2007年12月24日 星期一

qmail goes public domain

qmail goes public domain
"...I hereby place the qmail package (in particular, qmail-1.03.tar.gz, with MD5 checksum 622f65f982e380dbe86e6574f3abcb7c) into the public domain. You are free to modify the package, distribute modified versions, etc....."

The latest published qmail package is qmail-1.03.tar.gz, available from

Related packages:
  • djbdns,the DNS software strongly recommended for use with qmail;
  • ezmlm,an easy-to-use, high-speed mailing list manager;
  • ucspi-tcp,which includes a high-speed inetd replacement for your SMTP server, and a generic tool to reject mail from RBL-listed sites;
  • serialmail, a collection of tools for passing mail across serial links, including AutoTURN support;
  • qmailanalog, a collection of tools to help you analyze qmail's activity record;
  • dot-forward, a .forward clone for qmail;
  • fastforward, a table-based forwarding utility for qmail, including an /etc/aliases clone;
  • mess822, which includes centralized From rewriting for SMTP clients;
  • a patch for majordomo 1.93 to work with qmail; and
  • the checkpasswordprogram, which you need if you want to run qmail-pop3d.

If you're interested in what qmail can do for you, read on. See www.qmail.org for more qmail-related utilities and information about commercial support.

There are quite a few books on qmail. Out of those I've read, the best is The qmail handbook by Dave Sill. The newest book is Qmail Quickstarter by Kyle Wheeler.

2007年12月7日 星期五

pyparsing

The pyparsing module is an alternative approach to creating and executing simple grammars, vs. the traditional lex/yacc approach, or the use of regular expressions. The pyparsing module provides a library of classes that client code uses to construct the grammar directly in Python code.

Linux Audio Editors: An Overview

A Survey and Intro

If you're not familiar with the area of Linux audio editors, you might be totally amazed at just how many there are. Clearly, writing these has scratched more than a few itches and more than one has earned grades as a class project.

It's not too hard to figure out why the area has been popular. For one thing, mangling sounds is fun, and for another, there is endless scope for playing with DSP algorithms. You can do that these days without writing a whole editor, but we'll get to that in a moment.

First of all, what is an audio editor, or better, an audio file editor, and what are they used for?

When audio is recorded on a computer, the information is stored in one of a number of formats—most commonly WAV or AIF on Macs. Both are uncompressed and have various options concerning quality and file size (higher quality = bigger file size), which needn't concern us here. There are also compressed formats that, by means of different algorithms, make the file sizes much smaller. Two well-known examples include MP3 and Ogg, which are lossy (information is discarded in the same sort of way as with the picture format, JPG), and a newer one, FLAC, which is not.

This information can be (and usually is!) depicted as a time/amplitude graph, where time runs along the horizontal axis and the frequency and amplitude (loudness) is mapped vertically. This presents pretty pictures of sound that you most likely have already seen and are intuitively easy to read.

Basics of Editor Actions

We use audio editors to perform a number of tasks, the simplest of which is a cut. If, for example, a file is too long, we highlight the area we want to remove by using the mouse and then we, typically, go to Edit and Cut in whatever app we're in, and zap it.

Let's look at the real-life situation of a podcast to see what sorts of things we might do. Let's say we've recorded an interview over the phone that we want to add some music bits to later.

As usual with phone recordings, we might have to deal with noises on the line, volume irregularities, and the usual interview problems of ums, ahs, and thinking gaps. Exactly what you do with these is an editorial choice, and I won't say more other than that making absolutely everything punchy is found by many thinking people to be nauseating.

After a run-through, the first thing that might be done is the pruning. Here it pays to know about destructive and non-destructive editing. The first operates on your primary file and any cuts you make are gone forever. The second method copies everything as its title suggests. Making copies of your own with destructive editors is easy to do though—you just have to remember.

The next thing to do might be attending to noise levels. Quite frequently this will entail just judging whether bits are usable or not, as denoisers often require a little luck.

How about levels generally? Here the normalizer is beloved of quite a few people, but the real answer, quite often, is careful and time consuming fiddling about with areas of the file.

Finally, you might want to export the file in a different format from the one you started with.

In this sort of straightforwardish case, we haven't played at all with another aspect of editors—adding effects.

Effects

Effects are fun and sometimes even useful. In the podcast example above, for example, we might have added a touch of reverb to give the voices a little extra life.

There are many, many, different kinds of effects and within kinds there are different approaches and results. In the field of electronic music making, files might be prepared for looping, or other use, by mangling them substantially. For example, if you use the Linux app Loopdub to play loops, there are limited facilities for live file mangling, so they need to be prepared beforehand.

In App

In the old days, if you wanted to write code for effects, it needed to be in the body of the app. These days, there is JACK, an audio interconnection kit, and LADSPA, a plugin format, so you can write and use effects where this system is relevant and possible.

In Line (LADSPA-JACK)

Live editing is a different area that is used mostly by musicians. For example, one might use Csound to generate sounds which are sent to the JACK tunnel and a series of LADSPA effects. All of this might then be routed (and recorded) by the HDR app, Ardour.

In this sort of way, JACK-capable editors can be used to at least add effects in real time. Mostly though, we don't want to do that.

Some Editors

Earlier, I said there were an amazing number of Linux audio editors out there and there are, but here I'm going to look at a representative sample.


Audacity - Most Used

figure

Audacity is the most well-known of the Linux audio editors. One reason is that it has been ported to both the Mac (OS X) and Windows. When podcasting first began to be a big thing, this app was something that people could point at that would get the job done and was free.

It has a simple but attractive interface and pretty much everything you can do is intuitively obvious for anyone who has even a slight knowledge of what is going on.

As is quite usual for editors, there are also recording facilities and the number of tracks that can be handled will be determined by your soundcard. It is worth saying here that the Big Guy, as far as recording is concerned, is Ardour. Check it out if you have ambitious schemes in mind.

Snd - The Grandad

figure

Snd is the editor with the longest history and was, for a while, nearly the only one capable of sophisticated transformations.

The original idea was that its construction would be modelled on emacs in that it could be infinitely extensible using scripting languages. It is exactly that and could suit DSP experimenters who have a certain sort of comp sci background or who have those tendencies!

In any case, this is a well-respected piece of software that is still being added to.

Sweep - Tricks

figure

In addition to the usual editing tasks, Sweep can also be used as a performance tool. A feature of high-end commercial editors, such as Sountrack Pro is the ability to hear samples as you move around in the file, without having to hit the play button. This is useful while editing, but the Sweep team has given this idea the name of Scrubby with the further idea that it will be used for digital DJing. In fact, there are other performance tools in Sweep, such as the ability to play many loops and control the play with the computer keyboard. I haven't seen anyone using it in performance, yet but maybe mentioning this aspect here will get more people interested.

If you're interested and will be in Europe in March/April 2008, maybe you should check out Bleepfest, which I have something to do with. A footnote here is that Linux based musicians have been actively encouraged to take part (three events so far, in London and Berlin with the next most likely in Paris), but it is has been a 99.9 percent Mac affair so far.

Traverso - Context

figure

Traverso aims to be a complete digital audio workstation (DAW) but has significant editing skills and is the newest of the projects listed here. It is also available for Mac OS X and Windows.

