>In fact, few sensible Brits would knowingly make a Twitter joke about terrorism, after what happened to Paul Chambers [wikipedia.org]. Few sensible brits would set foot in the US as it stands, myself included.
Better story editing by the slashdot staff and a "Spam" moderation option so we can instantly filter out the automated bot posts trying to sell knock off electronics and other assorted crap.
1). Install postfix (fantastically efficient, excellent documentation, mailing lists and security track record). Postfix will handle any mail setup you care to dream up.
2). Install dovecot (this is now the reference daemon for modern IMAP and POP on linux)
3). Install Spam Assassin and ClamAV for spam and anti-virus (they will do a good job but not as good as what you are used to with gmail)
4). Install Roundcube for webmail (currently the best looking floss web frontend for mail)
5). Install open dkim and get it to sign all your outgoing mail (make sure to add the relevant DKIM TXT records to your domains)
6). Add SPF records to all your domains
7). Make sure your server's IP has reverse dns setup.
8). DO NOT run your mail server off your home DSL line as the IP (even if static) will be in all sorts of block lists. Hence the suggestion to get yourself a VPS.
Once you have everything setup, the system will need very little maintenance apart from Spam Assassin and ClamAV.
Finally, you can get away with not having a secondary mx as the senders MTA will re-try periodically if your primary is down. However, if you want a secondary, you can outsource this to a number of third parties for not a lot of cost.
Enjoy, running your own mta can actually be quite fun
I'm quite a few timezones East of you, meaning the live stream will start at 0300 local on Wednesday for me. I'm willing to tough it out and stay up to watch it if necessary but it would be much more civilised if I could watch a playback. Will it be available for download later or is it live only?
It sucks I've only just learnt about geeksessions:( Some of your earlier events look awesome
Sounds great in theory but having been bitten twice now by companies incorrectly double or treble billing me I no longer allow anyone to automatically debit from my account. Much safer to log on to a suppliers payment portal every month and manually make a payment using my debit card.
I wrote "an algorithm you apply to your password before it gets hashed" which could of course mean appending random string data. My mistake was to assume that appending the same randomly generated string to all passwords would be sufficient salt. I didn't consider users who used the same password.
Nice explanation, I stand corrected:) I hadn't considered the (obvious now you point it out to me) fact that lots of users would likely have the same password. Unique salts obviously help in that regard.
I'm not a crypto expert but my understanding of salt is that it is simply an algorithm you apply to your password before it gets hashed. In order to verify a password, the system obviously needs to know the salting algorithm in order to compute the correct hash. If your password hashes have been stolen, it is reasonably likely that your salting algorithm has too. Therefore, whether or not each hash has it's own unique salt becomes largely irrelevant as the attacker will likely know how to produce each salt.
Of course if the authentication box and the hash database are on separate machines and only the hash database gets hacked, then it might be slightly useful. But then, even if you only used one salt for all the hashes, your passwords would still be safe from rainbow tables assuming your auth box was not hacked.
Yep it ain't pretty in France:/ I am originally from the UK and really miss the packages I used to get there (although looking at your package it seems Austria is even more competitive than the UK).
I don't know which country you're in but in Europe you would simply opt for a "sim only" contract. I'm in France (not the most competitive country for mobile rates) and use this: http://www.virginmobile.fr/nos-offres/forfaits-liberty-sim-et-plus.htm (EUR 29.90/month for 5 hours call time any network any time, unlimited sms and 500MB of internet usage per month with no minimum contract period).
Slashdot Mirror
>In fact, few sensible Brits would knowingly make a Twitter joke about terrorism, after what happened to Paul Chambers [wikipedia.org].
Few sensible brits would set foot in the US as it stands, myself included.
Better story editing by the slashdot staff and a "Spam" moderation option so we can instantly filter out the automated bot posts trying to sell knock off electronics and other assorted crap.
Apart from that, I'm happy as Larry.
lol keep digging :D
Lol true. In the UK Stella Artois is referred to as "wife beater"
In the UK at least I believe there are anti-ticket taut regulations to try and stop exactly that.
As North Korea says, you are mistaken.
