rob_au's Journal http://use.perl.org/~rob_au/journal/ rob_au's use Perl Journal en-us use Perl; is Copyright 1998-2006, Chris Nandor. Stories, comments, journals, and other submissions posted on use Perl; are Copyright their respective owners. 2012-01-25T02:13:59+00:00 pudge pudge@perl.org Technology hourly 1 1970-01-01T00:00+00:00 rob_au's Journal http://use.perl.org/images/topics/useperl.gif http://use.perl.org/~rob_au/journal/ Phrase guaranteed to freak out any developer http://use.perl.org/~rob_au/journal/20181?from=rss The phrase guaranteed to freak out any developer and which certainly had this effect on me when it was said to me in a phone call from my boss over the weekend - "<code>$(BIG_CORPORATION)</code> wants to take some of your code and play with it with view to incorporating it into their <code>$(VERY_BIG_PORTAL)</code>". rob_au 2004-08-02T10:35:54+00:00 journal Looking for a System Administrator http://use.perl.org/~rob_au/journal/19915?from=rss <p>Whilst not entirely a perl position, this placement may be of interest to people who read this journal (both of you). If you are interested in this position, or know someone who might be, please let me know.</p><p><a href="http://www.mycareer.com.au/jobseeker/job/viewjob.aspx?jobid=2607800">http://www.mycareer.com.au/jobseeker/job/viewjob.aspx?jobid=2607800</a></p> rob_au 2004-07-19T04:25:19+00:00 journal I have proof ... http://use.perl.org/~rob_au/journal/19401?from=rss I have proof that I have been doing too much work with SOAP::Lite - I have started to incorporate chained methods into my own code! rob_au 2004-06-21T06:16:54+00:00 journal CPAN Ratings for SOAP::Lite http://use.perl.org/~rob_au/journal/19334?from=rss <i>Whatever you do, *DON'T* look at the code if you can help it! This is the hardest to read CPAN module I've ever seen. It borders on Perl Golf complexity in places. I've spent the last few months working closely with SOAP:Lite -- at first I craved to rewrite it, but now I wouldn't dare. The author, Paul Kulchenko, is either a genius or a madman. Probably both, I'd guess. </i> <p>From <a href="http://cpanratings.perl.org/d/SOAP-Lite">http://cpanratings.perl.org/d/SOAP-Lite</a><nobr> <wbr></nobr>... Sadly however, it was too late, I have already been tainted by looking at the code and teter ever closer to insanity<nobr> <wbr></nobr>:-)</p> rob_au 2004-06-18T00:31:41+00:00 journal SOAP and WSDL http://use.perl.org/~rob_au/journal/19315?from=rss <p>I know that there are issues with WSDL support in SOAP::Lite; I have spent much time previously working with or around the issues with WSDL support in SOAP::Lite; I have cursed and moaned about WSDL support in Perl previously<nobr> <wbr></nobr>... Yet when I want to test a new component of the web service under development, I still start typing <code>perl -MSOAP::Lite -le 'print SOAP::Lite-&gt;service("http://...</code> only to be bitten by WSDL support bugs once more<nobr> <wbr></nobr>...</p><p>I really can be a moron sometimes.</p> rob_au 2004-06-17T06:11:10+00:00 journal SSH http://use.perl.org/~rob_au/journal/19171?from=rss Using authorised keys for SSH is such a wonderful thing<nobr> <wbr></nobr>... except when you're not on your own workstation and have to remember your password. rob_au 2004-06-10T00:45:55+00:00 journal Not happy Jan ... http://use.perl.org/~rob_au/journal/18366?from=rss A tree in my front yard has fallen on my car<nobr> <wbr></nobr>... Not happy. rob_au 2004-04-17T07:21:42+00:00 journal Scratch that ... XML Hell Continues http://use.perl.org/~rob_au/journal/17853?from=rss SOAP::Lite seems to want to add my authentication header to the body of my SOAP request<nobr> <wbr></nobr>... fun<nobr> <wbr></nobr>... rob_au 2004-03-11T06:52:51+00:00 journal XML Hell http://use.perl.org/~rob_au/journal/17851?from=rss Well, I think I have finally figured out this whole WSDL thing and have successfully got a service description in place for our development web services and have got both Perl and PHP clients happily talking to them<nobr> <wbr></nobr>... Now to consider writing some sample clients in other languages<nobr> <wbr></nobr>... rob_au 2004-03-10T22:41:57+00:00 journal Using Apache::SOAP http://use.perl.org/~rob_au/journal/17836?from=rss Note to self - Always, always, always compile apache with <code>--disable-rule=expat</code> if you want to use <code>Apache::SOAP</code> without segmentation faults. rob_au 2004-03-10T00:15:21+00:00 journal Ominous http://use.perl.org/~rob_au/journal/17372?from=rss Everything appears to be running well, the servers appear to be behaving themselves, there are no critical outstanding