It is interesting in a few ways. For a start, the Unix way is to have many interconnected small tools rather than enormous apps that do everything. Ardour, for example, purposely has less in the way of editing capability precisely because they are following this philosophy. Traverso is taking a different tack as they feel that it is easier for people to download, install, and learn one app, than it is to discover and learn a whole collection of apps.

Another thing the developers were interested in was the area of menus, and they have made efforts to extend commands by using the mouse in conjunction with the keyboard. This approach can potentially both enrich and speed up the user experience but won't be loved by everyone.

Conclusion

There is a rich amount of choice available in this sector. Perhaps you can find something that not only suits your needs but also leads you off to some interesting new places.

John Littler is chief gopher for Mstation.org.


linux audio editor with unique tricks (LPC anal/synthesis)
2007-11-29 13:01:40 josquin [Reply | View]

MixViews:
Linux audio editor with unique tricks: (LPC analysis/resynthesis & other analysis methods)
http://www.create.ucsb.edu/~doug/htmls/MiXViews.html
njoy
  • ardour
    2007-11-27 17:55:23 treoubo [Reply | View]

    http://ardour.org/
  • You forgot about Jokosher!
    2007-11-27 07:37:15 beranger5ca [Reply | View]

    There is also Jokosher, see http://www.jokosher.org/ ...

2007年12月4日 星期二

decompiler or exe2c/exe2asm

http://www.program-transformation.org/Transform/DecompilationResources

http://www.program-transformation.org/Transform/HistoryOfDecompilation3

http://desquirr.sourceforge.net/desquirr/links.php

http://www.itee.uq.edu.au/~cristina/dcc.html

http://compilers.iecc.com/comparch/article/96-01-017

http://lcamtuf.coredump.cx/fenris/debug-tools.html

Differentiating Among BSD Distros

Organizations that want to use a public Unix variant have two solutions from which to chose: Linux and BSD. The much talked about Linux camp contains a variety of distributions that include different utilities and tool sets. The same is true of the less frequently covered BSD camp. This article compares and contrasts the four main BSD variants and offers recommendations for both server- and desktop-based solutions.

BSD History

There are four main BSD variants. Three of these (FreeBSD, OpenBSD, and NetBSD) are totally free; the fourth (Mac OS X) is technically the core part of an operating system that most wouldn't even consider a BSD variant. To understand the differences between the various versions, let's briefly recap the history of BSD to understand how the different versions have developed.

Today's BSD variants are open source versions of the original AT&T Unix operating system. In fact, they all come from the Unix developed at the University of California Berkeley, and BSD is actually short for Berkeley Software Distribution. A significant part of the original BSD code was based on the AT&T Unix code, which wasn't free. Through efforts on the part of a few key members of the original BSD development team, such as William F. Jolitz, the final parts of the code were developed under an open source license and produced 386BSD.

In 1993, 386BSD was forked into two of the main versions we know today: NetBSD and FreeBSD. They were formed with different aims and goals. Not surprisingly, each has its own history. OpenBSD, the third variant, arrived in 1996 and was developed specifically to address some of the security concerns in the other variants.

The BSD incorporated into Mac OS X is known as Darwin. It is available as a completely separate component. Darwin itself is derived from the BSD layer of the NextStep operating system, developed by NeXT, the company set up by Steve Jobs after he left Apple in the 1980s. Technically, Mac OS X is based on the FreeBSD core, with OS X 10.3 based on FreeBSD 5.x. It is, however, extremely customized beyond the base BSD code. The key benefit with Mac OS X is the Aqua GUI that allows OS X to operate like the original Mac OS operating system but still have all the benefits and flexibility of an efficient BSD kernel.

Common Features

Like other Unix variants, the four BSD distros provide similar basic functionality. All contain the following core components:

  • Kernel — Pre-emptive, multitasking with job control
  • Security — The basic log-in and authorization system
  • Shell Interface — The Bourne, C, Korn, and other third-party shells
  • Networking — Adherence to the TCP|UDP/IP standard and support for all the base protocols (e.g., finger, telnet, NFS, and FTP)
  • Third-Party Networking — Support for Apache, Mac file sharing (through NetAt), and Windows file sharing (through Samba)
  • Base Utilities — Rich, built-in utility list, including awk, cut, paste, sed, and ed

In addition, because it is a Unix-like operating system, most of the other tools, utilities, and systems, such as Perl, Python, Apache, MySQL, PostGreSQL, Java, C/C++, work with BSD. However, because it is a less popular Unix alternative than Linux, fewer prepackaged applications are available. Some BSD variants do come with a Linux compatibility package, though, that enables them to execute Linux applications (from the same platform) directly.

BSD systems have a reputation for better reliability than some alternatives, largely because they are developed with smaller, more focused development teams. They also boast a more mature code base, as a significant proportion of the BSD ethos come from the very earliest forms of Unix.

So with all these similarities, how does one differentiate the various versions and choose which to deploy?

FreeBSD

FreeBSD came to be one of the most popular BSD revisions after its early release through Walnut Creek CD-ROM, an early pioneer in distributing free and open source software on CD before the explosion of the Internet. Its primary platform is the x86 PC, including the current AMD and Intel 64-bit variants, though it also has a presence on Sun's SPARC platform.

The main focus for FreeBSD is performance, particularly of the TCP/IP stack with a number of companies, including Yahoo, using FreeBSD as an Internet server platform. FreeBSD holds the unofficial record for transferring data, having achieved more than 2 Terabytes of data from one server running the OS. It follows from this statistic that FreeBSD is also one of the most stable OSes available.

The developers of FreeBSD put a lot of effort into making the system as easy to use as possible. Thus, FreeBSD has one of the easiest installs of all the Unix platforms. Once the system has been installed, you can easily download, compile, and install additional packages through the built-in ports system, a third-party solution that automates the process. The Ports Collection downloads the necessary files, checks the files for integrity, builds the application, and then installs the application. This simplifies one of the most time-consuming aspects of deploying applications to different computers.

FreeBSD at a Glance

Home Page http://www.freebsd.org/
Platforms i386, Alpha, IA-64, AMD64, and UltraSPARC
Original Release December 1993
Focus High performance computing, ease of use, and stability

NetBSD

NetBSD was released a few months before FreeBSD. Unlike FreeBSD, which concentrated on the performance and best-quality support for its main target platform, NetBSD was developed to support as wide a platform base as possible. It would be difficult to list all available versions of NetBSD, but it runs on more than 50 platforms, from mainstream ones, such as x86 and SPARC, to niche products like Sega's Dreamcast and a number of hobbyist, handheld, and embedded devices.

This portability gives NetBSD an edge. Although it gives the OS an air of disparity, the reality is different. The variety of platforms supported means the code is efficient and secure, with a wide range of experience that improves the OS as a whole.

The range of support also means NetBSD runs on much more powerful hardware than is supported by other distributions. Higher-end dedicated Unix workstations from Sun, Hewlett-Packard, and the old Digital/Compaq Alpha platform can be used with NetBSD to provide all of the stability and performance of the BSD platform while giving a new lease of life to older available hardware.

The portability is also a major attraction as a deployment and re-development choice for those building their own computers, or using one of the many embedded hardware solutions. This keeps NetBSD as a popular choice in universities and science labs.

