Systemajik: Building software better.

  • Choosing Log Levels

    There are many tools available that will allow a programmer to create log entries. I originally worked with log4j, but have recently been working with logback. I am also working with Jython and am looking at Python’s logging framework. Used well they can make log analysis simple and provide a rich tool for resolving issues.…

  • Tuning Linux CPU Performance

    A recent kernel change broke my CPU performance tuning. I have an AMD processor that presents 4 cores to the kernel. The process in this article should work for Intel processors although the governors and CPU settings tree may be different. Different kernels may also have different settings. The current kernel allows setting the governor per…

  • Adding SHA-2 to tinyca

    Google has announced a sunset for SHA-1 certificate signatures in Chrome. SHA-2 (aka SHA-256, SHA-384, and SHA-512) is the remaining option for certificate signatures. I decided to upgrade my certificates to SHA-2 (256 bits). However, when I tried to use tinyca2 to generate a SHA-2 certificate, I found it was not supported. As tinyca2 is…

  • Disabling SSLv3 to block Poodle

    The new Poodle vulnerability lead me to disable SSLv3 on my Ubuntu server. I have TLS/SSL enabled on three services: apache2, exim4, and dovecot2. Each service required a different method to disable SSLv3. While SSLv3 is mostly history, the techniques I used can be applied to other TLS versions. Ubuntu uses configuration files split into…

  • Disable TraceClassUnloading in Java 6

    I recently discovered logs filling up with log messages for classes being unloaded during garbage collection. After a little research, I found that the TraceClassUnloading switch gets turned on by the Xloggc switch. After a little testing, I found that this can be resolved by adding the argument -XX:-TraceClassUnloading after the -Xloggc argument.

  • Hostnames for eximstats Rejections

    I use eximstats to report my daily email traffic. I have a fairly high rate of rejections and wanted hostnames listed in the rejection reports. To resolve this I developed a patch to capture the hostname related to the IP address, and add this data to the rejection reports. The enhanced list saves me the…

  • Faking IMAP for Exchange Email

    Using DavMail to add IMAP, SMTP, and CalDav access to Exchange WebMail Servers. Works with Thunderbird and Windows Live clients.

  • Providing IPv6 DNS resolver data with radvd

    How to provide DNS server addresses to IPv6 clients using Router Announcements.

  • Detecting Email Server Forgery

    Verification methods for incoming SMTP connections with statistics. How to validate your server, and block Spambots.

Cookie Consent with Real Cookie Banner