MoonPoint Support Logo

 

Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals



Advanced Search
August
Sun Mon Tue Wed Thu Fri Sat
       
2004
Months
Aug


Mon, Aug 30, 2004 8:38 pm

Blosxom Calendar Plugin

A plugin to add a calendar to a Blosxom blog is available from Mt. Molelog or from here.

When I first installed the plugin, I received an "Error 500" error from my blog's webpage with the error message "Premature end of script headers: blosxom.cgi". The webpage loaded correctly once I changed the ownership of the state directory, which lies beneath the plugins directory. I used the following commands to change the user and group for the directory:

chown apache state
chgrp apache state

I used apache as the owner and group, since my web server runs Apache webserver software. I could also have used chmod 777 to make the directory world writable, but that would be much less secure, since anyone else on the system could then have write access to the directory.

[/network/web/blogging/blosxom] permanent link

Mon, Aug 30, 2004 5:36 pm

No PTR Record

If you receive bounced messages with "cannot resolve PTR record" or "(reason: 554 5.7.1 The server sending your mail [xxx.xxx.xxx.xxx] does not have a reverse DNS entry. Connection Rejected" as the reason listed for the message bouncing, with "xxx.xxx.xxx.xxx" representing the IP address for your SMTP server, or see messages, such as "Relaying temporarily denied. Cannot resolve PTR record for" followed by your mail server's IP address in your /var/log/maillog file, then the email server that received the message checked the Internet Protocol (IP) address for the sending server. It then tried to do a "reverse lookup" on the IP address to obtain the name of the server. If it couldn't perform the reverse lookup, then it would bounce the message with a statement that it couln't resolve the PTR record. A PTR record is an entry in a Domain Name System (DNS) server that maps IP addresses back to names.

If you see references to http://postmaster.info.aol.com/errors/421dnsnr.html for messages destined for aol.com or netscape.net users, it is due to the same issue. Netscape.net is owned by AOL

An email server adminsitrator may configure an email server to perform such a check to block spammers. I suppose the thinking is that systems used by spammers are more likely not to have PTR records in a DNS server. But, since many email servers not used by spammers will also not have PTR records, I believe such a check is likely to block as much, if not more, legitimate email than spam. And it is hardly an effective means of eliminating spam, since many systems transmitting spam will have PTR records.

A small business may have its own email server with a domain name that maps to an IP address, but the company's ISP may not have an entry in a DNS server that maps that IP address to a name. In such a case, the business may find that email to some domains bounces with the error message about the missing PTR record.

If you are a system administrator with users reporting that they are receiving bounced messages with the "cannot resolve PTR record" for messages addressed to certain domains, then you can configure your email server to send email to just those domains through another email server instead. For instance, your ISP may have restrictions that prevent you from sending email to more than a limited number of recipients at one time. You may have a mailing list that has more email addresses than the ISP allows to be reachable with one message. So you need to use your own email server to reach all of the members of the mailing list. But some of the mailing list members may be using email servers that attempt to look up a name from the IP address of the sending server contacting them.

If you are running sendmail to transmit email, you can edit mailertable, which will be in /etc/mail on a RedHat Linux system. The mailertable file contains special treatment information for a specific domain or family of domains.

As an example, suppose email to bob.bobaroo@us.danzas.com is bouncing with the message about "cannot resolve PTR record". You can add the following line to /etc/mail/mailertable:

us.danzas.com                   smtp:[smtp.centrivity.net]

Once you've added the line, you need to run makemap, to produce the mailertable database sendmail uses. You then need to restart sendmail.

makemap hash /etc/mail/mailertable </etc/mail/mailertable
/etc/init.d/sendmail restart

The first command above will produce or update the file /etc/mail/mailertable.db. I am presuming that you already have mailertable support within sendmail. You can check if that is the case by looking for mailertable within your sendmail.mc file as below:

grep mailertable /etc/mail/sendmail.mc

You should see something like the following, if sendmail is already configured for mailertable support.

FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl

The above example presumes that the ISP server, smtp.centrivity.net, does not require authentication. If the server requires authentication, then you will need to modify the access file, which you may find in /etc/mail. Let's say that the smtp.centrivity server accepts plaintext authentication with a userid of jsmith and a password of GrassHopper. You could enter the following line in /etc/mail/access to have sendmail on your system send the necessary authentication information to the smtp.centrivity.net server.

AuthInfo:smtp.centrivity.net "U:jsmith" "P:GrassHopper" "M:PLAIN"

You would then also need to produce or update /etc/mail/access.db using the makemap command.

makemap hash /etc/mail/access </etc/mail/access

In the case of the ISP's server requiring authentication in order to send email through it to a destination address that is not an email addres on the ISP's servers, you would edit the mailertable and access files before restarting sendmail with /etc/init.d sendmail restart.

