Mar 23 2023
My last post described how to add a custom X-header to outgoing email in postfix. But of course this approach is rather a blunt instrument because it necessarily adds the header to all outbound mail which originates from my server. In my particular case that does not matter overmuch, because any and all mail accounts …
Permanent link to this article: https://baldric.net/2023/03/23/custom-headers-in-claws-mail/
Mar 14 2023
In my post last week about the X-Clacks-Overhead HTTP header I mentioned that I had added the header to my postfix configuration as outlined in the advice given at gnuterrypratchett.com. As it turns out that advice does not work exactly as I wanted. Firstly, and most importantly, using the “header_checks” table is sub-optimal because it …
Permanent link to this article: https://baldric.net/2023/03/14/postfix-x-headers/
Mar 09 2023
For some years now I have included the “X-Clacks-Overhead” header in trivia’s lighttpd.conf as a tribute to the late great Sir Terry Pratchett. I am a huge fan of Pratchett’s Discworld series. You may not see the header when you browse trivia, but it is there. Users of linux based systems can easily inspect the …
Permanent link to this article: https://baldric.net/2023/03/09/x-clacks-overhead/
Oct 15 2021
Or how to block the entire Facebook network. In my last post on Facebook’s misfortunes I mentioned that my wife initially blamed me, assuming it was just local and that I had made some new change to my local network configuration. Now whilst I do actually bin some of Facebook’s more annoying subdomains (such as …
Permanent link to this article: https://baldric.net/2021/10/15/zuck-off-facebook/
Sep 06 2021
For many years now I have used check2ip to, well, check my IP address. That service on a single page on the net gave me a quick snapshot of my current address and the DNS servers I was resolving against. I used it because I have a bunch of VPNs (and usually route my traffic …
Permanent link to this article: https://baldric.net/2021/09/06/check2ip-gone/
May 15 2021
I am posting this in the hope it may help others who find themselves in a similar position to myself. I have recently upgraded my mobile ‘phone (from a Motorola Moto X4) to a Moto G7 plus. I chose this particular phone because I like Motorolas. I like the fact that they are relatively cheap …
Permanent link to this article: https://baldric.net/2021/05/15/fastboot-oem-get_unlock_data-hangs-on-moto-g7-plus/
Jun 06 2020
My previous two posts discussed the need for encrypted DNS and then how to do it on a linux desktop. I do not have any Microsoft systems so I have no idea how to approach the problem if you use any form of Windows OS, nor do I have any Apple devices so I can’t …
Permanent link to this article: https://baldric.net/2020/06/06/encrypting-dns-on-android/
May 25 2020
In my last post I explained that in order to better protect my privacy I wanted to move all my DNS requests from the existing system of clear text requests to one of encrypted requests. My existing system forwarded DNS requests from my internal dnsmasq caching servers to one of my (four) unbound resolvers and …
Permanent link to this article: https://baldric.net/2020/05/25/encrypting-dns-with-dnsmasq-and-stubby/
Jul 07 2019
In my 2017 article on using OpenVPN on a SOHO router I said: “In testing, I’ve found that using a standard OpenVPN setup (using UDP as the transport) has only a negligible impact on my network usage – certainly much less than using Tor.” That was true back then but is unfortunately not so true …
Permanent link to this article: https://baldric.net/2019/07/07/openvpn-clients-on-pfsense/
Feb 16 2019
OK, I admit to being dumb. I got another scam email yesterday of the same formulation as the earlier ones (mail From: me@mydomain, To: me@mydomain) attempting to extort bitcoin from me. How? What had I missed this time? Well, this was slightly different. Checking the mail headers (and my logs) showed that the email had …
Permanent link to this article: https://baldric.net/2019/02/16/postfix-sender-restrictions-job-not-done/
Jan 24 2019
I mentioned in my previous post that I had recently received one of those scam emails designed to make the recipient think that their account has been compromised in some way and that, furthermore, that compromise has led to malware being installed which has spied on the user’s supposed porn habits. The email then attempts …
Permanent link to this article: https://baldric.net/2019/01/24/postfix-sender-restrictions/
Jan 30 2017
Back in October last year, I posted a note about the usage of variable substitution in lighttpd’s configuration files. In fact I got that post very slightly wrong (now corrected) in that I showed the test I applied in the file as: “$HTTP[“remoteip”] !~ “12.34.56.78″”. (Note the “!~” when I should have used “!=”). This …
Permanent link to this article: https://baldric.net/2017/01/30/variable-substitution-redux/
Oct 19 2016
