karlberry is currently certified at Master level.

Name: Karl Berry
Member since: 2005-03-23 23:55:48
Last Login: 2016-11-17 14:39:34

FOAF RDF Share This

Homepage: http://freefriends.org/~karl/


Recent blog entries by karlberry

Syndication: RSS 2.0

Setting up sendmail on a new CentOS7 system -- decided to use the system packages instead of compiling from original source, as I always have before, mostly so I'll get secure and auth SMTP; the myriad dependencies always defeated me before.

yum install sendmail sendmail-cf
# build my config files [long story], install in /etc/mail.
systemctl enable sendmail # enable for reboot
# enable port in firewall:
firewall-cmd --permanent --zone=public --add-service=mail
firewall-cmd --reload
firewall-cmd --list-all

The main additional thing is to set up fail2ban.
I found these rules helpful (thanks), as well as the manual and all. I ended up defining my failregex list since others did not match, or did not match enough. Here they are:

failregex = ^%(__prefix_line)s\w{14}: ruleset=check_rcpt, arg1=.*, relay=.*, reject=550 .* Rejected: listed .*$
^%(__prefix_line)s\w{14}: ruleset=check_rcpt, arg1=.*, relay=(.* )?\[\].*, reject=.*(Domain of sender|Relaying (temporarily )?denied).*$
^%(__prefix_line)sruleset=check_relay, arg1=.*, arg2=.*, relay=(.* )?\[\].*, reject=421 .*Connection rate limit.*$
^%(__prefix_line)s\w{14}: ruleset=check_mail, arg1=.*, relay=(.* )?\[\].*, reject=55.*$
^%(__prefix_line)s\w{14}: rejecting commands from \[\].* due to pre-greeting traffic.*$
^%(__prefix_line)s\w{14}: (.* )?\[\].* did not issue MAIL.*$
^%(__prefix_line)s\w{14}: .* relay=(.* )?\[\].* \(may be forged\)$
^%(__prefix_line)s\w{14}: lost input channel from (.* )?\[\].* to MTA.*$

I put this into /etc/fail2ban/filter.d/sendmail-reject-karl.conf, and then this block in jail.local:

enabled = true
port = smtp,465,submission
logpath = %(syslog_mail)s
backend = %(syslog_backend)s

Fingers crossed. Took about seven minutes for the first spammers to show up after I opened the port.

(I don't know why advogato is inserting blank lines in all the pre blocks ... whatever ...)

A not-so-technical friend asked me, "What is a browser?"
My reply was, how about: software providing an interface for navigating information.

Here is my reasoning:

1) "interface" - there are the usual graphical browsers like firefox.
There are also textual-only browsers (such as lynx).
Also, non-interactive programs that simply download a file from the web
can be construed as browsers of a sort. "Interface" can encompass all
of that.

2) "navigating" - because an important component of the whole thing is
going from one piece of information to related, or maybe not related,
information. That is, "hyperlinks", although nowadays people rarely
bother with the "hyper". (I'm ignoring the fact that one can also edit
web pages in browsers, debug javascript programs, and do all kinds of
other unrelated things.)

3) "information" - instead of "web page", because browsers can work with
all kinds of things besides web pages, although of course they are the
most prevalent.

My definition says nothing about the www or even the Internet. This is
because browsers are quite useful for looking at stuff on one's own
computer. In fact, as you may remember or have come across, there was a
huge brouhaha and accompanying lawsuit about this in the late 90s, wrt
people replacing Internet Explorer with Netscape. MS's response was to
make Explorer be "part of" the operating system, specifically not
restricted to poking around the web. (I'll spare you the details, but
if you want them, here is the basic story:

I wrote the above before checking to see what kind of answers came up on
the net. Let's see ...

At least my friend didn't think a browser *is* Google.
(The first 30 seconds are enough to get the flavor.)

Here's wikipedia's take on it (first paragraph is enough):
They're specifically addressing "web browser", not "browser". Few
people would make that kind of pedantic distinction, as I do above.

So it goes ...

The latest TUGboat (v.34 n.1, http://tug.org/TUGboat/Contents/contents34-1.html) contains an item I'm especially proud of: the first fiction we've ever published, a one-page short story by Daniel Quinn, titled Colophon. It's just a fun story (in the members area of the web site, at least for now), but I hope it will encourage people to read Daniel's other (much better known) work, such as Ishmael, Story of B, and Beyond Civilization. His main web site is http://ishmael.org. (TeXxies: it was also the first time it seemed appropriate to use cmfib in running text. :) Thanks to Daniel for giving us permission to reprint it from his collection, At Woomeroo.

Disable Google's super-cookie at http://www.google.com/privacy/ads/ (or with a browser add-on if you don't feel like trusting google :).

Learned about the existence of this from Steven Levy's new book, In the Plex, about Google.

TUGboat 32:2 has been mailed and is now available online.

228 older entries...


karlberry certified others as follows:

  • karlberry certified mattl as Journeyer
  • karlberry certified yosch as Master

Others have certified karlberry as follows:

  • haruspex certified karlberry as Journeyer
  • wingo certified karlberry as Master
  • mirwin certified karlberry as Master
  • richdawe certified karlberry as Master
  • lerdsuwa certified karlberry as Master
  • kjw certified karlberry as Master
  • AlanShutko certified karlberry as Master
  • gobry certified karlberry as Master
  • ncm certified karlberry as Master
  • berend certified karlberry as Master
  • alexm certified karlberry as Master
  • fzort certified karlberry as Master
  • mhatta certified karlberry as Master
  • yosch certified karlberry as Master
  • mattl certified karlberry as Journeyer
  • StephanPeijnik certified karlberry as Master
  • jemarch certified karlberry as Master
  • roozbeh certified karlberry as Master
  • akf certified karlberry as Master
  • chalst certified karlberry as Master
  • bod certified karlberry as Master
  • badvogato certified karlberry as Journeyer new

[ Certification disabled because you're not logged in. ]

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!

Share this page