TTG Home » Robert Home » Daynotes Journal Home » Journal for Week of 27 August 2001

photo-rbt.jpg (2942 bytes)Daynotes Journal

Week of 27 August 2001

Latest Update: Friday, 05 July 2002 09:16

Search Site [tips]

Click Here to Subscribe

Visit Barbara's Journal Page

Monday, 27 August 2001

[Last Week] [Monday] [Tuesday] [Wednesday] [Thursday] [Friday] [Saturday] [Sunday] [Next Week]
[Daynotes Journal Messageboard]  [ Messageboard]

08:57 - I promised more about the system we installed in the den. I'd rather forget some of it, but here goes...

I think I mentioned that the Dell system that we installed an Intel D815EEA motherboard in didn't work. I never did have time to figure out what the problem was. As usual, I had another system sitting around doing nothing, and it'd be quicker just to use it, or so I thought.

That system is an AMD Duron/800 that originally had Windows 98SE installed on it. It wasn't connected to anything at all, including power. Just a bare box sitting there. Saturday morning, I decided to install Windows NT4 Workstation on it. When I connected it to the KVM box and fired it up, I found that I'd already wiped it down to bare metal and installed Windows 2000 Professional. So much for NT4. I'd prefer using NT4 to W2KP, but not enough to make it worth stripping the box down to bare metal.

The first odd thing about this system was that when I powered it up, my scanner reset and did a full scan of nothing. Very strange, since that system isn't connected to the scanner. The scanner connects to a Win98SE box sitting next to the Duron system. Very strange indeed. But it got stranger. I'd apparently left the system in its virgin state immediately after installing Windows 2000 on it. Part of that state was the default power savings settings. Each time the system went to sleep and I then woke it up, the scanner would initialize and do a full scan. After that finished, the Epson inkjet printer would print a full page. The first time, the page had a plain light gray background. The second time, it had a black background. Oh, well. At least now I know the printable area of the inkjet printer, although I'd rather not have used the ink to find out.

That wasn't the only strange thing. The system has a network card installed, which is a combination 10BaseT Ethernet and PNA phone-networking card. When AMD sent me the system, it had Windows 98SE installed. I was almost sure that Device Manager reported that the network card was a LinkSys model, but Windows 2000 had installed the card as an AMD model. That kind of made sense, given that it was a system supplied by AMD, but the fact was that the computer couldn't talk to anything on the network and the link lights were dead.

So the first thing I did was uninstall the AMD driver and install a LinkSys driver, which I found I'd already downloaded and stuck in my \install directory some time ago. That done, the system communicated with the network properly.

After using my Compaq Armada E500 notebook to test the new network cable run, I carried the Duron system into the den and set it up. I brought along CDs for Office 2000, Norton Internet Security, etc. etc. and set to installing and configuring the system.  After two or three hours of work, I finally had the system about the way I wanted it. Belatedly, I attempted to access the network, only to find that I couldn't see anything else on the local network. The Internet worked fine, mind you, but anything that used Microsoft Networking was completely invisible to the new system. I fiddled with all the reasonable things--WINS configuration, NetBIOS-over-TCP, etc. No joy, and no access. Arrrrghhh. I hate Windows 2000.

Convinced that the problem was with Windows 2000, I decided to do what I should have done originally. I stripped the system down to bare metal and installed Windows NT 4 Workstation. As soon as the installation finished, I checked network access. Everything worked normally. Heh. Take that, Windows 2000.

So I spent another couple or three hours installing Office 2000, NIS, etc. After the final reboot, I fired up Outlook to get it pointed to my main PST file on the server. After a heart-stopping pause, Windows displayed an error message to tell me it couldn't access F:. Arrrrrrrrgghhhh.

So I got to thinking. Obviously, there wasn't any problem with the hardware, drivers, etc. because I'd been able to access the network normally before. It had to be something I'd installed, and the obvious candidate was Norton Internet Security. NIS has an option in its Personal Firewall Module called Internet Zone Control. That option allows the user to set Trusted and Restricted sites by IP address, network range, and so on. By default, nothing is in either group, so I'd blithely assumed that this function was disabled. Not so, as it turns out.

