Author: Yazeed

When typing in arabic, you will probably find that numbers are still rendered with latin charracters, 123, if you want them to render in arabic looking charracters, you can simply use the font PDMS_Mansehra

So, i will be doing this under linux for a good reason

My friend gave me his computer so that i can recover everything for him, he deleted all the photos and so many other things, photos of his family are most important to him.

So, becuase i have been holding his computer hostage for a week now, i decided to copy the entier hard drive so i can give him his computer back, and extract everything at my convinience, so after mountingf the disk i want to undelete from… i executed the command.

ddrescue /dev/sdb /hds/3tb/200gb.img /root/resumelog.log

So i had the image file that i can use for recovery after mounting

Now if as in the article here http://www.buildingcubes.com/2012/07/27/rescuing-a-failed-hard-drive/ i mounted the drive, i can use a nice linux command (ntfsundelete) to undelete the files from the mounted partition.

1- create a list of files to take a look at, put all deleted JPGs in a text file
ntfsundelete /hds/img -m ‘*.jpg’ -p 80 -t 8m > deletedmp3.txt
ntfsundelete /dev/loop0 -m ‘*.zip’ -p 50 -t 8m > deletedjpg.txt

2- change to the directory where you want to recover files to
cd /hds/wd1tb/newdir

3- recover all PNG files then all jpg files
ntfsundelete /dev/sda1 –u –m *.png
ntfsundelete /dev/sda1 –u –m *.jpg

or if i want to move them to a directory other than the active directory
ntfsundelete /dev/sda1 -u -m ‘*.jpg’ -p 90 -t 8m -d /hds/wd1tb/newdir

-p 90 means only recover files with at least 90% recoverable content
-t 5m means only files deleted in the past 8 months

Before i tell you that there has been a software update for this phone, let me remind you of my review of the phone

The lowdown: right after the update, i tested the P698 dual sim android, and i can say that the phone which was a disaster before the update is perfectly usable now, i would still prefer the samsung galaxy Y duos (GT-S6102)

I have only used this phone as a 3G modem up to now, when i tried to use it as a phone, it was a disaster, the phone battery does not last for a day, and this is nothing compared to the very faulty software, ending a phone call is very hard to do (you need to wait 10 seconds before you can be sure the other party can no longer hear you) that is, if this magical phone does not get into stupid mode and make ending the phone call mission impossible, in short, the phone is a disaster.

Worth mentioning is that the phone hardware is pretty OK, in some regards better than the Samsung Y duos, it is the software that is a disaster, the only thing that i consider essential and is missing from the hardware is the proximity sensor (the one that disables the touch screen when the phone is close to your face). CORRECTION: THE LG P698 does have a proximity sensor, and with the new update it works just fine.

So, today i decided to check whether the phone got a new software update, and indeed it has (the second), this update is named (and dated) v10g-jul-06-2012, where the update right before this one was v10f-mar-07-2012, so what did LG do in those 3 months, any news of fixing the bugs that were killing me ?

I will now install both my lines into this phone (from my very usable and useful Samsung Y duos), i will try the phone for a couple of days and let everyone know of the results, i am not optimistic

I will be back in a couple of days to tell you all if the phone is better now.

The update:
The new update improves the software so that this phone is now usable compared to a phone i bought and could not use, the samsung galaxy Y duos is still better than this phone (and has the swype application that is very nice), so i am still favoring the Samsung Galaxy Y duos, but the LG P698 is not so bad now, it works as a phone just fine

The way to rotate all files that are usually rotated with debian’s file rotation program “logrotate”, you execute the following.

logrotate -f /etc/logrotate.conf

/etc/logrotate.conf contains a list of log files that need to be rotated, you can write your own if you like.

There seems to be a certain bug with Debian, when installing it on the same hard drive with Windows, on the next boot, windows is not one of the options, so what you can do is this

update-grub

You will see results such as

update-grub
Generating grub.cfg ...
Found background image: /usr/share/images/desktop-base/desktop-grub.png
Found linux image: /boot/vmlinuz-2.6.32-5-686
Found initrd image: /boot/initrd.img-2.6.32-5-686
Found Windows 7 (loader) on /dev/sda1
done

Grub should now find you missing windows and add it to the boot menu !