NetBSD at a Glance

Home Page http://www.netbsd.org/
Platforms Just about all
Original Release December 1993
FocusPortability and stability


OpenBSD

OpenBSD was developed by Theo de Raadt after a disagreement over the future of the NetBSD code. OpenBSD development began by focusing on producing an incredibly secure OS, and it's an approach that continues to this day.

Unlike other BSD variants, and most Unix flavors, OpenBSD is installed with everything but the absolutely essential services disabled. Users used to having NFS, Telnet, finger, FTP and other features running out of the box on a Linux installation will find they have to specifically enable, rather than disable, these services on OpenBSD. OpenBSD was designed this way to eliminate the possibility of these 'accidentally' being open and therefore causing a potential security breach.

OpenBSD also includes a range of built-in cryptography standards, such as RSA, Blowfish, DES, and full support for the IPSec TCP/IP security system. Cryptographic support is further enhanced with support of a number of hardware accelerators, including many of the third-party PCI cards and support for newer systems, such as the Random Number Generator and Advanced Encryption Standard built into the latest VIA C3-series CPUs. OpenBSD is well suited for use in a network router, firewall, and secure Internet service solution because of its high level of built-in security and encryption.

OpenBSD's overall security is further enhanced by a strict method of code testing and auditing. The code has been examined, virtually line by line, to find potential faults in the system. Thus, gaps in the OS, both real and potential, are plugged before they can be used and exploited.

The result — an OS that for years has not had a remote-root exploit of the type often found on other operating systems.

OpenBSD at a Glance

Home Page http://www.openbsd.org/
Platforms i386, Alpha, AMD64, sparc, sparc64, hp300, hppa, mac68k, macppc, mvme68k, mvme88k, and vax
Original ReleaseNovember 1995
FocusSecurity and code purity

Mac OS X

Darwin, the kernel on which Mac OS X is based, is itself based on the FreeBSD code with a custom Mac kernel in place of the standard BSD kernel. Darwin's main focus is to provide the base on which the rest of the Mac OS X environment runs. Although Darwin is not designed as an alternative to other BSD offerings, it does have a place in the BSD space.

Most users logging in remotely to an OS X machine would hardly notice a difference in the environment if they didn't look around too closely. The same utilities and environment are available as within a genuine FreeBSD environment.

The Darwin project is completely open source, Apple makes the system and source code available online, and changes to the Darwin code are rolled back into the FreeBSD source tree. Darwin is supported on both the PowerPC and x86 platforms, which often surprises people.

Where Darwin differs from the three other distros is that it forms the base of the Mac OS X operating system. A proprietary suite of tools and a user environment (Aqua) built on top of the Darwin core provide a user interface not vastly different from the Mac OS 9 and earlier interfaces for which Apple is famous. It is through Aqua that the majority of custom and commercial applications, including Adobe InDesign, Illustrator, and Microsoft Office are made available.

Despite the additional applications and interface options supported by Aqua and Mac OS X as a whole, underneath, the FreeBSD core is always available. You can open a shell interface through the Terminal application; there is support for X Windows System based applications; and you still have access to Perl, Python, MySQL, Apache, and any other Unix-compatible tools.

The Darwin core is an open source project, with Apple and members of the Darwin community enhancing the Darwin code and extending the operation and functionality of the system. Ultimately, any changes made in Darwin make their way into other parts of the BSD family. Apple is also helping to support the BSD community as a whole, so improvements to the BSD platform flow freely between the Apple and community camps.

Darwin/OS X at a Glance

Home Pagehttp://developer.apple.com/darwin/
Platformsx86 (Darwin only) and Mac (Darwin+OS X)
Original ReleaseMarch 1999
FocusEase of use


Choosing a Desktop Solution

Which flavor of BSD you chose should depend largely on what hardware the desktop uses. On an Intel- or AMD-based PC, FreeBSD is a stable and widely supported choice. For older hardware, or hardware that is not exactly mainstream, NetBSD might be a better solution. NetBSD is even more suitable for developing and deploying an application on one of the many embedded solutions, as you can probably use NetBSD on both platforms.

If you need a Unix environment but also want access to commercial applications like Microsoft Office, or products from Adobe, Alias, and others, Mac OS X delivers the best of both worlds. The FreeBSD-like kernel provides a complete set of standard Unix utilities and libraries that enable you to use the BSD and OS X elements simultaneously.

For the record, OS X is my platform of choice. I develop Web applications using Perl, MySQL, and others while writing articles and books using Microsoft Word, all on a Power book G4 running OS X.

Choosing a Server Solution

OpenBSD is the obvious choice on the server because of its very high security principles. With such a safe environment it's easy to deploy an OpenBSD-based server without worrying too much that the system or network will be compromised. OpenBSD, in particular, is ideal for use as a public-side server on the network and for providing firewall and proxy services between the Internet and an internal network.

For a pure Web server, FreeBSD is also a good choice purely because of its stability on key hardware platforms like x86. The quality of the disk drivers and networking stack means exceptionally high levels of availability. It's also possible to make FreeBSD more secure by specifically disabling the services you don't need to support.

If you prefer to work within the general security of the BSD platform, but with a friendlier configuration and management environment, consider Mac OS X Server. It provides all the benefits of the FreeBSD platform, with a friendlier front end. OS X Server provides more extensive support for Apache; file sharing through NFS, AppleTalk, and Samba; a built-in firewall and VPN; directory services through OpenLDAP; and audio/video streaming through QuickTime. This functionality comes pre-configured and ready to use.

All of this comes at a price. Unlike other offerings, OS X Server is a commercial product. Although Darwin is free, the configuration and management tools built into OS X Server make it so nice to use compared to the other BSD options.

All in all, when evaluating a Unix-based OS other than Linux, all of the BSD variants are equally matched.

2007年11月29日 星期四

useful firefox extension

NoScript

FoxTor
which requires Privoxy and Tor

SafeHistory

Gmail S/MIME

PetName

SecurePasswordGenerator

FormFox

TrashMail.net

PageTitleEraser

TrackMeNot

CLI Magic: No-nonsense network

good introduction document.

Atop is a system and process manager that displays network traffic, along with other useful information such as CPU consumption, memory usage, and a process list. Atop has a handful of options to be passed to at startup. To see network network-related information and save it to a log file located in /var/log, start the application with atop -N > /var/log/atopnet.log.

Bmon is a bandwidth monitor for network connections. With it you can selectively watch a certain network card or a many of them, and even keep an eye on interfaces that are down (using the -a switch). Bmon can show results using either ASCII mode or the curses library, and can even generate statistics in an HTML file. If started without any options, bmon will show interface statistics using ncurses and display all available network connections. Once the application is started, you can press the g key to enable graphical mode and d to enable detailed statistics. If your server has subinterfaces, you can view them by pressing the f key.

Bwmon is similar to bmon, but it provides limited options. It shows bandwidth usage in curses mode and has options to show average bandwidth utilization since last boot (using -a), print maximum bandwidth utilization since the last launch of the program (using -m), and specify update timeout (using -u value).

Netwatch is an invaluable tool when it comes to network monitoring, and one of my personal favorites. It can not only show what IP addresses or hostnames are communicating with the outside, but also what ports they are using. Netwatch is great when you are a network administrator in a small or medium-sized office and your users are constantly downloading large files from the Internet. It can email you warnings about bandwidth usage (if you use the -u warnuser option) and can log all or specific packets.

