redundant thread title, I know. I wanted to make it clear this isn't about like living in a tent and growing your own food or something though.
ideally I would like to personally administer all of my internet services on my own internet connection. I'm sacrificing that last bit and using Slicehost for now because I have a shitty ISP, but once I'm back on Speakeasy I'll put all my services on that connection.
there are only two main services that I'm concerned with right now. email and jabber. web server too, but that is pretty trivial to set up and I already have it running on my 256slice.
email
postfix as the mail server. gatzby suggested dovecot for an IMAP server. I'm not going to bother setting up a webmail interface. I can get stuff via IMAP on my phone and home computer or via ssh/PuTTY on my flash drive anywhere else.
jabber
I'm using prosody as a server and it's been really easy to set up. I'm still tweaking this configuration, but it's mostly working.
I forget why I even made this thread. I guess now this is where I will post about progress on becoming technologically self-sufficient.
ideally I would like to personally administer all of my internet services on my own internet connection. I'm sacrificing that last bit and using Slicehost for now because I have a shitty ISP, but once I'm back on Speakeasy I'll put all my services on that connection.
there are only two main services that I'm concerned with right now. email and jabber. web server too, but that is pretty trivial to set up and I already have it running on my 256slice.
postfix as the mail server. gatzby suggested dovecot for an IMAP server. I'm not going to bother setting up a webmail interface. I can get stuff via IMAP on my phone and home computer or via ssh/PuTTY on my flash drive anywhere else.
jabber
I'm using prosody as a server and it's been really easy to set up. I'm still tweaking this configuration, but it's mostly working.
I forget why I even made this thread. I guess now this is where I will post about progress on becoming technologically self-sufficient.
Dovecot is good.
Here's what I use, I now have two servers, one in datacenter, and one at home for redundancy.
FreeBSD as OS
MaraDNS for authorative DNS for my domains
OpenNTP to keep the time
Postfix for MTA
policyd weight & TMDA for anti-spam
Dovecot for IMAP
lighttpd for webpages
MySQL for database powered webpages
FreeBSD as OS
MaraDNS for authorative DNS for my domains
OpenNTP to keep the time
Postfix for MTA
policyd weight & TMDA for anti-spam
Dovecot for IMAP
lighttpd for webpages
MySQL for database powered webpages
asemi: i thought you ditched slicehost
I did, but now I'm back! I felt too restricted only having an account on gatzby's VPS, I have no idea when I'll have Speakeasy again (never mind the money for it), and I make a little more money now, so I decided to invest in Slicehost again.
finished my email server. postfix/dovecot. working well so far. using ssl for imap and tls for smtp, with a self-signed certificate.
going to set up jabber to use the certificate now!
going to set up jabber to use the certificate now!
Which jabber server are you using? I looked at hosting my own jabber server but the jabberd config was in XMl, which is just plain brainfucked stupid IMO ... Never really looked beyond that ...
I'm using prosody and it's been great. the config is in Lua but it's very straightforward. I mentioned this in the original post too :).
this page was really helpful in generating certificates for Postfix, Dovecot, and Prosody to use: https://help.ubuntu.com/9.04/serverguide/C/ce … urity.html
this page was really helpful in generating certificates for Postfix, Dovecot, and Prosody to use: https://help.ubuntu.com/9.04/serverguide/C/ce … urity.html
From what I hear ejabberd is the most awesome jabber server... Although it might be overkill for a simple setup.
if it makes a difference to anyone, Prosody also has an MIT/X11 license (ejabberd is GPL) :).
woops, double post.
> I'm using prosody and it's been great. the config is in Lua but it's very straightforward.
> I mentioned this in the original post too :).
Oops, sorry. So you did, didn't notice that.
> I mentioned this in the original post too :).
Oops, sorry. So you did, didn't notice that.
what do people do for backing up configuration files? I know version control is an option, so I'm thinking about doing that.
Wish I could find a cheap datacenter host for a 4u HP server I have.
> what do people do for backing up configuration files?
I put them in a Mercurial repository.
I put them in a Mercurial repository.
SCSI tape backup! :D
Do you guys use Jabber at work for internal communication?
nope. we just use email. it sucks.
yes
ozntz: We use http://www.igniterealtime.org/projects/openfire/ at work.
bluet look at cfengine.
I just typed this up today because I felt like it. kind of a status report.
I still haven't ditched Gmail for a couple of reasons:
1. contact storage (this also syncs with my phone)
2. reliability (I am still not 100% confident in my mail server configuration, etc.)