Unless you add your own network to the Trusted Sites group, you won't be able to access any of them. Fine, that's understandable, but what's not understandable, to me at least, is why something called "Internet Zone Control" would restrict access for Microsoft Networking but not for pure IP. Before I added my own network to the Trusted Sites zone in NIS, I was still able, for example, to use meepmeep (the Roadrunner gateway box) to access the Internet from this system, but not to view a Microsoft Networking share on that system. Very strange indeed.

Once I figured out that problem, I added my entire network range to the Trusted Sites, and everything started working normally. So it appears that I did an  NT4 installation needlessly, but the truth is I'm happier with NT4 Workstation than with Windows 2000 Professional anyway. NT4W/SP6a is, in my experience at least, much more stable and much less hinky than W2KP.It's also faster on any given machine, sometimes noticeably so. The only thing I'm giving up with NT4W is USB, which I don't really care about on this machine anyway.

As to the machine itself, it works fine. My Ferrari® SmokeSucker motor causes the monitor to waver a bit, but I can live with that. It's a bit strange going from my 19" Hitachi running 1280X1024 or 1600X1200 down to an old MAG Innovision 15" running 800X600, but I can live with that too. As to the 10BaseT, I can't tell much difference. Even though 100BaseT is 10 times faster than 10BaseT, it doesn't really work out that way in practice on a small network. The difference in throughput is more like two times, so large files take twice as long to load across the network as when I'm using 100BaseT. But that's a minor thing. If I ever decide it matters, it'd be easy enough to pull the 10BaseT card and stick in a 100BaseT card, which'd run fine at 100 Mb/s on the existing short Cat-3 cable run.

Thanks to reader Miguel Bazdresch, who sends this link. with the comment, "If you thought SmartTags were bad..."

Indeed. With banner ads no longer working at all to speak of, advertisers are desperate to come up with methods to increase click-throughs. The obnoxious pop-under ads are bad enough, but this hits a new low.

I ran my usual full network backup yesterday, using the DDS (DAT) drive in my main system. As the network backup ran on that machine, I worked on the new machine in the den. When I came in to check backup progress at one point, there was an error message up on the screen, telling me that I was running short on virtual memory and that Windows had expanded my swap file. I shouldn't have been surprised, because that system still had 20 or so IE windows minimized on the task bar and the system has only 192 MB of RAM. I see that Crucial is selling 128 MB PC133 CL-2 DIMMs for $19.79 this morning and 256 MB DIMMs for $37.79. Including free second-day express shipping. I think I'll order a couple of 128 MB modules and a 256 MB or two. With memory this cheap, there's no excuse for not having at least 256 MB in every system.

I seem to have come down with a summer cold this weekend. I wasn't feeling very well Saturday, and worse yesterday. Oh, well. I hope I can get some work done today. I don't write very well when I'm not feeling my best.

This week is liable to be short shrift around here. Lots to do, and not much time to spend on my journal page...

10:59 - Hmmm. Well, I tried to order a couple of 256 MB PC133 DIMMs, but Crucial's web site is screwed up. When I filled in the order quantity and clicked the Secure Checkout button, I got a socket error because the URL I was transferred to was http://www.crucial.comcrucial/pvtContent/msgSessionEnd.asp and there's obviously no such top-level domain as comcrucial. I've reported the problem by email, so perhaps they'll get it fixed soon.

I still find it incredible that I can order half a gig of PC133 SDRAM for $75, and that includes 2nd-day shipping. Incidentally, the free shipping offer expires 31 August, so if you want to order some memory now may be the time to do it. I don't know if the prices will drop even further, but with the prices as low as they are it doesn't matter much if they do.

