- main - earth.li

Alternatives to SMTP when the network fails
by Mark Rogers 19 Dec '10

19 Dec '10

Can't think of a good subject for this, sorry! I have a customer with an ADSL line and direct delivery of email via SMTP to their external IP (into Exchange). The MX record for the domain points to one of my servers running Postfix, which basically forwards mail to their IP if it is up. So far so good.... However, they've just suffered a BT-inflicted ADSL outage that's lasted several days and they want to have a backup for the future. They're going down the 3G backup route (using a router which falls over from ADSL to 3G), but this will give them a dynamic IP when on 3G and, more importantly, we've found out the hard way that in general 3G providers do not allow us to make incoming connections (whether on port 25 or any other). So, my question is: what is the best solution to this? I have come up with several options: - Move the email to POP3 delivery, ie mail ends up in a POP3 mailbox on my server, they collect periodically from that box. From experience this causes problems with Exchange, although I don't recall what exactly. - Provide some kind of POP3/IMAP access to the Postfix mailqueue, so in normal use mail comes via SMTP, but when they switch to 3G they can access the mailqueue (using POP3 or IMAP, and then by extension via webmail) as a temporary measure, with the mail coming in via SMTP as normal once the connection is restored. However, I have no idea if this is even possible? - Drop everything to a POP3 mailbox on the server, but configure fetchmail to deliver it to them via SMTP if the connection is up. Sort of half-way between the two above options. - Setup a VPN between the mail server and the exchange server, and deliver to the VPN address. This seems like the "best" option although I have no idea whether it is practical having never tried it. I'd assume OpenVPN as the best VPN solution? I also don't know how well it would scale if I want to then do this with lots of other sites? -- Mark Rogers // More Solutions Ltd (Peterborough Office) // 0844 251 1450 Registered in England (0456 0902) @ 13 Clarke Rd, Milton Keynes, MK1 1LG

8 14

SQL question - how to find the 'nearest match', a sort of 'FUZZY LIKE' select?
by Chris G 16 Dec '10

16 Dec '10

This is a wierd sort of question I know but I can't find any other way around the problem at the moment. I'm writing some code (in PHP, in a Dokuwiki plugin) which retrieves data from a database when a link is clicked. The link one clicks is a town name but, because it's a link, Dokuwiki massages the name to make it not have any 'difficult' characters in it - i.e. it switches to all lower case, accented characters are un-accented and non-letters are changed to underscores. E.g. :- Deûlémont becomes deulemont Halluin/Menin becomes halluin_menin In my plugin I get the massaged town names and I want a way to run a select on the database to get the data for those towns. Can anyone suggest a way that one might be able to do this? I guess I can change all underscores to wildcards, that gets over that issue, but I can't see how to handle the accented characters, i.e. :- deulemont won't match Deûlémont even using LIKE I'm using the default Sqlite3 at the moment, does anyone know if any of the more 'heavyweight' databases have a way to fuzzy match accented characters with their non-accented equivalents? I can quite easily switch to mySql or postgresql. -- Chris Green

1 1

"Warning: we recommend you do not upgrade to ubuntu 10.04"
by James Freer 16 Dec '10

16 Dec '10

performance / high load average problems - mint 9 too? I read this last evening about ubuntu 10.04 - any of you developer folk tested it by any chance? http://linuxforums.org.uk/ubuntu/warning-we-recommend-you-do-not-upgrade-to… I found ubuntu 10.10 unusable and yet these folk say it's ok. I was wondering if it was solved for xfce Mint 9? Or is this why Mepis decided on debian distros? yours james

8 11

How to make ssh reverse tunnel as secure as possible?
by Chris G 15 Dec '10

15 Dec '10

As per previous discussions I'm going to set up an ssh reverse tunnel from my eeePC on the boat to my server at home. I will use autossh to run the ssh command on the eeepC so that it will get restarted if it dies for any reason. The ssh command run on the eeePC on the boat will be something like:- ssh -R 54321:localhost:22 user(a)my.home.server this then allows me to do the following to make an ssh connection from the home server to the eeePC on the boat:- ssh -p 54321 localhost So far, so good, that works fine (I've checked it out with a netbook at home). However I'd like to make it as secure as possible, the 'hole' I would like to plug is that I have generated an ssh key without a passphrase on the boat eeePC (which is copied to the 'user' login on the home server) so that the 'ssh -R ....' command runs without requiring any passphrase or password. (I can't use an agent really, it needs to be able to work completely unattended from power up) The 'user' login is dedicated to the ssh connection so doesn't belong to a real person and doesn't own any files, it would allow passwordless access to a shell though at the moment. Is there any way of allowing ssh to connect still but to prevent it from actually doing anything at all? There's no need for 'user' to be able to do anything and if it can be set up so there's no shell or anything the passwordless login doesn't offer an intruder anything useful really. -- Chris Green

