There are many tools available that will allow a programmer to create log entries. I originally worked with log4j, but have recently been working with logback. I am also working with Jython and am looking at Python’s logging framework. Used well they can make log analysis simple and provide a rich tool for resolving issues. […]
Author Archives: Bill Thorsteinson
Tuning Linux CPU Performance
A recent kernel change broke my CPU performance tuning. I have an AMD processor which presents 4 cores to the kernel. The process in this article should work for Intel processors although the governors and CPU settings tree may be different. Different kernels may also have different settings. The current kernel allows setting the governor per […]
Adding SHA-2 to tinyca
Google has announced a sunset for SHA-1 certificate signatures in Chrome. SHA-2 (aka SHA-256, SHA-384, and SHA-512) is the remaining option for certificate signatures. I decided to upgrade my certificates to SHA-2 (256 bits). However, when I tried to use tinyca2 to generate a SHA-2 certificate, I found it was not supported. As tinyca2 is […]
Disabling SSLv3 to block Poodle
The new Poodle vulnerability lead me to disable SSLv3 on my Ubuntu server. I have TLS/SSL enabled on three services: apache2, exim4, and dovecot2. Each service required a different method to disable SSLv3. Ubuntu uses configuration files split into small pieces. The method should apply to other distributions, although the configuration files may be arranged […]
Disable TraceClassUnloading in Java6
I recently discovered logs filling up with log messages for classes being unloaded during garbage collection. After a little research, I found that the TraceClassUnloading switch gets turned on by the Xloggc switch. After a little testing I found, that this can be resolved by adding the argument -XX:-TraceClassUnloading after the -Xloggc argument.
Hostnames for eximstats Rejections
I use eximstats to report my daily email traffic. I have a fairly high rate of rejections, and wanted hostnames listed in the rejection reports. To resolve this I developed a patch to capture the hostname related to the IP address, and add this data to the rejection reports. The enhanced list saves me the […]
Faking IMAP for Exchange Email
Using DavMail to add IMAP, SMTP, and CalDav access to Exchange WebMail Servers. Works with Thunderbird and Windows Live clients.
Providing IPv6 DNS resolver data with radvd
How to provide DNS server addresses to IPv6 clients using Router Announcements.
Detecting Email Server Forgery
Verification methods for incoming SMTP connections with statistics. How to validate your server, and block Spambots.
Securing your Email Reputation with SPF
SPF (Server Policy Framework) is a simple means to limit the ability of others to forge your identity in email. I first implemented it after a forged identity under my domain was used to send Spam. Once SPF was configured, the bounce messages quickly dropped off. Although not as frequently implemented as sender address checks, […]