I’ve been a lighty user for many years now, having junked apache when it became obviously overweight for my target devices (the slugs in particular). Trivia is, of course, powered by lighty as are all my other websites. Lighty’s configuration file syntax is reasonably simple to understand, and is well documented on the Redmine wiki. …
Permanent link to this article: https://baldric.net/2016/10/19/variable-substitution-in-lighttpd/
May 02 2016
I have recently been building a new NAS box (of which, possibly, more later). In fact the build is really a rebuild because I initially built the server about three years ago in order to consolidate a bunch of services I was running on assorted separate servers into one place. That first build was a …
Permanent link to this article: https://baldric.net/2016/05/02/raid-performance/
Jan 11 2014
I have a large collection of photographs on my computer. And each Christmas the collection grows ever larger. I use digiKam to manage that collection, but as I have mentioned before, storing family photographs as a collection of jpeg files seems counter intuitive to me. Photographs should be on display, or at least stored in …
Permanent link to this article: https://baldric.net/2014/01/11/strip-exif-data/
Dec 30 2013
Today I had occasion to test trivia’s page load times. I used the (admittedly fairly dated) website optimization test tool and was surprised to find that it reported that parts of the pages I tested were not compressed before delivery. I have the default compression options set in my lighty configuration file as below: compress.cache-dir …
Permanent link to this article: https://baldric.net/2013/12/30/http-compression-in-lighttpd/
Dec 10 2013
My recent explorations of how to strengthen the ssl/tls certificates I use on both trivia and my mail service have given me cause to look for tools to help me test my configuration. The Calomel firefox plugin and sslabs site are very useful for checking HTTPS configurations, but they are fairly specifically aimed at that …
Permanent link to this article: https://baldric.net/2013/12/10/ssl-cipher-check/
Dec 07 2013
A recent exchange amongst ALUG email list members about list etiquette resulted in a flurry of postings on a variety of related topics. I posted a flippant comment about top posting, but did so (deliberately) from my Galaxy tab using Samsung’s default email client which actually forces top posting. Steve responded suggesting that I look …
Permanent link to this article: https://baldric.net/2013/12/07/tls-ciphers-in-postfix-and-dovecot/
Sep 12 2013
For some time now I have protected all my own connections to trivia with an SSL connection. I do this to protect my user credentials when managing trivia’s content or configuration. In fact my server is configured to force any connection coming from my IP address to a secured SSL connection so that I cannot …
Permanent link to this article: https://baldric.net/2013/09/12/add-ssl-to-lighttpd-server/
Aug 25 2013
Over at the the cypherpunks mail list, one Tony Arcieri posted a graphic showing an interesting rise in the number of OpenPGP keys registered on the SKS keyserver in the last month or so. The graphic comes from the SKS statistics page. The overall trend is clearly upwards, and has been for some time, but …
Permanent link to this article: https://baldric.net/2013/08/25/openpgp-usage/
May 27 2013
I run two tails mirrors. One in NYC, the other in SanFrancisco. They each serve around 2-3 TiB of data per month. In common with my other servers, occasionally I need to interrupt those VMs in order to effect a system upgrade. I had to do this very recently with my upgrade of all my …
Permanent link to this article: https://baldric.net/2013/05/27/lighttpd-graceful-shutdown/
Mar 26 2013
There is usually more than one way to solve a problem. Back in October last year I wrote about using OpenVPN to bypass NAT firewalls when access to the firewall configuration was not available. I have also written about using ssh to tunnel out to a tor proxy. What I haven’t previously commented on is …
Permanent link to this article: https://baldric.net/2013/03/26/using-an-ssh-reverse-tunnel-to-bypass-nat-firewalls/
Feb 28 2013
I have recently upgraded the internal disk on my main desktop from 1TB to 2TB. I find it vaguely astonishing that I should have needed to do that, but I do have a rather large store of MP4 videos, jpeg photos and audio files held locally. And disk prices are again coming down so the …
Permanent link to this article: https://baldric.net/2013/02/28/touching-update/
Nov 16 2012
Today I had a nasty looking problem with my mysql installation. At first I thought I might have to drop one or more databases and re-install. Fortunately, I didn’t actually have to do that in the end. I first noticed a problem at around 15.45 today when I couldn’t collect my mail. My mail system …
Permanent link to this article: https://baldric.net/2012/11/16/forcing-innodb-recovery-in-mysql/