Get a VPS (from e.g. Linode) and:
1). Install postfix (fantastically efficient, excellent documentation, mailing lists and security track record). Postfix will handle any mail setup you care to dream up.
2). Install dovecot (this is now the reference daemon for modern IMAP and POP on linux)
3). Install Spam Assassin and ClamAV for spam and anti-virus (they will do a good job but not as good as what you are used to with gmail)
4). Install Roundcube for webmail (currently the best looking floss web frontend for mail)
5). Install open dkim and get it to sign all your outgoing mail (make sure to add the relevant DKIM TXT records to your domains)
6). Add SPF records to all your domains
7). Make sure your server's IP has reverse dns setup.
8). DO NOT run your mail server off your home DSL line as the IP (even if static) will be in all sorts of block lists. Hence the suggestion to get yourself a VPS.
Once you have everything setup, the system will need very little maintenance apart from Spam Assassin and ClamAV.
Finally, you can get away with not having a secondary mx as the senders MTA will re-try periodically if your primary is down. However, if you want a secondary, you can outsource this to a number of third parties for not a lot of cost.
Enjoy, running your own mta can actually be quite fun
You should change your username to GoodAnalogyGuy :D
Hi Jim
I'm quite a few timezones East of you, meaning the live stream will start at 0300 local on Wednesday for me. I'm willing to tough it out and stay up to watch it if necessary but it would be much more civilised if I could watch a playback. Will it be available for download later or is it live only?
It sucks I've only just learnt about geeksessions :( Some of your earlier events look awesome
Each to their own but I find quite a few of their featured articles worth the read (and their forums have been and still are great)
Not trivial for average joe true but the collaboration requirement is easily fixed by renting a cheap VPS somewhere.
I second Draytek - they are awesome
Ars is still doing ok....
Don't forget Verisigns also charge a wholesale fee of $7.34 as the administrator of the .com namespace.
you sadist!
For the C and relatives, you could do something very similar to Python (or at least you can in php):
if (a==b)
do_something();
Sounds great in theory but having been bitten twice now by companies incorrectly double or treble billing me I no longer allow anyone to automatically debit from my account. Much safer to log on to a suppliers payment portal every month and manually make a payment using my debit card.
I wrote "an algorithm you apply to your password before it gets hashed" which could of course mean appending random string data. My mistake was to assume that appending the same randomly generated string to all passwords would be sufficient salt. I didn't consider users who used the same password.
Nice explanation, I stand corrected :) I hadn't considered the (obvious now you point it out to me) fact that lots of users would likely have the same password.
Unique salts obviously help in that regard.
I'm not a crypto expert but my understanding of salt is that it is simply an algorithm you apply to your password before it gets hashed. In order to verify a password, the system obviously needs to know the salting algorithm in order to compute the correct hash. If your password hashes have been stolen, it is reasonably likely that your salting algorithm has too. Therefore, whether or not each hash has it's own unique salt becomes largely irrelevant as the attacker will likely know how to produce each salt.
Of course if the authentication box and the hash database are on separate machines and only the hash database gets hacked, then it might be slightly useful. But then, even if you only used one salt for all the hashes, your passwords would still be safe from rainbow tables assuming your auth box was not hacked.
That sucks :(
Yep it ain't pretty in France :/ I am originally from the UK and really miss the packages I used to get there (although looking at your package it seems Austria is even more competitive than the UK).
I don't know which country you're in but in Europe you would simply opt for a "sim only" contract. I'm in France (not the most competitive country for mobile rates) and use this: http://www.virginmobile.fr/nos-offres/forfaits-liberty-sim-et-plus.htm (EUR 29.90/month for 5 hours call time any network any time, unlimited sms and 500MB of internet usage per month with no minimum contract period).
Avast, Ad-aware and Google Earth all come with chrome (or did when I last installed them)
Apparently Frederic Mitterrand is in to having extra-marital sex with asian boys according to this Bloomberg piece: http://www.bloomberg.com/news/2011-05-23/strauss-kahn-new-york-case-may-curb-libertine-ways-of-powerful-french-men.html
I'm not surprised he doesn't have a problem with Roman Polanski.