At any rate, I need to boost both Barbara's and my main systems up to 512 MB, and those two 256 MB modules will let me do it. Incidentally, if you order 256 MB modules, make sure your motherboard supports them. The 256 MB modules are 32Meg X 64, which is to say they use 256 Mbit chips. Many older chipsets support only 64 Mbit and 128 Mbit chips. That means, for example, that they won't operate properly in my main system, which uses the 440BX chipset. That's not a problem for me. I'll simply pull the two 128 MB DIMMs in Barbara's system, which use 128 Mbit chips, and install four 128 MB DIMMs in my 440BX system. Barbara's system does support 256 Mbit chips, so I'll stick the two new 256 MB modules in her system.


Click here to read or post responses to this week's journal entries

Click here to read or post responses to the Linux Chronicles Forum


Tuesday, 28 August 2001

[Last Week] [Monday] [Tuesday] [Wednesday] [Thursday] [Friday] [Saturday] [Sunday] [Next Week]
[Daynotes Journal Messageboard]  [ Messageboard]

09:48 - I see that AMD took my advice from last week. They cut their processor prices significantly last week, but not enough to compete with Intel. So this week they cut prices again. Here are this week's official prices, with last week's in parentheses:

Athlon/1.4   - $130 ($253)
Athlon/1.33 - $125 ($230)
Athlon/1.3   - $125 ($230)
Athlon/1.2   - $120 ($199)
Athlon/1.13 - $115 ($179)
Athlon/1.1   - $115 ($179)
Athlon/1.0   - $115 ($160)

They even took my advice about the optimum price for the Athlon/1.4. Of course, with only a $15 spread between the fastest and slowest Athlons, it now makes little sense to buy anything but the fastest. Of course, the Intel Celeron and AMD Duron apply pressure from the low-end. It's now possible to buy a gigahertz processor for less than $100, and those sub-$100 processors aren't all that much slower than the premium processors. Intel has more price cuts scheduled for October, which AMD will have to match. At that point I'll expect to see the fastest Athlon selling for less than $100.

At some point, it's going to make sense for AMD and Intel both to stop intentionally crippling their processors. When the flagship models sold for hundreds of dollars, they had to artificially differentiate their low-end models, and they did that by providing the low-end models with a smaller and less efficient L2 cache. It doesn't cost Intel much more to make a Pentium III with 256 KB of L2 cache, and it costs AMD literally no more to make an Athlon, since the Duron essentially starts life as an Athlon and has half its cache disabled. 

Intel is likely to take that step first. The real Celerons will likely disappear soon, to be replaced by rebadged Pentium IIIs, leaving Intel with Tualatin-core Celerons on the low-end, Pentium 4s on the high-end, and the Pentium III name being retired. AMD doesn't have that option, because they don't have a processor to match the Pentium 4. So AMD will likely continue selling the Duron against the Celeron (and a 256KB Tualatin-core Celeron should be faster than a Duron). They'll try to position the Athlon against the Pentium 4. That's why they designated the Athlons with the new core the Athlon 4, not that that's likely to fool many people.

Isn't competition wonderful? Gigahertz processors for $100 and memory for $0.15 per megabyte. Now if only Microsoft had some competition for Windows and Office, you'd likely see full retail copies of Windows and Office selling for under $100 as well and OEM preloads at $20.

I've been down since Sunday with some kind of bug, and I'm still not feeling 100%. I'm even further behind than usual, so there probably won't be much posted here for the next few days.

Click here to read or post responses to this week's journal entries

Click here to read or post responses to the Linux Chronicles Forum


Wednesday, 29 August 2001

[Last Week] [Monday] [Tuesday] [Wednesday] [Thursday] [Friday] [Saturday] [Sunday] [Next Week]
[Daynotes Journal Messageboard]  [ Messageboard]

09:10 - The Inquirer has an interesting article posted about spammers using webbugs in HTML email. Like other webbugs, these are tiny graphics, usually 1X1 pixels, embedded in HTML. When you open or even preview an HTML message in Outlook (or any number of other email clients), the HTML rendering engine goes out to the spammer's site to retrieve the graphic. In the process of doing that, it provides a lot of information about you, including your IP address, the email address to which the message was sent, your OS and browser version, and so on. The most important information from the spammer's point of view is that this is a valid email address that belongs to someone who checks his email. 

