utcc.utoronto.ca utcc.utoronto.ca

Microsoft SharePoint is being used to send spam

I'm paying more attention to what our mail system detects as spam and where it's coming from than usual, so I'm getting to notice things (or, in the alternate phrasing, being forced to notice things). Today's thing that I noticed is that to no one's surprise, Microsoft SharePoint is currently being used as a spam sending vector. I say 'to no one's surprise' because it's a long standing rule that anything that can be used to send email...

utcc.utoronto.ca utcc.utoronto.ca

Wanting to be able to monitor for electrical power quality issues

Today, we had what you could call a "power event" at work. There was some sort of power blip in the electrical feeds from Toronto Hydro to multiple university buildings, and a number of our servers rebooted (not all of them, though). We've seen this kind of thing happen before so in one sense it's not surprising, but this time around the actual experience was rather alarming and confusing because it happened during the...

utcc.utoronto.ca utcc.utoronto.ca

Sorting out what the Single Unix Specification is and covers

I've linked to the Single Unix Specification any number of times, for various versions of it (when I first linked to it, it was at issue 6, in 2006; it's now up to a 2018 edition). But I've never been quite clear what it covered and didn't cover, and how it related to POSIX and similar things. After yesterday's entry got me looking at the SuS site again, I decided to try to sort this out once and for all. My primary resources on this...

utcc.utoronto.ca utcc.utoronto.ca

Linux distributions have sensible reasons to prefer periodic releases

In an aside in my entry on why Fedora version upgrades are a pain for me, I said that there are sensible reasons for for distributions doing periodic releases instead of 'rolling releases'. Today I want to talk about some of them. To start with, pretty much every major Linux distribution practices some kind of rolling development (I don't count Red Hat Enterprise here). No one does a release then goes away to do other things for a year...

utcc.utoronto.ca utcc.utoronto.ca

Firefox is improving its handling of HTTP Basic Authentication (on Unix)

We're big users of HTTP Basic Authentication, and I use Firefox (and what is effectively Firefox Nightly). Recently I noticed a nice little quality of life improvement in Firefox Nightly's handling of HTTP Basic Authentication, at least for people on Unix. (I haven't tried to check how Firefox on Windows handles HTTP Basic Authentication, either in released versions or in Nightly.) Today, if you go to a website that requires HTTP Basic...

utcc.utoronto.ca utcc.utoronto.ca

People still use newgrp (to my surprise)

One of the things that came out of me writing about why newgrp exists and casually mentioning that it was a relic (and that OpenBSD had gotten rid of it) is that a number of people left comments discussing how they actively use newgrp even today. This surprised me more than a bit, although in retrospect it probably shouldn't have. There's long been an aphorism in software development that if you have a large and complicated program...

utcc.utoronto.ca utcc.utoronto.ca

Using DMARC information is complicated in practice in the real world

As part of a planned switch to rspamd as our anti-spam system (well, our spam recognition system), I've been taking a closer look at how our test rspamd scores some email and what it reports about why. This has given me a new and unhappy view of DMARC in the real world, building on how DKIM looks for our 'good' email. So let me tell you a story, starting with the background. The university is now a big user of Microsoft Teams. The...

utcc.utoronto.ca utcc.utoronto.ca

How the Unix newgrp command behaved back in V7 Unix

In why newgrp exists (sort of), we discovered that Unix groups can have passwords, that there is a newgrp command that lets you change your (primary) group, and that it dates back to V6 Unix, much earlier than I expected, and that how the V7 newgrp command behaved was interesting. V7 Unix source code (and manual pages and more) is online through tuhs.org, so we can actually read the V7 newgrp.c source code directly. (We can also read...

utcc.utoronto.ca utcc.utoronto.ca

Implementing 'and' conditions in Exim SMTP ACLs the easy way (and in Exim routers too)

One of the things that makes Exim a powerful mailer construction kit is that it has a robust set of string expansions, which can be used to implement conditional logic among other things (examples include 1, 2, 3, and 4). However, this power comes with an obscure, compact syntax that's more or less like a Lisp, but not as nice, and in practice is surprisingly easy to get lost in. String expansions have an 'if' so you can implement...

utcc.utoronto.ca utcc.utoronto.ca

Why the Unix newgrp command exists (sort of)

Recently in the Fediverse, I read this toot: Did you know that #Unix groups have passwords? Apparently if you set one, you then have to use newgrp to log in to that group. I have never seen anyone use unix group passwords. (Via @mhoye.) There are some things to say about this, but the first thing you might wonder is why the newgrp command exists at all. The best answer is that it's mostly a Unix historical relic (or, to put it another...

utcc.utoronto.ca utcc.utoronto.ca

Where (and how) you limit your concurrency in Go can matter

At the start of September, I wrote about how concurrency is still not easy even in Go, using a section of real code with a deadlock as the example. In that entry, I proposed three fixes to remove the deadlock. Since Hillel Wayne's Finding Goroutine Bugs with TLA+ has now formally demonstrated that all three of my proposed fixes work, I can talk about the practical differences between them. For convenience, here's the original code from...

utcc.utoronto.ca utcc.utoronto.ca

My likely path away from spinning hard drives on my home desktop

One of my goals for my home desktop is to move entirely to solid state storage. Well, it's a goal for both my home and work machine, and I originally expected to get there first at home, but then work had spare money and suddenly my work machine has been all solid state for some time (which is great except for the bit where I'm not at work to enjoy it). Moving to all solid state at work was relatively straightforward because all of my...