I wrote this for my own reference, because every time i install i spend so much time trying to find the magic words online again

Relaying mail with PHP

Sending mail through a mail server that requires authentication (A username and password).

This article is when you do NOT want to use your server’s MTA with PHP, and you want to send through an MTA that requieres authentication (A remote mail server)

When sending email from your own MTA with sendmail, PHP can use the mail() function to send such mail by smply passing the mail function some arguments, Even when the MTA is on a different computer that allows you to send mail (By validating your IP), changes can be made to PHP.INI to make the mail function work as needed.

But when you want to automate sending emails from something like a GMAIL account or a Godaddy Mail Server, things are different, You will need to connect to the SMTP server and ask it to relay your mail, for that the server will ask you for Authentication credentials, this tutorial will show you how to send email from a different email provider.

So, to begin with, you will need to download this script that i originally obtained from the open source GPL Coppermine Project, they in turn took the code from the GPL PHPMailer, a small change is required to make this file work.

Click here to download the mail slass scripts

What this script is about to do is exactly what your Outlook or Thunderbird do when you manually send a message from them, this is not a magic solution, the Gmail sending limits still apply, and all other big providers have limits even when you are a paying customer. mail providers need to protect there servers from being labled as spammers, some rules need to be in place.

Also, before you start, you should look carefully at the limits, not only is there a send limit, a large number of bounces will also lock your account in the case of Gmail and others.

In this tutorial we will use the functions in the PHPMailer class “http://phpmailer.sourceforge.net/”, it is free GPL software.

but rather than downloading it from PHPMailer’s website, we will take it from within the Coppermine Gallery Software, the file we need is include/mailer.inc.php

a few modifications need to be done, First seach for the string “connect to the smtp server” and add the following lines above it

$host = “ssl://smtp.gmail.com”;
$port = 465;

then search for “function ServerVar”, and right after the opening “function ServerVar {” and before “$superCage = Inspekt::makeSuperCage();” add

return ”;

Now, our mailer script should be ready !

Now, create a new PHP file (sendmymail.php), and within that paste the following code, Fix all names, credentials and email addresses.

require 'mailer.inc.php';
$mail = new cpg_PHPMailer();//this is the name of the class in coppermine
$mail->IsSMTP(); // send via SMTP
$mail->SMTPAuth = true; // turn on SMTP authentication
$mail->Username = "username@gmail.com"; // SMTP username
$mail->Password = "password"; // SMTP password
$webmaster_email = "username@doamin.com"; //Reply to this email ID
$email="username@domain.com"; // Recipients email ID
$name="name"; // Recipient's name
$mail->From = $webmaster_email;
$mail->FromName = "Webmaster";
$mail->AddAddress($email,$name);
$mail->AddReplyTo($webmaster_email,"Webmaster");
$mail->WordWrap = 50; // set word wrap
//$mail->AddAttachment("/var/tmp/file.tar.gz"); // If you want to add attachments !
//$mail->AddAttachment("/tmp/image.jpg", "new.jpg"); // If you want to add attachments
$mail->IsHTML(true); // send as HTML
$mail->Subject = "This is the subject";
$mail->Body = "Hi,
This is the HTML BODY "; //HTML Body
$mail->AltBody = "This is the body when user views in plain text format"; //Text Body.
if(!$mail->Send())
{
	print "Mailer Error: " . $mail->ErrorInfo;
}
else
{
	print "Message has been sent";
}

?>

Adding SPF records

Note: Microsoft Sender ID is in many ways similar to SPF, and in most cases, SPF and SenderID are compaible, so by making an SPF record, you are also creating a Microsoft SenderID record, that sometimes causes trouble when the envelop sender is not the same as the From address !

Here, i will start by showing you a list of SPF records, and what they mean to mail servers, You can use those SPF records or compose your own, as the syntax is very simple really.

If you do not want to take chances, you can use the SPF generator at openspf.org

For example, the most common SPF record is

"v=spf1 a mx ~all"

–Explaining the line above, v=spf1 means that this is an SPF TXT record, it is common to all SPF records,
–followed by an a that means “any computers in the A record fields of the domain’s DNS are allwed to send email, or more simply put, to allow your web server (where you may run PHP scripts that send email for example) to send emails on the domain’s behalf
— Followed by an mx which means all servers mentioned in DNS as mail servers for this domain, are also allowed to send email on this domains behalf.
— ~all means that this loosly describes all servers that can send email on this domain’s behalf (softfail), while a -all would mean that this strictly describes all servers that send mail on our domain’s behalf (fail), and a ?all means that this describes some of the domains allowed to send email on our domain’s behalf, notice that ~ is not – from 1 and 2, ~ is loosly, – is strictly.

But for our examples sake, let us look at a longer, expanded SPF record and see what the extra fields mean

"v=spf1 a mx a:xxx.xxx.xxx.xxx mx:mailsrv2.example.net ip4:yyy.yyy.yyy.yyy/24 ip4:xxx.xxx.xxx.xxx include:mailsenders.com ~all"

In the example above, the section that reads mx:mailsrv2.example.NET is a mail server that is also allowed to send email on example.COM’s behalf

a:xxx.xxx.xxx.xxx where the masked charracters are an IP address means that the server or mail sender with the IP address mentioned can also send email, you can add as many such sections separated by a space as you wish to allow many computers to send mail on the domain name’s behalf

google mail has the following sending limits

GMAIL accounts…

google apps account limits

The links above come down to…

1- GMAIL accounts

500 Emails per day, 500 on the receiving end, or simply, 500 recipients of 500 messages

2- Google apps accounts

500 recipients.. 100 a time when using SMTP

But, what is not stated is that a large number of bounced messages, or email messages that look like spam will also get your account disabled, i found that out on a forum on the internet,

In general, you can send email with PHP through Gmail’s servers for notification and the like, but it is best if you triple check the data before it goes to your account !

Click here to see how to send email from PHP through your Google mail “Gmail” account.

Signing mail with DKIM

This tutorial will demonstrate how you can sign your outgoing emails with DKIM (DKIM is based on Yahoo’s Domain keys and Cisco’s Identified Internet mail, It is defined in RFC 4871.)

The goal of this tutorial is to have postfix sign all mails for multiple domain names, including mail that originates from PHP’s mail function, or any other that passes the Postfix or “Postfix / Sendmail” MTA.

Debian Lenny is my Operating System, Debian’s dkim-filter’s package will sign the mail, and Debian’s Postfix package will be our MTA
1- About DKIM / How it works.

Just like SSL, DKIM uses a private key and a public key to encrypt messages.

in SSL (and DKIM) messages encrypted with the private key are only decrypted by the public key and the messages encrypted by the public key can only be decrypted by the private key.

The private key is (as in SSL) stored on the server ONLY, this is why it is private, and disclosing it to anyone else defeats the purpose, and the public key, in DKIM is stored IN DNS for the receiving server to obtain with a simple DNS request to the nameservers…

A text record in DNS will have the selector as the record name, and the key as record value.

Anyone can decrypt the message by looking up the DNS record, then using that to decrypt the message, the idea is based on the following logic.

The Logic: the sender managed to encrypt this message, so the sender must be the authentic domain owner to be able to encrypt with the private key.

2- Installing DKIM

On my Debian Lenny machine with Postfix installed

apt-get install postfix dkim-filter

3- generating Private and Public keys

Now, with our dkim-filter package, dkim-genkey is automatically installed

So our domains are example1.com example2.com example3.com and example4.com, we want to sign all emails for all mentioned domain names, In our example, multiple domains on our server will use the same public and private keys !

dkim-genkey -d example1.com -t -s dkmail

dkmail that you see at the end is the selector, you can have many selectors for more than one mail server where you do not want to share the private key between servers.

in the above, we are generating a public and a private key into 2 files in the current directory, although the command includes a domain name, the keys can be used for any set of domain names really, so not to worry about that, Now, let us create a directory to store the Private Key, and move the private key to it

mkdir /var/dkim_keys
mv dkmail.private /var/dkim_keys/dkim.private

The public key is stored in the file dkmail.txt, the contents of that file are 1 line that is as follows

dkmail._domainkey IN TXT "v=DKIM1; g=*; k=rsa; t=y; p=MIGfMA0GC...AQAB" ; ----- DKIM dkmail for anyoneofyourdomains.com

While this is a typical TXT record in BIND for example, adding this to your DNS will depend on your provider, for example when using godaddy, you can click add TXT record in your DNS manager, and enter the following into the 3 provided fields

the TXT name should be

dkmail._domainkey

The TXT value should be (The dots denote a longer string, this is just an example)

v=DKIM1; g=*; k=rsa; t=y; p=MIGfMA0GC...AQAB

And the TTL should be left at

1 hour

Now, once you hit OK, you can use any linux machine that has the DIG command to make sure your changes are already visible on the internet by issuing

dig dkmail._domainkey.anyoneofyourdomains.com TXT

You should see your public key as a result, once you do, you can move on to the next steps.

Now, Edit the file /etc/default/dkim-filter and add the following line at the bottom

SOCKET="inet:8891@localhost"

this will make the application listen on port 8891 which we will use with postfix

The other config file is /etc/dkim-filter.conf

in that file i have the following settings, you can change that if you like, my file uses the DKIM-FILTER to sign multiple domain names with the same private key, the public key is applied to all domain name DNS of all 4 domains

# Log to syslog
Syslog			yes
# Required to use local socket with MTAs that access the socket as a non-
# privileged user (e.g. Postfix)
UMask			002

# Sign for example.com with key in /etc/mail/dkim.key using
# selector '2007' (e.g. 2007._domainkey.example.com)
Domain			example1.com,example2.com,example3.com,example4.com
KeyFile		/var/dkim_keys/dkim.private
Selector		dkmail


# Common settings. See dkim-filter.conf(5) for more information.
AutoRestart		yes
Background		yes
Canonicalization	simple
DNSTimeout		5
Mode			sv
SignatureAlgorithm	rsa-sha256
SubDomains		no
#ASPDiscard		no
#Version		rfc4871
X-Header		no

###############################################
# Other (less-standard) configuration options #
###############################################
# 
# If enabled, log verification stats here
#Statistics		/var/run/dkim-filter/dkim-stats
#
# KeyList is a file containing tuples of key information. Requires
# KeyFile to be unset. Each line of the file should be of the format:
#    sender glob:signing domain:signing key file
# Blank lines and lines beginning with # are ignored. Selector will be
# derived from the key's filename.
#KeyList		/etc/dkim-keys.conf
#
# If enabled, will generate verification failure reports for any messages
# that fail signature verification. These will be sent to the r= address
# in the policy record, if any.
#SendReports		yes
#
# If enabled, will issue a Sendmail QUARANTINE for any messages that fail
# signature verification, allowing them to be inspected later.
#Quarantine		yes
#
# If enabled, will check for required headers when processing messages.
# At a minimum, that means From: and Date: will be required. Messages not
# containing the required headers will not be signed or verified, but will
# be passed through
#RequiredHeaders	yes

Now, in your postfix installation, add the following lines at the bottom of the /etc/postfix/main.cf file

# DKIM
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891

Now, you should restart both postfix and dkim-filter

/etc/init.d/dkim-filter restart  
/etc/init.d/postfix restart  

Now, if you send an email to Yahoo mail, or Gmail, you can view the headers and make sure that your DKIM state is pass, if not you should recheck.

Note that SPF goes very well with DKIM and should also be implemented

1- Where are log files for help…

Links for this inp progress article

http://packages.debian.org/source/lenny/dkim-milter

http://packages.debian.org/lenny/dkim-filter

http://www.topdog.za.net/postfix_dkim_milter

http://www.elandsys.com/resources/sendmail/dkim.html

https://help.ubuntu.com/community/Postfix/DKIM

https://help.ubuntu.com/community/Postfix/DomainKeys

https://help.ubuntu.com/community/Postfix

http://www.howtoforge.com/postfix-dkim-with-dkim-milter-centos5.1

http://www.sendmail.com/sm/wp/dkim/

http://www.howtoforge.com/forums/showthread.php?p=234174

http://www.howtoforge.com/set-up-dkim-for-multiple-domains-on-postfix-with-dkim-milter-2.8.x-centos-5.3

http://www.howtoforge.com/forums/showthread.php?p=231268

http://howtoforge.org/set-up-dkim-on-postfix-with-dkim-milter-centos-5.2

http://howtoforge.org/forums/showthread.php?t=26219

I just got off the phone with Godaddy, as usual, i have my “strange godaddy thing of the day”, i have just learned that i lost my $125 of Google advertising coupons because i did not activate the credit from within my godaddy account within a month of buying the product that got me the credits

What you need to know, don’t save your ad credits for later, even when you don’t activate them, they expire, nothing written on that, they don’t tell you anywhere, but the Google ad credit coupons expire on their own after 1 month of the purchase not of activation.

