Block outgoing email for a Direct Admin user

cPanel has a mechanism to completely suspend outgoing email for an account, which is useful when there’s a bunch of spamming going on. Particularly contact form spam when the admin of a site can’t or won’t disable or secure the form.

--
 root@host [~]# whmapi1 suspend_outgoing_email user=spamalot
 metadata:
   command: suspend_outgoing_email
   reason: OK
   result: 1
   version: 1

I have a stupid Joomla site that I keep around mostly to have a “stock” Joomla for comparison purposes. Everyone knows Joomla has a frequently abused contact form, so I don’t want this Direct Admin account to be able to send out email at all.

It’s possible to suspend outgoing email for an entire DA account. Log in as the admin user on the admin level, then go to

Dashboard -> Server Manager -> Adminstrator Settings -> Email Settings (tab)

You’ll see “ADD TO BLACKLIST” at the bottom. Click that, then enter in the DA username. Click “Add”

Save, then you’ll see the DA user has been blacklisted from sending email.

Try to send an email from the Joomla contact form and click the checkbox to send yourself a copy, this is what’ll be in the email log.

2021-02-27 18:19:55 1lG9oR-0003T6-My => blackhole (non-SMTP ACL discarded recipients): User account (crack) is not allowed to send emails.  Script delivery blocked via /etc/virtual/blacklist_usernames

And there’s the user in this blacklist:

[root@miss]# cat /etc/virtual/blacklist_usernames
crack:1614304356

That number string is just the UNIX timestamp.

Automatically share mps-youtube activity to a website

Since I’ve been working from home, I’ve been using mpsyt as a command line player for music from YouTube. Revived a 2008 HP Mini netbook with Lubuntu as an auxiliary machine and needed something really light as far as resource usage. You can configure mpsyt for audio only and it’s vastly lighter than playing videos in a browser.

After a video finishes playing, it’s automatically logged here:

anna@anna-HP-Mini:~$ tail -2 .config/mps-youtube/play_history.m3u 
#EXTINF:2251,NEON CITY - A Synthwave Mix [Chillwave - Retrowave - Synthwave]
https://www.youtube.com/watch?v=k4oeMldaqHk

Wouldn’t it be fun to post that as an embedded YouTube video on a webpage so your fellow techs can see what you’re listening to during the shift!

I made a little script to generate the embed link and update that on my server.

anna@anna-HP-Mini:~$ cat scripts/embed.sh 
#!/bin/bash

ID=`awk -F= 'END{print $2}' /home/anna/.config/mps-youtube/play_history.m3u`
YT=`echo 'src="https://www.youtube.com/embed/'`
CLOSE=`echo '"''>'`
LINK=$YT$ID$CLOSE

ssh radioshack -T "sed -i '85s#.*#$LINK#' /home/radioshack/public_html/index.php"

Then set up incron to watch the log file, running the script when it’s modified.

anna@anna-HP-Mini:~$ incrontab -l
/home/anna/.config/mps-youtube/play_history.m3u IN_MODIFY bash /home/anna/scripts/embed.sh

The script updates line 85 of index.php up on my site, the src line here.

<center><h2>
<?php
echo "server fixing music  ".date("F d Y H:i:s",
                      filemtime("index.php")); 
?>
</h2></center>
<center><iframe width="420" height="315"
src="https://www.youtube.com/embed/k4oeMldaqHk">
</iframe></center>

And this is what it looks like on my website.

July reminds me why I fled Dallas

I don’t know if I could call myself a climate change refugee, but a big part of why I quit my job in Dallas to move back to Birmingham was the intolerably hot summers. I know Birmingham is the Deep South and it’s relatively hot in the summers here. July is typically the hottest month. But more often than not, an afternoon thunderstorm rolls through and cools things down. Birmingham is tolerably hot. Dallas isn’t fit for human habitation.

I took screenshots of the forecasts for the next week or so for comparison.

Birmingham is warm.  OK, hot.  But it’s survivable.  Maybe a bit sweaty.  You’ll live.  I’ve got a couple of window units, I’m all right.  And there are lots of big trees and greenery around here, it softens the atmosphere.

Note the temperature scale on this forecast,  the top is at 90.

Here’s Dallas. 

Goodness gracious, 109 for three days straight and triple digits from then on?  And no rain in the foreseeable future?

Again, note the temperature scale.  It’s at 110.

When I lived in Dallas, I remember looking at these summer forecasts with dread.  Triple digits and no rain.  It was miserably soul deadening.

What libraries mean to me

Of course I’m referring to several libraries.  The paper library in my house and my ebook library on my server.  And the public libraries I’ve always depended on.  When I was a kid, in Sylacauga.  In college, the University of Alabama.  Then Dallas and now here in Birmingham.

Before the internet, when I was unsure of something, needed and wanted more information, I relied on my public library.

I’ve been reading a lot lately.  Reading and rereading William Gibson & Neal Stephenson of course.  Neil Gaiman and Phillip K. Dick are the latest.  Short stories if I don’t feel like getting into a novel.  And a lot of other content by many other authors, I don’t feel like listing everything.  Mostly fiction.  Some non-fiction if the mood strikes.

For my 40th birthday, I bought myself a Kindle Voyage.  I **LOVE** it.   Used a regular Kindle before, but the Voyage is so beyond the regular Kindle as far as features, particularly the backlight.  Never thought I’d be able to transition from paper to an ebook so easily, but once I did, never going back.

