So tell it you live just around the corner somewhere it does like, and then tell the 911 operator where you really are when you call.
Hacky workaround, yes - but better than nothing.
(wavy lines) cue story about Australia cab company that said "we have your number so we already have your address - do you have 4 or less people and want to leave now - ok, good - see you soon" with their stupid automated system, then proceeded to send the cab to the address that used to have that number MORE THAN A YEAR AGO. Fuckers. (/wavy lines)
In my semi-open-source hat (I submit about half of what I write at work back as patches - soon a very large rewrite of perl's Net::DAV::Server based on what I have done for our inhouse system. Most of the other half is specific code that's not generic enough to be worth open sourcing)
I probably do a few hours of grandma-level support a month, but if I did any more it would seriously cut in to my actual coding time - and that's at a full time paid job. If I was doing this as a hobby then too much re-answering of FAQs would seriousy cut in to the rest of my life (young family, gym, choir - that's about all I can fit in even now).
A little frontline support is good to remind you to stay grounded - but too much and you never fly anywhere.
The company paying the salaries of the programmers also has a much better insight into the product, and hence can support it to a much deeper level, as well as produce fixes or customisations in a shorter timeframe than a support company that doesn't have anyone inhouse who knows the codebase inside-out.
The small-time operator helping grandma do monkey tasks and being paid peanuts for it - well, there's room in the ecosystem for them, and they free up the programmers at Redhat et al from having to deal with the grandma level issues.
Yeah, sure - it's not the same pool then. Fair enough. Anything that means I can sit in the non-smoking section and not be assaulted by the smoke of those in the smoking section is fine by me.
You know, I have studied symlinks and hardlinks, and I know what a shortcut is, but could you explain the actual difference between shortcuts and symlinks?
Shortcuts are more like the.desktop files in KDE - they're a small file which the filesystem layer doesn't understand at all, but the "shell" (windows, kde, etc) loads and then uses the instructions from to do something.
Symlinks are a filesystem layer thing - your application can open them just as if they were the targetted file, and it's totally transparent. You need to use a different API to see that it's actually a symlink.
D00d, you're so cool you obviously know what you're doing.
I guess you've such a seasoned professional that you know all about exposure windows and you're so sure of the security of every piece of software on your network that there's no way that anyone could lift/etc/shadow or its moral equivalent from any of the machines, so you may as well just have your password sitting around being the same everywhere for years.
Go you.
I just wish more things would allow you to authenticate with an SSH key, then I could run ssh-agent locally, authenticate with my computer once per (login || screensaver_lock) and have it accepted by most services I have to deal with.
Assuming no crack against dsa-1024, I'd be responsible for the security of my own "token" without the inherent problem that the amount of "randomness" a person can remember is now less than the amount that can be brute forced with a bot farm - which is the underlying cause for the need to change passwords frequently as well as have them more secure than your oh-so-clever little personal rebelion against all that's stale and st00pid about your life.
Many of the customers we pick up previously used either free email services or an email component of an overall hosting company. The problem being that since email wasn't the primary business of their provider, it wasn't treated with the priority that email users need.
A good place to compare services and read reviews is EmailAddresses.com. There are forums specifically for a few of the bigger dedicated providers there, as well as more general discussion areas, and the owners of many of the services read the forums. While they are mainly aimed at the free services, there are paid services listed as well.
It just seems unreliable to assume that a home connection will have the terms "dsl" or "dialup" in the DNS name. But I suppose most indicators of spam are naturally unreliable. I've been meaning to change the reverse lookups for my IPs to something less lame for years now; this is a good reason to do it.
Oh, it is rather unreliable, which is why there are things like The SORBS dynamic IP RBL to consolidate that sort of information.
The second suggestion is good and one I can probably implement in short order. I think I can talk my ISP into letting me manage my tiny block of IPs or at least changing what they resolve to. Someone pointed out that Hotmail spam script might just be looking for the term "dsl" and blocking based on that. It sounds stupid but in a very plausible way.