Speedometer is a little different from the rest of these tools. It measures network traffic and the speed or progress of a certain file transfer. Let's say you want to see how fast someone can download a file from your server and how the download is going in real time. Enter speedometer filename, and the program will draw a progress bar that shows the speed of the transfer. It can print the RX and TX rates on a per-interface basis (using -rx iface and -tx iface). You can use speedometer to test the upstream speed of your ADSL line, the transfer speed of your LAN, or the time needed to send a file to a server.

vlc web client

I make a mistake that think the javascript API is different from the one in documentation.
The fact is that both the javascript APIs co-exists, and the verion string is used as the key to activate one of them.

Maybe I will come back to document more methods/attributes for these two api and activex interface.

2007年11月27日 星期二

another vlc usage

pipe from standard input

# cat /tmp/0831-1.ogg | vlc -I dummy \
--sout-all \ "#transcode{acodec=vorb,ab=128}:standard{access=http,mux=ogg,dst=192.168.0.103:8080}" \
- vlc:qiut

NOTE: "-I dummy" will disable the use of visual interface.

# vlc -I dummy -L --no-video --sout-all "#transcode{acodec=vorb,ab=128}:standard{http,mux=ogg,dst=192.168.0.103:8080}" /tmp/abc.ogg


How to fire up a vlc client, and setup multiple input/output stream concurrently ?

28 papers on real-time and embedded Linux

something interesting

2007年11月26日 星期一

CentOS +vlc

Install vlc on a CentOS 4.5 box and a windows client.

It is possible to send voice data into a fifo (cat some-ogg-data > a-ogg-fifo), then config
vlc to stream a-ogg-fifo to somewhere.


If vlc stream the fifo file before another process (says, cat some-ogg-data > a-ogg-fifo, here) writes to the fifo, the streaming process will fail. (i.e. a short delay before vlc to make sure there is something in the fifo. or maybe there is a method to probe this, then fire up vlc)

btw, if 'cat' process doesn't generate the fifo quick enough, the vlc may stop. how to start the vlc again is another issue.

The sample vlc command looks like

vlc -I console \
--no-interact \
--extraintf telnet \
--no-show-intf \
-vvv \
-L \
/tmp/abc.ogg \
--no-video \
--sout "#transcode{acodec=vorb,ab=128}:standard{access=http,mux=ogg,dst=192.168.0.103:8080}"

NOTE:
If you like to run vlc without X-window (in Linux environment), it is necessary to switch interface of vlc into skinnable.

2007年11月19日 星期一

A developer's perspective on Google's Android SDK

A developer's perspective on Google's Android SDK

A developer's perspective on Google's Android

by John Lombardo


Spread the word:
digg this story
On Monday, November 12, 2007, Google released Android, a complete Linux based software stack aimed directly at the cell phone marketplace. I'll let others talk about what it means for other players in the marketplace, the intricacies of GPL2 vs the Apache License, etc. This article dives straight into the heart of the SDK and API itself, summarizing some of the documentation provided by Google, then jumping into building an application using Android.


Android Emulator
(Click to enlarge)


So, what Is Android?

Android is a complete software stack for mobile devices such as cell phones, PDAs and high end MP3 players. The software stack is split into four layers:
  • The application layer
  • The application framework
  • The libraries and runtime
  • The kernel
Cell phone users obviously work with applications in the application layer. Android developers write those applications using the application framework. Unlike many embedded operating environments, Android applications are all equal -- that is, the applications that come with the phone are no different than those that any developer writes. In fact, using the IntentFilter API, any application can handle any event that the user or system can generate. This sounds a bit scary at first, but Android has a well thought-out security model based on Unix file system permissions that assure applications have only those abilities that cell phone owner gave them at install time. The framework is supported by numerous open source libraries such as openssl, sqlite and libc. It is also supported by the Android core libraries -- more on that in a second. At the bottom of the stack sits the Linux 2.6 kernel, providing the low level hardware interfaces that we all expect from a kernel. This is a Unix based system -- that is, the Unix C APIs are available -- but don't expect to drop to a shell and start executing shell scripts with your old friends grep and awk. Most of the Unix utilities are simply not there. Instead Android supplies a well thought out API for writing applications -- in Java using the Android core libraries.

That's right, Android applications are almost exclusively written in Java. The Android core library is a big .jar file that is supported by the Dalvik Virtual Machine -- a fast and efficient JVM work-alike that enables java-coded applications to work on the Android cell phone. This is similar to, but not the same as using Sun's JVM directly.

Building your development environment

Google provides three versions of the SDK; one for Windows, one for Mac OSX (intel) and one for Linux (x86). They also provide two development environments -- one is Eclipse based, and the other is a "roll your own." The Eclipse based environment is quite feature-rich and should suffice for most developers. There is no reason that you can't use both Eclipse and "roll your own."

If you get stuck in eclipse (like I did), you may find yourself dropping to the command-line interfaces to see what's really going on. However for this article, I'll assume that you're using the Eclipse IDE for your Android software development needs. Once you've downloaded the Android SDK, Eclipse and the Eclipse Plugin, you should work through the first few sections of Google's install document (System and Software Requirements, Installing the SDK, Installing the Eclipse Plugin). I'd leave the rest of the document for later as it does get quite detailed quickly.

Read the Friendly Manual

Google has done a good job of writing a lot of documentation for Android. However, there isn't a great way of knowing what's important to read now vs. what can wait. Here are some links to documents that are important to understand what Android is and how to develop applications using it. If you read them in the order listed, then you'll gain understanding more quickly as you read increasingly detailed documents. Note that a lot of the documentation is available both online and in the SDK_ROOT/docs/index.html directory on your machine. If you have a fast enough connection, I would suggest using the on-line versions since they will be more up to date.

Here's the order in which I suggest you read the documentation:
  • What is Android? Explains what Android is and gives a high-level overview of its features and architecture. Don't dive into the links just yet -- just get a feel for this overall document.
  • Read the Anatomy of an Android Application page. This details the four building blocks of an Android app: Activity, Intent Receiver, Service and Content Provider. Again, don't follow the links just yet -- just get an overview of the architecture. You may want to reread sections on Activities and Intent Receivers -- gaining an understanding of these concepts is critical to understanding how to build an Android application. If you don't get it yet, you'll see it again when you go through the Notepad Application Tutorial.
  • Next read the Development Tools document. Again -- just get a flavor, don't dive into the detail yet.
  • Read the Lifecycle of an Android Application page.
  • Now, finally, it's time to get your hands dirty. Work through the Hello Android page. Make sure you actually do it using Eclipse.
Note: I had a problem here. The first time I ran the application, it worked fine. However on subsequent runs my application would not appear on the emulator. I killed and restarted the emulator, killed and restarted eclipse several times -- no joy. Finally, somewhat frustrated, I was going to re-install everything. However before I did, I found an invisible instance of the Android Debug Bridge (adb) running. I killed it and everything worked again. I thought I had to close the emulator after each run of an application, but this turns out not to be the case. When I closed the emulator after my first run, it left the instance of adb running, which interfered with the subsequent instances.
  • Now go back and read the rest of the Installing the SDK document -- the bottom half of it details some great debugging tips and features.
  • Next, go through the Notepad Application Tutorial. This is where the rubber really meets the road. If you spend the time to go through this series of exercises and really understand the code, you will be well on your way to becoming an Android expert.
  • Read the Developing Android Applications pages. This will take some time -- these articles go into a lot of detail about several topics including how to implement the UI, data storage/retrieval and the security model.
  • Finally, go back through this list and follow the links in the previous documents as topics interest you.
There's a lot of documentation, but if flows together nicely, reflecting the architecture of the environment.