3 2

Best virtualisation tool to run Linux on Windows
by Mark Rogers 15 Dec '10

15 Dec '10

I need to create a small VM to run a Linux server on a Windows PC. The server will be headless and provide a web interface so its own memory requirements should be fairly low, so I'm looking for something to run the virtual server with the least resources I can get away with. Ideally I need the host PC (Win7 32-bit 1GB RAM) to still be functional as a PC with the virtual machine running.... -- Mark Rogers // More Solutions Ltd (Peterborough Office) // 0844 251 1450 Registered in England (0456 0902) @ 13 Clarke Rd, Milton Keynes, MK1 1LG

6 13

Isn't the default way that 'locate' works rather useless?
by Chris G 14 Dec '10

14 Dec '10

I like the *idea* of the locate command but find that the way it works by default is pretty useless. When I say 'locate filexyz' I want to find a file (or maybe a directory) called filexyz, I don't want to see every file which has filexyz as part of its name, nor do I want to see every file in the hierarchy below a directory called filexyz. Surely it would be more useful if the default was to do something similar to 'find' which will only find exact matches unless you specify otherwise. It would also be useful to be able to limit the search to a specified directory hierarchy but I don't think locate can do that at all (whereas find does it by default). As locate works by default one almost inevitably gets about ten thousand lines of useless 'hits' which completely hide anything useful. It's only if you happen to want to find a really oddly named file (or directory) that you get a sane number of hits. I know that one *can* make locate more selective but it's hardly intuitive to say:- locate -b `\filexyz' to get an exact match. Sorry, this is just a rant really after having my screen once again filled up with thousands of unwanted/useless hits. If anyone can offer a way of getting the same result as:- find . -name filexyz but with the speed of using locate's database then I'd live to hear of it. (OK, the find syntax is hardly user friendly but I'm more used to it) -- Chris Green

1 0

Recommended dynamic DNS services - and how to configure them?
by Chris G 14 Dec '10

14 Dec '10

I want to make it easy to find my eeePc server that I'm going to leave running on my boat in Belgium, it's connecting using a 3-G router which offers four possible DDNS services:- dyndns.org freedns.afraid.org www.zoneedit.com www.no-ip.com Does anyone have any experience of using any of these services, any recommendations? Next - I've tried to set up with freedns.afraid.org and I don't really unbderstand what I'm doing! I've created an account there and have entered the details of that account into the 3-G router configuration. What I don't understand is the last parameter it asks for which is DDNS. Presumably DDNS is the domain name tat you select as the one to access the dynamic IP server - however I don't understand where I get that from at freedns.afraid.org. -- Chris Green

6 14

openvpn - beginners guide wanted
by Chris G 14 Dec '10

14 Dec '10

Since Brett recommended openvpn as a way to handle communications with my difficult to access eeePC I have decided to give it a try. I have installed the Ubuntu openvpn distribution on the eeePC and haven't run out of space which is a good start! :-) Now I'm a bit lost, presumably I need to install openvpn on my server at home too, that's easy enough, but what next? I can't find any simple 'how to' guides that tell me how to enable communication between the two systems. My basic need is to have the eeePC out in Belgium start up the connection but then to be able to access that eeePC from the server at home. I've looked at the documentation at openvpn.net but it's a bit overwhelming. Any ideas or reecommendations for 'gentler' ways in would be very welcome. -- Chris Green

3 8

Adding routes
by James Bensley 14 Dec '10

14 Dec '10

Evening all, I posted this on another mailing list but I think there are a couple here that might be able to help. I am struggling to get the syntax right to add an equal-cost multi-path route under BSD and wondered if anyone out there could correct my mistake? I'm running FreeBSD 8.1 (actually its pfSense 2.0 Beta 4!). I have a virtual sand box on the go, I'm trying for something along the lines of: route add -net 0.0.0.0/32 equalize nexthop via 192.168.0.1 nexthop via 192.168.0.2 With the intention of balancing per-packet across each of these gateways except I get this error instead: route: writing to routing socket: Network is unreachable add net 0.0.0.0: gateway equalize: Network is unreachable I'm rather tired, this stupid box has no man pages, so I stabbed again with: route add -net 0.0.0.0/32 via 192.168.0.1 via 192.168.0.2 equalize route: bad address: via Clearly my syntax is way out, but I'm tired and stuck for ideas. Anyone have clue to spare? -- Regards, James. http://www.jamesbensley.co.cc/ There are 10 kinds of people in the world; Those who understand Vigesimal, and J others...?

3 3

Reverse ssh set-up and/or alternatives
by Chris G 14 Dec '10

14 Dec '10

So I don't seem to be able to make connections *to* my eeePc that's sitting connected to a 3-G router, so the alternative is to get it to connect 'outwards' using ssh and to tunnel through that ssh connection from outside to enable me to connect to the eeePc and do anything necessary remotely. I really only need command line access. Are there any alternative ways of doing this or is ssh port-mapping the best way to do it? The other issue is somehow to restart the connection if/when it goes down (which it does fairly frequently, this is a somewhat flakey area for 3-G) - any clever ideas? -- Chris Green

5 7