The problem is that it's not actually stupid - because it's something that is a very strong predictor for zombie machines, and it's something that the "owners" of the zombies can't change, while legitimate operators frequently can.
As someone else above mentioned, a service like FastMail (disclaimer: I work for FastMail) will provide you with a SMTP relay you can use for outbound email. You can still do your own SPF records, but you'll need to use the smarthost's outbound servers rather than your own IP.
Still, if you can get the reverse fixed up you're part way there - if your IP isn't in the 'dialup range' RBLs as well.
Slowly gaining support amongst client applications. It's a pity IMAP is just complex enough that no clients really support it as well as they could (especially offline mode), but it's pretty nice still.
Personally I would probably not sign an employment contract with a rigid non-compete unless there were something in there for me... a really nice severance package, to make up for my personal loss due to the non-compete sounds about right.
The only time I've ever signed a non-compete, that's exactly what it had - they could enforce the non-compete for up to 6 months, but they had to pay me at my current salary for the period in which they wanted to enforce it.
System libraries should ALWAYS BUT ALWAYS be treated as "black boxes" - you know what goes in, you know what they return, you don't give a damn about what's inside.
Nice rant. Pity that in the real world what actually happens is that the app is given cursory QA against a particular implementation, and if it works then it's shipped. If something goes wrong then the vendor just points at the "supported implementations" list and tells you to go install the implementation they support.
try to write a query in SQL that depends on two query results being equal (for instance, "show me a list of all customers who have each bought at least one of every product")
SELECT Customer.* FROM Customer, (
SELECT CustomerId, COUNT(DISTINCT ProductId) AS NumProducts FROM Purchase GROUP BY CustomerId ) AS DistinctPurchases, (
SELECT COUNT(DISTINCT ProductId) AS NumProducts FROM Product ) AS DistinctProducts WHERE DistinctPurchases.NumProducts = DistinctProducts.NumProducts
AND DistinctPurchases.CustomerId = Customer.CustomerId;
Or in English:
Count how many different products have been purchased by each customer Count how many products exist Show me all the customers where the two numbers above are equal
What makes you think that going public equals evil?
a) Going public means you are required to maximise shareholder value. b) In the short term, going evil is very profitable, trading goodwill and other unmeasurable 'intangibles' for gold mulah. c) QED
The strange thing here is not paying for a service that used to be free, its paying, in essence, to provide that service others.
I have sung in various choirs over the years, and all of them have charged some form of subscription to be a member, despite the fact that I'm performing for a paying audience at most gigs.
Here in Australia they tend to be cheaper than some of the choirs I was looking at joining in the states, but upwards of $100 per year is not uncommon for some choirs. They seriously need that money to stay afloat and be able to put on concerts that aren't just Messiah, Mozart Requiem and Carmina Burana over and over again - nothing else pulls big enough crowds to pay for the orchestra, the venue, the rehearsal hall, the publicity, etc.
So yeah, I get where they're coming from. On the flip side, you'd better be providing something better than the free services (I happen to enjoy singing with large groups of people, which is why I happily pay up each year)
Just curious - why the LMTP step and not integrated into the SMTP server?
Mainly because our backend Cyrus servers are already talking lmtp, so it seemed a little pointless to send it back into Postfix again just to be sent out to another local delivery agent. Also means we can do all sorts of funky per-user processing - and yes, we can 4xx back to Postfix easily enough if there's a temporary error condition.
We have 4 incoming mx servers handling ~500k users, and the load average on these boxes sits pretty high - they're all multi processor xeon boxes with 4Gb of memory (some of the imap servers have >4Gb, but you run into funky kernel issues up there - not to mention the way cyrus does mmap.. scary stuff).
Given that the load average on our mx servers never goes below about 2.5, we can't afford anything which spawns per-mail doing database connections, loading spamassassin, etc - so that's why the long running lmtp proxies.
My home setup is just a hosted VPS (previously a real box but I got tired of dealing with hardware issues) running email for myself and my family, plus a couple of mailing lists. I'm using amavis-new to apply both SpamAssassin and ClamAV to mails as a content_filter within Postfix.