So merely by receiving that webbugged email and previewing it for a moment as you delete it, you're telling the spammer who you are and that you check your email, thereby guaranteeing yet more spam. The page reference in that article has a test page on which you can enter your email address. It automatically generates a test webbugged email message to that address. After you preview or open the message, you can go back to that page and view the log file, which shows all your information.

That's pretty disgusting. Enough, in fact, to make me consider abandoning Outlook. I'd always been aware of this problem at the back of my mind, but this really brings it home. I immediately went over to the Pegasus Mail site to check on progress of Pegasus Mail 4.0. David Harris is still working on it, but it sounds like it may be available before too much longer. Version 4 will have an updated interface, and will include PIM functions like those in Outlook. I may change to it once it ships, although it'd be nice if there were a utility for getting my old mail out of Outlook, AKA Hotel California.

Well, it looks like AMD took my advice. Several months ago, I had a long conversation with Drew Prairie at AMD about the looming clock speed gap between AMD processors and Intel processors. I suggested that perhaps AMD should consider reinstituting the hokey old Performance Rating (PR) system for naming processors. At that time, Mr. Prairie said that AMD had no plans to do that, although he agreed that AMD had to do something to compete successfully with the higher clock speeds of the Pentium 4. 

I told Mr. Prairie that I couldn't see any alternative to them using the PR system for Athlons, because most people buy based on clock speed, not actual performance. It now looks as though AMD plans to do exactly that. According to this article in Tom's Hardware, AMD will begin naming their Palomino-core processors with a model number rather than by clock speed. The Palomino/1.4, for example, will be known as the Model 1600 even though it actually runs at 1400 MHz. AMD even insists that motherboard makers and BIOS writers conform to that new method. A system running a Palomino/1.4 will never display the actual clock speed, but only the 1600 model number. Of course, you'll still be able to view the actual clock speed with Windows or a utility like CPUID or SiSoft Sandra.

I'm not sure this is going to work for AMD. In the first place, PR numbers were always a matter of opinion because relative processor performance varies according to the benchmark one uses. Even more important, things have changed since the bad old PR days. Consumers are much more ready to sue at the drop of a hat, and I predict it won't be long before someone who's bought a Palomino Model 1600 sues when he finds that his Palomino 1600 is actually a Palomino 1400. Resellers, if they have any sense, will prominently feature the actual clock speed in their ads and specifications, which kind of makes the model number immaterial.

Airborne showed up yesterday with a big box of Seagate tape drives. In the current edition, we recommended Tecmar tape drives, which I've been using for years with no problems. Unfortunately, Tecmar decided to depart the tape drive business, which meant I need to scramble for a new recommendation. I've also been using Seagate tape drives for years, but I didn't have much experience with recent models. I have an old Seagate Travan TR-4 drive which, like the Energizer Bunny, just keeps running and running. I also had an old Seagate DDS-1 drive, which I finally retired because it had become too small to be useful. My experience with Seagate tape drives has left me with a favorable impression, but I can't recommend what I'm not using, so it was time to take a look at some of their newer models.'

I now have a Seagate Travan NS20 drive (10/20 GB), a Seagate DDS-3 drive (12/24 GB), and a Seagate DDS-4 drive (20/40 GB) in for long-term testing. I'm particularly looking forward to testing the DDS-4 drive. Its rated speed, with compression, is 333 MB/min, which means it should back up a gig every three minutes, or 20 GB/hour. I doubt it'll actually run quite that fast on real-world data, but I'm looking forward to finding out. 

