In Dynamic DNS with 1&1, I wrote about how I host a site on a server with a dynamic IP address (such as a server on a typical home connection).

The shortcomings of the 1&1-based service:

• No IMAP access to e-mail. 1&1 only provides POP access (no SSL, either). POP is no good for multiple points of presence (checking mail from a phone would interfere on the “headless” downloading of mail at home).
• Very limited number of subdomains. Ridiculously, 1&1 only provides for 5 subdomains per 1&1 account (not per domain, per 1&1 account).

The above was written before Google Apps For Your Domain became widely available. 1&1’s $8.99 is still the cheapest registration out there – it gets you one year of registration with private WHOIS registration included. Other closely-priced offerings charge extra for the private WHOIS registration. With Google Apps, e-mail and DNS services can be separated from the low-cost 1&1 domain registration:

• MX records can be pointed to Google Apps
• DNS can then be delegated elsewhere to any of the numerous FreeDNS services (I will likely select http://freedns.afraid.org/, Namecheap, or maybe EveryDNS – recommendations are welcome).

Today we talk about configuring a home Linux system for use with Google Apps for e-mail in a way that still provides for web-based access to the same e-mail account (home download of e-mail shouldn’t cause mail to appear as “read” by the webmail client).

Getmail

I like getmail for mail download. It is an easy-to-configure alternative to fetchmail. Google provides the bare-bones “Configuring other mail clients”, but leaves it to you to figure out the exact configuration. Create a $HOME/.getmail/getmailrc:

[retriever]
type = SimpleIMAPSSLRetriever
server = imap.gmail.com
port = 993
username = username@gmail.com
password = #####
mailboxes = ('I',)

[destination]
...

[options]
read_all = False
delivered_to = False
delete = True

The interesting bits:

• I set up the Gmail account with a filter that adds the “I” label to all incoming e-mail (the e-mail I want to eventually download with getmail).
• getmail is configured to download mail from the “I” folder (Gmail labels are IMAP folders).
• getmail is configured to delete read mail. Gmail treats an IMAP delete as an “unlabel” operation (mail isn’t actually deleted unless it is moved to the “Trash” folder.

The result:

• getmail can download mail all day.
• The Gmail web interface can be used to read mail without confusing getmail about what has been seen and what has not been seen. Furthermore, normal Gmail filters can be used independently of getmail (as long as the magic “I” labeling is not interfered with).
• As a side-effect, the presence of the “I” labels is a visible indicator of getmail activity.

Postfix

For outbound mail (SMTP), most Linux (and Mac OS X) systems will use postfix. ISPs will direct you to use their SMTP servers. This is fine, but one loses the nicety that sent mail will not appear in the Gmail “Sent Mail” folder. Getting this kind of clean integrated “Sent Mail” behavior requires that outbound mail go through Google’s SMTP servers.

In /etc/postfix/main.cf:

relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_security_options = noanonymous
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_password
smtp_use_tls = yes
smtp_tls_CAfile = /etc/ssl/certs/Thawte_Premium_Server_CA.pem

In /etc/postfix/sasl/sasl_password:

[smtp.gmail.com]:587 username@gmail.com:password

Update and restart postfix:

sudo postmap /etc/postfix/sasl/sasl_password
sudo /etc/init.d/postfix restart

The next project is to get DNS set up somewhere to work around 1&1’s pesky 5-subdomain limit.

I still use mutt for reading my e-mail. I’ve tried other stuff (Thunderbird, Entourage, Gmail), but the thing I can’t get over is the text editing. There are certainly things that aren’t as nice as graphical mail clients, but I do get by:

• PuTTY/iTerm and/or urlview/urlscan give me easy access to hyperlinks.
• Attachment viewing is a keystroke away.
• LDAP integration at work provides tab-completion on names and e-mail addresses.

In all other respects – mail filtering (procmail), editing, quick scanning, etc. – mutt wins hands down.

The one deficiency is a decent search facility (a la Gmail); mutt “out of the box” only supports folder-based search, and doesn’t provide a mechanism for searching all mail.

Enter mu – an indexing system for Maildir-based e-mail. Indexing itself is pretty fast: at home (AMD64 1.0GHz), it took about 8 minutes to index 109857 messages (1.1GB) going back to 1993. Being Maildir-based, mu can incrementally update itself with just the new messages simply by examining file mtimes.

