$ perl -ne'/NOQUEUE/ && s{.*to=<(\S+?)>.*}{$1} && print "$_\n";' mail.log* | sort | uniq -c | sort -n
[much snippage]
36 1181577610@saintaardvarkthecarpeted.com
36 1182947701@saintaardvarkthecarpeted.com
37 1181326150@saintaardvarkthecarpeted.com
37 1183667208@saintaardvarkthecarpeted.com
38 1182949918@saintaardvarkthecarpeted.com
40 1183349604@saintaardvarkthecarpeted.com
- 2008-10
- 2008-09
- 2008-08
- 2008-07
- 2008-06
- 2008-05
- 2008-04
- 2008-03
- 2008-02
- 2008-01
- 2007-12
- 2007-11
- 2007-10
- 2007-09
- 2007-08
- 2007-07
- 2007-06
- 2007-05
- 2007-04
- 2007-03
- 2007-02
- 2007-01
- 2006-12
- Old blog
Linky:
- andreas/id/au
- Andy Seely
- Antlab
- ben.millaire.com
- Blog O' Matty
- Brew-Masters.com
- bsdplanet
- BSD Talk
- Chad Mynhier
- Chris Siebenmann
- Emacs Wiki
- Free Shells
- Gecko
- Hunter
- I Gotta Go
- Ken MacLeod
- Luke Kaines
- Minor Emacs Wizardry
- Musings from Lot 12
- Noah
- One Person's Opinion
- project-u13
- pukku
- simplicidade.org/notes
- Slashdot
- swim. bike. run. ping.
- Ted T'so
- The Real Arwen
- ToPoCheeseBlog
- Weekly Piracy Report
- Wout Mertens
![[FSF Associate Member]](/images/fsf_member_button.png){kind=small}
Email: aardvark at saintaardvarkthecarpeted dot com
Well, that's a relief
A new tape without labels inside?
Mon Aug 18 11:50:36 PDT 2008
That's bush. Bush league. You hear me, Fuji? Look at me!
I knew there was a reason to compulsively squirrel away every half-used set of tape labels.
Fedora Directory Server
Sat Aug 16 15:02:29 PDT 2008
So one of the things I need to set up at $JOB_2 is some kind of unified bag o' passwords…which, since I hate NIS, pretty much means LDAP. This is the first chance I've had to set up an LDAP system from scratch, rather than either being afraid to try or being stuck with (and, sadly, contributing to the further divergence of) a mishmash of semi-borked LDAP servers.
I've been trying out Fedora Directory Server the last few days, and so far I'm pretty happy with it. It's nice to have the luxury of learning what the hell I'm doing before it all goes live, of screwing up a bunch of times on a non-production system.
Likes: Welp, it's a lot like Sun's Directory Server…at least as far as the logging and console go, anyhow. Not surprising, given the heritage. You can automate installation by giving it a configuration file — something I didn't realize you could do with Sun's DS.
Other likes: PHPLDAPAdmin is nice. The latest version has E-Z-Reed XML templates for things like account creation, meaning I can keep my ignorance of Javascript intact. (Hurray!)
Minor irritants: there are a few. First off, there are no RPMs for CentOS 5 for the 1.1 series; you have to jump through some hoops to get the FC6 RPMs of 1.1 installed. I'd originally tried the 1.0 series on Debian, and hadn't realized that the 1.1 series does not include the org chart or E-Z-Account-Maker web app. (This is where y'all can go, "Muffin!")
Third, I'm so far not able to get the automated installation working…can't figure out why. Not terribly important, since $JOB_2 is small and likely to stay that way; a couple of servers is likely to be the max. But installation of this thing, just like with Sun DS, has lots of knobs that you can twiddle if you want, and part of the problem with the mishmash at $JOB_1 is that no one ever standardized the settings — never wrote down the answers to the questions, or scripted it, or came up with a config file, or anything. And it's hellish if you want to add another install to the mix.
Anyhow…so far it's cool. I've been playing with it on a machine at $JOB_2 plus an installation of CentOS 5 on my laptop. Still to learn: SSL, replication, and (maybe) multi-master replication.
(Incidentally, I'm surprised that there isn't a more recent version of O'Reilly's LDAP Administration by Gerald Carter. Yes, there's still OpenLDAP and I don't imagine it's changed very much (feel free to correct me), but something that included Fedora DS, and maybe (maybe) OpenDS would be good.
(And speaking of Sun gossip, I've been meaning to mention this for a while…and now this.)
Defcon NOC
Sun Aug 10 21:02:11 PDT 2008
Interesting article from Threat Level about the Defcon NOC. Now there'd be an interesting job…
A note on comments
Thu Aug 7 21:09:36 PDT 2008
About a year ago, I started using a cobbled-together system of Bash and Perl scripts and Makefiles to put together this blog. One of the reasons was my general dislike for PHP; another was my desire to try living (at least in some small way) by Saint Aardvark's Axiom of Information Utility, and try keeping this in plain text. (Another was a desire to use Emacs to write these damn things; I want the control that's thrown out when you start using a GUI to edit.)