Dissecting the SDK

Whenever I download an SDK, I like to take a look at the files I've installed. Often, there is a wealth of information hidden in the SDK itself that is not readily visible from the documentation. So here's what you'll find in the Android SDK on a Windows machine:
  • android.jar - The Android application framework. Unzipping this jar reveals the entire class structure and all of the supporting classes of the framework. Currently there is no source.
  • docs - 100 megabytes worth of documentation, samples, etc.
  • samples - Six different sample applications - ApiDemos, HelloActivity, LunarLander, NotePad, SkeletonApp and Snake
  • tools - the various SDK binaries such as aapt, acp, and emulator live here.
    • lib - various templates and supporting jar files live in this directory
      • activityCreator - the activityCreator python application lives here.
      • images - The Linux file system images are found in this directory: ramdis.img, system.img and userdata.img. They are YAFFS2 file system images, so I couldn't open them without additional kernel support on my Fedora system.
        • skins - supporting emulator graphics for HVGA and QVGA screens in both landscape and portrait format.
Exercising the SDK

Now that you have read the documentation and set up and debugged a simple project, it's time to look at some real code. Since Google has provided us with several sample applications, the best place to begin is by examining them.
  1. If you have not already done so, execute the first few sections of Google's install document. Stop after you've installed the Eclipse plugin successfully.
  2. Now work through the Hello Android page if you haven't already. This will get you started working with Android applications and the debugger. Note that it's probably a good idea to create a new workspace for your Android projects if you already use Eclipse.
  3. Next we're going to set up Eclipse projects for each of the sample applications. You can never have too much sample code. I'll walk through setting up the Lunar Lander example and leave it as an exercise to the reader to set up the rest.
    1. Bring up the same Eclipse workspace that you used for the Hello Android, and close the project (Right click on the project in package explorer->Close Project).
    2. File->New->Android Project
    3. Project Name: LunarLander
    4. Click the "Create Project from existing source" radio button
    5. Browse to the samples/LunarLander directory in the SDK. If you find the right directory, the Properties fields will auto-fill with the correct information from the Package.
    6. Click Finish
    7. Bring up Eclipse's Console window (Window->Show View->Console) if it's not already visible in a tab at the bottom of the screen. It will show you the build process that Eclipse went through to create the application.
    8. Create a Run Configuration: Run->Open Run Dialog
    9. Highlight "Android Application" in the treeview to the left.
    10. Click the "New button".
    11. Name: Lunar Lander
    12. Click the Browse button next to Project
    13. Double-click the LunarLander project and hit OK
    14. Click the down arrow for the Activity and choose the one and only Activity: com.google.android.lunarlander.LunarLander
    15. Click Apply
    16. Click Run
    17. Switch to the Emulator and play a few rounds of Lunar Lander. Kinda fun.
Repeat for the other applications in the samples directory. This exercise should only take a few minutes -- besides, the Snake game is fun too! If you've taken the time to go through the Notepad Application Tutorial, then you'll be familiar with the NotePad sample -- however, the NotePad sample is fully developed and has features beyond the NotePad developed during the Tutorial.

A File System Explorer Application

Finally, we'll use our new understanding of the Android to develop a simple file system explorer. The version in this article is pretty simple, but it can serve as a jumping-off point for a more serious application down the road.

Design

Before we start writing code, let's think about what a reasonable MP3 player should do. It should
  • Phase I features
    • Show a list of files and directories
    • Allow the user to navigate through the directory structure by clicking on directories
    • Warn the user that he has clicked on a file

  • Phase II features
    • Allow the user to display a dump of a file when it is clicked
    • Use a tree view instead of a simple list
    • Show a dialog box with the filesystem information (size, permissions, etc) when the user clicks on an icon next to each file
    • Give this application permissions to read any file on the file system

  • Phase III features
    • Do all of phase II with pretty graphics, such as thumbnails, nstead of boring dropdowns and list boxes
    • Execute applications that we understand, such as mp3 files
Process

This article will only cover Phase I of the project -- but when we're done, we'll have a functional file system explorer in just a few dozen lines of code.

To proceed with this hands-on example, click here.


New Android Project
(Click to enlarge)

It works!

If you clicked above to follow the hands-on example, you found that in about twenty lines of Java, and a small amount of XML, you've created a useful little application that will allow you to explore the Android's file system. For example, I found the ringtones in /system/media/audio/ringtones, as shown below.


Oooh, ringtones
(Click to enlarge)


As I mentioned in the design section, a lot can be done with this application, and we've hardly touched the surface of what you can do with the Android application environment. There's thee billion cell phones out there. I suspect Google will get their fair share of them, so start cranking out code!

Conclusion

Android is a well-engineered development environment. Writing an Eclipse plug-in was a smart move by Google -- one that should be emulated by other SDK developers. Eclipse gives a developer and environment where he can really think about the business problem without worrying about the boring details. Adding the functionality of the plugin helps developers just sit down and start coding -- without having to worry about all the ins and outs of configuration files and the like.

Dislikes

Android is brand new to the general developer's world. As I write this, it's Wednesday, and the SDK came out on Monday of this week. Since it's brand new, there are some little problems that will have to be solved in the coming releases.
  • Many more examples for the APIs.
  • A more thorough explanation of what does and does not work under the emulator. My first example application was a simple MP3 player.
  • Release the source code. This will make it a lot easier to debug Android applications, as well as write them in the style that the Google developers wrote them.
Likes

Theres a lot to like about Android:
  • It's by Google -- so it has a company with some clout behind it.
  • Application Developers write their code in Java. Since the learning curve for Java is much less than that of C/C++/ObjectiveC, there will be many many developers who are eager to start writing applications for Android.
  • The SDK and API are well designed. There is some complexity there, and as I mentioned, the Documentation needs improvement (Google: call me :) -- but a well designed system is easier to understand and learn, even without lots of great examples.

49 Open Source Projects in the Spotlight

49 Open Source Projects in the Spotlight


Too often, open source projects labor in near obscurity. No corporate stipend, no team of publicists, no media blurbs for every new release. But the open source community is a vital source of productive creativity – truly an engine of the future.

Here’s a list of 49 open source projects that deserve a round of applause. You can peruse the full list – and for goodness sake, we think you should – or just jump to a certain area using the miracle of HTML linking:

Audio tools / Communication / Desktop enhancements

Developer tools / Education / Enterprise / Finances

Games / Graphics / Groupware / Messaging / Miscellaneous

Multimedia / Photography / Office Productivity

Audio Tools

1. Audacity
This cross-platform sound recorder and editor receives high marks for its speed and ease of use. Key features include envelope editing, mixing, and built-in effects; supported formats include WAV, AIFF, Ogg, and MP3.