The rub is that all my mail was stored in mbox-format (maildir wasn’t invented yet); I had to use mb2md to convert all the mboxes over to maildirs.

Maildir’s one-file-per-message scheme is nice for lots of things because applications can create a separate set of directories with links to the actual messages to implement features like search results (such as done with mu) and tagging (a.k.a. “virtual folders”).

The maildir format is bad for things like backup and other applications where it would be convenient to have fewer files to manipulate. Individually compressing many small files loses any benefit from compressing a large concatenated stream of files. Maildir filenames contain a ‘:’ character, which makes them un-copyable to a Windows machine (such as for backup).

Pause while laughter subsides.

I am a fan of the Logitech “marble” mice. The latest generation is the Trackman Marble Mouse (preceded by the “Optical Marble Mouse” and the “Marble Mouse”, all of which I’ve used and have loved).

The ergonomics are great:

• The trackball form factor means a fixed footprint. This is important for keyboard tray users, since “footprint space” is more limited.
• The “marble” design means manipulation with many fingers or the whole hand, and clicking with a more natural “grasping” motion with the biggest, strongest finger: the thumb. This is better than other so-called trackballs with smaller balls designed to be manipulated with just the thumb or one finger (and with buttons that require the traditional clicking motion).
• The symmetric design means rightie or lefty use. “Lefty” use is especially important for users of traditional keyboards with numeric keypads to the right.
• The smaller buttons are programmable. I program them as “PgUp” and “PgDn” keys, which provides equivalent functionality to, and faster use than, the small “scroll wheel” buttons found on many mice (which are also very ergonomically bad).

The only bad thing about these trackball mice is that they are bad for gaming (which I no longer do).

I had a problem with mine a few days ago (plugged into a MacBookPro) where the mouse cursor would just freeze at seemingly random times, with recovery requiring an unplug/replug of the mouse, or sometimes even a reboot of the whole computer.

With a coworker, we quickly narrowed the problem down to the mouse itself (we swapped mice and the problem moved with the mouse). Furthermore, the coworker discovered that recovery was much more conveniently achievable by simply popping out the “marble” and putting it back in.

This was almost acceptable, but I went ahead and called Logitech Phone Support to see about getting a replacement, just to see what would happen. The support representative told me he hadn’t heard of my problem before, but he gave me some “device reset” instructions:

1. Unplug the mouse from the computer.
2. Hold down both buttons for 90 seconds.
3. Release both buttons.
4. Plug the mouse back into the computer.

Voila! I haven’t had any more mysterious problem since! The tech support experience was great:

• After navigating a phone tree to enter my mouse model and operating system, I was speaking to a representative within 15 seconds.
• I did not get the standard script of rebooting the computer, unplugging/replugging the mouse, etc.

My only gripe is that the device-reset instructions should be available on the product support page; it would have saved all of us a phone call.

My MacBook Pro has been gradually taking over primary-computer-and-storage responsibilities (photos, music, web browsing, etc.). The laptop gets periodically backed up to my main always-on Linux server.

One side effect of the Mac-ification of my life is that my music collection became iTunes-ified. To get my Windows machine into the program, I had to throw out Winamp and install iTunes for Windows.

I started importing all the music into the Windows iTunes, but then realized I’d have to do a re-import every time I added more music. What a drag. Then I noticed that the Windows iTunes was displaying the MacBook under “Shared Music”. That was when the light bulb went on – I should be able to set up an iTunes server on the Linux machine. Then the Windows machine could just remotely play everything and automatically stay up to date with no import pain, since the Linux machine gets a direct backup of everything.

Enter Firefly Media Server (formerly known as mt-daapd). All my research indicated I’d have to download and compile stuff from Apple, ugh. But those articles were all at least 3 years old. Forging ahead:

% aptitude install mt-daapd

I started the ornerous task of dealing with Rendezvous.tar.gz from Apple when out of the corner of eye, I noticed that everything was already working, playlists and all!

Quite possibly my least-painful Linux experience ever.

Unfortunately, mythmusic on the MythTV machine lacks a DAAP client, so I’m still stuck synchronizing files over (and using mythmusic’s horrible GUI). Ideally I’d set it up to look like an AirPort Express with AirTunes so that I can push my laptop iTunes to the living room speakers, but apparently there is some still-uncracked encryption involved that prevents this from being a reality.