Click here to read or post responses to this week's journal entries

Click here to read or post responses to the Linux Chronicles Forum


Thursday, 30 August 2001

[Last Week] [Monday] [Tuesday] [Wednesday] [Thursday] [Friday] [Saturday] [Sunday] [Next Week]
[Daynotes Journal Messageboard]  [ Messageboard]

08:42 - Lots of mail about Outlook, including several messages congratulating me on my decision to stop using it. Well, I actually haven't decided to do that right now, just that I will do so when something better comes along. I used Pegasus Mail for years. It was and is the most powerful mailer I've ever used, but I ended up using Outlook because of its integrated PIM functions. The new release of Pegasus Mail will incorporate those functions, and I'm eagerly looking forward to its release. Until then, I'll continue using Outlook, warts and all. With regard to getting information out of Outlook, I got the following email from my friend Bo Leuf, who is the co-author of O'Reilly's Outlook 2000 in a Nutshell.

-----Original Message-----
From: Bo Leuf []
Sent: Wednesday, August 29, 2001 5:46 PM
To: Robert Bruce Thompson
Subject: web-bugs, Pegasus

> ... consider abandoning Outlook ...

You probably should. If only to regain the control over email format and preview that Outlook takes away. Not to mention the lack of tools to do interesting things with the mail archives.

I've been very happy with Pegasus almost since I started using email. It ignores most scripted and webbug things, while still letting one save out and examine the more suspect things. Mail sorting rules are in many ways more powerful than what Outlook offers, with a nice mix of pre- post- and manual options, and rules to particular folders.

The way Outlook tries to be a Swiss Army knife with automatic power blades for all occasions just doesn't work in practice. PIM aspirations and benefits notwithstanding.

Regarding export/convert Outlook mail, there are a few tools around, mainly directed to Outlook Express. The recommendation for pre v5 was simply to export as mbx format (Unix and Eudora format), which is plain text, and work from there. Pegasus can use this format as is.

Eudora 5.0 by the way claims "easy import from Outlook, Outlook Express and Messenger. (Outlook 98/2000, Outlook Express 4.0/5.0, Netscape Messenger 4.73/6.0 for Windows..."

On the other hand, with your gaggle of machines on a LAN, the easiest might be to just forward your archived mail from Outlook to say Pegasus on another machine. The best way, however, must surely be to go via a local IMAP server -- shuffle folder contents to the IMAP from Outlook, then bring them back to the other client.

/ Bo
Leuf Consultancy
LeufCom --
Most recent book: The Wiki Way (Addison-Wesley),

Thanks. There are a couple of suggestions there I hadn't thought of. I didn't realize that Eudora 5.0 would import Outlook data. Presumably it still uses mbx format, which'd make it easy to get from Outlook to Eudora and thence to Pegasus. (I dislike Eudora and wouldn't consider using it). Also, I hadn't thought about using IMAP, probably because I've never used it, but that would give me a way to get my original messages into Pegasus. The problem with forwarding, of course, is that the original sender and date/time are lost.

I'll keep the Eudora idea in mind, but I think I'll wait until David Harris gets around to releasing Pegasus 4.0.

That "all of your data is ours" aspect of Microsoft software is what annoys me more than anything. I hate having all of my email data in a proprietary PST file, with no convenient way of getting it out. It would have been easy enough for Microsoft to include an "Export to mbx format" choice in Outlook, but of course they don't want people exporting their data to a form that a non-Microsoft product can use.

I may download Eudora 5.1 and point it at my main PST just to see what it does. If I can get my data into Eudora, it shouldn't be any problem getting it from Eudora to Pegasus Mail. One of the things I despise about Eudora is their ad-ware option. From reading the download page, it seems that one can configure Eudora in three modes: ad-ware mode, with full functionality, but ads. Pay-ware mode, with full functionality but no ads; and Lite mode with reduced functionality and no ads. I'm not sure if Lite mode offers the PST import capability. If not, it'd be worth paying for the product just to use it as an import utility.

The other thing I wonder about is what happens when I try to import multiple PSTs with the same or slightly different folder structures. I have several archive PSTs with older data in them. I assume that Eudora would simply import the older messages into the folder with the same name that contains the newer messages, but it's worth testing first.

