No, it’s not another Apple app, it’s an handy tool that comes with the Cyrus mailserver package to delete mail from IMAP mailboxes. I have setup two entries to get rid of unnecessary messages from the spam and trash folders for all users.
The following rules have been added to the EVENTS list on /etc/cyrus.conf.
# purge trash messages older than 2 weeks
purgetrash cmd="/usr/sbin/ipurge -X -d 14 -f user.*.Trash" at=0600
# purge spam messages older than 4 weeks
purgetrash cmd="/usr/sbin/ipurge -X -d 28 -f user.*.Spam" at=0630
It took me some time to figure out the correct matching pattern and at first I was a little bit scared to use the -f option. The man page for ipurge says "-f Force deletion of mail in all mailboxes." But you'll need it, without it won't work.
I like this way of cleaning up!
In oder to secure this personal website I have recently joined the CAcert community. This community driven certificate authority issues free public key certificates. After signing up I created two server certificates, one for the webserver and the other one for secure mail and ldap services.
So if you are using any web or mail related service on the vleeuwen.net domain I would recommend to import the CAcert root certificate. See the CAcert site for more information.
Hopefully one day Mozilla will make the right decision and include the CAcert root keys in their products.
Some weeks ago I installed the iXhash spamassassin plugin and the spamtagging became noticeable better. Just look at the spam stats page.
What is does is it creates md5 checksums of parts of the body of an email and compares them to those of tagged spam using DNS.
Installation is very easy, just follow the online documentation. The default scores for the four zones are a on the safe site, so after I had monitored the results for a week I raised the scores to 1.5 for all zones.
Below you can see the result of a debug test to see if iXhash is working correctly. At the end of the test you’ll find an short explanation on how it works.
# spamassassin -D IXHASH < iXhash.eml
[4346] dbg: IXHASH: Using iXhash plugin 1.5.5
[4346] dbg: IXHASH: IxHash querying ctyme.ixhash.net
[4346] dbg: IXHASH: Computed hash-value cbdc00eaaf002aad4448b75f47a9784f via method 1, using perl exclusively
[4346] dbg: IXHASH: Now checking cbdc00eaaf002aad4448b75f47a9784f.ctyme.ixhash.net
[4346] dbg: IXHASH: Computed hash-value 464d43b6999bdbdf6071b8b1d3f9a525 via method 2, using perl exclusively
[4346] dbg: IXHASH: Now checking 464d43b6999bdbdf6071b8b1d3f9a525.ctyme.ixhash.net
[4346] dbg: IXHASH: Computed hash-value b02ad35492c64f721e97e9a2f63b700c via method 3
[4346] dbg: IXHASH: Now checking b02ad35492c64f721e97e9a2f63b700c.ctyme.ixhash.net
[4346] dbg: IXHASH: IxHash querying hosteurope.ixhash.net
[4346] dbg: IXHASH: Hash value for method #1 found in metadata, re-using that one
[4346] dbg: IXHASH: Now checking cbdc00eaaf002aad4448b75f47a9784f.hosteurope.ixhash.net
[4346] dbg: IXHASH: Hash value for method #2 found in metadata, re-using that one
[4346] dbg: IXHASH: Now checking 464d43b6999bdbdf6071b8b1d3f9a525.hosteurope.ixhash.net
[4346] dbg: IXHASH: Hash value for method #3 found in metadata, re-using that one
[4346] dbg: IXHASH: Now checking b02ad35492c64f721e97e9a2f63b700c.hosteurope.ixhash.net
[4346] dbg: IXHASH: IxHash querying generic.ixhash.net
[4346] dbg: IXHASH: Hash value for method #1 found in metadata, re-using that one
[4346] dbg: IXHASH: Now checking cbdc00eaaf002aad4448b75f47a9784f.generic.ixhash.net
<strong>[4346] dbg: IXHASH: Received reply from generic.ixhash.net:127.0.0.2</strong>
[4346] dbg: IXHASH: IxHash querying ix.dnsbl.manitu.net
[4346] dbg: IXHASH: Hash value for method #1 found in metadata, re-using that one
[4346] dbg: IXHASH: Now checking cbdc00eaaf002aad4448b75f47a9784f.ix.dnsbl.manitu.net
[4346] dbg: IXHASH: Hash value for method #2 found in metadata, re-using that one
[4346] dbg: IXHASH: Now checking 464d43b6999bdbdf6071b8b1d3f9a525.ix.dnsbl.manitu.net
[4346] dbg: IXHASH: Hash value for method #3 found in metadata, re-using that one
[4346] dbg: IXHASH: Now checking b02ad35492c64f721e97e9a2f63b700c.ix.dnsbl.manitu.net
X-Spam-Virus: No
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on vleeuwen.net
X-Spam-Level: **
X-Spam-Status: No, score=2.0 required=5.0 tests=BAYES_50,<strong>GENERIC_IXHASH</strong>,
MISSING_DATE,NO_RECEIVED,NO_RELAYS autolearn=no version=3.2.5
From: "iXhash plugin test mail" <spamtrap@ixhash.net>
Message-ID: <mEsSaGeId@sOmEwHeRe.CoM>
To: admin@testsite.com
Subject: iXhash plugin test mail
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv=Content-Type content="text/html; charset=iso-8859-1">
</head>
<body>
<font face="Verdana">This is an e-mail designed to test the iXhash plugin's functionality.<br />
<br />
If you run this mail through SpamAssassin (using 'spamassassin -D IXHASH < iXhash.eml', you should see the plugin score with the list 'generic.ixhash.net'.<br />
This is because the hashes this mail generates ( cbdc00eaaf002aad4448b75f47a9784f and 464d43b6999bdbdf6071b8b1d3f9a525 ) are permanently listed on that list.<br />
Apart from that this mail is of no use.<br />
<br />
</body>
</html>
#
Just checking this with a manual DNS lookup:
$ host cbdc00eaaf002aad4448b75f47a9784f.generic.ixhash.net
cbdc00eaaf002aad4448b75f47a9784f.generic.ixhash.net has address 127.0.0.2
$
What a surprise, it turns out to be a valid A record. The iXhash will tag the email with the score you set for ‘GENERIC_IXHASH’.
