A blog about skating and cycling, or vice versa

Chronicle of ills#

Fri, 11 Jan 2008 16:45:39 +0000

Last time I told you about my physio. Since then I had the worst cold in living memory: I'll spare you the nasal blow-by-blow, but it involved fever, shivers, a headache of the "I don't know whether I want a blindfold or a frontal lobotomy" persuasion, and on its way out a sandpaper throat and the coughing up of more phlegm than I thought I had the lung capacity to nurture. Lemsip for Christmas dinner.

Yes, that was the edited version. The full director's cut with outtakes, bloopers and deleted scenes will be out on DVD later in the year.

Anyway, better now, but it means there wasn't much of anything to write about for the last few weeks. Following my second physio encounter I was told (not in so many words, but) that I could do some light skating as long as I didn't try to stop, so I went to Mike's LSS last Saturday. The leg is quite comfortable to skate on until just short of full extension, then it depends critically on the angle of my heel carve whether I get pain or not. Which is probably a great way of making sure I'm not pushing backwards ...

My skating goal for 2008*: refuse absolutely to take the entire season seriously. This is on the basis that my best results are always when I don't expect them and am not trying too hard, and I will start working towards it as soon as I have achieved full unbrokenness again. I think the leg is improving on the whole: it has better days more often than it has worse days.

They also serve who only MTA#

Tue, 29 Jan 2008 18:30:03 +0000

I spent large chunks of the weekend installing a mail server on a fresh Bytemark VM, and and it all seems much simpler than it did last time I tried - last time I eventually gave up and got a tuffmail account.

Lessons:

0) start by installing exim4-daemon-heavy and reading /usr/share/doc/exim4-daemon-heavy/README.Debian.gz

1) don't bother with "split configuration", it seems to be fairly experimental at the moment

2) the file you should be editing is /etc/exim4/exim4.conf.template. The actual configuration is generated from this by magic and/or /etc/init.d/exim4. Things you may want to turn on or off are usually bracketed by .ifdef sections; you define the appropriate variables by putting e.g.

CHECK_MAIL_HELO_ISSUED = true
CHECK_RCPT_LOCAL_LOCALPARTS = true
CHECK_RCPT_REMOTE_LOCALPARTS = true
CHECK_RCPT_VERIFY_SENDER = true
CHECK_RCPT_REVERSE_DNS_ACT = deny
CHECK_RCPT_REVERSE_DNS = true
CHECK_RCPT_IP_DNSBLS_ACT = deny
CHECK_RCPT_IP_DNSBLS = zen.spamhaus.org
at the top of the file

3) 90% (figure off the top of my head, not actually measured) of your spam filtering comes from rejecting mail with no reverse dns or that doesn't speak RFCs or that's in the dialups list at spamhaus. This requires of course that you aren't having the mail forwarded from somewhere else - my mail is historically a rats nest of .forward and procmail processing - but provided you're the MX it's easy.

4) You can be much more vicious about spam filtering if you do it at SMTP time because you can reject the message instead of dropping it silently, hence the victims of false positives at least know the mail didn't arrive. The exim package in debian (since v4.50 I think) has appropriate knobs to do this: look at aclcheckdata in the config file.

5) We're using thunderbird as an MUA: if you choose the 'trust spam headers from spamassassin' option you need to ensure that you're setting an "X-Spam-Flag: YES" header (the examples in the config file have slightly different headers that Thunderbird doesn't pick up on) at whatever threshold you decide constitutes spam. We reject spam scores>10 and flag >5

6) Per-user spamassassin settings? Frankly, not worth it for us. The small amount of spam that makes it through with this setting is easily mopupable with Thunderbird's bayesian filter.

Amusing happening:

X-Spam-Report: SpamAssassin on "mail.example.org" rates this at 0.8 points
	pts rule name              description
	---- ---------------------- --------------------------------------------------
	0.3 MAILTO_TO_SPAM_ADDR    URI: Includes a link to a likely spammer email
	0.5 DNS_FROM_RFC_ABUSE     RBL: Envelope sender in abuse.rfc-ignorant.org
and the only URL in the body of the email?
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/