Category: Uncategorized

When typing in arabic, you will probably find that numbers are still rendered with latin charracters, 123, if you want them to render in arabic looking charracters, you can simply use the font PDMS_Mansehra

So, i will be doing this under linux for a good reason

My friend gave me his computer so that i can recover everything for him, he deleted all the photos and so many other things, photos of his family are most important to him.

So, becuase i have been holding his computer hostage for a week now, i decided to copy the entier hard drive so i can give him his computer back, and extract everything at my convinience, so after mountingf the disk i want to undelete from… i executed the command.

ddrescue /dev/sdb /hds/3tb/200gb.img /root/resumelog.log

So i had the image file that i can use for recovery after mounting

Now if as in the article here http://www.buildingcubes.com/2012/07/27/rescuing-a-failed-hard-drive/ i mounted the drive, i can use a nice linux command (ntfsundelete) to undelete the files from the mounted partition.

1- create a list of files to take a look at, put all deleted JPGs in a text file
ntfsundelete /hds/img -m ‘*.jpg’ -p 80 -t 8m > deletedmp3.txt
ntfsundelete /dev/loop0 -m ‘*.zip’ -p 50 -t 8m > deletedjpg.txt

2- change to the directory where you want to recover files to
cd /hds/wd1tb/newdir

3- recover all PNG files then all jpg files
ntfsundelete /dev/sda1 –u –m *.png
ntfsundelete /dev/sda1 –u –m *.jpg

or if i want to move them to a directory other than the active directory
ntfsundelete /dev/sda1 -u -m ‘*.jpg’ -p 90 -t 8m -d /hds/wd1tb/newdir

-p 90 means only recover files with at least 90% recoverable content
-t 5m means only files deleted in the past 8 months

Before i tell you that there has been a software update for this phone, let me remind you of my review of the phone

The lowdown: right after the update, i tested the P698 dual sim android, and i can say that the phone which was a disaster before the update is perfectly usable now, i would still prefer the samsung galaxy Y duos (GT-S6102)

I have only used this phone as a 3G modem up to now, when i tried to use it as a phone, it was a disaster, the phone battery does not last for a day, and this is nothing compared to the very faulty software, ending a phone call is very hard to do (you need to wait 10 seconds before you can be sure the other party can no longer hear you) that is, if this magical phone does not get into stupid mode and make ending the phone call mission impossible, in short, the phone is a disaster.

Worth mentioning is that the phone hardware is pretty OK, in some regards better than the Samsung Y duos, it is the software that is a disaster, the only thing that i consider essential and is missing from the hardware is the proximity sensor (the one that disables the touch screen when the phone is close to your face). CORRECTION: THE LG P698 does have a proximity sensor, and with the new update it works just fine.

So, today i decided to check whether the phone got a new software update, and indeed it has (the second), this update is named (and dated) v10g-jul-06-2012, where the update right before this one was v10f-mar-07-2012, so what did LG do in those 3 months, any news of fixing the bugs that were killing me ?

I will now install both my lines into this phone (from my very usable and useful Samsung Y duos), i will try the phone for a couple of days and let everyone know of the results, i am not optimistic

I will be back in a couple of days to tell you all if the phone is better now.

The update:
The new update improves the software so that this phone is now usable compared to a phone i bought and could not use, the samsung galaxy Y duos is still better than this phone (and has the swype application that is very nice), so i am still favoring the Samsung Galaxy Y duos, but the LG P698 is not so bad now, it works as a phone just fine

The way to rotate all files that are usually rotated with debian’s file rotation program “logrotate”, you execute the following.

logrotate -f /etc/logrotate.conf

/etc/logrotate.conf contains a list of log files that need to be rotated, you can write your own if you like.

