14 Jun 2010My spam protection is really simple. Most spam bots will fill all input fields they'll find in a form. If one is named website or email, they will most certainly want to fill them first.
So I've added to every form a fake input field with a name="email"that have to stay empty. I also labeled it "Spam bait" and displayed a little sentence to tell my human readers to keep this field empty.
I also hide the whole field using Javascript because most of the bots don't have Javascript enabled, but legitimate users do.
Does it work ?
To say the truth I don't know. In the previous version of this website I haven't any kind of spam protection and was receinving almost a dozen spam mails a day.
Now that I've added this protection, I don't receive spam anymore. But that doesn't mean my protection is working, it may just mean that the spam bots needs a little time to adjust to the new website.
Improving the existing
One week ago, two spam comments managed to get past my protection. I have currently no way to judge my protection efficiency. Maybe that was the only two spam comments aimed at my website and I let them both slip in. Maybe I was under a mass attack and managed to block thousand of spam and those two were the only two to beat me.
I don't know, I have absolutly no numbers on that.
Getting some stats
So today, I decided to add some extra measures. I'm keeping count of every spam I block (this number will be displayed below the comment list if at least one spam was blocked).
I'll also log some informations when someone is posting a comment : headers sent, if javascript is enabled and the delay between displaying the form and submitting it.
It is useless to build protection if you don't know what you want to be protected against. So I'll let the actual protection in place and will come back to check the numbers in a couple of weeks.
I'll then know exactly how performs my existing spam protection and will be able to extract spam patterns from the information I'll gather.
I think I'll add a timing system, to block comments that were posted too fast. If nothing works I'll use Akismet, but I want to try to defeat them on my own first.
10 Jun 2010Recently, when connecting to my MySQL databases on Dreamhost through Navicat, I was greeted with a "1577 - Cannot proceed because system tables used by Event Scheduler were found damaged at server start" error message.
It didn't stop me from accessing the tables actually, so I didn't bother. But today it prevent me from copying tables from one server to another, so I decided to have a deeper look into it.
It seems that it has to do with a mysql upgrade issue. I contacted Dreamhost about that and they told me that they just upgraded their servers to 5.1, and that they needed to be restarted. Which they do for me.
So if you ever run into the same problem, just contact Dreamhost support and they'll fix it for you.
10 Jun 2010I recently bought an HTC Legend. My old phone was broken and I have plans to develop an Android app. I've been using the phone for 3 weeks now, and I'm not exactly as thrilled about it as I think I would.
Open source from Big Brother
I was hoping to have a little piece of open source software in my pocket. In fact, it turns out that Google has a little more piece of me when I'm using the phone.
The software is not that open. Maybe it's because of my phone carrier, SFR, but there are a lot of pre-installed and useless apps that I can't get rid of.
Some settings can't even be changed because I'm only a user of my own phone and don't have a root access by default. The "Accessibility" setting panel is a joke (I'll post a picture of it later)
When I first switched the phone on, I was asked for my Google credentials. Once entered, all my Google life was downloaded to the phone : mail address book, google maps location and google calendar meetings. Asking first if I wanted that would have been great.
Because loading 500+ mails address book into a phone memory is not the kind of "smart" I was expecting from a smart phone. I had to manually remove all the contacts I needed not from my phone.
And then the phone was complaining again, when it tried to synchronize back with Gmail, when it tried to remove the mails from my online address book.
I didn't want them downloaded in the first place and once I removed them I didn't want them to be deleted from my online address book !
Disabling sync
So I tried to remove the google account from my phone, but that is clearly impossible and is NEEDED to make the phone work. What ? This is stupid.
I'm not confortable with having a device from which I can't even remove my credentials... At least I disabled the auto-sync feeature.
An other thing to note is that if you want to fine-tune what kind of data your phone syncs, you first have to enable the auto-sync feature and quickly disable the data you don't want, because they all are checked by default.
Other settings
Even changing the default ringtone is a chore. There's no way to easily select a music file saved on the SD card. There isn't even a native file explorer, you have to download one from the Market.
The camera quality isn't very good and the auto-focus makes pictures more blurry with it than without. Even my old Nokia XpressMusic was taking better shots.