Of course, I don't really have time for all this at the moment. In fact, I'd better get to work now.

13:53 - The Register reports that a new worm has arrived on the scene. This one, called  Win32.Invalid.A@mm, is delivered via an email purporting to come from Microsoft technical support. The worm encrypts exe applications with a random key, rendering them unusable. It also scans HTML files in the My Documents folder for email addresses and forwards itself to addresses found there. Here is the text of the bogus email:

From: "Microsoft Support"
Subject: Invalid SSL Certificate


Microsoft Corporation announced that an invalid SSL certificate that web sites use is required to be installed on the user computer to use the https protocol. During the installation, the certificate causes a buffer overrun in Microsoft Internet Explorer and by that allows attackers to get access to your computer. The SSL protocol is used by many companies that require credit card or personal information so, there is a high possibility that you have this certificate installed. To avoid of being attacked by hackers, please download and install the attached patch. It is strongly recommended to install it because almost all users have this certificate installed without their knowledge.

Have a nice day, Microsoft Corporation

Attachment: sslpatch.exe

I checked Microsoft and Symantec's SARC for information about this new worm, but neither has anything posted yet. I'm assuming this isn't a hoax, on the theory of better safe than sorry.

I downloaded and installed Eudora 5.1. At install time, you're given no choice as to which of the three modes (ad-ware, paid-for, or lite) to install. Instead, it installs by default in ad-ware mode and allows you to change modes later. I did that, changing to the Lite version, but by that time Eudora had already scattered ad-ware programs all over my hard drive. I ran Ad-Aware, which found and deleted all 24 of the ad-ware files installed by Eudora.

Even the Lite version include the Outlook import functionality, which appears to work properly (although clicking on "Advanced" caused the program to exit abruptly.) I'm satisfied that I can use this method to transfer my existing mail files from Outlook to Eudora and thence to Pegasus Mail, once Pegasus 4.0 is available. Until then, I'll keep using Outlook 2000.

Click here to read or post responses to this week's journal entries

Click here to read or post responses to the Linux Chronicles Forum


Friday, 31 August 2001

[Last Week] [Monday] [Tuesday] [Wednesday] [Thursday] [Friday] [Saturday] [Sunday] [Next Week]
[Daynotes Journal Messageboard]  [ Messageboard]

09:06 - I got a nice royalty check yesterday from DigitalThink. A royalty check is always welcome, but it's particularly nice when it's unexpected. I wrote five MCSE on-line training courses for DigitalThink. I was annoyed when Microsoft killed the NT4 MCSE so early, and I expected the royalty flow from those courses to dry up quickly. When I got the royalty check for Q4/2000, I figured that was probably the last of the royalties on those courses. When I got the royalty check for Q1/2001, I was surprised. When I got the royalty check yesterday for Q2/2001, I was astounded. Apparently, people are still buying NT4 training courses, more than six months after Microsoft killed the NT4 MCSE track. Now, of course, I'm hoping that I'll also get a big royalty check for Q3/2001. I won't find out until the end of November, though.

Nothing much else going on around here, except work, work, work.

10:32 - It's very hard to get much writing done on Fridays. In addition to school busses, UPS trucks, people who have the nerve to walk their dogs on our street, and all the other barking interruptions that occur on a regular day, we have the recycling truck picking up garbage and the garbage truck picking up more garbage. And the dogs go berserk every time. People who don't have dogs think that barking is just a generic noise that dogs make. People who do have dogs know better. They have different barks for different things. For example, I can easily tell the difference between the "Barbara's just pulled up out front" bark and the "Here comes the mailman up the walk" bark. In fact, I can tell the difference between the "The mailman is going down the other side of the street" bark and the "the mailmain is coming down our side of the street" bark.