issues on the board<nobr> <wbr></nobr>... So, why do I have this ominous feeling that something is wrong with the servers and application installs? It's just that it's quiet, a little too quiet<nobr> <wbr></nobr>... rob_au 2004-02-12T11:30:35+00:00 journal Stupid advertising http://use.perl.org/~rob_au/journal/17354?from=rss I don't get why a radio station called "<a href="http://www.fox.com.au/">FOX FM</a>" is using a big, fat animated hippopotamus in their current round of television advertising. There must be something wrong with me<nobr> <wbr></nobr>... rob_au 2004-02-11T09:59:24+00:00 journal Finally! Some luck ... http://use.perl.org/~rob_au/journal/16836?from=rss Some things are finally going my way with the current project that I am working on<nobr> <wbr></nobr>... Rollout is proceeding nicely now and things appear to be working entirely as expected<nobr> <wbr></nobr>... *knocks on wood* rob_au 2004-01-15T12:02:14+00:00 journal iTunes http://use.perl.org/~rob_au/journal/16797?from=rss Quite simply, it rocks! rob_au 2004-01-13T07:12:36+00:00 journal DBD::mysql gripe http://use.perl.org/~rob_au/journal/16791?from=rss This journal entry is simply a gripe, nothing insightful or interesting.<p> When using DBD::mysql, if you specify the host to connect to as localhost, the driver attempts to connect via the UNIX socket by default rather than the localhost TCP connection - This is annoying because it created an error which I had to fix during a code rollout. If I wanted to connect via the UNIX socket, I would have specified it by way of the <code>mysql_socket</code> directive in the DSN.</p><p> Feeling much better now<nobr> <wbr></nobr>...</p> rob_au 2004-01-13T00:37:56+00:00 journal Linux 2.6.0 Changelog http://use.perl.org/~rob_au/journal/16408?from=rss <code>- khttpd is gone.</code> <p> Hooray for sanity!</p> rob_au 2003-12-18T21:40:27+00:00 journal Working not for profit http://use.perl.org/~rob_au/journal/16037?from=rss <p>We all have clients like this - They only call once or twice a year and generally their computer problems are relatively straight-forward and can be solved in under an hour with a bit of determination.</p><p>Last night, I went out to help one such client - The client was a lovely couple who needed an updated version of their anti-virus software installed. Over the last few years of looking after this couple's computer system, I have come to view these people as friends and have always found it hard to justify charging them for my visits, in spite of the work performed. Yet this has always been a sticking point between us - They always insist on paying me for these visits, despite the friendship which has grown between us over this time.</p><p>I did however last night come up with a nice solution for this in passe which may be of interest to others with such clients - I again refused payment for the computer work carried out, but suggested that if they feel so compelled, the couple should make a donation to the <a href="http://www.rch.org.au/">local children's hospital</a>.</p><p>This suggestion was warmly welcomed and thus everyone wins.</p> rob_au 2003-11-27T10:35:06+00:00 journal C development tip http://use.perl.org/~rob_au/journal/15732?from=rss Probably old-news to many people around here, but a really useful utility which I have found to help me while developing in C is the successor to LCLint, <a href="http://www.splint.org/">Splint</a> - I installed this package yesterday on my development box and have immediately been able to lift the quality of my code and incorporate better testing procedures for what I am working on. rob_au 2003-11-12T21:16:04+00:00 journal GNU mailutils http://use.perl.org/~rob_au/journal/15529?from=rss I have been exploring this package in some depth over the last few days and have been quite impressed with the library of functions which it provides for handling mail messages. I have however come across a number of elements of the documentation which appear to be lacking, specifically relating to the employ of the mailer, message and stream sets of functions, and have yet to be able to get this package to build on Mac OS X.<p> Does anyone know of any reference other than the documentation supplied with the package which covers this library of utilities in detail?</p> rob_au 2003-11-03T11:33:32+00:00 journal Free trade agreements http://use.perl.org/~rob_au/journal/15357?from=rss With the visit of George W. Bush to Australia, there has been much talk of the specifics of a potential free trade agreement between Australia and the US. The top concerns of the Australian and US leaders appear to be agriculture and intellectual property respectively.