postfix, smtp and which ip to use

When I was dealing with another mailserver I take care of I discovered that my own setup use seemingly random ip’s to ship out my mail. I don’t like that so I dug into how to change that and came up with a solution working. For me was the solution to add options to 2 entries in the master.cf, namely “smtp” and “relay”. To those I added the following statements as options:

    -o smtp_bind_address=100.75.2.22 
    -o smtp_bind_address=2001:0db8:85c3:08d3:13a9:8a2e:0350:7344

The first option is for IPv4 and the second is for IPv6. While here it would be allowed to use brackets it is discuraged to do so in the documentation. You need to replace the IPv6 and IPv4 with your own IP addresses. If you also want to set the preference which IP-version gets used by the outgoing connection, you can do so by adding the following to the previous options:

    -o smtp_preference=ipv6

With this it would be IPv6 then IPv4 (if IPv6 doesn’t work/is not available). The default is for this setting “any”, meaning that postfix will try randomly. You can also set it to “ipv4” for a IPv4 preference.

The options shown here should be also compatible with setups using AmaViS. I do use it and didn’t had to change anything, and couldn’t so far detect any negative influence. Setting the smtp_bind_address(6) in the main.cf can have negative effects on AmaViS; I found this during my search around how to deal with this.

Apache Tika for Dovecot with Docker

When I was looking to improve my support for IMAP Search commandos beyond just solr I came across the possibility to add Apache Tika to supply the solr instance with additional data from the documents attached to the mails. This guide requires you to use Dovecot 2.1 or newer so it have the support for Tika. As I use docker for the purpose of this guide, I assume you have it working, otherwise check¬†www.docker.com and select “get docker” from the top menu.

For this guide we use the docker container by David Meikle I found on his Github. In the best case the build got fixed and you can go the easy way by issuing the following commands:

$> docker pull logicalspark/docker-tikaserver
$> docker run -d -p 9998:9998 --restart always logicalspark/docker-tikaserver

Continue reading

postfix/postscreen and multiple IPs? Here is how…

Since I was experiencing some trouble with postfix’s postscreen and in this case to hav it listen to IPv4 and IPv6 in parallel, I here show one way how to deal with it. This should also be working with other cases with multiple IPs on one server. I assume you have everything else regarding postscreen setup (tlsproxy/dnsblog/desired options in postfix.conf).

In the master.cf you set the following:

#IPv4 setup 
192.168.1.12:smtp inet n - n - 1 postscreen 
  -o postscreen_cache_cleanup_interval=1
 
#IPv6 setup, only the first entry is allowed to issue cache cleanup, otherwise we get errors 
[FE80::C000:1DFF:FEE0:0]:smtp inet n - n - 1 postscreen 
  -o postscreen_cache_cleanup_interval=0 
 
#the smtpd pass entry needs to be just one time present, otherwise we experience errors
smtpd pass - - n - - smtpd

Now that we defined the services, we need to tell postscreen where the postscreen_cache is located. Continue reading

HomeKit and Philips Hue – as of yet not that easy to install

Today I dealed with setting up a Hue 2.0 bridge and setting it up to connect to HomeKit properly. In short, as of the time of writing this article it’s quite a pain. Partly due some shortcomings of Philips offical app but also due some issue of HomeKit. I won’t go into detail here how to do the basic setup, more I want to give hints and tips how go around the pitfalls and how to setup later rooms for Siri.

First to go around trouble, you want to have your iOS devices on 9.2 (currently beta) to go around the issue of having one device able to control things with Siri, and the other always keep telling you “iCloud Data sync in progress”. Without iOS 9.2 i found no way to get around this bug, and I tried a lot of the guides out there; with 9.2 it syncs without any hassle. Also, if you wanna try to use HomeKit commandos on your Apple TV 4, forget about it for now, I tried and only got the answer that Siri is not able to help me with HomeKit right now. It’s kinda disappointing but anyway, thats just on a side note.

Continue reading

Upgrade a Crucial M500 series SSD firmware on OS X

Updating a Crucial M500 SSD with a usb flash drive on OS X is possible and I show you how:

First download the ISO with the update from the Crucial webpage¬†http://www.crucial.com/usa/en/support-ssd-firmware¬†(you want the “manual boot file” download). Next we need UNetbootin to install all on our flash drive and make it bootable. Grab it over at¬†http://unetbootin.github.io. The rest came with our OS X already (well, beside the flash drive, you need to supply that ;).