I bought the TRENDnet TEW-432BRP 802.11g router and wireless access point today. I am probably the last person in the world to finally upgrade from 802.11b to 802.11g.

The motivating reason is my 6-year-old wireless router doesn’t support PPTP VPN passthrough (PPTP is the little-used VPN protocol used at my work). At this point in time, an 802.11g wireless access point is hardly blog-worthy. But these are the blog-worthy points:

• The power supply is the same powerstrip-friendly size as a cell phone charger; the plug only takes up one slot. FINALLY! That alone makes it a winner right there. The palm-sized router itself is also small. The Linksys WRT54G power supply still takes up three slots.
• Only $3.00 at CompUSA this Columbus Day weekend, assuming all the mail-in rebates come through ($20 and $17 from CompUSA and TRENDnet). The purchase price of $40 is still cheaper than the normal $50 one pays for the Linksys WRT54G.

Other notable geek-friendly features:

• It supports port-mapping. This means the router can be configured to expose SSH on some random port to the outside world, but forward those incoming connections to port 22 on my SSH server. Most home routers (like the Linksys WRT54G) only support basic port forwarding, where the public and private port must be the same.
• Mixed-mode 802.11b/802.11g operation appears to work fine (I still have some 802.11b stuff running at home), and they don’t get in each other’s way. The Linksys WRT54G kept hanging when both types of devices were in operation at the same time.
• It is theoretically hacker-friendly, being theoretically capable of running OpenWRT firmware. The new-generation Linksys/Cisco WRT54G models (all you can find at BestBuy, Office Depot, etc. these days) cannot run OpenWRT.

Update(s):

• Dec 16 2007: $20 rebate check arrived.
• Jan 2 2008: $17 Visa pre-paid debit card arrived.

Woo-hoo!

My browsing environment has been Google-fied. My first four Firefox tabs are now:

• Gmail
• Google Calendar
• iGoogle
• Google Reader

Google Reader finally wins after a long love-hate relationship with Bloglines. Google Calendar completely blows away Yahoo! calendar, and from there it was a simple step to switch away from Y! Mail to Gmail for Calendar and Maps integration.

I tried to resist, but I’ve now succumbed.

Three three major tax software providers (well, the three that I know about) all offer desktop software (download or CD purchase) and online services of their products. For a package including one federal return and e-file, and one state return, all three encourage people to go online (or discourage people from staying at home, depending on how you look at things).

Note: This is not meant to be a price comparison between the three vendors; only a price comparison between each vendors’ individual products. The market being what it is, the bundling of services inevitably vary from vendor to vendor.

Buying a CD incurs material costs over downloading software, but why does downloading software cost more than using an online service? It costs money to maintain an online service, and it costs money to store your information from year to year.

To be sure, it is probably worth some money to know exactly how people are using the products (which forms are most popular, which interview questions seem to take the most time, etc.), for the purposes of improving the product and gaining an edge over the competition.

However, the tin-foil-hatted paranoid in me also knows that it is definitely worth a lot of money to know the tax situations of the people using the products. One needs only to consider the value of a list of e-mail addresses (or even physical addresses and social security numbers!) of people in some ZIP code who are married, self-employed, holding multiple pieces of property, with some specific number of children of a certain age, and earning above some certain amount of money (all inferred from information in the tax return).

Even if 2nd Story Software, Intuit, and H&R Block never sell or give out this information, what happens when the companies hit bad times and go belly up on the auction block? I’m sure this data would be worth a lot on its own, outside of the actual tax software and service products. And then there is always the risk of some kind of security breach like another stolen employee laptop, or hacked server, or whatever the breach du jour happens to be.

There is an older writeup of TaxACT here.

Update: the unstated but obvious fact is that using an “online” service for filing means that there is yet one more party storing your tax records, which is one more party able to lose/release your data.

Since becoming Mac-enabled, I had become Workrave-less. I finally found AntiRSI, a similar program for the Mac. It doesn’t appear to keep a history of keyboarding and mousing activity (no more pretty graphs of office productivity), but it does provide smart reminders to take breaks every now and then, so it gets the job done.

And because it’s written natively for Mac, I have to admit that the eye-candy is much nicer than that of the relatively plain-Jane Workrave for Windows and Linux.