Work has to be much higher performance - we use a custom LMTP proxy written in Perl which calls out to the clamd clamav daemon and contains a SpamAssassin instance which has been a lot more seriously tuned. We also run local copies of many RBLs (you generally need to pay to do that, but it's worth it for the saved network traffic if you've got enough spam comming in!)
Interestingly, I did some work on the lmtp proxy just last week so that even when the clamd is down (restarts, etc) it will fall back to calling out to 'clamscan' directly on the spool file and parsing the output.
So yes, especially since ClamAV 0.8, it's been very nice and easy to use - the mail scanning is reliable (haven't had a single virus get through into my mail, but I get around 30-50 virus notifications a day from it - I could probably turn them off, but it's nice to see what sort of traffic is floating around).
Eee... argh. Yes, we do. What a horrible standard (and insert ObPHPSucks rant here - at least for doing UTF8 conversions and such. All our standard libraries are written in Perl, and I'm likely to rewrite WAP in it some day).
I actually did a bunch of work on the (not so well advertised) beta WAP site - read the forums for more information at EmailAddresses.com. I'm not going to link directly to our WAP server from Slashdot!
Slashdot Mirror
That's just the ones with counts over 10 - there's a VERY long tail.
According to clamav on one of our servers over the past roughly 14 hours...
11 Worm.SomeFool.Gen-1
12 Worm.Mytob.JT
13 Worm.Lovgate.X
16 Worm.Mytob.CA
26 Worm.Mytob.JM
57 Worm.SomeFool.P
141 HTML.Phishing.Bank-1
6151 Worm.Sober.U
I suspect I could get you a Sober.U roughly once every 2 seconds or so (we have 4 of these servers in a round robin config)
So tell it you live just around the corner somewhere it does like, and then tell the 911 operator where you really are when you call.
Hacky workaround, yes - but better than nothing.
(wavy lines) cue story about Australia cab company that said "we have your number so we already have your address - do you have 4 or less people and want to leave now - ok, good - see you soon" with their stupid automated system, then proceeded to send the cab to the address that used to have that number MORE THAN A YEAR AGO. Fuckers. (/wavy lines)
In my semi-open-source hat (I submit about half of what I write at work back as patches - soon a very large rewrite of perl's Net::DAV::Server based on what I have done for our inhouse system. Most of the other half is specific code that's not generic enough to be worth open sourcing)
I probably do a few hours of grandma-level support a month, but if I did any more it would seriously cut in to my actual coding time - and that's at a full time paid job. If I was doing this as a hobby then too much re-answering of FAQs would seriousy cut in to the rest of my life (young family, gym, choir - that's about all I can fit in even now).
A little frontline support is good to remind you to stay grounded - but too much and you never fly anywhere.
The company paying the salaries of the programmers also has a much better insight into the product, and hence can support it to a much deeper level, as well as produce fixes or customisations in a shorter timeframe than a support company that doesn't have anyone inhouse who knows the codebase inside-out.
The small-time operator helping grandma do monkey tasks and being paid peanuts for it - well, there's room in the ecosystem for them, and they free up the programmers at Redhat et al from having to deal with the grandma level issues.
Yeah, sure - it's not the same pool then. Fair enough. Anything that means I can sit in the non-smoking section and not be assaulted by the smoke of those in the smoking section is fine by me.
This looks like as good a place as any to trot out the old:
"Having a smoking section in a restaurant is like having a pissing section in a swimming pool"
thx
You know, I have studied symlinks and hardlinks, and I know what a shortcut is, but could you explain the actual difference between shortcuts and symlinks?
.desktop files in KDE - they're a small file which the filesystem layer doesn't understand at all, but the "shell" (windows, kde, etc) loads and then uses the instructions from to do something.
Shortcuts are more like the
Symlinks are a filesystem layer thing - your application can open them just as if they were the targetted file, and it's totally transparent. You need to use a different API to see that it's actually a symlink.