References

  1. Using 'mailertable' in Sendmail
  2. SBC-Yahoo ® Authenticated SMTP

[/network/email/sendmail] permanent link

Sat, Aug 28, 2004 12:32 am

Determining the Country Associated with an IP Address

You can use GeoIP to look up the country associated with a given IP address (you can also give it a hostname to determine the country). To create the GeoIP program geoiplookup, you can download the C source code from http://www.maxmind.com/app/c. You will need a C compiler to compile the code. If you intend to use it on a Linux or Unix system, you will have a C compiler on the system, so just follow the instructions below to create the geoiplookup program or read the INSTALL file that comes with the file you download from the MaxMind website. If you intend to install it on a Windows system, read the READMEwin32.txt file that is in the .gz file you download.

Unzip the downloaded file, extract the contents of the resultant tar file and then change the working directory to the GeoIP directory created from the contents of the tar file.

gunzip GeoIP-1.3.6.tar.gz
tar -xvf GeoIP-1.3.6.tar
cd GeoIP-1.3.6

Then run the configure and make commands (installation instructions are in the INSTALL file created in the GeoIP directory, but are also summarized here).

./configure
make

You can then issue the command make check to run self-tests of the package, but this step isn't required. You should then type make install to install the software.

make test
make install

At this point you won't need the program binaries and other files in the source code directory and they can be removed with make clean. You can also remove the files created by configure by issuing the command make distclean. You can also remove the GeoIP directory and its contents, if you wish, since make install installs the package's files in /usr/local/bin, /usr/local/man, etc.

make clean
make disclean
cd ..
rm -fr GeoIP-1.3.6

When the program is installed, you will have a geoiplookup program in /usr/local/bin. You can use that program to lookup the country associated with an IP address or hostname. The country is based on the registration for the IP address, i.e. particular blocks of IP addresses will be associated with particular countries or at least areas of the world. The company using the IP address may be based in some other country, however. For example:

geoiplookup eapplique.com
GeoIP Country Edition: US, United States

The company has their website, eapplique.com, hosted on a server with a US IP address. But if you issue the command whois eapplique.com, you will see the domain name is registered to a company in India (the company provides website design services). So geoiplookup gives you an indication of where a server is likely to be located, but not necessarily the location of a particular company using that server. Companies and individuals may use servers located in other countries.

Registrant:
THE SCS GROUP (EAPPLIQUE-DOM)
   K 3/17, DLF Phase II
   GURGAON, HARYANA 122002
   IN

   Domain Name: EAPPLIQUE.COM

For an example of a lookup for an IP address, here is another example:

geoiplookup 202.64.156.35
GeoIP Country Edition: HK, Hong Kong

[/network/Internet/IP] permanent link

Tue, Aug 24, 2004 11:10 pm

Changing the "From" Address in Outlook 2000

To change the "From" address of a message in Outlook, create a new account using the address you wish to use as an alternative "From" address. You can create a new account by the following steps:

  1. Click on Tools.
  2. Click on Accounts.
  3. Click on the Mail tab at the top of the window.
  4. Click on the Add button then select Mail
  5. Put in the display name you wish to appear in the message. This is just whatever you wish to be the name recipients will see with the email address, e.g. "John Smith".
  6. Click on the Next button.
  7. Type in the alternative e-mail address you wish to use.
  8. Click on the Next button.
  9. Select whether the server you wish to use is a POP3 or IMAP server and specify the server names for incoming and outgoing email.
  10. Click on the Next button.
  11. Put in the password if you want the system to remember it rather than prompting you each time, otherwise leave it blank and uncheck "Remember password".
  12. Click on the Next button.
  13. Select your connection method and click on Next.
  14. Click on the Finish button.

If this isn't an email account you will be checking regularly, but just an alias, i.e. an alternative address that points to the same account as one you are already checking, select the account by clicking on it and then click on Properties. Then uncheck "Include this account when receiving mail or synchronizing". Then click on Ok. Then click on Close to close the Internet Accounts window. You might want to send a message with information@somewhere.com as the "From" address, rather than jsmith@somewhere.com, so in the case that information@somewhere.com is just an alias pointing to the jsmith@somewhere.com mailbox, you would uncheck the "Include this account when receiving mail or synchronizing", since it isn't a separate account.

