blog.dev001.net

• Never post to mailing lists with your real name when you’re not sure that you explicitely WANT the messages to be shown when you’re googled. Keep in mind that when you write something today, you may have opposite opionions in a few years, but the Google results in a few years may just show the message of today!
• Don’t support mailing lists, use Web-based forums whenever you can. These have a database storage where you can easily delete messages with one command and the messages won’t be distributed over many different archive servers, too. Web-based forums have other advantages, too (more … Continue Reading
  

Fujitsu Siemens Computers recommends Windows Vista® Business for Business Computing

Fujitsu Siemens Computers recommends Windows Vista® Home Premium for Personal Computing
But what if you need Linux running on your Laptop because you are a computer professional and want a robust base for your daily work?

The good news is: In opposite to many other laptops I’ve tried, Ubuntu 8.10 works “out of the box” (including LAN, WLAN, Web cam) with the Fujitsu-Siemens Amilo Pi 3540 which is quite a good all-round notebook. I can fully recommend it for Linux users.

Many people use AMaViS or amavisd-new to combine Postfix with ClamAV and SpamAssassin. However, Amavis takes huge amounts of CPU time and memory. Also, it’s quite slow and difficult to configure, so another solution without Amavis would be interesting.

In this article, I will only discuss server-wide solutions without procmail because it can’t be used with virtual domain mailboxes.

It’s possible to use a shell script that calls ClamAV and SpamAssassin as a Postfix content filter:

/opt/mail-scanner

#!/bin/sh

EX_OK=0
EX_BOUNCE=69
EX_DEFER=75

SENDMAIL=”/usr/sbin/sendmail -G -i”

SPAM_DIR=/home/mailscan/spam
VIRUS_DIR=/home/mailscan/viruses

function cleanup {
for fname in ${tmpfile[@]}
do
rm -f $fname
done
}

for ((i=0;i<2;i++))
do
fname=`mktemp -p /tmp mail-scanner.XXXXXXXX`
if [ “$?” != 0 ]; then
logger … Continue Reading

A quick scan of sites made with Typo3 told me that 99 of 330 pages are still vulnerable to the last Typo3 security bug that allows to read all .php files, including localconf.php (where the database password and other things ard stored) at the moment.

That means that about 30 % of all Typo3 pages show their database passwords (and other things) in clear text 5 days after the security bulletin has been sent out.

To send pingbacks from your site to other blogs/communities/etc., you can use the PHP CURL module:… Continue Reading

If you want to enable a Web site (for instance, a blog or community project) to receive pingbacks, you can use the PHP XML-RPC module.

All you need to do is to

1. create an XML-RPC server
2. register a function for pingback.ping
3. call the server
4. implement the function

The function itself, let’s call it do_pingback, only needs to process the pingback: verify its validity and register the ping somewhere, for instance in the database.

Sample code:… Continue Reading