Older blog entries for cord (starting at number 24)

RIP Telekommunikationsgeheimnis.



Explaination for non German Readers: Today the german parliament passed an act, which orders all communication-connection data (caller-ids, times, email-communication, other internet-transactions) have to be stored for 6 months.

More info on vorratsdatenspeicherung.de

Syndicated 2007-11-09 13:59:55 from Sprachrohr - offizielles Verlautbarungsorgan

mutt: autoviewing text/html

it sometimes funny, i'm working with mutt since about 10years, (the 5years before i was using elm) and just found out how i can view pure text/html-Mails without fiddeling with piping and things.

set implicit_autoview

in .muttrc does the trick.

but now mutt also prefers the text/html-part of multipart/alternative-mails, this is going to far for me. i want the text/plain-part if available. mutt has also a solution here:

alternative_order text/plain text/html

and done. no more piping to html2text. One day i'll read through the whole manual again...

Syndicated 2007-11-03 13:17:19 from Sprachrohr - offizielles Verlautbarungsorgan

sendmail uses ident be default

I have no idea how the other major MTAs handle this, but sendmail seems to issue an ident-auth-request on each connect it gets.

As i think this is rather useless, as most hosts don't answer it, and, even if they would, the answer is easily fakeable, i switched it off.

adding

define(`confTO_IDENT', `0')dnl

to /etc/mail/sendmail.mc disables this. Sadly this isn't documented, for confTO_IDENT it only states

The timeout waiting for a response to an IDENT query.


thanks goes to http://sial.org/howto/sendmail/tips/

Syndicated 2007-09-29 12:52:16 from Sprachrohr - offizielles Verlautbarungsorgan

Analysis of subscribed Domains on Debian-Listserver.

From time to time we have the problem that a mail posted to a list triggers an autoresponse (vacation, bounce, tdma) from an unexpected source. Sometimes it isn't possible to identify the subscriber who is causing this. One example for this was 'petsupermarket'.

So i wrote a small tool, which takes Mailadresses as input and resolves the domains until it reaches IP-level, so it is possible to identify 'related' addresses to such an incident.

I now ran this tool for all 38656 domainparts mailadresses that are currently subscribed to some list at our listservers:

Unresolveable Domains                             :   443
Grounded Domains : 3
Domains with A : 1058
Domains with CNAME, A : 59
Domains with CNAME, CNAME, A : 3
Domains with MX, A : 36202
Domains with MX, CNAME, A : 1199
Domains with MX, CNAME, CNAME, A : 22
Domains with MX, CNAME, CNAME, CNAME, A : 5
Domains with MX, PTR : 36
Domains with unresolvable Hosts : 361


(You may have noticed that those lines doesn't sum up to 38656. It is possible to have more than one MX-Host, and it is also possible to have more than one IP in an A-Record. If one of those combinations falls into another category it is counted twice)

so we have 36528 domains that are completely configured correctly according to RfC 2821 with a MX-Record pointing to an A-Record, or without a MX-Record and an A-Record. These are 94.5% of all domains.

but we have 443 domains in our list, that didn't resolve at the moment i ran my script, those have to be investigated.

We also have 3 domains that are configured with 'IN MX 0 .' as decribed in this expired Draft, those also have to be investigated, and thrown out.

We have 1288 domains, which use CNAMEs (or CNAMEs pointing to CNAMEs) in their MX or directly on their domainname. RFC1034 says:

Domain names in RRs which point at another name should always point at the primary name and not the alias. This avoids extra indirections in accessing information.


then there are 36 domains which point their MX directly to an IP-Number. RFC 1035 says:

3.3.9. MX RDATA format

+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
| PREFERENCE |
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
/ EXCHANGE /
/ /
+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+

where:

PREFERENCE A 16 bit integer which specifies the preference given to
this RR among others at the same owner. Lower values
are preferred.

EXCHANGE A <domain-name> which specifies a host willing to act as
a mail exchange for the owner name.

MX records cause type A additional section processing for the host
specified by EXCHANGE.


So according to that an MX has to point explicitely to a Full Qualified Domain Name, and it has to be an A-Record it points to.

However: Most MTAs (including ours) these days forgive this, and figure out the right thing.

At last: we have 361 Domains which MX and/or CNAME-Records point to Hostnames that are currently unresolvable. A quick check shows that often the problems only appear on one MX-Record, while another is correct, so the service is functional.

So maybe now it is a good idea and check your own DNS-Setup and the Mail-related Data.