Once you've gone through the above procedure, you won't need to repeat it again and can use the alternate address you specified as the "From" address in messages by the following procedure:

  1. Compose a message in Outlook the way you normally would.
  2. You may see "To", "Cc", and "Subject" fields, but no "From" field. Click on the Options button.
  3. Click on the downward pointing triangle to the right of the Send message using field to see the list of email addresses you can use in the "From" field. Pick the one you wish to use and then click on the Close button.
  4. Fill in the "To" and "Subject" fields as usual, edit the message and then click on the Send button. The message will now go out with the address you picked for the "From" field.

[/os/windows/office/outlook] permanent link

Mon, Aug 23, 2004 11:05 pm

Keeping a Linux System's Time Accurate

PC and workstation clocks are not highly accurate and will tend to drift from the correct time over time. To keep the system's clock accurate, one can use the Network Time Protocol (NTP). The fact that a system's clock is off by a few minutes may not seem important at first, but if you have to troubleshoot problems involving multiple systems, you will realize that it can take much longer to troubleshoot if the clocks on the systems vary and you must mentally adjust the times to determine the order of events.

NTP software will provide the capability for a system to contact a time server, which provides an accurate time source. In the United States time servers may be tied back to the time source provided by the National Institutes of Standards and Technololgy (NIST).

On RedHat Linux systems, you can use the ntp package to set up your system to obtain time from a time server using NTP.

Installing and configuring the ntp package on RedHat Linux is detailed below. The example below uses ntp-4.0.99k-15.i386.rpm, which is version 4.0.99k release 15 of the ntp client. If you are using a later version of RedHat Linux, a newer version of ntp may be available for your version of Linux. Except for the RPM file name, the installation and configuration process should be similar.

  1. Install the package, e.g. rpm --install ntp-4.0.99k-15.i386.rpm.

  2. Edit /etc/ntp.conf file. Add a server line to point to a publicly accessible time server, e.g. server 198.82.162.213 to use the time server lennier.cc.vt.edu. You then should have lines similar to the following in the ntp.conf file:

    server 198.82.162.213
    server 127.127.1.0 # local clock
    fudge 127.127.1.0 stratum 10


  3. Use chkconfig to configure the service to start when the sysem boots

    chkconfig ntpd on

  4. Start the service.

    /etc/init.d/ntpd start

  5. If you wish to immediately update the time to match that on the time server, you can use the ntpdate command, e.g. ntpdate -b lennier.cc.vt.edu .

You can check that the service is functioning with the ntpq command.

ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
 lennier.cc.vt.e Tick.UH.EDU      2 u   34   64    1   28.516    0.340   0.000
 LOCAL(0)        LOCAL(0)        10 l    9   64    1    0.000    0.000   0.000

You can check to see whether your system is functioning as an NTP server, which means it will be listening on NTP UDP port 123 by using the netstat command.

netstat -a | grep "ntp"
udp        0      0 gna.somewhere.com:ntp    *:*
udp        0      0 localhost.localdoma:ntp *:*
udp        0      0 *:ntp                   *:*

You should see the system name followed by ":ntp", which indicates it is listening for connections on the NTP port, UDP port 123.

If you are blocking access to the system with a firewall, you will need to provide a rule for UDP connections to port 123, if you want to allow other systems the capability of obtaining the time from your NTP server.

If you wish to trace the path back through a sequence of time servers to find the master time source, you can use the ntptrace command.

ntptrace
localhost.localdomain: stratum 3, offset 0.000100, synch distance 0.22896
lennier.cc.vt.edu: stratum 2, offset -0.016537, synch distance 0.04396
time-b.nist.gov: stratum 1, offset -0.012730, synch distance 0.00000, refid 'ACTS'

The example above shows that the system gets its time from lenier.cc.vt.edu, a stratum 2 server, which in turn gets the time from time-b.nist.gov, a stratum 1 server.

References

  1. Decibels Linux NTP Tutorial
  2. NIST Internet Time Service
  3. NTP - The Network Time Protocol
  4. ntpq - standard NTP query program
  5. ntptrace - trace a chain of NTP servers back to the primary source
  6. US Naval Observatory NTP Network Time Servers
  7. Using the Network Time Protocol to Sync Your Network
  8. Keeping Time on Windows Machines

[/os/unix/linux/network] permanent link

Wed, Aug 11, 2004 12:07 pm

Determining the Version of Irix Running on an SGI System

To determine which version of the Irix operating system i(OS) you are running on a Silicon Graphics, Inc. (SGI) system, use the "uname -R" command.

uname -R
6.5 6.5.19m

The second of the two values, minus the trailing character, is the actual version number, e.g. 6.5.19 above. SGI calls this value the "extended" version number.

The "-R" option to the uname command is unique to Irix systems. See the Irix uname manpage for further information on version numbering and options for the uname command on Irix systems.

[/os/unix/irix] permanent link

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo