using tcpwrappers with dovecot on fedora (aka denyhosts for dovecot)


I've been planning to move my mail server off a cheap-ole-vps server for quite a while now. Recently I realised that they implemented a 300 thread limit for the vps, and this is killing my glassfish server occasionally, which is seriously heavy weight in its use of threads and dovecot login processes.

However due to laziness, and the fact there there is a big chunk of data in the form of Maildir and /var/lib/mysql is proving a blocker. Maybe a project for the downtime between xmas and new years.

Another limitation of the vps is a lack of access to the underlying iptables kernel module configuration which rules out fail2ban style systems for blocking brute force attacks against ssh.

Go Live Checklist for Web Applications...

I was trying to think of a memorable summation of the go-live check lists that I have variously applied over my various releases. One of my much more competent than I ex-colleagues sent a quite comprehensive list, which I tried to break down into these categories;

  1. Does it work?
  2. Is is reliable?
  3. Is it secure?
  4. Are we legal?

performance dominance... (longest span between world championship victories)

I got into the debate about who were the greatest experts in their area of performance ever this afternoon and I thought I would look up some statistics on unusual records.

The one I am looking for in this post is the longest span of time between world championship victories in any sport or suitable challenging endeavour.

(I am limiting these searched to the modern era, or at least to where there was a well developed championship programme in place)

Fuck the flu

So on Monday I was wandering about in the house making a cup of tea and pottering about, and I got a funny shiver... and I thought that's a bit odd, I hope I'm not coming down with something...

12 hours later, I am curled up in bed, pouring with sweat, shivering cold and running a massive fever. The invaders were not just at the gate, no, the castle walls were down and the keep was being ransacked. ;-) Headache, bone-ache, cough, sore-throat, delirium. etc. etc

Why didn't someone mention before?

for fuck sakes. I probably wasted 3 days last week messing about with various gems, rubies, yum etc.

I just found the frameos repo and all the problems went away...

leaving yum for gems, better late than never.

I've made this particular mistake a couple of times before, which was trying to use the software from my packaging system of choice, rather than the one favoured by the developers.
I love a bit of yum, and eclipse and many of its components are packaged as rpms in the fedora repositories - so I made the mistake of trying to use that version, I kept running into bugs that were fixed in the eclipse update sites version years before, even though fedora releases are every 6 months.

newsflash: Chef much better than Puppet!

After spending a few weeks dealing with Puppet fuckwittery, I decided to deploy some instances into the HP cloud beta using Chef rather than Puppet.

It's like stepping out into the light.