Syndicated 2007-09-14 13:21:40 from Sprachrohr - offizielles Verlautbarungsorgan

Xlib: Maximum number of clients reached

Every two weeks i get this:

$ xterm &
Xlib: connection to ":0.0" refused by server
Xlib: Maximum number of clients reached
xterm Xt error: Can't open display: :0.0


and it looks that something eats up the possible number of Clients:

$ xlsclients |wc -l
56


when i restart X i can open about 100 xterms until i reach the error message.

ideas?

Syndicated 2007-08-17 08:35:33 from Sprachrohr - offizielles Verlautbarungsorgan

I'm a criminal

The German parliament changed the law on 25th may 2007.

It's now forbidden to build, program, give, distribute or get software, which can be used to attack computers. that's something i do on a daily basis. (think nmap)

so it is only a question of time that i get caught.

German pressrelease of the CCC

Syndicated 2007-05-26 07:38:59 from Sprachrohr - offizielles Verlautbarungsorgan

Packaging Simple PHP Blog postponed.

We found out that Simple PHP Blog, the software that is used for this Blog, can't be packaged for Debian at the moment, because the License looks like this:

The Simple PHP Blog is released under the GNU Public License.

You are free to use and modify the Simple PHP Blog. All changes
must be uploaded to SourceForge.net under Simple PHP Blog.

Credit must be give to the original author and the Simple PHP Blog
logo graphic must appear on the site and link to the project
on SourceForge.net


So problems are (as far as i understand):

  • the GPL isn't referred to correctly (also the GPL isn't included in the source distribution)
  • Upstream wants all changes uploaded again on sourceforge, and doesn't mention what is about redistribution of modified code.
  • Upstream denies the specific modification of removing the Logo and the Link to Sourceforge.


So i tried to explain this politely to Upstream, I hope he honors my request, as i really like this piece of software and want to see it in Debian.

Syndicated 2007-05-17 21:02:44 from Sprachrohr - offizielles Verlautbarungsorgan

Browsercrash sucks - loosing work even more.

Do you know this?

you write a brilliant entry for a blog, a blog-comment or something in a textarea-field in your browser.

after finished, you press the Send-Button, and ... the browser crashes, or nothing happens because Javacript or Cookies were disabled in your browser.

the result is, the brilliant text you just wrote by investing time has gone to bit-heaven.

Has anyone a solution for this, beside writing in a text-editor, pasting it over to the textarea, fighting against linebreaks and things?

I once tried Editus Externus a Firefox extension, but that one produces a lot of problems in the fight iso-8859-x vs. utf8, and the linewrap problem is also there.

So how can i make sure that the things i type in a textarea aren't lost, when my cookie expires, Javascript sucks or my Browser dies?

Syndicated 2007-05-12 10:32:40 from Sprachrohr - offizielles Verlautbarungsorgan

private Spamstats April 2007



you see my Spamstats for the time i run an own server for my domain.

The input consists mainly from cord@Wunder-Nett.org that is in existence since mid-1996, and a (tuned) catch all on cord.de.

  • Unreadable is the stuff encoded as russian, chinese, korean, ...
  • Backscatter are Bounces due to misused Mailadresses.
  • Virusspam is the stuff ClamAV catches.
  • Spam is recognized by bogofilter
  • Dupes were Mails with the same Message-Id in a short time period.
  • Ham are thode messages that survived the other filters.


In 05/2004 i had a big downtime due to broken Harddisk and/or cheap IDE-Cables (which was finally solved in 2006).

In 11/2004 i became Debian-Listmaster, and forwarded the listmaster-mails to my system.

In 08/2005 i stopped forwarding listmaster-Mail and the admin-mail from LUG-OWL and let them drop into a local Mailbox on the specific servers.

In 06/2006 The power supply of my server died, and HaJo had a fitting spare device, so i took it to the local hardware gods (C&M sorry, only Flash) and they put it in, they also replaced all Fans (6 of which 4 were stuck) and replaced the IDE-Cables. Now i even could switch on DMA without risking a crsah. (Man, 3years of crippled server). As you see, the system is now able to accept even more spam.

In 12/2006 i added greylisting on my server. My 2nd MX currently doesn't do greylisting.


Management-summary: With massive filtering i can keep mail somewhat useable for me.

Syndicated 2007-05-04 21:15:52 from Sprachrohr - offizielles Verlautbarungsorgan von Cord

Debian Weekly News is late? - Blame listmasters!

Hi.

We were notified that German DWN, and the Original DWN weren't sent out. Investigation showed that Diplomats (in German translation Diplomaten) matched the bad word 'Diploma', so it is dropped in our spambox.

I resent German DWN yesterday and the Original DWN some minutes ago.

sorry for the inconvinience.

Syndicated 2007-05-01 21:32:28 from Sprachrohr - offizielles Verlautbarungsorgan von Cord

15 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!