The¬†first step is to make sure the stick got a MBR and a FAT32 format. This can easily archived by using the OS X tool diskutil on the command prompt. To do so, open a command prompt, enter “diskutil list” and find your flash drive. There should be a line like “/dev/disk3 (external, physical):” and in the lines below it can (depend if the drive is named) also mention the name. The “/dev/disk3” part is interesting for us, the number behind “disk” can vary depending on your own system. If you wanna make sure not to accidentally kill one of your usb hard drives, unplug them before and only plug the flash drive. Also be sure it say “external, physical”, since the build in drives say “internal, physical” so we can differ between them and we don’t wanna kill the internal hdd(s).

Continue reading

hints for adding a serialport on your mac

Once a while makers and tech-guys like me are in the need of a 9-pin serial port to flash upgrades/firmware, change the configuration or just get some display output. But on a mac we don’t have the typical plug’n’play experience ¬†we’re used to with other devices.

picture of a serial2usb converter

serial2usb converter

So since I came to that said situation while I was making changes to my firewall (which runs on a PC-Engines Alix 2D13 board with no display connector) and found solutions I want to share them here with you guys out there. As for the hardware I was still having my good old trusty vivanco converter (as you can see in the example picture above). Those who need to get (a new) one, I suggest to take a peek at the page for the OSX driver. The said driver is to be found on Sourceforge, and on the right you find 3 Amazon with compatible hardware. Who still have a converter should try out if the PL2023 driver works for him too like in my case. The driver itself is opensource, so if you can improve it, go for it. ūüėČ

Continue reading

the perfect keeper for your AppleTV is bloc

So, after the Apple Mac mini I got me a Apple TV. It’s a nice device but it begun me to annoy that the remote was always lying around, giving off a “chaotic” vibe. That’s when I remembered at first a totally different company that sells wooden covers for Apple devices, and through them came to bloc. What is bloc you ask ? bloc is a wonderful keeper for your Apple TV and it’s remote made entirely out of wood and 4 rubber stands.

bloc (standing alone, front up view)

bloc unpacked

This is bloc. It’s made out of a single piece of wood, no layered stuff or other cheap ass placebo. It’s surface is¬†polished and have a wonderful organic natural feel to it. Even thinking right now about it make me somehow excited. It comes in a nice black box, which I must say really add to it and give you a great feeling of getting something classy. Must say¬†Austin (the maker behind bloc) is knowing what people enjoy, and this is a superb piece of equipment. Continue reading

Mounting a Fritzbox NAS share on *nix

Since I had some trouble mounting the share of a AVM Fritzbox 7270 on my FreeNAS box, I did some research how to do it. The solution was quite easy after I figured why he was whining that he couldn’t find the server (turned out the VPN caused a problem with the NetBIOS resolution). The required share name was also one thing that irritated me since normally you can see that name when you browser the CIFS server. Here actually not, but this is nothing you can’t change with a bit of “smbutil view //server”. In the end the command to successfully mount the share on FreeBSD and Linux is as following:

mount_smbfs -W <workgroup> [-I <fritzbox ip>] //[username@]<fritzboxip>/FRITZ.NAS /mnt/<target directory>

Example: mount_smbfs -W WORKGROUP -I 192.168.178.1 //myuser@192.168.178.1/FRITZ.NAS /mnt/fritznas

It’s quite simple. The parameter “-I” is optional, same goes for the username. Set those as needed and fitting to your settings on the Fritzbox itself. If you need a username/password, he will ask for the password interactive. For how to setup this mount command without password prompt check the manual of smb.conf.

Adding copyright/creator infos to your photos made easy

I was lately wondering how I could add copyright/creator information easy to my pictures. First I thought after some reading I could have my camera do it for me, but sadly it’s only available on the more expensive cameras. So how we can still do it without much pain? The solution is easy, it’s ExifTool. With it you can easily add Exif/IPTC information to your photos.

ExifTool is a commandline tool for Windows, OSX, Linux and more. On the website you find packages for Windows, OSX and on Linux/others use your package manager. Once installed, it’s an easy task. Open a commandline, navigate into your photo folder, and issue the following command:

exiftool -by-line="[your name]" -CopyrightNotice="© [your name] ; Licence: Creative Commons cc-by-nc-sa 3.0 United States (http://creativecommons.org/licenses/by-nc-sa/3.0/us/)" -artist="[your name]" -Copyright="© [your name] ; Licence: Creative Commons cc-by-nc-sa 3.0 United States (http://creativecommons.org/licenses/by-nc-sa/3.0/us/)" -v0 -progress -E -overwrite_original *.JPG

The command overwrite the original files, if you don’t want that remove the “-overwrite_original” parameter. And yea, don’t forget to insert your name and change the licence to one of your liking. And if you want process whole folders recursive, then add the parameter “-r” to the line.

You wonder why all the stress ? Well, this way people can tell who made the picture and for what they can (not) use the picture. This especially interesting if you post them public like on G+, Flicker and so on where they can spread uncontrolled. Also it helps you tracking them (unless someone remove the infos).