I'm interested in using domainkeys (heck, I use SPF, I even greylist), but I'm unable to find an implementation for Postfix or Amavis. Is anybody working on an implementation? I saw the library that yahoo has, but I just don't have the time to code my own right now.
I'd think an Amavis implementation would be ideal, since it scans everything anyway, and integrates with other mail servers so easily.
My advice to the blogger is to either convince her husband to leave, or leave him. For Pete's sake, he's working himself to death, he's not a victim!
The blogger's spouse is choosing to work these insane hours, knowing full well that he won't ever be compensated for them. He took the job without ever bothering to understand the question about long hours. Clearly the work is more important to him than spending time with you.
It's not like it's even difficult for decent developers to find other work. So what if it's not in a field that he loves? Given a choice between you and his job at EA, he chose his job. Sucks to be you. Now get over it.
First off, Websphere 4.0 is J2EE 1.2 only. You need Websphere 5.0 to get to J2EE 1.3.1. In Websphere 5.1, you at least get JDK 1.4, and a few J2EE 1.4 tidbits (JSTL 1.1, for example).
However, your ClassCastExceptions will only get bumped to compile time in JDK 1.5, true. But I must admit that in eight years of Java programming, I've never had this particular problem where it didn't take more than a few seconds to find the source of the bug.
I really just want the metadata stuff (which was obviously ripped off from C#, but it's a great idea). That, and EJB 3.0, which gets rid of the stupid deployment descriptors.
I downloaded the beta (from where I can't say:-), but it only installs on Tiger (OS X 10.4). Since I don't really want to run a pre-release OS, I took a pass. But JDK 1.5 is coming, it's just several months off.
But by your post, you had probably already guessed that. At least it's probably less than four years, like it was before Mac folks got JDK 1.2...
Correct me if I'm wrong, but since USB is just a bus, wouldn't it be possible to make a storage device that announced its presence as something else, like a NIC or a printer, and then a custom driver let you upload to it?
I just cannot see this approach working at all, without securing the entire driver layer and limiting application I/O to the authenticated drivers.
Of source, then the BIOS has to load only authenticated OSes, which means that the digital signatures in the BIOS become the target of a massive, distributed keysearch to crack them so that you can load Linux onto the new machines. And once you can do that, you can patch the Windows install to load non-secure drivers.
SPF (and SenderID) all use the DNS to authenticate the sender. When the receiving server gets a message, it checks the DNS of the domain in the MAIL FROM (and/or From:) lines to insure that the machine that sent the message is allowed to send messages for that domain.
DNS queries are pretty darn cheap (although TXT records can require DNS/TCP). And since the odds are the messages won't go to 50,000 different email systems, your SPF/Sender ID records will probably get cached, lowering your network burden.
As an aside, your DNS will get queried whether you implement SPF/Sender ID or not: it's the receiving mail servers that will send the queries, and there are more of them every day. I just updated to Postfix 2.1, and enabled the SPF policy included with it, after a few modifications. At least I no longer get spam with my own email address in the MAIL FROM!
At some point I suspect my machine running SpamAssassin will burn more bandwidth checking SPF, SenderID, DomainKeys, and RBLs than the spam itself consumes.
I wish the various banks, paypal, etc. would post records. It would eliminate a ton of phishing.
A quick look here
shows that there's really nothing gained even if the current owner of katie.com had trademarked it. The mark's applicability is in the eyes of the people who percieve it, not yours. Yuck.
IANAL, but it would seem that there's absolutely no protection against what Penguin did at all. They might as well have used her address or phone number.
Yes, you're missing something. I think they meant "people who have contributed money to us," not "prople who have contributed code to FSF." I'm not sure if FSF has to disclose the former (IANAL, but I think it depends on their charitable organization status), but maybe they do.
I've sent plenty of complaints through spamcop, and I have it configured to not strip my name. It's a checkbox you just uncheck. If SC needs someone to testify on their behalf (that they're not stripping things unbeknownst to their users), I'd step up. I'm sure some of my complaints have been to optinrealbig.
Right. Just like those COBOL programmers who've been gainfully employed for the bulk of 30 years by another language with "commercial aspirations." If you write code for a living, don't count those aspirations out.
If you add the combined salaries of Java programmers I'm willing to bet they're more than the combined salaries of (one of) HTML, C++, C#, or perl, python, php...