But one of the problems that faced me was how to deal with comments, and comment spam. Having a web form that allowed comments made commenting easy, but the downside was that it made spamming easy too. WP and others keep this down to a dull roar, but it's not perfect and I've had problems with false positives — people being unable to post comments because their IP address was on some blacklist, and the plugin had made no provision for whitelisting.
I decided to lash together something that would use email. For me — a very small, low-traffic website, with a blog devoted to a rather obscure set of concerns and a tech-savvy audience (Hi Dad!) — this seemed like a good choice. Email spam, for me, has been pretty much solved by greylisting and SpamAssassin. (There's the problem of a ten — no, fourteen — year-old email address that I've been meaning to get changed for a while now, but that's another story; they don't seem to do greylisting, and SpamAssassin does catch most of it.) So taking comments by email seemed, you know, righteous, dude.
The system for comments is pretty simple: every post gets an epoch timestamp embedded in it. (I think if you look in the HTML source, you can see it.) I use it for sorting the order of the posts, and I use it to generate email addresses for post-specific comments. The format is simple: comments+(seconds since the epoch)@saintaardvarkthecarpeted.com. The address is included in the post, though I haven't done much to make it obvious. (This blog, and I think this whole website, would make baby Jacob Nielson cry.)
My thinking was that, even though I was publishing the addresses, it wouldn't matter: as I mentioned, spam for me has been mainly solved (insert disclaimers here). Between greylisting and SpamAssassin, I figured I pretty much wouldn't see any spam at all.
Turns out there's another benefit: the addresses have been picked up by spam bot crawlers, but they're screwing up the scraping. From 24 days of mail logs, I see a crapload of attempts to deliver to the wrong address:
There were more than 2500 of these messages turned away by greylisting. They've all stripped off everything up to the plus, not realizing (as I didn't until a few years ago) that a plus in an email is valid.
In fact, the only attempts to deliver to legitimate comment addresses were two actual comments to my blog…which brings up a shortcoming: I never got that many comments with WordPress, but I sure got more than I do now. It's possible my writing has just gone 'way downhill, but I think it's more likely that this system just puts people off, or they're just unable to find it with my current (crappy) design.
(One interesting problem: my wife tried to comment once, using Lotus Notes at her workplace. It converted the plus sign into an underscore. Weird.)
I still regard this setup for comments as an experiment. Its results are definitely mixed; no spam, but fewer comments as well. Given the tiresome mess that comes with the lack of an HTTP equivalent of greylisting, I'm inclined to keep doing it.
Anyhow…that's my interesting research result for the day. You may now talk amongst yourselves.
A note on comments
Thu Aug 7 21:09:36 PDT 2008
About a year ago, I started using a cobbled-together system of Bash and Perl scripts and Makefiles to put together this blog. One of the reasons was my general dislike for PHP; another was my desire to try living (at least in some small way) by Saint Aardvark's Axiom of Information Utility, and try keeping this in plain text. (Another was a desire to use Emacs to write these damn things; I want the control that's thrown out when you start using a GUI to edit.)
But one of the problems that faced me was how to deal with comments, and comment spam. Having a web form that allowed comments made commenting easy, but the downside was that it made spamming easy too. WP and others keep this down to a dull roar, but it's not perfect and I've had problems with false positives — people being unable to post comments because their IP address was on some blacklist, and the plugin had made no provision for whitelisting.
I decided to lash together something that would use email. For me — a very small, low-traffic website, with a blog devoted to a rather obscure set of concerns and a tech-savvy audience (Hi Dad!) — this seemed like a good choice. Email spam, for me, has been pretty much solved by greylisting and SpamAssassin. (There's the problem of a ten — no, fourteen — year-old email address that I've been meaning to get changed for a while now, but that's another story; they don't seem to do greylisting, and SpamAssassin does catch most of it.) So taking comments by email seemed, you know, righteous, dude.
The system for comments is pretty simple: every post gets an epoch timestamp embedded in it. (I think if you look in the HTML source, you can see it.) I use it for sorting the order of the posts, and I use it to generate email addresses for post-specific comments. The format is simple: comments+(seconds since the epoch)@saintaardvarkthecarpeted.com. The address is included in the post, though I haven't done much to make it obvious. (This blog, and I think this whole website, would make baby Jacob Nielson cry.)
My thinking was that, even though I was publishing the addresses, it wouldn't matter: as I mentioned, spam for me has been mainly solved (insert disclaimers here). Between greylisting and SpamAssassin, I figured I pretty much wouldn't see any spam at all.