This time, i login to get a receipt from an old API account i have with godaddy, and godaddy tells me they have Google credits for me, i say yipee, and go to collect them, then i start a new adwords account with my gmail Google account, and then what do you know, Google tells me this credit has expired “This promotional code has expired. Learn more”.

So i go to godaddy’s website and other sources, but it only says that the credit must be used on a new Google account within 15 days of activation. So as you might expect, i call godaddy who will then blame Google (Even though it is a newly activated Google credit)

So, i am listening to the recorded conversation to tell you here what happened,

** for my records and convenience the file from the auto call recorder is godaddy_expired_credits_API_Voice-0003.amr ***

Anyway, here is more or less what happened (i am not strictly transcribing but rather describing and skipping the nonsense), but the audio file is available (I am not sure if it is legal to post it though)

So, here is the lowdown on the phone call, this is what you need to know, i don’t know how godaddy will justify that they still offer you to activate a credit that has expired before being activated, or why they still give you a link to activate it after the 1 month, or why they have the activation feature all together if it starts counting for expiry from the time of purchase not the time of activation of the credit, but check this out.

ON HOLD through 22:36
Godaddy Brit : as far as it expires after a month , that you will not find with us, however you will find on that disclaimer there that Google has the right to revoke it at any time for any reason, any credits that we supply, that may be on Google’s end, that’s not something we have the right to say, because once again that is on Google’s end, Google’s terms, but not our terms.

Waiting for a representative to pick up 6:46

Me: i have an old account, and i logged in to get the invoice from there so i can print it, and i found that i have google credits, so i opened the credits tab where the credits were not used, so i clicked activate, and i just did activate them, and then i went to Google adwords, i created a new account, i entered the promo code, and it tells me that this promotional code has expired, i just activated it but it expired.

Godaddy Brit: Ok let me take a look here, did you ever have any products in this account

Me: Yes, surely, an API reseller account

Godaddy Brit: Okay, but i can’t see anything in here right now.

Me: I can see it, i just click on promo codes, Oh, u mean… You just go to order history, i cancelled that product,

Godaddy Brit: Okay, i am not sure that credit will be useful if there is no actual product in the account

Me: Well Brit, i am not sure about that, because it doesn’t have an expiry on the credit, So if we could go step by step and check out that credit, it shows i still have the credit, and there is a button to activate it, So i clicked the button just right now two minutes ago, and it gave me that it was activated on the fifth, which is today, and gave me the code, Now just by giving me the code this means this is an actual Google code, right ? Google credit code, or is it some random string of numbers

Godaddy Brit: I am not sure how it works in connection with Google, but if you want me to run this by my lead just to make sure, please remain on the line.

On wait 13:15
Godaddy Brit: Apparently those credits, although you were able to activate it, they expire on Google’s end about a month after you purchase the product, so if you bought a domain name,and you got the credits, A month after you could still activate it on our end, but Google will reject it about a month after the purchase

Me: Ok, Brit, is that written anywhere ? because i have seen your adwords account needs to be less than two weeks old, but i leave my credits unactivated because it doesn’t say anywhere that you lose your rights to the credits here or there or this way or that way,

Godaddy Brit: Ok, this is probably not as illustrated the best that it could be but let me see here, (A wait) and are you activating this code in a new adwords account or….

Me: Yes sir, it is a new account

Godaddy Brit: So right now i am scanning through our almost unless looking legal terms of service for you to find you where this statement is on.

Me: No problem, take your time, sorry for the inconvenience

Godaddy Brit: Let me run this by one of my leads

Me: take your time

ON HOLD through 22:36
Godaddy Brit : as far as it expires after a month , that you will not find with us, however you will find on that disclaimer there that Google has the right to revoke it at any time for any reason, any credits that we supply, that may be on Google’s end, that’s not something we have the right to say, because once again that is on Google’s end, Google’s terms, but not our terms.