They bark in different pitches at different frequencies and amplitudes with varying pauses, depending on what they're barking at. After a while, one can almost understand their barking as a spoken language. For example, the garbage men just went down the driveway to empty our garbage cans. I can tell exactly what the barks mean in this case, "Bob! Bob! There are intruders out there stealing our garbage! This is an outrage! Do something! Or let me out and I'll do something about it! I'll show those damned garbage thieves not to mess with me!"

Click here to read or post responses to this week's journal entries

Click here to read or post responses to the Linux Chronicles Forum


Saturday, 1 September 2001

[Last Week] [Monday] [Tuesday] [Wednesday] [Thursday] [Friday] [Saturday] [Sunday] [Next Week]
[Daynotes Journal Messageboard]  [ Messageboard]

11:16 - I'm starting to get aggravated with our Road Runner cable-modem service. They generally do a reasonably good job of maintaining connectivity, although they have cut off our service twice in the last six weeks because they thought we hadn't paid our bill. Apparently, they've migrated to a different billing system that routinely cuts off service to people whose accounts are current in the mistaken belief that they're in arrears. 

The first time it happened, I was without service for more than a day, until I finally got through to their second-tier tech support. That guy fixed the problem immediately, and told me what had happened. He said at the time that it was happening to a lot of customers, but almost never happened twice to the same customer. Lucky me. The next time it happened, a week or so ago, the woman I spoke with swore to me that she had fixed the problem for ever and ever, so perhaps she did. At any rate, Road Runner connectivity is fine when they haven't intentionally cut off our service.

What's pathetic about Road Runner is their mail servers. I pity people who depend on Road Runner POP servers, which seem to go down about once a week. That doesn't affect us much, because we POP nearly all of our mail from our server at pair Networks. What does affect us is problems with the SMTP servers, which are just as common as POP server problems. I can live with the SMTP server going down completely, which happens more than it should. But what really bothers me is when the SMTP server is up but not working properly. Stuff we send goes into its queue, from which it may or may not actually be sent. 

The delays are bad enough. A test message I sent myself yesterday evening sat in a queue at Road Runner for three hours before it was actually sent. This even though another message I sent immediately before that was delivered in a few seconds, as was another message I sent immediately afterwards. Apparently, there's some sort of horrible Fairy Godmother on the Road Runner SMTP server, who randomly chooses messages to go through the grinder.

The obvious answer is to bring up a local SMTP server. I don't want to use Linux for that, simply because I don't know enough about Linux to depend on it for critical functions, and because I'd never be entirely sure that a Linux box at the border of my network was in fact secure. My friend Roland Dobbins offered to run a scan on meepmeep, my Road Runner gateway box, the other day. His conclusion, in part, was "Not bad, for a Windows box", which is about the best I could hope for.

Right now on meepmeep, I use WinGate's TCP Mapping Service to route requests on Port 25 to the Road Runner SMTP server. I suppose it would be easy enough to install David Harris's Mercury/32 MTA on meepmeep and use it to provide local SMTP functions. The Novell version of Mercury requires a smart mailer, but the Win32 version is an end-to-end SMTP server, which would likely suit our needs. The only reason I haven't done it yet is that I'm loathe to break something that's working. But perhaps I'll do that. I can't take much more of Road Runner's poor SMTP service.

Installing an SMTP server isn't something that I'd ordinarily think of as a quick Saturday-morning project, but I may give this a try. I installed Mercury/32 on ursa (my den system) last night just to play with it. It seems straight-forward enough, at least for someone with a basic understanding of TCP/IP and SMTP. I'll configure it as outbound-only, both to prevent any possibility of it being used as an open-relay server and to prevent any SMTP security exploits. If the server isn't listening on the WAN interface, it'd be pretty hard for anything to abuse it. Before I do anything to WinGate, however, I'll make sure to back up my configuration. Just for belt-and-suspenders purposes, I'll also take screen shots of each of the TCP Mapping configuration screens. That way, I should be able to get back to where I am now if everything goes horribly wrong with Mercury/32. But if I'm never heard from again, you'll know what happened.