Conclusion
I really am disapointed by this phone actually, and by the Android platform as a whole. Maybe the underlying app is great but as an end-user we are blocked from it.
I'll try to root my device and remove the SFR rom to get what I want and need.
06 Jun 2010When I use great registrars or hosting services, I say so, and loudly. From all those that I have tested, there is no better registrar than Gandi and no better hosting service than Dreamhost.
But when I encounter really lousy services, I won't hide to say so too.
Arsys is one of them. It's a franco-german-spanish registrar. I just needed to change the DNS server of a domain on it, and even that was impossible.
When I tried to put Dreamhost NS servers in the form and submit it, I was greeted with a bold red error message telling me that an error occured and asking me to try again later.
I did try again later, just to receive the exact same error message.
I wouldn't have to leave Arsys default NS servers if at least they allowed me to configure A, CNAME and MX records as I wanted but unfortunatly, none of this is available.
I tried to contact their support service, to tell them my problem, but here again I was faced with an error message on a blank page (in spanish this time) telling me that the server encountered a problem and that I needed to contact an administrator (sic)
So I tried to find a contact page on their public site, and after some 404 errors finally found an email address.
I send them a email telling them about my problems. They answer stating that if I have any problem, I should use their contact form to contact hostmaster@arsys.fr. I tried, and this time it worked.
It's been 4 days, and I haven't heard from them yet. In the meantime, I choose to quit this registrar and moved the domain to Gandi.
What is the most strange is that when you google them you got lot of praises about their wonderful customer service... After having tested it, I just don't buy it.
04 Jun 2010I'll finally have to migrate mails from one IMAP server to another because of a change in the hosting provider of one of my clients.
Let me first do a quick review of my current config :
I have an IMAP server on a not-so-reliable host. I need to move all the mailboxes to a brand new Dreamhost server.
The current host use horde/imp as its webmail, but Dreamhost is running under Squirel Mail.
How to do that ?
When I first contacted Dreamhost to ask them the better way to copy the content of my old IMAP server to their new one, they told me that IMAP to IMAP transfer was unfortunatly not possible.
After some digging I found a little linux tool called imapsyncthat was developped to synchronize two IMAP servers. As I only wanted to copy content from one server to an empty one, I guess it should work.
And it does.
Installing the tool
First of all, you really need to have a Linux machine. I'm sorry for all Windows and Mac users out there, but this solution will only work with Linux.
Obviously, you'll first have to download and install it.
I'm a newbie linux user, and don't use it at its full potential. It means that I rely a lot on the UI, I don't know most of the more basics commands.
So, I don't know the correct procedure to install something, I always use the Synaptic Packager Manager UI. I just have to type imapsync, check its checkbox and start the install.
I guess you, more experienced linux user, would know how to do that anyway.
Running the command
Once it's installed, you'll just have to run one command. But before typing it, you have make sure that you have all the required informations.
You'll need the server name, login and pass of both the source and destination account.
In my case I had previously reset all the password to newly generated one on the source server, then created the same email (with same password) on the destination server.
For the source server name, you shouldn't have any problem finding it. It usually is something like mail.domain.com.
But for the destination server, that's a little more tricky. As I haven't yet changed DNS, I have a Dreamhost server but no domain name pointing to it. So I can't use mail.domain.com there.
I had to go my Dreamhost DNS panel (clicking on DNS under the name of my domain in Manage domain) and check for the IP address associated with the mail A entry.
Once you have all this, create a file (name it pass) which contain the password of your account (or pass1and pass2if source and destination password aren't the same). This is done so you won't type in clear text the password of your accounts, or they could be found in the history files.
Once it's done, just run the following command
imapsync --host1 mail.domain.com --user1 contact@domain.com --passfile1 /path/to/pass1 --host2 208.97.XXX.XXX --user2 contact@domain.com --passfile2 /path/to/pass2 --noauthmd5
It is not an instant process, actually in can be quite long. One of the mailbox I had to move had more than 20.000 mails in the sent folder and about 40.000 in the received one. It took me almost 18h to complete.