Feb 022016
 

I use screen capture.  A lot.  I use it to capture reminders.  I use it to capture technical information that I might need later.  I use it to capture images of bills I have paid online…  You get the idea.  On more than one occasion, I’ve wanted to review an image I captured when I was away from my computer.  What a pain.  So I got thinking about how I could use iCloud document sharing to synchronize the images between devices.  The image files aren’t particularly large.  I use Dropbox for just about everything, so the 5GB of free Apple storage is more than enough.  I’m not terribly worried if Apple changes something with .mac, (I mean .me, I mean iCloud) and deletes all my shit… While I love their (older) computers, their cloud “services” seem to be getting worse and worse in the post Jobs era.

Back on topic, the process to accomplish this was fairly easy, but did require 3rd party software.

I first attempted to save the screen shots directly to the iCloud Documents folder (technically a folder called ‘screenshots’ that I had created there), but no dice.  So I figured I’d just have the screen captures saved in the ‘screenshots’ folder I created in the Pictures folder.  Then use something monit to watch the folder and call a shell script when it sees new files added.

So I got about 5 minutes into that and then remember that I had a copy of Hazel.  Mashing buttons in the shell demonstrates computer ninja skills.  But if you just want to get shit done in a hurry (or you don’t know shit), nothing better than a solid GUI to serve up that command line power.Hazel Rule

You can see the path info in the picture.  But just in case you’ve got those “progressive bifocals” it looks like this:

NOTE:  I added screenshots to keep the root folder clean.

I know, a GUI solution is totally cheating.  You could do it for free with monit….  Whatevs…  Here’s what it looks like on the phone:

Screenshots in iCloud

May 022015
 
roku

While I hate to admit it, sometimes the only way to get a few minutes of rest while away on a family vacation is to throw the kids in front of the tv for an hour or two.  Unfortunately, most of the tv shows I’m willing to let my kids watch aren’t typically available in the hotel room.

Luckily, most hotels have tv sets that have a free composite or HDMI port available.  This allows you to easily connect your own Roku, Apple tv or other streaming device and access your own programming.  The one SNAFU is that most hotel wi-fi networks require you to authenticate your access with a password, and there is no way to do that from your Roku.

Here’s a little trick to get you around that.  Assuming you’ve brought your laptop (for demonstration purposes, I’m using an Apple laptop), you can authenticate the Roku device using your laptop.  The first thing you’ll need to do is to get the MAC address of the Roku.  Luckily, it’s printed on the back in nice, easy to read lettering.  Here’s a picture of mine:

Roku

One you have the MAC address, you temporarily ‘spoof’ (think clone) this mac address onto the wireless network adapter of your computer.  On OSX 10.x, you do it in terminal like so:

Screen Shot 2015-05-02 at 7.38.09 PM

Once you’ve spoofed the MAC address, join the wireless network and authenticate from your laptop:

Screen Shot 2015-05-02 at 7.36.19 PM

Repeat the terminal command using the original MAC address to restore your original settings.

Now that the MAC address of the Roku has been authenticated with the hotel network and been issued a network address, you simply have to plug it into the tv, turn it on and then join the network from the settings page!  You now have access to Netflix, Hulu, Amazon Prime, Plex and anything else you already have on your Roku!  (And you have the kids occupied long enough to make a blog post!)

Nov 112014
 

Following many months of attempting to resolve an issue whereby incoming mail delivery was disrupted every 48 – 60 hours, I now have a functioning patch in place. Recently, I determined that the mail filter (amavis), was faulting during it’s cleanup cycle. Somehow it’s temp (working) folder is deleted, and then the process hangs. Consequently, postfix is unable to deliver mail since the filter has broken it’s connection. Thanks to monit (http://en.wikipedia.org/wiki/Monit), I was able to configure a service that verifies the temp folder status every 60 seconds, and then creates the folder with the proper user/group permissions (_amavisd:_amavisd) if it does not exist. Mail delivery is restored immediately, as the amavis process is now able to execute.

IMG_3255
The mail server has now been error free for four
days and counting!

IMG_3256

No need to watch the server logs in real-time any longer!

The amavisd version included with Mountain Lion is 2.8.0. I believe that somewhere in the modified code is an error that is triggered by a yet to be identified instruction sequence or message handling. It is certainly due to some modification I made to the server config at some point. Either way, there should be no further ‘tweaking’ required. I am now able to direct my attention back to the pure Linux mail server that will enable end users to customize their own mail filtering options. Once the configuration is tested, I can begin importing the active directory accounts, and replicating dovecot folders.

Now that I won’t have to restart the mail service – the monit solution solves the problem gracefully. Existing IMAP connections to dovecot are not disrupted, so end users are not disconnected from their mailboxes. Not only will confidence be restored, but secondary issues such as incorrect passwords entered at the mail client’s prompting will improve end user satisfaction.