I've tried many times over the years to switch to OO, but people keep sending me documents that use the 2% you refer to. I use very few of the features in office, but that really doesn't matter if I can't view or print your documents correctly, does it?
Something that would solve this problem much of the time was software PDF generation from Windows. But there's no way I know of to do that without paying somebody (Adobe, that shareware guy, or Apple, where PDF generation is included in the OS).
Also, if there were such a thing, I would have jumped at a camera that could do frame by frame stuff, so that I could make dumb movies of my furniture moving around or something. But that's just me. (un?)Fortunatly, such cameras were way too expensive at that point.
Umm, don't they call those... digital cameras? I mean, like, any digital camera on a tripd can shoot single frames, right?
What I really want is a cordless, rechargable, 802.11 VOIP phone that I can take with me to any place I can get 802.11 (an Ethernet jack would be nice for hardwire) and a DHCP lease. Contact a server, bind my current IP address to my phone number, and voila! Happy camper. Works in my house, but I can also take it to your house, say, if my network is down, power is out, or (heaven forbid) I'm just visiting.
I know this is probably overkill, and it cannot accomplish everything you can with your mobile phone, but as a bridge between mobile and broadband (still tons of places I can't get my mobile to work that have broadband), it's a Good Thing.
I've been a Mac guy since the 80's, and a Java guy since the mid-90's. I started doing Java development on Mac OS, back when Sun and Apple were shipping a JDK for Mac OS. Those early releases were crap, painful, and buggy, but in that the Mac was no different than any other platform.
Now I work for a software consulting firm doing fairly high-end Java development. All of that development takes place on Windows, and is deployed on Unices of various flavors.
Lately I've tried using my Mac for development on Java. I really, really have. But I have to say this, though it pains me to do so: it sucks for Java development. I thought, "Wow, a Unix based system with a great GUI! What could be better! I have a local CVS repository, all the tools like Ant, and none of the Windows wierdness!" Yet somehow, Eclipse doesn't work right. NetBeans, well, it's still NetBeans. IdeaJ doesn't look right and takes forever to launch. WSAD doesn't exist. Xcode, for all the hype, doesn't make sense to me: I'm sure it's a great tool, but I've worked with more than thirty different IDEs in my career (not counting revisions), and Xcode just feels wrong somehow.
My Windows box runs these apps flawlessly (except Xcode and NetBeans, which sucks on Windows too), and I'm so much more productive than when I use my OSX box that it's not funny. It's not so much that you can't do it on Mac OS X, but that because of the additional support, it's actually easier to do it on Windows. I spend less time fscking around with configuration, alpha builds, gui bugs, and slowness.
I use my Macs for a lot of stuff, and I'm about to migrate my mail/web server from Linux to Mac OS X server. But my Java development will continue to be done on Windows for a while longer.
I'm surprised that some anti-spam zealot hasn't gotten their stuff together, checked their mail server logs, and written some code that opens connections to 3127, sends the magic cookie, and a small batch file containing "format c:" or some such. It would put a stop to the (inevitable) spam, and would get these morons to take system security more seriously.
Maybe a more friendly way to do it would be to turn on the computer's TCP/IP filter, and disable port 25 outbound.
Now this is something that SPF could actually help with: when the virus sends a message with a spoofed from (and HELO, based on what I'm seeing) address, the mail server will read the SPF TXT record, figure out that that address is NOT allowed to send messages for that domain, and nuke the message. Even without anti-virus software.
All that said, I'm feeling really lucky to have installed amavis-new/clamav last night. I didn't even know this was coming, and it's caught about 200 messages already this morning.
Yes, for over ten years. And yes, virginia, there is security (albeit limited): you can set up which users can send apple events to your machine.
I used to run a Mac LAN in the early 90s, and AppleScript was a complete godsend for administration.
And now with OSX, the scripting language lines blur a bit, because I can have applescripts that execute command-line apps, and vice-versa.
Being able to tell Excel to open a document, update it from its ODBC data source, save changes, then tell Mail to email it to a bunch of people as an attachment. It's a good thing.
Slashdot Mirror
I'm interested in using domainkeys (heck, I use SPF, I even greylist), but I'm unable to find an implementation for Postfix or Amavis. Is anybody working on an implementation? I saw the library that yahoo has, but I just don't have the time to code my own right now.
