takizo, not takezo

Previously I wrote a post on “installing postgresql 8.2 on Leopard with macports“, seem like quite a no. of people also interested to know how to MySQL5 as server on Mac Leopard with MacPorts.

As usual, it’s advice to update your port before installing any latest software from Macports. To update your Macports;

sudo port -v selfupdate

To configure MySQL5 as server on your Mac Leopard, here are the steps.

sudo port -v install mysql5 +server

After installation, you have to run this command to installd default database;

sudo -u mysql mysql_install_db5

To start MySQL5, run this command;

sudo /opt/local/etc/LaunchDaemons/org.macports.mysql5/mysql5.wrapper start

After you have started MySQL, change your MySQL’s root default password;

mysqladmin5 -u root password 

If you would like to start MySQL when machine boot up, add the start up script into launchctl. To learn more about launchctl, type

man launchctl

Enjoy MySQL!

How many of you got dictionary/ratware attack on your mail server which take unnecessary processing load to do virus scanning or spam scoring? We have more than thousand (average) dictionary attack on our mail server in an hour and it has taken a lot processor load (memory even more!), especially it also does scanning with Spam Assassin or SA-Exim.

On Exim, if you have a relay server that does spam scoring or virus scanning, you might need a high processor server to serve the attack or unnecessary scanning, investing on high processor just to do that is not worth it. (That is why we hate Barracuda’s vendor, keep on asking us upgrade to higher end hardware which cost like >RM50k?) .

To overcome the “load”, you can put some trick on Exim’s acl_smtp_rcpt/acl_check_rcpt, let see how it works.

Usually most system admin use verify=recipient/callout=10s,no_cache,defer_ok, but it will always do RCPT call to server to check for valid recipient, it might take a lot of connection resources. To make thing easier, you can generate a list of valid recipient (since it’s your own server), dump it into a text file for example recipients.verified.list with the format as below;

recipient-a@exim.com.my
recipient-b@exim.com.my
recipient-c@exim.com.my

After that, at acl_check_rcpt, put this line in,

deny message = invalid recipient
domains = +relayed_domains
recipients = !/etc/exim/recipients.verified.list

You can put this line before or after accept host = : at acl_check_rcpt. What will the rule do? Very obvious if the recipient is not in the recipients list, it will deny to receive the email and do further process.

Hope this tip will help, continue fighting with Spam

p/s: this was what we get yesterday

shell> grep ‘invalid recipient’ /var/log/exim/mainlog | wc -l
shell> 129794

129794 attacks / day and it was Monday!

Wonder how does Apple Mac machine start up background services automatically? It’s using a daemon called “launchd” for those who are interested to know how mac manages startup programs/services, check our launchd official documentationon Apple’s website.

ctrl-n or Control-n

useful when using insecure links with a ssh server you can access :

ssh -ND<port on localhost> username@remote-ssh-server

e.g. ssh -ND8080 myusername@192.168.1.1

*** when using firefox, only specify “localhost” in SOCKS Host, port “8080″ & choose “SOCKS 5″ in “connection settings” and leave the other settings blank.