August 25, 2008 at 11:29 pm · Filed under Linux

The perfectionist inside me has been furious at how fetchmail keeps flooding my mail server’s logs with messages about invalid SSL certificates (one of my hosts uses ‘localhost’ as the name in the certificate…), making it almost impossible to check what’s going on with my mail server and so forth. Fetchmail itself has no way of removing these messages (the response seems to be ‘tell your host to fix their SSL certificate or put up with it’), so I was trying to find a sysklogd replacement that supported filtering so I could filter out these annoying messages, but they all seemed to take far too much effort.

Then I had a brainwave: do it myself. And so this is my lesson learnt – if in doubt, write a Perl script.

Read the rest of this entry »

Comments off

August 11, 2008 at 1:52 pm · Filed under The Internet

At home I run a virtual machine as a nameserver for my network (and my VPN). Technically it runs two DNS servers; BIND for local queries (.haven.network) and djbdns (specifically dnscache) on a separate IP address for everything else. Previously, I have always used my ISP’s (BT) nameservers for forwarding, and since using dnscache I have been querying the root servers directly (dnscache by default seems to recommend this, even though I’m pretty sure it’s bad practice).

Recently, a very significant DNS threat has come to light, and one of the recommendations was to use OpenDNS as your forwarder if you cannot patch yourself. As I was using dnscache, I wasn’t vulnerable to the threat, however it did make me take a closer look at OpenDNS than I had when it was first launched. And now I’ve been using them as my primary forwarders for a week, I thought I’d talk about how I’ve got on. Read the rest of this entry »

Comments (4)