D00d, you're so cool you obviously know what you're doing.
/etc/shadow or its moral equivalent from any of the machines, so you may as well just have your password sitting around being the same everywhere for years.
I guess you've such a seasoned professional that you know all about exposure windows and you're so sure of the security of every piece of software on your network that there's no way that anyone could lift
Go you.
I just wish more things would allow you to authenticate with an SSH key, then I could run ssh-agent locally, authenticate with my computer once per (login || screensaver_lock) and have it accepted by most services I have to deal with.
Assuming no crack against dsa-1024, I'd be responsible for the security of my own "token" without the inherent problem that the amount of "randomness" a person can remember is now less than the amount that can be brute forced with a bot farm - which is the underlying cause for the need to change passwords frequently as well as have them more secure than your oh-so-clever little personal rebelion against all that's stale and st00pid about your life.
I went to his talk on Dead Languages last night at Melbourne.PM - very funny. Especially when C++ made the dead list!
:)
My work purchased a copy of the book there, so I'll check it out when I'm in the office next (today is a work-from-home day
Disclaimer: I work for FastMail.FM
Many of the customers we pick up previously used either free email services or an email component of an overall hosting company. The problem being that since email wasn't the primary business of their provider, it wasn't treated with the priority that email users need.
A good place to compare services and read reviews is EmailAddresses.com. There are forums specifically for a few of the bigger dedicated providers there, as well as more general discussion areas, and the owners of many of the services read the forums. While they are mainly aimed at the free services, there are paid services listed as well.
people not rewinding videos before returning them to the store
Is this like that nasty person who didn't rewind that DVD I hired last week? Man that's annoying when they do that.
It just seems unreliable to assume that a home connection will have the terms "dsl" or "dialup" in the DNS name. But I suppose most indicators of spam are naturally unreliable. I've been meaning to change the reverse lookups for my IPs to something less lame for years now; this is a good reason to do it.
Oh, it is rather unreliable, which is why there are things like The SORBS dynamic IP RBL to consolidate that sort of information.
The second suggestion is good and one I can probably implement in short order. I think I can talk my ISP into letting me manage my tiny block of IPs or at least changing what they resolve to. Someone pointed out that Hotmail spam script might just be looking for the term "dsl" and blocking based on that. It sounds stupid but in a very plausible way.
The problem is that it's not actually stupid - because it's something that is a very strong predictor for zombie machines, and it's something that the "owners" of the zombies can't change, while legitimate operators frequently can.
As someone else above mentioned, a service like FastMail (disclaimer: I work for FastMail) will provide you with a SMTP relay you can use for outbound email. You can still do your own SPF records, but you'll need to use the smarthost's outbound servers rather than your own IP.
Still, if you can get the reverse fixed up you're part way there - if your IP isn't in the 'dialup range' RBLs as well.
http://www.faqs.org/rfcs/rfc2177.html
Slowly gaining support amongst client applications. It's a pity IMAP is just complex enough that no clients really support it as well as they could (especially offline mode), but it's pretty nice still.
Personally I would probably not sign an employment contract with a rigid non-compete unless there were something in there for me... a really nice severance package, to make up for my personal loss due to the non-compete sounds about right.
The only time I've ever signed a non-compete, that's exactly what it had - they could enforce the non-compete for up to 6 months, but they had to pay me at my current salary for the period in which they wanted to enforce it.
Not for those who live behind content filters that block all URLs with naughty words like sex in them.
System libraries should ALWAYS BUT ALWAYS be treated as "black boxes" - you know what goes in, you know what they return, you don't give a damn about what's inside.
Nice rant. Pity that in the real world what actually happens is that the app is given cursory QA against a particular implementation, and if it works then it's shipped. If something goes wrong then the vendor just points at the "supported implementations" list and tells you to go install the implementation they support.
They'd love to answer all your questions about how to run an ISP for you - and if they really like you they might even let you in to the other place!