I'd think an Amavis implementation would be ideal, since it scans everything anyway, and integrates with other mail servers so easily.
My advice to the blogger is to either convince her husband to leave, or leave him. For Pete's sake, he's working himself to death, he's not a victim!
The blogger's spouse is choosing to work these insane hours, knowing full well that he won't ever be compensated for them. He took the job without ever bothering to understand the question about long hours. Clearly the work is more important to him than spending time with you.
It's not like it's even difficult for decent developers to find other work. So what if it's not in a field that he loves? Given a choice between you and his job at EA, he chose his job. Sucks to be you. Now get over it.
Crayola!
First off, Websphere 4.0 is J2EE 1.2 only. You need Websphere 5.0 to get to J2EE 1.3.1. In Websphere 5.1, you at least get JDK 1.4, and a few J2EE 1.4 tidbits (JSTL 1.1, for example).
However, your ClassCastExceptions will only get bumped to compile time in JDK 1.5, true. But I must admit that in eight years of Java programming, I've never had this particular problem where it didn't take more than a few seconds to find the source of the bug.
I really just want the metadata stuff (which was obviously ripped off from C#, but it's a great idea). That, and EJB 3.0, which gets rid of the stupid deployment descriptors.
I downloaded the beta (from where I can't say :-), but it only installs on Tiger (OS X 10.4). Since I don't really want to run a pre-release OS, I took a pass. But JDK 1.5 is coming, it's just several months off.
But by your post, you had probably already guessed that. At least it's probably less than four years, like it was before Mac folks got JDK 1.2...
Correct me if I'm wrong, but since USB is just a bus, wouldn't it be possible to make a storage device that announced its presence as something else, like a NIC or a printer, and then a custom driver let you upload to it?
I just cannot see this approach working at all, without securing the entire driver layer and limiting application I/O to the authenticated drivers.
Of source, then the BIOS has to load only authenticated OSes, which means that the digital signatures in the BIOS become the target of a massive, distributed keysearch to crack them so that you can load Linux onto the new machines. And once you can do that, you can patch the Windows install to load non-secure drivers.
And then we're back to square one.
SPF (and SenderID) all use the DNS to authenticate the sender. When the receiving server gets a message, it checks the DNS of the domain in the MAIL FROM (and/or From:) lines to insure that the machine that sent the message is allowed to send messages for that domain.
DNS queries are pretty darn cheap (although TXT records can require DNS/TCP). And since the odds are the messages won't go to 50,000 different email systems, your SPF/Sender ID records will probably get cached, lowering your network burden.
As an aside, your DNS will get queried whether you implement SPF/Sender ID or not: it's the receiving mail servers that will send the queries, and there are more of them every day. I just updated to Postfix 2.1, and enabled the SPF policy included with it, after a few modifications. At least I no longer get spam with my own email address in the MAIL FROM!
At some point I suspect my machine running SpamAssassin will burn more bandwidth checking SPF, SenderID, DomainKeys, and RBLs than the spam itself consumes.
I wish the various banks, paypal, etc. would post records. It would eliminate a ton of phishing.
Any bets on whether we'll ever see the Digital logo on the front page of /.?
IANAL, but it would seem that there's absolutely no protection against what Penguin did at all. They might as well have used her address or phone number.
Umm, that works in bash too (and has for some time now). The default is emacs mode.
I assume that your CIO uses his own license of Excel from home, and bought the computer on his desk then, right?
You should try reading fiction sometime. It's much more pleasant than books on programming languages.
Doesn't anyone read the article?
It said that 71% of the URLs in spam go to web servers in China, not that 71% of spam comes from China!
The vast majority of spam that hits my mail server comes from the US (comcast, rr.com, etc) machines that have been compromised.
Tools like bigevil.cf (SpamAssassin plugin) help me to filter those spams with Chinese URLs.
Yes, you're missing something. I think they meant "people who have contributed money to us," not "prople who have contributed code to FSF." I'm not sure if FSF has to disclose the former (IANAL, but I think it depends on their charitable organization status), but maybe they do.
I've sent plenty of complaints through spamcop, and I have it configured to not strip my name. It's a checkbox you just uncheck. If SC needs someone to testify on their behalf (that they're not stripping things unbeknownst to their users), I'd step up. I'm sure some of my complaints have been to optinrealbig.
... oh wait. They'd do exactly this.