If you’re worried about not being able to immerse yourself into a book with a Kindle like how you do on paper, believe me, that’s not a concern.  It’s a bit of an adjustment for a few minutes and then you’ll be kicking yourself for holding out.

I’m reading just for fun nowadays, so maybe it would be different if I were an English major now.   Back then, I made so many margin notes and highlights.

Let me tell you that there are two books I’ll never read again.  “The Scarlet Letter” and “Moby Dick”  I must have read “The Scarlet Letter” about 5 times between high school and college.  THAT’S ENOUGH!  And then “Moby Dick” is way too long, one feels like having been on a 5 year long sea voyage after getting through it.  Took that cruise, not fun, not again.  Don’t make me write another paper about the symbolism.  It’s somehow always about Jesus and phallic symbols.

Somewhat Amusing anecdote

A few years ago before we installed curtains, anyone could see into the front room of my house from the street.  My glorious bookcase with the fruits of my English degree and then *so many hardback classics* I found at the far North Dallas Goodwill (rich people who just tossed out stuff without realizing what it was).

One night, we were watching TV and a Lexus SUV parked in front of the house.  Hmm, are they lost?  No, a man got out and knocked on our door.  “Are those books for sale?”  He sounded embarrassed to ask, his wife put him up to it, she didn’t dare get out of the SUV.

I was a bit flummoxed, I didn’t even ask how much he’d offer.

“Sorry, no, my books are not for sale.”

He was expecting that, then went back down to his vehicle to his disappointed wife.

But I knew that lady just wanted some books to decorate her house, she didn’t care what they were.  She saw a “bohemian looking bookshelf” through my window and wanted that for herself without curating the collection, without reading anything.  And thought I’d part with it for money.

I’ve toted around my books between many apartments and now my house, it’s always the worst part of moving, so many heavy boxes.

Nowadays, I curate my library online, I have an extensive collection there as well.  You can’t see it in my living room, all my lovely ebooks, available to anyone with an ereader.  Lives on my server, doesn’t weigh anything.  And I can share a book with a friend without any worries about getting it back.

But I’ll still never give up my hard won paper collection.  Well, maybe some of the trashy paperbacks, I should post those on Craigslist.

Let John Waters tell you what’s up.

Reminiscing about pwning

Long work weekend, it always is. But I baked cookies in between fixing servers!

Relevant XKCD reminded me of a funny I did several years ago.

https://xkcd.com/341/

Back around 2007-2010, I did a lot of testing for the XS Schoolserver for the OLPC XOs. I usually didn’t bother with wifi encryption since I was constantly reflashing XOs and that was annoying to reconnect clients. And who would get on my stupid schoolserver wifi anyway?  It would have been either Fedora 7 or 9, ancient.  This was a separate network from my home network, of course.

Well, one day I noticed network blinkenlights flashing like crazy, “Hmm, what is this traffic.” Remember, I was a wee baby sysadmin back then. The XS schoolserver shipped with Squid, so I started live tailing the log to see what was going on.

Someone in my neighborhood got on my XS wifi and he’s checking Facebook, he’s wishing his Grandma a happy birthday, OK, all right. He’s going to eBay, that’s fine. Then… OMG PORN! So, I pulled the Facebook ID out of the URLs in the squid log and found his FB profile with his real name. Let’s call him Kevin Doe. Again, this is many years ago, I don’t know if you can do that with FB URLs now. Hopefully not.

Remember, I was a baby admin back then and not sure about iptables rules, not to mention many other things. I still don’t know much about iptables other than it’s annoying to have to handcraft them and I try to avoid that.

I was irritated at him taking advantage of my “free wifi” and set up a very basic html page. It was something like:


KEVIN DOE

STOP USING MY NETWORK FOR PORN


I put that as the index.html page in the Apache docroot. If anyone went to my webserver, they’d see that. Again, baby admin. I’m just messing with things, learning.

But *he* needed to see that page I created for him.  After some research, the easiest thing was to temporarily set up an iptables rule to redirect all web traffic to 127.0.0.1:80

That dude dropped off my network so fast, it was hilarious.

Can you imagine if you thought you were on a clueless neighbor’s open wifi network, looking at porn, and then they called you out by name?  How humiliating is that?

That’s my sickest sysadmin burn ever, not sure if I’ll ever top it. And I’m so proud I managed that as a relative n00b.

Comment Spam Poetry

I get so much comment spam on this blog. I was cleaning it out tonight and some phrases struck me as modern poetry. It’s probably a Markov chain generating this, of course. But copy/pasting some phrases look like modern poetry, with some very minor edits.

Don’t wear seat belts lest you drown in you own urine
Black on black in the Charger I’m creepin’
Rub me the right way, you might get a genie black Houdini
Although the principles are quite obvious,
It’s not a casino game for those with poor nerves
It’s an remarkable post for all the users
They will take benefit from whom they serve

Keeweb on NextCloud 13

So, I updated to NextCloud 13 and didn’t realize how much I’d miss Keeweb.

I use Keepass on my home desktop and sometimes need to access stuff in that database elsewhere. I usually keep the Keepass db updated on my NextCloud installation to back up the file.

I was disappointed it didn’t support 13, but then I found this:

https://help.nextcloud.com/t/nextcloud-13-and-keeweb/27063

And made this simple edit:

root@miss [~]# grep 13 /home/cloud/public_html/apps/keeweb/appinfo/info.xml
nextcloud min-version="11" max-version="13"

And that worked!