<p> Whilst I can appreciate the importance of agriculture to Australian exporters, I must say that I do hold some concerns as to what rights relating to intellectual property will be traded by the Australian government in order to secure an advantageous position relating to agricultural trade - Over the past decades, too much of the research and development work carried out in Australia has been sold outright to overseas interests, unable to acquire commercialisation support locally. This situation has however been changing and there is a quite vibrant intellectual community in Australia coming up with some quite ingenious products. Australia may be a great agricultural exporter, but it has great potential to offer so much more - I would hate to see this segment of the Australia business and academic community loosing out or being hampered in their development effects as a result of this free trade agreement.</p> rob_au 2003-10-23T21:56:08+00:00 journal Freshmeat Article Posted http://use.perl.org/~rob_au/journal/15170?from=rss The article which I have written on the challenges facing email verification systems along with some addition directions for development of such systems has been posted on <a href="http://www.freshmeat.net/">Freshmeat</a> - For those who are interested, the article can be found on Freshmeat <a href="http://freshmeat.net/articles/view/1007/">here</a>. rob_au 2003-10-11T08:06:18+00:00 journal Processing Issues faced by Email Verification Systems http://use.perl.org/~rob_au/journal/15110?from=rss Following the distributed and coordinated attack on anti-spam service providers over the last month, this journal post is intended to provide an overview of one such attack on the company which I work for, Bluebottle, an email verification technology company, and highlight the core challenges faced by email verification systems in handling email.<p> Over the last month, the Internet community has been witness to the cessation of services by a number of anti-spam providers as a result of continual forged email and denial of service attacks. The most notably of these service closures was that of <a href="http://www.osirusoft.com/">Osirusoft</a>, distributor of one of the larger open-relay blacklists, which resulted in operator Joe Jared adding a blacklist for &#8216;the world&#8217; in order to highlight the problem facing this service. Following the closure of this service, a number of other anti-spam providers, including monkeys.com and compu.net, have been similarly targeted resulting in service cessation. </p><p> Recent reports from Steve Linford of anti-spam services provider <a href="http://www.spamhaus.org/">Spamhaus</a>, suggest a correlation between the source of these denial of service attacks and Windows machines infected with the SoBig virus. Similar observations have been made by Matt Sergeant of message services provider <a href="http://www.messagelabs.com/">MessageLabs</a>, who reported that the profile of denial of service attacks against anti-spam services appears to match that of machines infected with the SoBig virus.</p><p> The effect of this concerted effort against anti-spam service providers has also been experienced by email verification technology company Bluebottle (<a href="http://www.bluebottle.com/">http://www.bluebottle.com</a>).</p><p> Email verification, also known as challenge response, is an anti-spam technique which requires the original sender of an email message to reply to a one-time challenge issued by the mail recipient prior to the delivery of email. The original email message is only delivered to the mail recipient following the successful fulfilment of the details of the challenge request. This challenge may take the form of necessitating the original sender to reply to a specific email address, click on a web link or supply additional information about the intended mail recipient. </p><p> This approach to protecting mailboxes against spam however has not without criticism &#8211; Some of the major criticisms oft made of email verification systems are that of the additional mail traffic generated by verification requests, the likelihood of misdirected verification requests and placing of an additional burden on the mail sender in order to ensure delivery. </p><p> Such concerns regarding email verification are valid and indeed great care must be taken when implementing an email verification system to ensure that the best principles for such systems are adhered to &#8211; These principles are outlined in the paper &#8220;Proper principles for Challenge/Response anti-spam systems&#8221; (<a href="http://www.templetons.com/brad/spam/challengeresponse.html">http://www.templetons.com/brad/spam/challengeresponse.html</a>) by Brad Templeton, Chairman of the Board of the Electronic Frontier Foundation (EFF) and include:</p><ul> <li>Ensuring that the action(s) required in order to fulfil the verification request are easy to complete and accessible to all users.