There seems to be a certain bug with Debian, when installing it on the same hard drive with Windows, on the next boot, windows is not one of the options, so what you can do is this

update-grub

You will see results such as

update-grub
Generating grub.cfg ...
Found background image: /usr/share/images/desktop-base/desktop-grub.png
Found linux image: /boot/vmlinuz-2.6.32-5-686
Found initrd image: /boot/initrd.img-2.6.32-5-686
Found Windows 7 (loader) on /dev/sda1
done

Grub should now find you missing windows and add it to the boot menu !

I wrote this for my own reference, because every time i install i spend so much time trying to find the magic words online again

Relaying mail with PHP

Sending mail through a mail server that requires authentication (A username and password).

This article is when you do NOT want to use your server’s MTA with PHP, and you want to send through an MTA that requieres authentication (A remote mail server)

When sending email from your own MTA with sendmail, PHP can use the mail() function to send such mail by smply passing the mail function some arguments, Even when the MTA is on a different computer that allows you to send mail (By validating your IP), changes can be made to PHP.INI to make the mail function work as needed.

But when you want to automate sending emails from something like a GMAIL account or a Godaddy Mail Server, things are different, You will need to connect to the SMTP server and ask it to relay your mail, for that the server will ask you for Authentication credentials, this tutorial will show you how to send email from a different email provider.

So, to begin with, you will need to download this script that i originally obtained from the open source GPL Coppermine Project, they in turn took the code from the GPL PHPMailer, a small change is required to make this file work.

Click here to download the mail slass scripts

What this script is about to do is exactly what your Outlook or Thunderbird do when you manually send a message from them, this is not a magic solution, the Gmail sending limits still apply, and all other big providers have limits even when you are a paying customer. mail providers need to protect there servers from being labled as spammers, some rules need to be in place.

Also, before you start, you should look carefully at the limits, not only is there a send limit, a large number of bounces will also lock your account in the case of Gmail and others.

In this tutorial we will use the functions in the PHPMailer class “http://phpmailer.sourceforge.net/”, it is free GPL software.

but rather than downloading it from PHPMailer’s website, we will take it from within the Coppermine Gallery Software, the file we need is include/mailer.inc.php

a few modifications need to be done, First seach for the string “connect to the smtp server” and add the following lines above it

$host = “ssl://smtp.gmail.com”;
$port = 465;

then search for “function ServerVar”, and right after the opening “function ServerVar {” and before “$superCage = Inspekt::makeSuperCage();” add

return ”;

Now, our mailer script should be ready !

Now, create a new PHP file (sendmymail.php), and within that paste the following code, Fix all names, credentials and email addresses.

require 'mailer.inc.php';
$mail = new cpg_PHPMailer();//this is the name of the class in coppermine
$mail->IsSMTP(); // send via SMTP
$mail->SMTPAuth = true; // turn on SMTP authentication
$mail->Username = "username@gmail.com"; // SMTP username
$mail->Password = "password"; // SMTP password
$webmaster_email = "username@doamin.com"; //Reply to this email ID
$email="username@domain.com"; // Recipients email ID
$name="name"; // Recipient's name
$mail->From = $webmaster_email;
$mail->FromName = "Webmaster";
$mail->AddAddress($email,$name);
$mail->AddReplyTo($webmaster_email,"Webmaster");
$mail->WordWrap = 50; // set word wrap
//$mail->AddAttachment("/var/tmp/file.tar.gz"); // If you want to add attachments !
//$mail->AddAttachment("/tmp/image.jpg", "new.jpg"); // If you want to add attachments
$mail->IsHTML(true); // send as HTML
$mail->Subject = "This is the subject";
$mail->Body = "Hi,
This is the HTML BODY "; //HTML Body
$mail->AltBody = "This is the body when user views in plain text format"; //Text Body.
if(!$mail->Send())
{
	print "Mailer Error: " . $mail->ErrorInfo;
}
else
{
	print "Message has been sent";
}

?>

Adding SPF records

Note: Microsoft Sender ID is in many ways similar to SPF, and in most cases, SPF and SenderID are compaible, so by making an SPF record, you are also creating a Microsoft SenderID record, that sometimes causes trouble when the envelop sender is not the same as the From address !