2. Linux MultiMedia Studio
Think you have what it takes to be a record producer? LMMS lets you create music on your computer, including creating loops, synthesizing and mixing sounds, arranging samples, and more.

3. Jajuk
If you have a large or scattered music collection, Jajuk is for you. This jukebox provides a lot of advanced features for users who know what they’re doing, while also being relatively intuitive.

Communication

4. Mumble
With Mumble, you can easily talk to other players while gaming, and the voices seem to come from the on-screen characters. Plus, the echo cancellation feature means you won’t get those annoying reverberation effects from your microphone picking up the sound from your speakers.

5. ePresence Interactive Media
Developed at the University of Toronto, ePresence claims to be “the world's first open source webcasting and conferencing solution.” It is designed to support conferences, online meetings, seminars, and demonstrations. Click the “Project Web Site” link from the link above to check out some of the (mostly educational) presentations created with ePresence.

6. Elastix
With final code just released November 2007, Elastix is a brand-new appliance software for Asterisk-based PBX systems. It combines a lot of the most popular Asterisk tools with a unique interface, utilities, and add-ons for a complete open-source VoIP system.

7. trixbox
Formerly known as Asterisk@home, trixbox is another VoIP solution based on the Asterisk PBX software. Ideal for home or small business users, the Web-based interface makes the software easy to set up and use.

Desktop Enhancements

8. LCARS 24
Ever wish your screen looked like those cool interfaces on Star Trek? LCARS 24 offers an alarm clock, calendar, games, maps, etc. all with look of the displays on the Enterprise. It’s probably not something you’d install on your regular computer, but you might want to use it to turn an old DOS laptop into a useful conversation piece.

9. Synergy
If you’ve got more than one computer sitting on your desk, Synergy let’s you use the same mouse and keyboard for both. It works cross-platform, so it’s great if you switch back and forth between a Linux machine and a Windows machine, or a Windows machine and a Mac, etc.

10. LXDE
Lightweight X Desktop Environment does just what the name suggests: it offers a fast desktop for Linux/Unix systems that doesn’t consume a lot of power or memory. Unlike a lot of similar projects, each of the components can be installed separately, so you can use only the pieces you want.


Developer Tools

11. Lazarus
Lazarus offers a complete and easy-to-use programming environment for FreePascal. It runs on Windows, Linux, OS X, and FreeBSD.

12. jEdit
This java-based text editor provides auto-indent and syntax highlighting for more than 130 different programming languages. Its huge library of add-ons gives programmers nearly every feature you could hope for in a text editor.

13. DotNetNuke
DotNetNuke offers an alternative application framework for the Microsoft ASP.NET 2.0 platform. If offers enterprise users a versatile, user-friendly means to create cutting-edge Web applications.

14. Mantis
This Web-based bug tracker is free, easy to install, and available in 68 different languages. Written in PHP, it works with MySQL, MS SQL, or PostgreSQL databases and multiple platforms.

Education

15. GCompris
GCompris provides an open source alternative in a category that has very few open source options—children’s educational software. Although the Windows version is somewhat limited, the Linux version offers more than 100 activities for kids age 3 to 10.

16. LogiCampus Educational Platform
Built by a college in Texas, LogiCampus gives educational institutions a free way to manage distance learning and on-campus classes. It gives educators the tools they need to set up an online class and stay in touch with students, and it simplifies tasks like exam scheduling, ordering textbooks, and making course changes.

17. WIKINDX
Having trouble keeping track of all those sources you’re using to write your thesis? WIKINDX manages your quotes, notes, and citations so that they’re easy to search. Best of all, it formats the bibliography information for you based on your choice of style guide.

Enterprise

18. Openbravo ERP
This Web-based enterprise resource planning tool offers small- and medium-sized businesses the benefits of integrated systems management without the high cost. It includes customer resource management (CRM), business intelligence (BI), procurement and warehouse management, project and service management, production management, and financial management capabilities.

19. Compiere
Compiere ERP + CRM Business Solution is designed specifically for the distribution, retail, manufacturing, and service industries. It includes components for managing and reporting on projects, financial management, point-of-sale, e-commerce, service, sales, order management, manufacturing, materials management, purchasing, and performance management.

20. MailArchiva
Thanks to all the new compliance requirements, many organizations must pay closer attention to how long they store e-mail and other messages. MailArchiva works with Exchange and other popular messaging systems to provide long-term storage with an easy “Google-like” search capability.

21. Covide
Covide offers web-based groupware and customer relationship management (CRM) in a single package. It can also integrate with PBX systems to provide VoIP services.

22. Open EMM
This professional e-mail newsletter and marketing software offers many of the features of commercial products, including event- and time-driven transaction e-mails. It makes it easy to manage bounced e-mails, as well as providing advanced tracking and statistics.

Finances

23. Buddi
Buddi makes it easy to set up a household budget and track your finances, even if you’ve never done it before. The feature set is purposefully small so that financial novices won’t get confused, but it does allow you to create reports and graphs so that you can see exactly where all your money went.

24. GFD
This personal finance manager runs on any Java-enabled operating system and is available in 11 different languages. While it’s still easy for novices to use, it includes some advanced filtering, report, and chart capabilities for tracking your household finances.

Games

25. FreeCol
Remember the old game Colonization? This is a free version where you start with a few colonists on a boat and try to create an independent nation. (Also similar to Civilization.)

26. PokerTH
Have you fallen prey to the Texas Hold ‘Em craze? PokerTH lets you play against up to six computer opponents or online players from around the world.

27. Scorched3D
This is a 3D version of the old DOS game Scorched Earth. In case you don’t remember how it’s played, you use your tanks to try to blow up your opponent’s tanks. The new version has much better graphics, as well as changing environmental conditions and the ability to network with 24 other online players at a time.

28. UFO:Alien Invasion
In this futuristic sci-fi game, you and your secret organization must defend the earth against an alien invasion. While you hurry to maneuver your troops for tactical advantage in skirmishes with the aliens, you also have to try to uncover the secret alien plot in time to save humanity from certain doom.

Graphics

29. Inkscape
If you’d rather not spend the many, many dollars you need to stay up-to-date on the latest releases of Adobe Illustrator, try Inkscape. This vector graphics editor is compatible with Windows, OS X, and Linux, and it includes features like transparency, gradients, node editing, pattern fills, PNG export, and more.

30. Art of Illusion
This 3D modeling and rendering studio boasts many of the features of much more expensive applications, including subdivision surface based modeling tools, skeleton based animation, and a graphical language for designing procedural textures and materials. And because it’s built in Java, it’s platform-independent.

Groupware

31. Group-Office
Group-Office groupware allows work groups to share calendar, project management, e-mail, tasks, addressbook, and file management information. It works with the company Intranet or the Internet, and users can use any browser they like.

32. Simple Groupware
Built in sgsML for easy customization, Simple Groupware is a standards-based enterprise-ready groupware application. It offers email, calendaring, contacts, tasks, document management, synchronization with cell phones and Outlook, and full-text search. Plus, it’s simple to install, update, use, and adapt to your needs.

Messaging

33. aMSN
Have friends who only use MSN for instant messaging? This platform-neutral MSN messenger clone lets you keep in touch without actually using a Microsoft product.

