I just had an interesting question posed to me. Say you have a site that needs the usual generic http auth stuff. But say you have a few directories that you don't want to require credentials for. And pretend you can't use .htaccess.
AllowOverride All
AuthUserFile /path/to/.htpasswd
AuthType Basic
AuthName "Iz Sekritz, Shhh"
Require valid-user
Satisfy Any
by gary on Sat, 11/17/2007 - 20:51EHLO lolucanhazspam happening too often for your tastes?
Have Postfix respond with, "u sent me spam, but i ated it":
smtpd_helo_required = yes
smtpd_delay_reject = no
disable_vrfy_command = yes
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname, reject_unknown_hostname, reject_non_fqdn_hostnameOver the past hour, I've seen this minor config change slay 60% of spam inbound to my personal mailserver.
Remember: Default software configs given to you by your favorite Linux distribution will usually suck. Modify 'em.
by gary on Sun, 08/19/2007 - 15:25Internet security is like urinating to windward. No matter what we do, we're never going to stop users from using a certain web browser, a certain mail client, a certain operating system, and opening every .exe or suspicious file that gets sent to them. That shouldn't stop our efforts, though. If there's one thing the Internet needs, it's more security.
by gary on Thu, 08/09/2007 - 10:31So a funny thing happened to me on the way to the office this morning. I tripped over a cat and spilled my coffee everywhere. Hey, I laughed.