To keep track of all unsolicited mail my mail server recieves daily I came across a nice Spamassassin plugin called Stats Plugin. This plugin dumps realtime Spamassassin statistics (mail,spam,ham) into a MySQL table from which you can easily create graphs with Cacti.
Have a look at my Spam Stats page in the sidebar.
This is how I configured my iPhone to connect to Eduroam 802.1x at SARA.
Download and install the Apple iPhone Configuration Utility. You can find this utility on the Apple support pages. Download the following certificates SURFnet-PCA-Root-CA and SARA-KA (check the Active Directory Certificate Services server).
Startup your browser after installing the iPhone Configuration Utility and open http://localhost:3000. Login with admin/admin and add some relevant information to the four fields at the General tab.
Next you need to install the two certificates on the Credentials tab. Maybe you need to rename the certificate file name extension to .cer.
Set the following on the Wi-Fi tab:
Service Set Identifier (SSID): eduroam
Security Type: WEP Enterprise
Protocols tab
select as accepted EAP type: PEAP
Authentication tab
username: your KA username
Inner Authentication: MSCHAPv2
Trust tab
Trusted Certificates:
select the two added certificates:
SURFnet-PCA-Root-CA
SARA Kantoorautomatisering
Allow Trust Exceptions: Checked
On the General tab use the ‘Export Profile’ button to export the just created configuration to a file. Sent this file by email to an email account you have configured on your iPhone. Open the email and install the profile and your’re done. You should now have a eduroam connection!
For more information look for the ‘Enterprise_Deployment_Guide.pdf’.
Installing debian etch (40r4a) on a Dell PowerEdege 1950 with SAS disks was not to easy. Debian crashed the fist reboot after the install, because of not loading or finding the correct module in initrd. The second issuse was swaping the drive from sdb to sda.
This is how I fixed it:
Don’t restart after installing debian. When the reboot prompt shows switch to vt2 (Alt-F2).
Edit /etc/initramfs-tools/modules with the output from lsmod, in my case it was mptsas. Next you need to edit /etc/fstab and /boot/grub/menu.lst so that sdb is changed to sda.
# chroot /target
# echo mptsas >> /etc/initramfs-tools/modules
# update-initramfs -u
# edit /etc/fstab (to change sdb by sda)
# edit /boot/grub/menu.lst (to change sdb by sda)
# reboot
The comments below are just a reminder for the next time I’ll need to increase the size of a mounted LVM2 enabled filesystem.
If you don’t have enough space left in the existing volume group, you have to create and add a physical volume.
When the disk is added to a running system, you may need to reinitialize the adapter to get the disk listed.
echo "- - -" > /sys/class/scsi_host/host#/scan
# pvcreate /dev/md6
Physical volume "/dev/md6" successfully created
Extend the existing volume group with the new physical volume:
# vgextend system /dev/md6
Volume group "system" successfully extended
Use ‘lvdisplay’ to search for the correct logical volume name you want to extend. In my case I needed to extend the logical volume on which the /var filesystem lies. This filesystem is named differently in the df output. The example below shows an 5G increase of the var logical volume.
# lvextend -L +5G /dev/system/lv-var
Extending logical volume lv-var to 23.00 GB
Logical volume lv-var successfully resized
The final step is to resize the filesystem to expand to fit in the resized logical volume:
# resize2fs /dev/system/lv-var
resize2fs 1.40-WIP (14-Nov-2006)
Filesystem at /dev/system/lv-var is mounted on /var; on-line resizing required
old desc_blocks = 2, new_desc_blocks = 2
Performing an on-line resize of /dev/system/lv-var to 6029312 (4k) blocks.
The filesystem on /dev/system/lv-var is now 6029312 blocks long.
Done and ready for use!
For a new and interesting project the hardware was finally delivered. It took some time to figure out what kind of hardware was capable of hosting three resource intensive SAP instances in a LPAR environment. We decided that the IBM p5 560Q with HMC, dual quad core and loads of memory should do the job. After unpacking, racking, cabling the fun part starts. Building a nice configuration. However, all went smooth until booting the server. After powering on the server the already installed service partition won’t become active and was stuck leaving a 0c31 error code on the display and HMC. It appears to be that the system was looking for a console. Booting again, now with an vterm open still gave no output. I had to connect a serial console running at a speed of 19200 baud and press 1. Horay! Just another hard day at the IT office..
Recent Comments