3. ease of access (can't really beat a web interface)
things needed before I ditch Gmail:
1. phone syncing with other contact source; might be possible with Android 2.0
2. more experience setting up/troubleshooting email, more heavy usage to test my setup, better backup and recovery plan
3. perhaps a web interface, or just setting up mutt on my router or on the email server itself so that I can use it via ssh
I would also like to ditch Google Calendar, even though I don't even use it that much. I could probably use a text file as a calendar and be happy. I think those are the only two services I still rely on that I do not provide myself. unless you count photo hosting. I am working on that though. I want to code a small piece of photo album software that will also allow me to optionally send Twitter or Facebook status updates with a link to the photo page. I have been thinking about this for a few days but haven't had time to get started yet. perhaps this weekend!
CURRENT
slicehost
externally accessible
email
jabber
version control
web site
razor
externally accessible
ssh tunnel
internal only
web development
local
internal only
backup
IDEAL
server @ home
externally accessible
email
jabber
ssh tunnel
web site
internal only
backup
version control
web development
SERVICES LIST
backup
email
jabber
ssh tunnel
version control
web site
web developmentI still haven't ditched Gmail for a couple of reasons:
1. contact storage (this also syncs with my phone)
2. reliability (I am still not 100% confident in my mail server configuration, etc.)
3. ease of access (can't really beat a web interface)
things needed before I ditch Gmail:
1. phone syncing with other contact source; might be possible with Android 2.0
2. more experience setting up/troubleshooting email, more heavy usage to test my setup, better backup and recovery plan
3. perhaps a web interface, or just setting up mutt on my router or on the email server itself so that I can use it via ssh
I would also like to ditch Google Calendar, even though I don't even use it that much. I could probably use a text file as a calendar and be happy. I think those are the only two services I still rely on that I do not provide myself. unless you count photo hosting. I am working on that though. I want to code a small piece of photo album software that will also allow me to optionally send Twitter or Facebook status updates with a link to the photo page. I have been thinking about this for a few days but haven't had time to get started yet. perhaps this weekend!
oh, and I haven't signed into Gmail's Jabber in probably a month :). the only complaint I have with Prosody is that I would like to do server-side logging of conversations, and I don't think that it supports that.
next on my agenda: actually set up version control and back up all configuration files from laptop, router, and server. some of this will be redundant, because I'm backing up my server and my laptop locally (through Slicehost's backup service and Time Machine with an external drive, respectively), but having backups of configuration files on my router will be pretty crucial (pf.conf mostly).
I think I am going to write a long blog post/essay about this. I am back in this thread to jump-start my brain.
aw shit, just got my first spam on my planetsareplaces email.
Ah shit indeedy ..... whatcha gonna do about it?
I'm really attracted to this idea. And I'm wanting you to go further with this and see how it works for you...
I'm working on it :).
wasted my day setting up an openldap server before figuring out that Address Book only does remote queries of ldap directories and doesn't actually sync the data. plus it won't list all contacts, you HAVE to search for one.
same limitation on the iphone.
argh. I want a contacts server!!
same limitation on the iphone.
argh. I want a contacts server!!
this whole venture is making me want to kill myself. being paranoid and obsessive about where all your data is living is quite torturous. I think it's time to top the downgrading thread again.
I've used openfire for jabber before, it's a nice software.
I've messed around with openfire at work a bit and one thing I've found is that the documentation absolutely blows.
just set up davical on ubuntu 9.10. it is talking to evolution.
now I need to get ssl working with caldav.
i just set up my centOS machine to act as a webserver. now i just need to get it to use ssl.
what web server are you using chicken?
im just using apache. setting up a mail server right now.
hrmm tempted to roll together something into an openwrt image. imagine... p2p social networking via openwrt images. painless setup / integration. All data kept local. No privacy issues.
hmm don't think the mail server is gonna work since im using a dynamic dns service.
chicken: do you want some space on my slice?
mmm maybe, ive been doing a bunch of reading today and i think i figured out a way to get it to work with my less than ideal situation. from what i can tell my mx record isn't sticking in the dynamic dns setup, so im gonna try a ddclient and see if that helps. i finally got outgoing mail working by relaying it through my isp.
fair enough, just email me if you change your mind. [my username]29@gmail.com
it's a bummer how hard it is to do a lot of this stuff with a residential connection. I want to invest in a business hookup at my house someday so I can get rid of my slice and do everything on openbsd.
Wish ISPs weren't corrupt failing edifices to a broken society.
i dont think i can put into words how excited ill be the day i can get an adequate hookup to host everything i want without the isp making me jump through hoops.