Aug 252014
 
Junk

If you are running postfix/dovecot using the server app on OSX 10.8.x and want to implement the markasjunk2 plugin for roundcube, allow me to save you hours of frustration…  Here are the settings that worked for me.

Assuming you intent to use sa-learn to update the Bayesian filter when using the plugin, modify config.inc.php as follows:

Set plugin to use cmd_learn driver:$rcmail_config['markasjunk2_learning_driver'] = cmd_learn;

 

$rcmail_config[‘markasjunk2_learning_driver’] = cmd_learn;

Set spam option for learn driver:$rcmail_config['markasjunk2_spam_cmd'] = 'sudo /Applications/Server.app/Contents/ServerRoot/usr/bin/sa-learn  --spam %f';

$rcmail_config[‘markasjunk2_spam_cmd’] = ‘sudo /Applications/Server.app/Contents/ServerRoot/usr/bin/sa-learn  –spam %f’;

Set ham options for learn driver:

$rcmail_config['markasjunk2_ham_cmd'] = 'sudo /Applications/Server.app/Contents/ServerRoot/usr/bin/sa-learn --ham %f';

$rcmail_config[‘markasjunk2_ham_cmd’] = ‘sudo /Applications/Server.app/Contents/ServerRoot/usr/bin/sa-learn –ham %f’;

If you want to see it in action, be sure to turn on logging:$rcmail_config['markasjunk2_debug'] = true;

 

$rcmail_config[‘markasjunk2_debug’] = true;

In order for roundcube to call sa-learn with access permission to spamassassin database, it is necessary to update the sudoers file.

Open terminal and type:  sudo visudo

Screen Shot 2014-08-25 at 10.28.51 AM

(homebrew is so much easier on the eyes)

 

Once in the sudoers file, add the following line:

Screen Shot 2014-08-25 at 10.05.50 AM

 

 

 

_www ALL=(root) NOPASSWD:/Applications/Server.app/Contents/ServerRooy/usr/bin/sa-learn

After you have added the changes,  save your changes –   ‘:’  brings up menu and ‘w’ to write changes.  Then ‘:’  and ‘q’ to quit (I prefer nano to vim, but supposedly there is some voodoo about changing the sudoers file in an unsafe manner and you’ll shoot your eye out.. blah blah blah.

Open roundcube inbox, and mash the junk button, and see the results in the log file:

displayed at bottom of roundcube interface

 

learned some tokens!

Here are some good references (without which, I’d have never gotten this working):

 

Oct 242013
 

So Mavericks Server really made a mess in upgrading my Mac Mini from Mountain Lion.  In the end, the Mavericks upgrade went well.  Trouble began with installation of Server 3.  About half way through ‘updating data’ the system would hang, and then get stuck in the old grey screen of death loop.  Fixing permissions on the system folder solved the boot issue.  Re-run server install, and bang!  Same issue.  Since I only care about the websites, I fixed the permissions again, then renamed the server folder.  Created a new server folder and copied in the contents of my existing web folder.  This time the installer completed (without fragging permissions), and successfully migrated my data… assuming you’re reading this.  I’ll worry about what it got hung up on later… or never.  After all, it’s an OS migration.  Didn’t expect it to be flawless.

Aug 182012
 

I’ve been doing the IT thing for a bit now.  In recent years, I’ve found more job satisfaction in finding solutions for complex problems (usually with budget constraints), workflow optimization, and consulting work.  Inevitably, I wind up doing the occasional repair or virus/malware removal job.  Malware removal is probably the type of work I like the least.  Malware removal on older machines (say 4+ years) is especially tedious, given the number of reboots typically required.  While awaiting system reboot, there is plenty of time to contemplate the source of the malware “infection.”

I would say that in the small business world, where company e-mail addresses are used for personal and business purposes, the bulk of malware code introduced to PCs comes from unsolicited e-mail.  It’s amazing how easy it is to trick an unsuspecting user into clicking on a link.  People are so rushed in their work that they miss obvious characteristics of spam e-mail that should be dead giveaways: Spelling and grammatical errors; attachments in .zip format; missing content such as letterhead/company logos, etc.

Since I’ve finally got spamassassin working on the new e-mail server, I’m seeing that our heavy users receive an average of 6 – 8 spam messages an hour during the day.  That explains some malware I’ve had to clean up in the last 18 months.  I guess it’s all the more reason to bring our e-mail in-house.

In conclusion, I would recommend that every small business adopt the following guidelines for use of company e-mail:

  1. Request that users only utilize their company e-mail addresses for company business.  Keep the jokes and topless beach photos to your personal e-mail accounts.
  2. Implement some sort of server-side spam filtering technology.  While client-side filtering allows users to more easily find messages they are looking for, downloading the spam to the e-mail client still leaves the end user vulnerable to malware.

I suppose you could get a little bit more draconian about it and remind users that everything the send/receive via e-mail is the company’s intellectual property…