Here, i will start by showing you a list of SPF records, and what they mean to mail servers, You can use those SPF records or compose your own, as the syntax is very simple really.

If you do not want to take chances, you can use the SPF generator at openspf.org

For example, the most common SPF record is

"v=spf1 a mx ~all"

–Explaining the line above, v=spf1 means that this is an SPF TXT record, it is common to all SPF records,
–followed by an a that means “any computers in the A record fields of the domain’s DNS are allwed to send email, or more simply put, to allow your web server (where you may run PHP scripts that send email for example) to send emails on the domain’s behalf
— Followed by an mx which means all servers mentioned in DNS as mail servers for this domain, are also allowed to send email on this domains behalf.
— ~all means that this loosly describes all servers that can send email on this domain’s behalf (softfail), while a -all would mean that this strictly describes all servers that send mail on our domain’s behalf (fail), and a ?all means that this describes some of the domains allowed to send email on our domain’s behalf, notice that ~ is not – from 1 and 2, ~ is loosly, – is strictly.

But for our examples sake, let us look at a longer, expanded SPF record and see what the extra fields mean

"v=spf1 a mx a:xxx.xxx.xxx.xxx mx:mailsrv2.example.net ip4:yyy.yyy.yyy.yyy/24 ip4:xxx.xxx.xxx.xxx include:mailsenders.com ~all"

In the example above, the section that reads mx:mailsrv2.example.NET is a mail server that is also allowed to send email on example.COM’s behalf

a:xxx.xxx.xxx.xxx where the masked charracters are an IP address means that the server or mail sender with the IP address mentioned can also send email, you can add as many such sections separated by a space as you wish to allow many computers to send mail on the domain name’s behalf

google mail has the following sending limits

GMAIL accounts…

google apps account limits

The links above come down to…

1- GMAIL accounts

500 Emails per day, 500 on the receiving end, or simply, 500 recipients of 500 messages

2- Google apps accounts

500 recipients.. 100 a time when using SMTP

But, what is not stated is that a large number of bounced messages, or email messages that look like spam will also get your account disabled, i found that out on a forum on the internet,

In general, you can send email with PHP through Gmail’s servers for notification and the like, but it is best if you triple check the data before it goes to your account !

Click here to see how to send email from PHP through your Google mail “Gmail” account.

Four days of godaddy SSL hell (starfield technologies certificate)

So, i am not writing this to mock godaddy or godaddy resellers or support, this is just a problem that you need to understand before you call godaddy (or any of their resellers) simply to save time and not to have to wait for 4 days like i did

When i submit my security signing request (csr file) to godaddy or wild west domains, the error i get reads

Common name example.com is already present in a current certificate.

The reason to this is that someone (probably you or a previous owner) already issued a certificate for that domain from another account.

SOLUTION: Certificate, or even expired certificate must be REVOKED, cancelled is not good enough, the magic word is REVOKED, when the certificate expires, you can not revoke it, you must contact support and tell them that you need to revoke it by email.

So, i have not taken the time to organize the text below this line yet, if you are arguing about something in an effort to reduce your wait time, see below for whatever you need, but again, i did not refine any text below this line or organized it or even checked that it is correct.

———————————————————————-

UPDATE: Godaddy wrong again, when i get the time i will listen to the recorded conversation (because my phone auto records all conversations) and tell you exactly what you need to do to not rely on the faulty godaddy manuals, in short this is what happened (as i remember it is close to this)

So, here is what my conversations with godaddy comes down to, not accurately, but in short, what it comes down to (for my reference, the file is godaddy ssl Voice-0003.amr)

But as i start to get skeptical about this resolving itself in a few hours, i will call jet (the very helpful customer care representative) again and see if anything can be done.