Chiken on that day you and I will toast with crystal goblets and throw our wanton waste into our mahogany lined fireplaces. Then we will don our baby seal skin socks and spotted leopard moccasins and go out for a drive in our 8 wheeler suv with platinum hippie plow.
im kind of perplexed by this and im starting to think my isp has port 25 blocked inbound as well or else ive got a really stupid configuration error.
performing the telnet test using the domain and port 25 works (returns my outside IP, not 127.0.0.1), but when i do mx tests like the one found here:'http://www.wormly.com/test_smtp_server' i get timeouts.
firewall is configured properly on both my server and router so i mean it just really leaves the isp in my mind which is really gay.
performing the telnet test using the domain and port 25 works (returns my outside IP, not 127.0.0.1), but when i do mx tests like the one found here:'http://www.wormly.com/test_smtp_server' i get timeouts.
firewall is configured properly on both my server and router so i mean it just really leaves the isp in my mind which is really gay.
What is your IP?
96.31.101.192
A lot of ISPs do block smtp to avoid people configuring relays which end up being spam targets.
Tried to telnet from a shell box.
Timeout.
You are probably firewalled.
Timeout.
You are probably firewalled.
try running smtpd on port 587.
ill give that a shot
did not change anything. would probably work if i had a public server that wasn't blocked on port 25 and relayed everything through it on port 587.
ill just keep this one in my back pocket for now. i think im gonna move on to vpns.
ill just keep this one in my back pocket for now. i think im gonna move on to vpns.
% nmap -P0 -p 25 96.31.101.192
Starting Nmap 5.00 ( http://nmap.org ) at 2010-05-13 14:50 CDT
Interesting ports on sub-96-31-101-192.tctwest.net (96.31.101.192):
PORT STATE SERVICE
25/tcp filtered smtp
Nmap done: 1 IP address (1 host up) scanned in 2.40 seconds
Starting Nmap 5.00 ( http://nmap.org ) at 2010-05-13 14:50 CDT
Interesting ports on sub-96-31-101-192.tctwest.net (96.31.101.192):
PORT STATE SERVICE
25/tcp filtered smtp
Nmap done: 1 IP address (1 host up) scanned in 2.40 seconds
ill have to remember the nmap command for the future.
-sS > -P0 imho but -sV is where it's at =P
that might be my favorite post.
wow i'm an idiot. so im setting up a bridged openvpn server and i thought i had it all set up and i got to test it at a local coffee shop. wont work. not only that but ssh doesn't work, ftp doesn't work, nor does http work. i'm like wtf, this was all working yesterday.
so i slept on it last night, get up this morning and realize theres no default gateway in the routing table, so anything coming in to the server has no way of getting back. *smacks head*
so i slept on it last night, get up this morning and realize theres no default gateway in the routing table, so anything coming in to the server has no way of getting back. *smacks head*
yeah that'll get yah every time.
Consider it a learning moment.
jinzora is up and running! now i just need to get my 2 TB raid set up so that i can host all my music on this machine.
so I spent a lot of time today trying to figure out why my emails sent from mutt from my gmail address (through gmail's smtp servers) to a test yahoo account were ending up in the spam folder. if I sent email from mail.app or the gmail web interface they went to the yahoo inbox.
I figured out that it's the X-mailer and User-agent headers. I guess yahoo doesn't like mutt, because when I spoofed a thunderbird User-agent it went to the inbox. so stupid.
I figured out that it's the X-mailer and User-agent headers. I guess yahoo doesn't like mutt, because when I spoofed a thunderbird User-agent it went to the inbox. so stupid.
spf, dkim, and domainkeys are all set up. yahoo still puts emails from my domain in spam.
dns is crap. let's just get rid of it entirely.
i agree! lets just use ip addresses!
it's kind of neat that all these email things use dns txt records, but we need some dnssec.
looking at email headers I am surprised by how many email providers don't do spf or dkim.
looking at email headers I am surprised by how many email providers don't do spf or dkim.
I don't know ... dnssec is weird ...
comcast business class internet is 60 usd/month. hmm. I might call and see how hard it would be to upgrade from a residential hookup.
I'm back in this boat again. with the demise of reader, I'm hoping to be google-free by the end of the month. I've been forwarding all email to my personal domain (email server is at gandi.net, along with my dns and domain) and I set up radicale yesterday for card/caldav. there are a couple of sync adapters available now for android (caldav-sync and carddav-sync) that work with the stock contacts and calendar apps.
I'm surprised-but-not-very that iOS has supported caldav and carddav out of the box since version 4 and I'm fairly certain even the newest android releases don't.
I still have a throwaway google account tied to my phone just for the play store :(. but hopefully this will be all that's left of my relationship with google very soon!
I'm surprised-but-not-very that iOS has supported caldav and carddav out of the box since version 4 and I'm fairly certain even the newest android releases don't.
I still have a throwaway google account tied to my phone just for the play store :(. but hopefully this will be all that's left of my relationship with google very soon!