I ran the monthly web stats this morning. We did a bit more volume this month than last. Pournelle's web stats are still running as I write this, but I have no doubt that he did two or three times my numbers, as usual.

14:52 - It took me literally five minutes to get the Mercury/32 SMTP server set up and configured on meepmeep, and it appears to be handling mail just fine. Of course, now I'm afraid I've let some gaping security hole on my gateway machine, but I can probably sweet-talk Roland Dobbins into doing another scan for me. 

I chose the most restrictive relaying option of the three available. The default option sounded as though it would be secure enough, but it wasn't clear to me whether it would permit relaying only by members of my local domain (that is, of the domain on the LAN side of dual-homed meepmeep), or by members of the local domain on the WAN side, which is to say or even So, to be safe, I chose the option that allows only approved users to relay. That required only one entry in the permit/deny table, to permit any machine/user using my local network number, which is a private network number. Presumably Road Runner has their routers filtering private numbers, although one can never take that for granted these days. The only other change I made was to point the DNS server to my DNS server at pair Networks rather than using the pathetic Road Runner DNS servers, which tend to go down when their mail servers do.

At any rate, Mercury/32 works. Seems like a good solution for anyone who's Windows-centric and wants a local SMTP server. It'll be nice to be able to send mail without counting on Road Runner's pathetic mail servers.

Click here to read or post responses to this week's journal entries

Click here to read or post responses to the Linux Chronicles Forum


Sunday, 2 September 2001

[Last Week] [Monday] [Tuesday] [Wednesday] [Thursday] [Friday] [Saturday] [Sunday] [Next Week]
[Daynotes Journal Messageboard]  [ Messageboard]

09:25 - Mercury continues to work fine. I used Steve Gibson's ShieldsUp to probe the ports on my gateway system, which it reports as closed. I'm reasonably comfortable that I haven't left any gaping security holes open. And it is nice to have a local outbound mail server.

Laundry and house cleaning today. Barbara pointed out that I had the den littered with boxes of tape drives. Oh, well. Now my office has stacks of tape drives, with more due in shortly. And I have to test these things, which means my network is going to end up backed up better than the average network. 

One thing I can't figure out is why none of the mainstream tape drive manufacturers produce an ATAPI DDS drive. DDS drives are a lot more reasonable in price than they were a year or two ago. You can now buy a DDS-3 (12/24 GB) drive for little more than $600, but they're all in SCSI. There's absolutely no technical reason why DDS drives couldn't be produced with an ATAPI interface, and in fact one small manufacturer whose name escapes me has in fact produced an ATAPI DDS drive.

If Seagate, Sony, or one of the other mainstream makers produced an ATAPI version, they could afford to sell it for a lot less than $600. Not because ATAPI is all that much cheaper than SCSI to produce, but because ATAPI drives would sell in much higher volumes. A DDS drive is always going to sell for more than a Travan drive, because the DDS drive requires much tighter tolerances. But I could see even DDS-4 (20/40 GB) ATAPI drives selling for less than $400 once production ramped up. And at that price point, they'd put Travan out of business. With DDS-3 tapes selling for $8 each, there's no way that $35 Travan TR-5 tapes could compete.

With hard drive capacities at 100 GB+, the cost of tapes becomes a critical issue. A decent backup rotation, even for a workstation, requires an absolute minimum of four tape sets. Six tape sets is a lot better, and ten sets is by no means excessive. Even at one tape per set, the cost of Travan tapes means that the total cost of a Travan solution approaches or exceeds that of a DDS solution. When each tape set requires two or more tapes, the lower cost of DDS tapes swamps the lower cost of Travan drives. It's like the old Fram oil filter commercial, "Pay me now, or pay me later."


Click here to read or post responses to this week's journal entries

Click here to read or post responses to the Linux Chronicles Forum



Copyright © 1998, 1999, 2000, 2001, 2002, 2003, 2004 by Robert Bruce Thompson. All Rights Reserved.