Godaddy (Jet): After canceling the certificate, you need to wait for three days
Me: No, i am sure we have to revoke it, and since it is expired, i can not revoke it
Godaddy (Jet): No you are mistaken, after cancelling, we wait for three days then put in a new request
Me: Ok i will wait
I wait for 2 days, then call again as my website is down
Me: are you sure that within 3 days the system will do cleanup, if the job runs once every three days, 2 days increases the odds of what i was saying being right, can you please double check ? my website has been down for two days
Godaddy: no need to check, there is nothing we can do
And after 3 days of still no luck, i call again
Me: hi, i have waited for 3 days
Godaddy (denis): yes sir, for a certificate to get cleared from the system it needs to be revoked, i will have them send you an email so we can revoke it by email.
me: Seriously, that’s what i said 3 days ago
Godaddy (denis): I wonder why they did not do that on the first day
Me: thanx anyways

You are looking for A-Z instructions, what i am doing here is to show you how to install a godaddy or starfield certificate to a website on apache server on a debian system, if you want the instructions to issue the certificate yourself (self signed certificate), i have covered that in another post, you can adopt this to the system of your choice, here i will explain what i am doing too so that you can adapt it to other systems

Note that you need a dedicated IP address for every website / certificate.
I have apache already installed on debian squeeze and running a website with no SSL

1- Before we begin, you may want to execute

apt-get update

2- Install openSSL, on debian this is done with

apt-get install openssl ssl-cert

3-Create a directory for the keys

mkdir /etc/apache2/sslkeys

4- Creating a PRIVATE key (Give to no one)

Before executing this command
You will be asked to chose a password and enter it twice, please keep this password on a paper close to you since we will need this password to decrypt this key in the following steps, this password is important during this process, no longer important after that.

openssl genrsa -des3 -out /etc/apache2/sslkeys/server.key 2048

5- Create a signing request to give to godaddy or starfieldtech
Before executing this command, remember that from the questions you will face, the only one that is TEHNICALLY IMPORTANT IS to use the common name example.com (not www.example.com), unless it is a subdomain other than www you can use subname.example.com, all other fields you should answer as you would like them to appear to people, but the certificate will not work with an incorrect common name

 openssl req -new -key /etc/apache2/sslkeys/server.key -out /etc/apache2/sslkeys/server.csr

NOTE: we could have created a signing request and a private key in one go with

openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr

But we chose to not do that because this tutorial aims to show you the exact steps and what they do

6- Now, we have a secure signing request, all we need to do is give that to the issuing authority so that they can give us a signed public key

UPDATE: Done with the problem of already present in a current certificate after 4 days of talking to godaddy

Now, i can generate my new certificate, but i waiting for 4 days that i could have done without and got it on the first day, the 72 hours written in the manual is probably the MAXIMUM after revoking a certificate, not after canceling it.

Problem, apache will not start without pass phrase, this also means that rebooting the machine will have the machine hang waiting for apache to start and waiting for a user to enter a password for apache, so we need to decrypt the private key
Please note that this does not make your connection less secure, but in the event that someone gets hold of the key file (That you should protect encrypted or not), they can defeat SSL security.

root@someserver:~#/etc/init.d/apache2 restart
Restarting web server: apache2 ... waiting Apache/2.2.16 mod_ssl/2.2.16 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.

Server www.example.com:443 (RSA)
Enter pass phrase:

OK: Pass Phrase Dialog successful.

Anyway, now we should come back to how to remove the pass phrase from the private key

Assuming that your RSA key is stored in the file
/etc/apache2/sslkeys/server.key
To decrypt the file, so that apache does not requer a password with every restart
1- copy the key file:

cp /etc/apache2/sslkeys/server.key /etc/apache2/sslkeys/server.enc.key

Now, decrypt the key (read from the backup file) into the key file in our config

openssl rsa -in /etc/apache2/sslkeys/server.enc.key -out /etc/apache2/sslkeys/server.key

Now the encrypted key is in the server.enc.key just in case you need it, and the key used by apache is NOT encrypted and is in server.key file (That apache already uses)