</li><li>Ensuring that a verification request is never sent to a reply of a private message originally sent by the user employing email verification.</li><li>Avoiding verification requests being sent in response to public messages such as those received via mailing lists or newsgroup gateways.</li><li>Avoiding the issuing of verification requests in response to error messages and other verification request.</li><li>Provision of the means by which users can regularly check to see what messages have been held for delivery pending verification.</li></ul><p> Such concerns had been considered and incorporated into the Bluebottle product which additionally incorporated tagged addresses, similar to those employed by the Tagged Message Delivery Agent (TMDA) (<a href="http://www.tmda.net/">http://www.tmda.net</a>), for the handling of verification requests and error mail identification.</p><p> The result has been an anti-spam system that has proven to be highly effective at protecting mail accounts in manner minimising false-positive attribution of mail messages as spam and recognising the fundamental issue with spam being consent rather than content.</p><p> This in turn has appeared to make Bluebottle a target for attack over the last two months by individuals and groups of individuals intent on creating havoc for providers of anti-spam services. This attack took on a similar form to that employed against monkeys.com and compu.net and in turn resulted in ignorant administrators similarly blocking legitimate mail from Bluebottle users as a result of spam sent using forged and non-existent Bluebottle addresses.</p><p> This type of attack is known as a &#8220;joe job&#8221; whereby the spam message is fashioned to appear that it originated from an alternate source. This term originated from an attack on Joe Doll, proprietor of Joe&#8217;s Cyberpost (<a href="http://www.joes.com/">http://www.joes.com</a>) &#8211; This web site, first online in 1994, had offered free web pages to any user who agreed to abide by the rules of conduct which included &#8220;good netiquette when publicising your page&#8221;. In 1996, after terminating a users&#8217; account for the sending of unsolicited messages to newsgroups and email recipients, Joe Doll found that a large number of mail messages were being sent in a manner which made it appear that it originated from his web site. The result was that Joe Doll was inundated with complaints from newsgroups and email account holders and was eventually targeted in a Denial of Service (DoS) attack over a period of ten days &#8211; Further details on this attack on Joe&#8217;s Cyberpost can be found at <a href="http://www.joes.com/spammed.html">http://www.joes.com/spammed.html</a>.</p><p> As a result of the manner by which attack is fashioned in addition to all unsolicited email sent to email recipients appearing to be from Bluebottle, all bounce messages from undeliverable addresses are similarly returned to the Bluebottle mail servers. This combined with the roll that tagged addresses play in the Bluebottle email verification system lead to a scenario where significant delays were encountered in normal mail delivery. </p><p> This number of bounce messages returned to the Bluebottle mail servers and the load which this placed on normal mail processing became so great that eventually Bluebottle was required to disable all mail verification on user accounts in order to allow the delivery of normal mail in a timely fashion. </p><p> This incident highlights the core issue faced by email verification services &#8211; The requirement to balance the cost of processing mail messages in a timely and centralised fashion whilst still ensuring that the best principles associated with email verification implementation are adhered to. In the instance of Bluebottle, where the message load was increased as the result of a concerted effort by those intent on interfering with the operations of anti-spam providers, the time cost of processing these messages was too great to bear &#8211; The result was an untenable situation where Bluebottle was faced with either delaying normal user mail by unacceptable standards or disabling email verification. The latter of these options was chosen in order to ensure that whilst potentially allowing unwanted and unsolicited messages, Bluebottle users could also receive their normal mail messages in a timely fashion.