34. SquirrelMail
The “Webmail for Nuts” is written in PHP and renders pages in pure HTML 4.0 for maximum compatibility. An active community has developed more than 65 plug-ins that extend SquirrelMail’s capabilities and make it even easier to use.

35. Miranda IM
This instant messaging client for Windows aims to be “smaller, faster, easier.” It supports multiple protocols, including AIM, Jabber, ICQ, IRC, MSN, Yahoo, and Gadu-Gadu, and it has hundreds of handy plug-ins as well.

Miscellaneous

36. StarDict
Modestly calling itself “the best free dictionary program in Linux and Windows,” StarDict searches multiple international dictionary databases to find the correct spelling, definition, and/or translation for any word. The latest version (released November 2007) includes full-text translation, fuzzy queries, and more.

37. Gramps
Genealogy continues to be one of the country’s most popular hobbies, and Gramps (Genealogical Research and Analysis Management Programming System) gives you many of the tools of more costly family tree tracking applications for free. It was developed by genealogists and offers a huge wiki of advice for how to trace your ancestry. Plus, its name is one of the best acronyms we’ve ever seen.

38. NavIt
NavIt is an open-source alternative for in-vehicle navigation. It works with multiple maps and is touch-screen friendly.

39. Gnaural
It already does everything else--now your computer can help you meditate. Using something called the “binaural beat principle,” Gnaural generates audio tones designed to get you in the right frame of mind for relaxation.

Multimedia

40. MediaPortal
MediaPortal aims to turn your PC or TV into a complete media center. It combines DVR capabilities with a radio tuner, audio player, video player, and more.

41. NicePlayer
NicePlayer calls itself “Quite simply, the nicest media player for Mac.” The base version plays the same types of files as QuickTime, and add-ons provide support for most other types of video files.

42. xine
Xine plays CDs, DVDs, and VCDs, as well as decoding and playing most types of audio and video files. Written in Assembly and C, Xine works with OS X, Linux, FreeBSD, and Solaris.

Photography

43. Gallery
Gallery makes it easy to add a photo library to your personal or business Web site. Key features include user authentication, automatic thumbnails, mirroring, themes, and more.

44. Souvenance
Unlike most photo gallery programs, the XML-based Souvenance doesn’t require a separate database, making it really fast to deploy. It was just released in October of 2007, so it’s still a very much work in progress.

Office Productivity

45. OpenProj
This project manager will look and feel very familiar to users of Microsoft Project, and it even opens MSProject files. It works on multiple platforms, and was downloaded more than 100,000 times in the first month it was released.

46. OpenOffice.org Portable
Now you can take the entire OpenOffice.org suite (Writer, Impress, Math, Draw, Calc, Base) with you wherever you go. Simply load OpenOffice.org onto a USB drive, CD, iPod, or other portable drive and you can use the programs without installing them in your system.

47. PDF Split and Merge
Need to cut a long pdf file down to size? Or would you like to combine two shorter documents? PDF Split and Merge lets you do both without having to purchase the costly software.

48. PDFCreator
As you might expect, PDFCreator creates PDF files from any Windows program. It can also create PNG, JPG, TIFF, BMP, PCX, PS, and EPS files, as well as encrypting PDF files.

49. MultiMedia Office
This package from Plata Software combines some of the most popular open source software into a single package. It includes OpenOffice.org, Audacity, GIMP, VirtualDub, Thunderbird, and Opera.


Streaming audio

this week, the sample streaming audio system should be set up to show Siemens the capaility of bicom to provide the LI solution.

Following are the current status for this:

http://en.wikipedia.org/wiki/Streaming_media
http://en.wikipedia.org/wiki/List_of_streaming_media_systems
http://www.mediacollege.com/video/streaming/
http://www.videolan.org/vlc/index.html
http://live.polito.it/documentation/feng
http://en.wikipedia.org/wiki/Real_Time_Streaming_Protocol
http://www.securityspace.com/s_survey/data/man.200705/rtspsurvey.html
http://www.cs.columbia.edu/~hgs/rtsp/
http://www.cs.columbia.edu/IRT/software/rtspd/
https://addons.mozilla.org/en-US/firefox/addon/446

http progressive download may be the most-like solution now.

maybe reference http://www.icecast.org/ http://www.shoutcast.com/

google search
"streaming media" +http
or
"streaming audio" +http

http://www.nch.com.au/streaming/index.html
http://www.download.com/Streaming-Audio/3150-2168_4-0.html
http://www.spartanicus.utvinternet.ie/streaming.htm
http://emoney.al.ru/capture-streaming-video-and-audio/
http://streamingmediaworld.com/
http://atc.cit.cornell.edu/course/streaming/index.cfm

2007年11月7日 星期三

mozilla's web ap

mozilla's candicate is Prism ( http://wiki.mozilla.org/WebRunner )
Prism is a simple XULRunner based browser that hosts web applications without the normal web browser user interface. Prism is based on a concept called Site Specific Browsers (SSB). An SSB is an application with an embedded browser designed to work exclusively with a single web application. It doesn’t have the menus, toolbars and accoutrements of a normal web browser. Some people have called it a "distraction free browser" because none of the typical browser chrome is used. An SSB also has a tighter integration with the OS and desktop than a typical web application running through a web browser.

2007年11月2日 星期五

Full Mail Server Solution w/ Virtual Domains & Users (Debian Etch, Postfix, Mysql, Dovecot, DSpam, ClamAV, Postgrey, RBL)





here

Full Mail Server Solution w/ Virtual Domains & Users
(Debian Etch, Postfix, MySQL, DoveCot, DSpam, ClamAV, Postgrey, RBL)


This tutorial is Copyright
(c) 2007 by Justin Refice. It is
derived from various guides and original material, listed at the end of
the document.
You are free to use this tutorial under the Creative Commons license
2.5 or any later version.


I. Introduction


This guide describes how to set up a full email solution in
Debian Linux (all code is from Debian Etch). I was asked to
design a secure, scalable, portable solution for a small company.
While the guide references many 'servers', the
company only had 4 physical machines, Xen was used to virtualize the
entire
solution. That particular aspect of the system is not
discussed in this guide, although I will try to get it into the next
revision.


Just a note on the server names used below: If it doesn't need
to be accessed by the internet, don't let it be. Domain names
ending in internal.example.com are internal NIC/IP Addresses... there
is
no way to access them directly from the internet, nor should there be.
Any server that ONLY has an internal.example.com domain name
is a pure-internal server, and can't be accessed directly from the
internet.
All non-internal
servers have two NICS (These can be two real NICs, or virtual).
The first NIC has access to the internet, and is strictly
firewalled. The second NIC has access to the internal
network, and has a little less security as a result. The
details of how to setup these NICs are outside the scope of this
document, but I may update it to include them in the future.


