Looking at some logs, I noticed a bunch of entries for dns queries failing to things like: lame server resolving ‘14.182.8.69.ipwhois.rfc-ignorant.org. After some digging around on Google, I found a mailing list post from rfc-ignorant.org announcing the removal of the ipwhois.rfc-ignorant.org zone.
Looking at the SpamAssassin docs, this the right line to put in your local.cf to disable this particular test:
score RCVD_IN_RFCI 0
Yay, fewer log messages to look at every day.
Every year for Christmas gifts from Alisha’s grandparents we get a puzzle or two. For some reason, they never seem to be easy ones. This year was no different. I didn’t get a good picture of the first one, but this is probably the best one. Not too tough, but not easy. The second one was much worse. I’m not sure how much time Alisha spent on it, but quite a bit more than I did.
This weekend I helped Jim pick up a nearly brand new 42U Dell server rack for the school district. We don’t really have a place to put it right now, but it was such a good deal we couldn’t pass it up.
More pictures of puzzles and the rack.
And, when I got back to the house today, the garage door wouldn’t open. I assumed it was frozen down, but it wasn’t. I came inside and the light on the wall switch was blinking continously. It would open using the wall switch, but not the remote or the HomeLink transmitter in my truck. I don’t think we have a manual for it anywhere, so I went searching the web. I found a discussion area talking about Craftsman door openers with someone else describing the exact same symptoms. The reply was to press and hold the lock button for 3 seconds, the constant blink means the opener is in lock mode. I never even knew what the lock button was for. I guess you learn something every day.
Trying to turn on Google Safe Search for all of your clients behind your Squid+squidGuard server? Well, you aren’t the first and probably won’t be the last, but it’s not that hard, once you find the right words to plug in to Google.
You need a little patch that Eric Harrison (of MESD fame) wrote. If you are already using his recent RPMs, you already have the patch. If you are compiling from source, you’ll need to grab the source RPM from his testing area and extract the squidguard-sed.patch file. Once you’ve applied that patch to the squidGuard 1.2.0 source and recompiled, you should be able to use the following code snippets in squidGuard.conf to append “safe=strict” to all google urls:
rewrite google {
s@(google.com/search.*q=.*)@1&safe=strict@i
s@(google.com/images.*q=.*)@1&safe=strict@i
s@(google.com/groups.*q=.*)@1&safe=strict@i
s@(google.com/news.*q=.*)@1&safe=strict@i
# log google
}
and in your acl section add:
default {
# for google to be in "safe mode"
rewrite google
Then, there are fewer inappropriate pictures available via google.
Thanks to Eric’s post to K12OSN and a Louisiana library page with a full squidGuard.conf linked for examples.
That took some time, I got my first email today about the spongebob related image/spam. It’s not too informative, just a link to the image and the auto-appended footer from Hotmail, in german.
Not sure what exactly I was expecting.
Since I’ve been helping Jim try to setup a simple firewall for a class, this presentation from the last time I helped him out is quite apropos.
I’m sure there are errors in it, but hey, it worked.
Just so this gets into google: If you are creating a Windows Certificate Server CA to use with FreeSWAN/OpenSWAN/etc, don’t set it to be valid past the end of the unix epoch (ie 2038). FreeSWAN barfs on the RootCA cert, with nothing resembling a useful error (mentioned here). Now, back to running around like a chicken with it’s head cut off getting the labs ready to open.
Had a drive fail in a machine that we took out of production about 2 weeks ago. Hows that for timing? Apparently the linux aacraid driver and/or Dell perc2/si do not handle drives disappearing from a RAID1 volume very well, since the machine wouldn’t do anything besides spew ext3 errors until it was rebooted. Login and put the afacli quick ref to use, and disk 0:02:0 had failed, didn’t even come online long enough to get inited by the card. The machine is still under a Dell extended warranty, so I gave them a call and a new drive should be here on Tuesday.
Some of the more handy commands:
open afa0
container list
enclosure list
enclosure show slot
enclosure prepare slot <enclosure id> <slot id>
disk list
Trying to get Spam URI Realtime Blocklist (SURBL) working with SpamAssassin 2.63 on RedHat Enterprise Linux 3 is a bit of a challenge. The plugin to make it work is spamcopuri which requires perl-URI-1.28 (or greater?). RHEL3 comes with perl-URI-1.21, we need to find a more recent RPM to rebuild. Fedora seems to be a pretty good starting point and they have 1.30 in the latest test release. After rebuilding that SRPM (with rpmbuild –rebuild), the build seems to go fine. More testing to come.
Update: Install is just as easy as it claims, copy the config file into the same directory as local.cf and restart spamd. And it starts tagging spam….
So, I’m trying to add some extended functionality to MRTG to grab port labels from HP switches. To do this, I need to find the enterprise OID that is assigned to HP and add it to mrtg’s cfgmaker script so that it knows the HPs support ifAlias. Quick search on google and tada! And that site has a link to IANA with a listing of all enterprise OIDs.
Seems that we have been getting lots of hits on www.hoopeston.k12.il.us from hotmail and other mail clients asking for 1 specific spongebob related picture. Seeing as that is wasting our bandwidth for someone elses purposes, I followed the lead of others and replaced the picture: 
We’ll see how much mail I get….
