Archive for the ‘Linux’ Category

Newer Entries »

Problems with DKIM keys and PostFix

Friday, June 19th, 2009

If you don’t know, DKIM keys are the replacement for Yahoo!’s Domain Keys that were introduced to combat spam. Its basically a digital signature in the header of the email message to enable the mail server to determine the message source accurately.

I’ve been trying to get dkimproxy.out to work with postfix – which I’ve managed to do. The only issue is that it doesn’t seem to be signing the messages correctly – not quite sure whats wrong.

Delivered-To: xxx.xxxxx@gmail.com
Received: by 10.103.243.5 with SMTP id v5cs118747mur;
Fri, 19 Jun 2009 11:18:43 -0700 (PDT)
Received: by 10.210.30.10 with SMTP id d10mr1099509ebd.14.1245435522990;
Fri, 19 Jun 2009 11:18:42 -0700 (PDT)
Return-Path:
Received: from idpd.vm.bytemark.co.uk ([80.68.93.52])
by mx.google.com with ESMTP id 6si6760399ewy.54.2009.06.19.11.18.42;
Fri, 19 Jun 2009 11:18:42 -0700 (PDT)
Received-SPF: pass (google.com: domain of test@idontplaydarts.com designates 80.68.93.52 as permitted sender) client-ip=80.68.93.52;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of test@idontplaydarts.com designates 80.68.93.52 as permitted sender) smtp.mail=test@idontplaydarts.com; dkim=neutral (bad format) header.i=test@idontplaydarts.com
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by idpd.vm.bytemark.co.uk (Postfix) with SMTP id 82728722DD
for
; Fri, 19 Jun 2009 19:19:01 +0100 (BST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=idontplaydarts.com; h=
subject; s=selector1; bh=uoq1oCgLlTqpdDX/iUbLy7J1Wic=; b=X6q/deT
OiqL1ea8qZiP3qsIKDmoWTdlt4Zgd36FfY3kAhLv1JZf1q6h93REQLqLl
subject: Hello world
Message-Id: <20090619181901.82728722DD@idpd.vm.bytemark.co.uk>
Date: Fri, 19 Jun 2009 19:19:01 +0100 (BST)
From: test@idontplaydarts.com
To: undisclosed-recipients:;

Hey there test!!

I’ve checked the DKIM entry on the TXT records – it seems to be accurate and the encryption appears to be working (according to the mail.log output). Anyone got any ideas why I’m getting this “bad format” in the header?  I’m guessing its something to do with the message header being incorrect….

So far I have:

  • I tried reducing the size of the key – down to 384-bits from 1024-bit
  • Changing the selector name

Any ideas anyone?

Update: So it appears that my crude method of sending emails using

telnet localhost 25
MAIL FROM:test@idontplaydarts.com
RCPT TO:xxx.xxxx@gmail.com
DATA
Subject: woot
hello world
.

Is a little crude and missing the To and From headers after the DATA – turns out you need to specify them. *doh* – Its all working fine now, just going to increase the size of the keys now back to 1024bits.

Tags: ,
Posted in Linux, Security | No Comments »

Reduce load times, speed up your website, increase revenue

Sunday, June 14th, 2009

Page load speed is everything. Tests done by Amazon have shown that an increase in page loading times by 100ms can reduce sales by 1%; when Google added 500ms to its response times traffic dropped 20%. The premise is simple: a faster website means faster feedback to the user which enables a faster user learning curve.

If like me you have a website that is powered by the LLMP (Linux Lighttpd MySQL PHP) stack then there are some simple steps you can take to decrease your page load times. If your running Apache and not Lighttpd then maybe its time to move :) (more…)

Tags: , , , , ,
Posted in Linux, MySQL, PHP | No Comments »

Traffic shaping using lighttpd

Wednesday, May 27th, 2009

Now that the server is using lighttpd its become possible to implement traffic shaping, you can even do it per directory which is a nice touch.

$HTTP["url"] =~ “^/photos/” {
connection.kbytes-per-second = 128
}

This limits all urls that start with /photos/ to 128k per second. You can try it on a photo of Queensland Australia that I’ve just uploaded. If you look at the output from wget we can see it in action:

Resolving www.idontplaydarts.com… 80.68.93.53
Connecting to www.idontplaydarts.com|80.68.93.53|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 13858463 (13M) [image/jpeg]
Saving to: `queensland.jpeg’

100%[=============================>] 13,858,463   136K/s   in 1m 46s

2009-05-27 15:44:02 (128 KB/s) – `queensland.jpeg’ saved [13858463/13858463]

And there we have it. Traffic shaping using lighttpd. There are some pitfalls – users can still open multiple connections to your URL using tools such as axel – instructions on installing and using axel on debian can be found on nixCraft

As you can see if we open 4 connections we get 4 times the throughput.

# axel -a -n 4 http://www.idontplaydarts.com/photos/panorama/queensland.jpeg
Initializing download: http://www.idontplaydarts.com/photos/panorama/queensland.jpeg
File size: 13858463 bytes
Opening output file queensland.jpeg.0
Starting download

Connection 3 finished                                                          ]
Connection 2 finished                                                          ]
Connection 0 finished                                                          ]
Connection 1 finished                                                          ]
[100%] [..................................................] [ 524.8KB/s] [00:00]

Downloaded 13.2 megabytes in 25 seconds. (524.79 KB/s)

Lighttpd version 1.5 is going to support a max connections per ip which would be handy if you wanted to prevent people opening multiple connections. Not really that handy for a website but possibly if your serving lots of large static files.

Tags: ,
Posted in Linux | No Comments »

Moving hosts

Sunday, May 17th, 2009

Today I switched hosts and purchased a virtual server from bytemark. I’ve got to say I really like it. It’s cheap, fast and seems to be quite stable. The new setup is

  • PHP 5.3
  • Mysql 5.1
  • Lighttpd

Which I guess makes it a LLMP stack rather than a LAMP stack. I’ve become a big fan of Lighttpd recently, its pretty much Apache but without the bloat. Its also got some nice traffic shaping features that seem to be lacking from Apache and uses way less resources. Pretty handy when your server only has 256mb of ram.

Moving over to a virtual host has been pretty simple as has migrating the blog from blogspot to wordpress. The new virtual host has given me much greater control over my blog so you can expect to see some new funky code in the near future.

Tags: , , ,
Posted in Linux | No Comments »

Fast php-cgi binary missing?

Tuesday, March 24th, 2009

I was trying to re-compile PHP today to install lighttpd. It needs the fast-cgi option when compiling because unlike Apache it doesn’t use mod_perl. I kept specifying the –enable-fastcgi option but every time I compiled it didn’t make the php-cgi binary. It just made the cli version and that was it.

The problem: apxs the tool that php uses to configure itself with Apache (i wanted PHP setup with both apache and lighttpd) seems to disable the –enable-fastcgi option. This only seemed to happen with Apache 2.2.

The solution: disable the apxs option when you compile and manualy add the config lines to apache if you need it.

Tags: , ,
Posted in Linux | 1 Comment »

Newer Entries »