</p><p> From this incident however comes a better understanding of the Bluebottle technology and product. Development work is currently being performed to improve the structure of the Bluebottle email verification technology and provide a more scalable platform upon which a consent-based spam protection system can be based. With the level of unsolicited and unwanted mail messages on the Internet growing, such an understanding of email verification technology will be critical for any consent-based spam protection system to succeed.</p> rob_au 2003-10-07T22:51:33+00:00 journal Wishlist fulfilled http://use.perl.org/~rob_au/journal/15066?from=rss Following on from <a href="http://use.perl.org/~rob_au/journal/15040">my last journal entry</a> where I mused over my need for the ability to modify the sender address of the envelope of a mail message with Sendmail, I have a solution - In spite of <a href="http://use.perl.org/~rob_au/journal/14785">my own misgivings regarding my ability to develop in C</a>, I have added the ability to set (modify) the sender address of a message envelope with Sendmail via the milter interface. Now to get approval to release this as a patch back to the sendmail project<nobr> <wbr></nobr>... rob_au 2003-10-05T10:19:11+00:00 journal Sendmail wishlist http://use.perl.org/~rob_au/journal/15040?from=rss I really wish that sender addresses in message envelopes could be modified with sendmail via the milter interface (akin to the smfi_addrcpt and smfi_delrcpt message modification functions).<p>Does anyone know of any hacks which implement this functionality?</p> rob_au 2003-10-03T12:41:10+00:00 journal Freshmeat submission http://use.perl.org/~rob_au/journal/15030?from=rss The last few weeks have been quite hellish for me as our mail servers and email verification service has been under a denial of service attack. I have recently received approval from my employer to write up an overview of these events for the open source community and submitted this over at Freshmeat. Hopefully it will be published there so that others can garner a better understanding of email verification technology and the issues faced by this spam protection technology. rob_au 2003-10-03T02:58:32+00:00 journal Development work in C http://use.perl.org/~rob_au/journal/14785?from=rss After having spent the last two days writing a heap of code in C to address performance issues, it struck me, I should really learn C properly one day. I saw this every time I have to do some C development work, but do I ever actually then sit down with a book and do some solid reading<nobr> <wbr></nobr>...<p> C'est la vie</p> rob_au 2003-09-19T12:50:16+00:00 journal Remember ... http://use.perl.org/~rob_au/journal/14572?from=rss When you drop and reload a database, all of the information in this data store which you have not backed up will be lost<nobr> <wbr></nobr>... This is an important thing to remember<nobr> <wbr></nobr>:-)<p> This realisation came after staring blankly at my terminal screen trying to figure out why some of my development tests dependent upon certain database records were failing.</p> rob_au 2003-09-08T11:05:04+00:00 journal Limitations of DBD::PgSPI http://use.perl.org/~rob_au/journal/14379?from=rss I have figured out why I was getting a number of unpredictable errors from backend classes employed as part of a plperlu function for PostgreSQL - The DBD::PgSPI database driver only supports a single connection! Trying to create a secondary connection to the database seemed to be causing very nasty things to happen.<p> What a headache it caused trying to figure out this one! Hopefully, this will be of use to others working with PostgreSQL.</p> rob_au 2003-08-29T05:00:01+00:00 journal Please, please, please http://use.perl.org/~rob_au/journal/14049?from=rss For all that we love about Perl, please, please, please check return values when calling functions and object methods. And if writing such code, please incorporate differing return values based upon execution success.<p><nobr> <wbr></nobr><code>/me returns to code maintenance and debugging</code></p> rob_au 2003-08-12T02:46:02+00:00 journal plperl triggers http://use.perl.org/~rob_au/journal/13891?from=rss Roll on the time when I can write triggers in Perl for PostgreSQL - This is probably the only element missing from the embedded plperl/plperlu solution provided by PostgreSQL. rob_au 2003-08-04T15:10:17+00:00 journal