Turns out there's another benefit: the addresses have been picked up by spam bot crawlers, but they're screwing up the scraping. From 24 days of mail logs, I see a crapload of attempts to deliver to the wrong address:
$ perl -ne'/NOQUEUE/ && s{.*to=<(\S+?)>.*}{$1} && print "$_\n";' mail.log* | sort | uniq -c | sort -n
[much snippage]
36 1181577610@saintaardvarkthecarpeted.com
36 1182947701@saintaardvarkthecarpeted.com
37 1181326150@saintaardvarkthecarpeted.com
37 1183667208@saintaardvarkthecarpeted.com
38 1182949918@saintaardvarkthecarpeted.com
40 1183349604@saintaardvarkthecarpeted.com
There were more than 2500 of these messages turned away by greylisting. They've all stripped off everything up to the plus, not realizing (as I didn't until a few years ago) that a plus in an email is valid.
In fact, the only attempts to deliver to legitimate comment addresses were two actual comments to my blog…which brings up a shortcoming: I never got that many comments with WordPress, but I sure got more than I do now. It's possible my writing has just gone 'way downhill, but I think it's more likely that this system just puts people off, or they're just unable to find it with my current (crappy) design.
(One interesting problem: my wife tried to comment once, using Lotus Notes at her workplace. It converted the plus sign into an underscore. Weird.)
I still regard this setup for comments as an experiment. Its results are definitely mixed; no spam, but fewer comments as well. Given the tiresome mess that comes with the lack of an HTTP equivalent of greylisting, I'm inclined to keep doing it.
Anyhow…that's my interesting research result for the day. You may now talk amongst yourselves.
A note on comments
Thu Aug 7 21:09:36 PDT 2008
About a year ago, I started using a cobbled-together system of Bash and Perl scripts and Makefiles to put together this blog. One of the reasons was my general dislike for PHP; another was my desire to try living (at least in some small way) by Saint Aardvark's Axiom of Information Utility, and try keeping this in plain text. (Another was a desire to use Emacs to write these damn things; I want the control that's thrown out when you start using a GUI to edit.)
But one of the problems that faced me was how to deal with comments, and comment spam. Having a web form that allowed comments made commenting easy, but the downside was that it made spamming easy too. WP and others keep this down to a dull roar, but it's not perfect and I've had problems with false positives — people being unable to post comments because their IP address was on some blacklist, and the plugin had made no provision for whitelisting.
I decided to lash together something that would use email. For me — a very small, low-traffic website, with a blog devoted to a rather obscure set of concerns and a tech-savvy audience (Hi Dad!) — this seemed like a good choice. Email spam, for me, has been pretty much solved by greylisting and SpamAssassin. (There's the problem of a ten — no, fourteen — year-old email address that I've been meaning to get changed for a while now, but that's another story; they don't seem to do greylisting, and SpamAssassin does catch most of it.) So taking comments by email seemed, you know, righteous, dude.
The system for comments is pretty simple: every post gets an epoch timestamp embedded in it. (I think if you look in the HTML source, you can see it.) I use it for sorting the order of the posts, and I use it to generate email addresses for post-specific comments. The format is simple: comments+(seconds since the epoch)@saintaardvarkthecarpeted.com. The address is included in the post, though I haven't done much to make it obvious. (This blog, and I think this whole website, would make baby Jacob Nielson cry.)
My thinking was that, even though I was publishing the addresses, it wouldn't matter: as I mentioned, spam for me has been mainly solved (insert disclaimers here). Between greylisting and SpamAssassin, I figured I pretty much wouldn't see any spam at all.
Turns out there's another benefit: the addresses have been picked up by spam bot crawlers, but they're screwing up the scraping. From 24 days of mail logs, I see a crapload of attempts to deliver to the wrong address:
$ perl -ne'/NOQUEUE/ && s{.*to=<(\S+?)>.*}{$1} && print "$_\n";' mail.log* | sort | uniq -c | sort -n
[much snippage]
36 1181577610@saintaardvarkthecarpeted.com
36 1182947701@saintaardvarkthecarpeted.com
37 1181326150@saintaardvarkthecarpeted.com
37 1183667208@saintaardvarkthecarpeted.com
38 1182949918@saintaardvarkthecarpeted.com
40 1183349604@saintaardvarkthecarpeted.com
There were more than 2500 of these messages turned away by greylisting. They've all stripped off everything up to the plus, not realizing (as I didn't until a few years ago) that a plus in an email is valid.
In fact, the only attempts to deliver to legitimate comment addresses were two actual comments to my blog…which brings up a shortcoming: I never got that many comments with WordPress, but I sure got more than I do now. It's possible my writing has just gone 'way downhill, but I think it's more likely that this system just puts people off, or they're just unable to find it with my current (crappy) design.
(One interesting problem: my wife tried to comment once, using Lotus Notes at her workplace. It converted the plus sign into an underscore. Weird.)
I still regard this setup for comments as an experiment. Its results are definitely mixed; no spam, but fewer comments as well. Given the tiresome mess that comes with the lack of an HTTP equivalent of greylisting, I'm inclined to keep doing it.
Anyhow…that's my interesting research result for the day. You may now talk amongst yourselves.
