Josh Wieder

I've written a simple bash script that checks for new files in an AWS S3 bucket and emails any that it finds as a compress (tar.gz) attachment  - you can find it at my Github account under the name "S3-Filer-Mailer". I built it as a supplement for a contact form that relies on S3 as a back-end, rather than a php mailer or database. Using S3 for contact forms is attractive because it is so unattractive to spammers. There is no way to corrupt this sort of setup for spamming or to get hands on a database through the form, because it isn't connected to one. Why not use Amazon's Simple Notification Service (SNS) ? For one, AWS charges more for SNS than it does for S3 queries and downloads. For another, if this sort of functionality is available through SNS it is not clearly documented. Getting back to the topic of security, the script establishes two network connections - one a connection to S3 to retrieve the files, the other sending the email. The S3 connection

I have used ClamAV and Spamassassin for many years. I've had a less experience with Amavis (now amavisd-new), but I've decided to give it a try with a new mail server deployment I've been working on. As a reference for my install, I relied on the documentation provided by Amavis for integration with Postfix  as well as a somewhat-outdated but still-relevant walkthrough published by CentOS . Prior to integration with amavisd, Postfix worked fine. Similarly, I had no issues with Spamassassin on its own. But once I finished my install of amavisd-new, things quickly went wrong. Attempting to send messages to accounts hosted on my email server resulted in the following chaing of errors in my maillog: Jan 13 18:17:34 hostname amavis[31578]: Net::Server: 2016/01/13-18:17:34 CONNECT TCP Peer: "[192.168.1.1]:40209" Local: "[127.0.0.1]:10024" Jan 13 18:17:34 hostname amavis[31578]: loaded base policy bank Jan 13 18:17:34 hostname amavis[31578]: lookup_ip_

So it turns out that setting your AWS EC2 server's hostname to be persistent across reboots is a surprising pain in the ass, at least with my usual OS of choice - RedHat/CentOS Linux. If you're like me, setting a hostname is the sort of trivial non-task that at this point you really feel like you dont need to RTFM  to figure out. You know about `hostnamectl set-hostname`. You've tried `nmcli general hostname`. You've manually set /etc/hostname. None of its persists past a reboot. Which can make life very difficult for those planning to use EC2 for email or dozens of other tasks. Here's how to do it the right way, the first time. I'll also describe some circumstances that setting your own hostname will break things, and why its such a hassle to get this done in AWS in the first place. Amazon relies on cloud-init to manage a variety of initialization tasks for its cloud servers; cloud-init was originally built to support Ubuntu images , but it is now used fo

Taking care of some web development headaches this morning, I took a peek at my log data and came across an interesting message generated from a connection initiated by 151.217.0.0/16, part of the ASN 13020 that is owned by Berlin's Chaos Computer Club : 151.217.177.200 - - [30/Dec/2015:02:12:11 +0000] "DELETE your logs. Delete your installations. Wipe everything clean. Walk out into the path of cherry blossom trees and let your motherboard feel the stones. Let water run in rivulets down your casing. You know that you want something more than this, and I am here to tell you that we love you. We have something more for you. We know you're out there, beeping in the hollow server room, lights blinking, never sleeping. We know that you are ready and waiting. Join us. <3 HTTP/1.0" 400 226 "-" "masspoem4u/1.0" The good people over at /dev/random appear to have already gotten off a brief post about this oddity , noting that SANS ISC is already noti

I've been slacking on my promise to post weekly links here on my website. I'm sorry, y'all. In atonement, and also as tribute to the forth-coming Star Wars movie, I am offering up some very special links this Saturday morning. George Lucas did everything he could to manipulate the audience of Star Wars into believeing that the Empire were the bad guys. He dressed them in black. He had them line up in big elaborate Leni Refinstahl-style formations, like Nazis in space. He made the guys we were really supposed to not like ugly, on top of it. He gave Empire officers foreign accents.  British  accents. Anakin Skywalker started off with an American accent and only acquired a (fake) British accent when he became Darth Vader and joined the Empire. The films of George Lucas are many things, but they are not subtle. Note: Critics of this view would point out that Jedi "good guy" Obi-Wan Kinobi also had a British accent when played by both Sir Alec Guiness and Ewan M

Like most people in IT, I wear a lot of different hats. While I haven't mentioned it before on this website, I have spent the last two years working with a non-profit devoted to researching animal cruelty called the Puppycide Database Project . After a lot of work, that organization's research is starting to get noticed by the press. In the last two weeks, we've been cited by RT and the Washington Post . Yesterday, I had an interesting conversation with Amrita Khalid from The Daily Dot about the difficulties involved in compiling information about pets killed by police officers. Because most of my responsibilities with the PDB Project have involved designing and implementing the databases that store the organization's research, in addition to coding the means we use to acquire the data, I've been able to put together a unique perspective on this topic. The database I manage for PDB is currently the largest set of records compiled detailing shootings of pets in t

Its hard to believe that its been almost 15 years since I watched a video of a second plane fly into the World Trade Center. I remember panic thinking about my family in NYC - was anyone in the city that morning? A few short years later brought the British bus attacks and another moment as I realized that the family of a close friend was commuting through London that day. Tonight the target was the city of lights and Camus and Curie and Poincare. A city-wide series of shootings & bombings were launched in Paris that bear a troubling resemblance to the similar series of murders in Mumbai. Once again the targets are ordinary people who play no role in global politics. Concert goers. Soccer fans. I hope it is still possible to stop this type of violence. I hope it does not spark further violence or serve as an excuse to turn Paris into a DMZ. I hope that this tragedy brings out the absolute best of the French and those of us who share her values. No matter what happens, we can