Installed the router tonight. Some problems with the DynDns client failing, so I’ve reverted back to the Linux box for the moment. I bought a subscription on Sveasoft’s site so I can get access to newer code, and to support his work.

This past week the fuel gauge on my GTi stopped responding properly. The needle would swing to full and stay there; I know my mileage isn’t that good. A search on the net turned up a couple of people who had similar problems, but they’d filled the car while the key was in the ignition. Apparently the gauge doesn’t reset properly.

My scenario was different - I always keep my keys in my pocket when fuelling - but it got to think about “rebooting” the car by disconnecting the battery for a minute. Sure enough, the gauge seems to be working again.

This isn’t the first time I’ve “fixed” a problem on the car this way, and none of the problems have resurfaced later (other than when I had a faulty mass airflow sensor). I can only imagine how much I’d have paid the dealer to fix this.

Bob Cringley writes about the WRT54G in this week’s edition of the Pulpit. I recalled reading a story about the device on Slashdot a few months back. At the time I had just started into hacking apart an Xbox to play recorded TV programs, so I didn’t pick one up.

When a friend mentioned he was using one last week, I ordered one to play around with. It should arrive today - just in time to give me something to pull apart this weekend.

I was poking around in my spam folders tonight comparing the results of Spam Assassin against a simple Procmail recipe that tags messages with URLs in them. I run both filters all the time, catching almost all spam. I need to add a recipe that tags base64 encoded messages to clean up the rest.

Interestingly enough, simply throwing out all messages with URLs that don’t come from people on a whitelist catches more spam than Spam Assassin does. Since almost all spam comes with a URL it’s easy to filter for unless you receive plenty of legitimate email with URLs, and can’t easily maintain a whitelist. The whitelist method has its drawbacks, primarily with web transactions that involve email verification. It’s a trivial task to find the message at the end of a spam folder to find the address and add it to the whitelist.

Microsoft has endorsed the Sender Policy Framework (SPF). Having them onside will help push the proposed standard forward, and it is a major step towards minimizing forged mail. It won’t solve the spam problem completely, since spammers are free to setup their own domains, but it helps to increase the cost of spamming. Blocking known spam-sending domains is trivial, so spammers will have to regularly purchase new domains in order to send to MTAs that only accept mail from domains with SPF records.

I’ve setup an SPF record in the DNS records for this domain. Every so six weeks or so, some spammer uses my address as the reply-to on a bulk mailing, and I get a pile of message undeliverable responses from stupid MTAs that are configured to send replies to obviously forged messages. Once we finish moving servers around at the hospital, we’ll be setting up SPF records in the DNS there.

I’ll also be configuring Postfix both here and at the office to drop bounced messages that were forged from us.

Whoever is using this guy to send their advertisements needs to find themselves a new spammer, preferably (from their perspective) one who knows how to define variable values in their software:

Date: Tue, 25 May 2004 16:48:57 +0300
From: B…..t W…..n < ...@adelphia.net>
Reply-To: B…..t W…..n < ...@adelphia.net>
To: Apayne
Subject: No complicated formalities of any kind,
just order 3PhorZUcTwpjd9FUqK78

[ The following text is in the "iso-8473-5" character set. ]
[ Your display is set for the "ISO-8859-1" character set. ]
[ Some characters may be displayed incorrectly. ]

We created an online medical consultation to get you the medications you need without the hassle, embarrassment, and cost of the doctor’s office and pharmacy. %RND_AD_2 Plus: %RND_ALL_OTHER_MEDS No complicated formalities of any kind. No waiting rooms. Here.. Use Microsoft Internet Explorer to view the following website: www.%RND_HOST. Please copy and paste the URL on your browser’s address field. %RND_PHRASE %RND_PHRASE %RND_PHRASE %RND_PHRASE

I spent most of today sorting out and documenting changes we;re planning to make to our mail handling at the hospital. We’ve been upgrading some of the edge servers recently, and have had a fair number of requests for us to do something about spam. We’ll be inserting a machine running Spam Assassin between the edge mail hosts and our MS Exchange server.

One of the decisions I had to make was was whether or not to use RBLs. I’ve personally been opposed to the idea since I first heard of them, because I don’t like the idea of innocent individual sites and users getting caught in the battle against spam. I understand the reasoning behind the RBL operators wanting to put pressure on ISPs, but don’t agree with the principle of applying that pressure by preventing innocent users from sending email to sites using RBLs. To support my decision, I linked a copy of The SPAM Problem: Moving Beyond RBLs, which I recalled reading 18 months ago into our document. Philip presents a thorough case for not using RBLs in the fight against spam.

This site has existed in various forms for several years, starting with static pages edited in vi, and then moving through my own perl scripts to end up as a PHP-Nuke site. In January 2003 I merged the Al-manac into Globecord, a goofy site that I run with some friends. Last fall I setup Geeklog to start playing around with another application. Globecord has been customized a fair amount, but I wanted a stand-alone place to post thoughts on technical issues.

A couple of recent stories (1, 2) on Slashdot piqued my curiousity in open-source CMSes again. Today I installed WordPress, and start yet another incarnation of my online presence.