co.uk about a person trying to register amdavidson1985 on ebay.co.uk with the email address am.davidson@gmail.com...

I knew that gmail ignores periods in email addresses so was not surprised that this went to me... but it made me curious...

Then someone tries to reset my gmail password and fortunately, my alternate email address was set to my current email so I got notified.

This made me get a bit worried... maybe someone is trying to get away with a little identity theft.

So I go to change my passwords... still all secure.

I then went back to re read all the emails... and notice that it is addressed both to amdavidson1985 and to someone's name.

So I hit up a little Facebook and find a person by the name listed in the ebay email in "West Midlands" which sounded like a Britishy place to me...

I shoot a message and a reply comes back about 10 mins later that she was registering a new ebay account with her married name, and claims that she mistyped her email address which she has been meaning to update from her maiden name to her married name... still a little fishy, but altogether a bit understandable.

The internet makes it a real small world. In less than an hour, I got notices from American companies that someone in England was trying to use my email address, and I was able to track them down from a hotel room in Shanghai.

Bottles

posted on 2009-03-09 - amd.im/ySkG

Took a picture of some bottles in a restaurant in Shenzhen the other day.

I tried out a new processing technique on the pic, more of an effort to force myself to play with curves than anything else.

about

amdavidson.com is a simple blog run by Andrew Davidson, a manufacturing engineer with a blogging habit. He sometimes posts 140 character tidbits, shares photos, and saves links. You can also see posts dating back to 2005.

Search