The general
layout of the servers is:


Primary MX:

NIC1 = Insecure/Internet = mx-1.example.com

NIC2 = Secure/Intranet = mx-1.internal.example.com

MTA: Postfix

Greylist Filter: Postgrey


Secondary MX:

NIC1 = Insecure/Internet = mx-2.example.com

NIC2 = Secure/Intranet = mx-2.internal.example.com

MTA: Postfix

Greylist Filter: Postgrey


SMTP+TLS & IMAPS:

NIC1 = Insecure/Internet = secure-mail.example.com

NIC2 = Secure/Intranet = secure-mail.internal.example.com

MTA: Postfix (+TLS/SSL)

IMAP: Dovecot (IMAPS)


Mail Delivery Server: postman.internal.example.com

MTA (lmtp): DSPAM

Antivirus: ClamAV

IMAP: Dovecot


Database Server: sql-1.internal.example.com

MySQL


File Server: files-1.internal.example.com

NFS


Temporary Build Server: build.internal.example.com

<Various Tools>


Mail works in the following way:


Internet mail to your domains:



1. Mail comes in to Primary or Secondary MX on port 25

2. MX queries MySQL server to see if mail recipient &
destination are valid:

a. Recipient is unauthorized - Mail is rejected (550 Error)

b. Recipient is authorized - Mail is is allowed to continue

3. MX checks greylist policy:

a. This is the first time email is tried - Mail is rejected
(Retry)

b. This is not the first time email is tried - Mail is
allowed to continue

4. MX checks for quota violations

a. The user's quota is full - Mail is bounced

b. The user has room - Mail is delivered

5. MX Sends mail to Internal Delivery Server (via LMTP)

6. Internal Delivery Server checks for Virus/SPAM

a. This is SPAM - SPAM is marked, and given to LDA for
delivery.

b. This is a virus - Mail is rejected

c. This is NOT SPAM and NOT VIRUS - Mail is given to LDA

7. LDA Delivers mail

a. The mail is marked as SPAM - Delivered to "SPAM"
directory in Maildir

b. The mail is NOT marked as SPAM - Delivered to inbox.


Internet mail from your domains:



1. User initiates connection to SMTP Relay on port 25

2. SMTP Relay offers TLS:

a. User does not use TLS - Mail is rejected

b. User does use TLS - Session is is allowed to continue

3. SMTP Relay offers AUTH (PLAIN):

a. User does not authenticate/Fails Authentication - Mail is
rejected

b. User does authenticate - Session completes as usual


Remote users access mail via IMAPS (Secure IMAP)


Local users access mail via IMAP


If the user detects a false positive SPAM detection, they
forward the email to
"ham-<username>@<domain>.<tld>"

If the user detects a false negative SPAM detection, they forward the
email to
"spam-<username>@<domain>.<tld>"


II. Important Notes


All this may be installed in either Debian 4.0 Etch or Ubuntu
Feisty Fawn, since both systems are quite similar. Note however that
there may
be some minor issues if you use the default version of Dovecot and Postfix, but I
will try to note them down for you when they arise.


If you are a Ubuntu user, note that I will not use “sudo” in
front of every command. Instead, I will launch a root shell using the
command “sudo -s”.


Installing software in Ubuntu & Debian is very easy,
so whenever possible we'll
be using the build in apt-get
utility. The less we have
to build ourselves, the easier it is to maintain later.


So, let's get started!



Full Mail Server Solution w/ Virtual Domains & Users - Page 02 (MySQL & NFS)



III. Installing and configuring MySQL Server (+PostFixAdmin
Schema)


First off, we need to install the MySQL server on
sql-1.internal.example.com. To make life easy,
we're also going to install the MySQL command line client. This can be
achieved
by typing the following at the prompt:


# apt-get install mysql-server
mysql-client


After apt-get has done its installation mojo, you're going to
want to lock the root access to the mysql database. This is done using
the mysqladmin
tool.


# mysqladmin -u root password
"mypassword"


NOTE: Change
mypassword to your own
secure password!!!


Now we're going to create the database and users for Virtual
Users & Domains. It's important
to note that Postfix (And Dovecot) only require SELECT access to this
database. PostfixAdmin will
require SELECT, UPDATE, and INSERT.



# mysql -uroot -p

Enter password:

mysql> CREATE DATABASE virtual_mail;

mysql> GRANT SELECT ON virtual_mail.* TO
'vmail_user'@'mx-1.example.com' IDENTIFIED BY 'vmail_user_password';

mysql> GRANT SELECT,UPDATE,INSERT ON virtual_mail.* TO
'vmail_admin'@'mx-1.example.com' IDENTIFIED BY
'vmail_admin_password';

mysql> GRANT SELECT ON virtual_mail.* TO
'vmail_user'@'mx-2.example.com' IDENTIFIED BY 'vmail_user_password';

mysql> GRANT SELECT,UPDATE,INSERT ON virtual_mail.* TO
'vmail_admin'@'mx-2.example.com' IDENTIFIED BY
'vmail_admin_password';

mysql> quit


NOTE: Change
vmail_user_password and
vmail_admin_password to
your own secure passwords!!!


Now we need to download
Postfix Admin
. While the tool itself is not
manditory for our
configuration, it is very useful and the schema it uses are
well
thought out. Once you have downloaded the Postfix Admin distribution
tarball, unpack it like this:


# tar xfvz postfixadmin-2.1.0.tgz


Inside the resulting directory, open postfixadmin-2.1.0/DATABASE_MYSQL.TXT
with your favorite text editor. Remove all the lines under the "Postfix
/ MySQL" section. These lines
create the initial database, which we've already done. For Postfix
Admin 2.1.0 these are lines 26-39.


When complete, load the file into your existing MySQL table
with the following command:


# mysql -uroot -p virtual_mail <
postfixadmin-2.1.0/DATABASE_MYSQL.TXT


NOTE: If you
get an error saying "Access denied for user 'mail'@'localhost'
to database 'mysql'", then you didn't comment out the lines properly.
If you get no message after entering
your password, then everything went fine.


IV. NFS File Share Server


A lot of servers are going to require access to our users
Maildir folders, so in order
to make life simple(r), we're going to install them on an NFS mount.
One of the benefits of
Maildir is that it is compatible with NFS. Mailbox format on the other
hand, would not be pretty. Luckily, setting up NFS in Debian is just as
simple as setting up any other
service.


Let's start by installing the service on
files-1.internal.example.com:



# apt-get install nfs-kernel-server nfs-common portmap


The NFS Exports (Shares) are controlled by the file /etc/exports. Each line begins
with the absolute local path of a directory to be exported, followed by
a space-seperated
list of allowed clients. NFS can be extremely powerful, but I'm not
going to go into the full details here. For our purposes, the following
would do:


/etc/exports:


/vmail mx-1.internal.example.com(ro, insecure) mx-2.internal.example.com(ro, insecure) postman.internal.example.com(rw, no_root_squash) secure-mail.internal.example.com(rw, no_root_squash)

If you make changes to /etc/exports
on a running NFS server, you can make the changes effective by issuing
the command:


# exportfs -a


We're going to need a real-user to handle all the virtual
mappings in our setup. For this
solution, we're going to use user id 150. This user id is for a
specifically created "Virtual Mail" user. It uses the standard "mail"
group, with the default (Debian) gid of 8. You can create the user and
directory like this:



# useradd -r -u 150 -g mail -d /var/vmail -s /sbin/nologin -c "Virtual
Mailbox" vmail

# mkdir /vmail

# chmod 770 /vmail/

# chown vmail:mail /vmail/


NOTE: This
user will need to be created on all servers which will be accessing
this share (mx-1, mx-2, postman, files-1, secure-mail). If the user
doesn't exist,
you could get file
access errors. While NIS could be used to create a single host for this
user, that's outside the range of this
document.