Right. Just like those COBOL programmers who've been gainfully employed for the bulk of 30 years by another language with "commercial aspirations." If you write code for a living, don't count those aspirations out.
If you add the combined salaries of Java programmers I'm willing to bet they're more than the combined salaries of (one of) HTML, C++, C#, or perl, python, php...
I've tried many times over the years to switch to OO, but people keep sending me documents that use the 2% you refer to. I use very few of the features in office, but that really doesn't matter if I can't view or print your documents correctly, does it?
Something that would solve this problem much of the time was software PDF generation from Windows. But there's no way I know of to do that without paying somebody (Adobe, that shareware guy, or Apple, where PDF generation is included in the OS).
Umm, don't they call those... digital cameras? I mean, like, any digital camera on a tripd can shoot single frames, right?
Actually, you bring up my dream phone:
What I really want is a cordless, rechargable, 802.11 VOIP phone that I can take with me to any place I can get 802.11 (an Ethernet jack would be nice for hardwire) and a DHCP lease. Contact a server, bind my current IP address to my phone number, and voila! Happy camper. Works in my house, but I can also take it to your house, say, if my network is down, power is out, or (heaven forbid) I'm just visiting.
I know this is probably overkill, and it cannot accomplish everything you can with your mobile phone, but as a bridge between mobile and broadband (still tons of places I can't get my mobile to work that have broadband), it's a Good Thing.
I've been a Mac guy since the 80's, and a Java guy since the mid-90's. I started doing Java development on Mac OS, back when Sun and Apple were shipping a JDK for Mac OS. Those early releases were crap, painful, and buggy, but in that the Mac was no different than any other platform.
Now I work for a software consulting firm doing fairly high-end Java development. All of that development takes place on Windows, and is deployed on Unices of various flavors.
Lately I've tried using my Mac for development on Java. I really, really have. But I have to say this, though it pains me to do so: it sucks for Java development. I thought, "Wow, a Unix based system with a great GUI! What could be better! I have a local CVS repository, all the tools like Ant, and none of the Windows wierdness!" Yet somehow, Eclipse doesn't work right. NetBeans, well, it's still NetBeans. IdeaJ doesn't look right and takes forever to launch. WSAD doesn't exist. Xcode, for all the hype, doesn't make sense to me: I'm sure it's a great tool, but I've worked with more than thirty different IDEs in my career (not counting revisions), and Xcode just feels wrong somehow.
My Windows box runs these apps flawlessly (except Xcode and NetBeans, which sucks on Windows too), and I'm so much more productive than when I use my OSX box that it's not funny. It's not so much that you can't do it on Mac OS X, but that because of the additional support, it's actually easier to do it on Windows. I spend less time fscking around with configuration, alpha builds, gui bugs, and slowness.
I use my Macs for a lot of stuff, and I'm about to migrate my mail/web server from Linux to Mac OS X server. But my Java development will continue to be done on Windows for a while longer.
I'm surprised that some anti-spam zealot hasn't gotten their stuff together, checked their mail server logs, and written some code that opens connections to 3127, sends the magic cookie, and a small batch file containing "format c:" or some such. It would put a stop to the (inevitable) spam, and would get these morons to take system security more seriously.
Maybe a more friendly way to do it would be to turn on the computer's TCP/IP filter, and disable port 25 outbound.
Now this is something that SPF could actually help with: when the virus sends a message with a spoofed from (and HELO, based on what I'm seeing) address, the mail server will read the SPF TXT record, figure out that that address is NOT allowed to send messages for that domain, and nuke the message. Even without anti-virus software.
All that said, I'm feeling really lucky to have installed amavis-new/clamav last night. I didn't even know this was coming, and it's caught about 200 messages already this morning.
Yes, for over ten years. And yes, virginia, there is security (albeit limited): you can set up which users can send apple events to your machine.
I used to run a Mac LAN in the early 90s, and AppleScript was a complete godsend for administration.
And now with OSX, the scripting language lines blur a bit, because I can have applescripts that execute command-line apps, and vice-versa.
Being able to tell Excel to open a document, update it from its ODBC data source, save changes, then tell Mail to email it to a bunch of people as an attachment. It's a good thing.
Why, oh why, would you wait until the week AFTER MWSF to announce this? Hopefully somebody got shot for getting the CD masters out two weeks too late.
Was anybody at MWSF who got to see these guys? What were they saying?