TINC
try to write a query in SQL that depends on two query results being equal (for instance, "show me a list of all customers who have each bought at least one of every product")
SELECT Customer.* FROM Customer, (
SELECT CustomerId, COUNT(DISTINCT ProductId) AS NumProducts FROM Purchase GROUP BY CustomerId
) AS DistinctPurchases, (
SELECT COUNT(DISTINCT ProductId) AS NumProducts FROM Product
) AS DistinctProducts
WHERE DistinctPurchases.NumProducts = DistinctProducts.NumProducts
AND DistinctPurchases.CustomerId = Customer.CustomerId;
Or in English:
Count how many different products have been purchased by each customer
Count how many products exist
Show me all the customers where the two numbers above are equal
Not that hard really.
What makes you think that going public equals evil?
a) Going public means you are required to maximise shareholder value.
b) In the short term, going evil is very profitable, trading goodwill and other unmeasurable 'intangibles' for gold mulah.
c) QED
Thanks for playing.
The strange thing here is not paying for a service that used to be free, its paying, in essence, to provide that service others.
I have sung in various choirs over the years, and all of them have charged some form of subscription to be a member, despite the fact that I'm performing for a paying audience at most gigs.
Here in Australia they tend to be cheaper than some of the choirs I was looking at joining in the states, but upwards of $100 per year is not uncommon for some choirs. They seriously need that money to stay afloat and be able to put on concerts that aren't just Messiah, Mozart Requiem and Carmina Burana over and over again - nothing else pulls big enough crowds to pay for the orchestra, the venue, the rehearsal hall, the publicity, etc.
So yeah, I get where they're coming from. On the flip side, you'd better be providing something better than the free services (I happen to enjoy singing with large groups of people, which is why I happily pay up each year)
Just curious - why the LMTP step and not integrated into the SMTP server?
Mainly because our backend Cyrus servers are already talking lmtp, so it seemed a little pointless to send it back into Postfix again just to be sent out to another local delivery agent. Also means we can do all sorts of funky per-user processing - and yes, we can 4xx back to Postfix easily enough if there's a temporary error condition.
We have 4 incoming mx servers handling ~500k users, and the load average on these boxes sits pretty high - they're all multi processor xeon boxes with 4Gb of memory (some of the imap servers have >4Gb, but you run into funky kernel issues up there - not to mention the way cyrus does mmap.. scary stuff).
Given that the load average on our mx servers never goes below about 2.5, we can't afford anything which spawns per-mail doing database connections, loading spamassassin, etc - so that's why the long running lmtp proxies.
I use ClamAV both at work and home. It's great.
My home setup is just a hosted VPS (previously a real box but I got tired of dealing with hardware issues) running email for myself and my family, plus a couple of mailing lists. I'm using amavis-new to apply both SpamAssassin and ClamAV to mails as a content_filter within Postfix.
Work has to be much higher performance - we use a custom LMTP proxy written in Perl which calls out to the clamd clamav daemon and contains a SpamAssassin instance which has been a lot more seriously tuned. We also run local copies of many RBLs (you generally need to pay to do that, but it's worth it for the saved network traffic if you've got enough spam comming in!)
Interestingly, I did some work on the lmtp proxy just last week so that even when the clamd is down (restarts, etc) it will fall back to calling out to 'clamscan' directly on the spool file and parsing the output.
So yes, especially since ClamAV 0.8, it's been very nice and easy to use - the mail scanning is reliable (haven't had a single virus get through into my mail, but I get around 30-50 virus notifications a day from it - I could probably turn them off, but it's nice to see what sort of traffic is floating around).
Bron.
yes they have a WAP interface!
Eee... argh. Yes, we do. What a horrible standard (and insert ObPHPSucks rant here - at least for doing UTF8 conversions and such. All our standard libraries are written in Perl, and I'm likely to rewrite WAP in it some day).
I actually did a bunch of work on the (not so well advertised) beta WAP site - read the forums for more information at EmailAddresses.com. I'm not going to link directly to our WAP server from Slashdot!
Bron.