Digital Choke Daynotes

"Daynotes" are popularized by a Internet Web site called the "Daynotes Gang" (http://www.daynotes.com or http://www.daynotes.org), a collection of the daily technical and personal observations from the famous and others. That group started on September 29, 1999, and has grown to an interesting collection of individuals. Readers are invited and encouraged to visit those sites for other interesting daily journals. You can send your comments to us by clicking on any mailbox icon.

A very pretty day outside today. Sunny, almost a bit warm at 79 degrees, very slight breeze. Warm enough that the pool outside my apartment balcony had some visitors today. Much splashing and screaming.

Friday, I closed with the Jimmy Duranti closing "Good night, Mrs. Calabash, wherever you are". I was too tired then to look up the information, but a Google of the phrase turned up several references. This link here has an audio clip of Mr. Durante, along with a link to the origin of the phrase.

Christine and family (husband, two children) came by this morning for breakfast with Mom (and me and Stacy). We had some home made cinnamon rolls (with raisins, of course), hash browns (from red potatoes with a bit of onions), bacon, and scrambled eggs. It was nice enough day that the grandkids and I went out on our small balcony for our breakfast. After I did the dishes (my contribution to the event), we got ready for Church. We had planned to go over to my in-law's for dinner, but Pam's Dad wasn't feeling well, so we popped a roast in the oven with some baked potatoes. Some homemade rolls (my wife really likes to cook) and a nice salad rounded out a great evening meal.

I did a little surfing today. Jerry Pournelle (science fiction author, Byte Magazine columnist, and one of the Daynoters) is one of my daily stops. He is starting some separate pages (go to his Topics pages) on mail spam and 'what do you want your computer to do'. Those pages will be continuing collection of input from his readers, and has started out quite interesting. He also has a page on computer security, which will contain information about the latest vulnerabilities. He also puts up papers about other subjects. I'd submit a humble recommendation that you also make his site one of your daily stops.

Tomorrow will be a full day. A couple of meetings, then off to the dentist to put in a new crown (to replace the temporary put in place during the root canal). And I still need to tell you why you might be in violation of federal law if you are in charge of your network.

I spent the morning working on the anti-spam server. I'm trying to tweak the rules to catch more of the shopping spam. The process to do that is time-consuming. First, I have to get a pile of messages that need to be caught. That's not usually a problem, since some people in the company like to send me their unwanted mail. Many of them assume that since we installed the anti-spam server, they shouldn't get any more spam. There's lots of reasons why that will probably never be true.

Then I forward the message to an outside account that I have, adding a special word to the subject line of the message I forward out. The anti-spam server has a rule at the top of the list that looks for that special word, then isolates the message in a separate queue folder. I used to have a rule on that outside account that would automatically forward the message back into my company account. But that turnaround would usually happen so fast that the local mail server would see it as a mail relay, and wouldn't let it in.

A mail relay is when the mail server that is sending the message doesn't match up to the mail server that is in the sender's email address. Trying to use a mail server as a relay point is a common practice for mail spammers and virus writers, and a responsible mail server site won't allow mail relaying.

(And I think that mail relaying was the cause of Jerry Pournelle's problem (mentioned in his Thursday/Friday posts, I think) with processing his mail while at the "WinHEC" conference. He was trying to send mail through his ISP's mail server while connected to the conference's Internet connection. All his outgoing mail was sensed as a 'mail relay' attempt, which was blocked. )

Since the automatic forwarding of the message doesn't work, I have to log into that remote account of mine and manually forward the message back to my company mail account. That is not hard, just a few mouse clicks, but a more automated way would be better. (Sudden thought: when I move into my new house, I could set up a mail server there....hmmmm...)

When the message comes back in, I can use the anti-spam software to analyze the message to see how the message could have been caught. Then I look at the possible change, and try to figure out how it might block good mail. If it's a big change, I might make a test rule that would BCC any caught messages back to me with a special subject line that my local mail client can put in a separate folder.

All of this takes time, and a lot of testing. And that's how I spent most of my morning. Around lunch, I got a tech support call from the anti-spam software vendor's second level support guy. We spent about an hour discussing the original problem and another one that crops up. I had quite a bit of information and analysis I had already done, so was ready for most of his questions. We concluded that the problem needs to be escalated a bit higher, so another support call is in order. The vendor has been responsive, though. There are a few things I don't like about the design of the program. They are things that you don't really see until you really start using the program extensively. There are some parts of the administrative interface that take a long time to work through ("long time" being measured in 10-30 second intervals). I'll mention it to the third-level support guy; perhaps improvements will be seen in a future release.

After lunch, a bit of time working on a guideline and process for vendor connections to our system. I want to only allow that access under strict and secure guidelines. Some vendors want to use programs that I think (and know) aren't very secure (like PCAnywhere) There needs to be a written process as part of a vendor contract to get into our system.

Then it was off to the dentist to get fitted for a crown. Since it was on the tooth with a root canal, there wasn't a need for any numbing. And my dentist (Dr. Dave) is really good. After about an hour and a half, I was on my way with a temporary crown. I get to go back in about 10 days to get the permanent one.

This evening was the awards ceremony for Stacy's high school. She is graduating this year, and has kept a 3.92 grade point average during high school. So we got to attend a nice award ceremony in a stuffy cafeteria (the 'fine arts center' is under construction), where she got the 'white rope' to wear with her graduation robe that indicates her achievement. We finally got home a bit after 9:00 pm, and here I am writing this narrative.

Which needs to be posted after a quick spell check (which I forgot to do last night, as noted by sharp-eyed readers), along with the minor link problem I had on my index page (it was pointing to last week's pages, rather than this week's). The link is fixed, spelling corrected, and now you see the results of tonight's postings.

No doubt you have heard about the "Fizzer" worm. This one is pretty clever. It has several different ways of infecting systems, and can travel through file sharing networks (like Kazaa). File sharing is a problem on corporate networks. It's hard to filter out of the network since it travels on port 80, just like a regular browser. And, as Fizzer shows, it's a great way to get into a network. Virus-laden emails may be the old way of spreading a virus, with worms spreading via file sharing might be on the increase. Here's one place to look for some interesting technical details.

And there is also the 'windowsupdate.com' email message. One of the messages made it into our network today, although it went to a technical user via an old email address domain. This message tells the user that their system is infected with a virus (social engineering), and to go to a special site (the 'windowsupdate.com') to get a security update. But that site purportedly has a script on it that will infect your computer just with a visit to the site. It's an interesting concept, but not too practical for a long-term infection.

My coworker handed me a printout of the message, and I PING'd the site name, and did get an IP address (so the net's DNS servers knew about the name), but there was no response to the ping packet. I suspect that the site was being blocked. It happened just before I left, so wasn't able to look at it further. But I did send out a global message to our users reminding them to be careful. And I also set up a rule in the anti-spam software to intercept all messages from that domain name. The rule will forward a copy of the message to my mailbox, along with isolating the original message in a folder on the anti-spam server. It will be interesting to see how many of them show up in the mailbox.

I've been testing another rule for catching marketing spam. When I set up a new rule, it is in passive mode. When the rule catches a message, it sends a BCC copy to my mailbox with a specific subject line so my mailbox rule can stick it in a separate folder. The original message is still delivered. This allows me to analyze the BCC copies to see if the rule is catching things it shouldn't. It takes a few days to fine-tune the rule, and today I figured that it was time to implement it. The rule now isolates the marketing spam message, but still sends a BCC copy to my mailbox. I'll take a look at all the messages (I suspect I'll see at least 700 of them from the overnight mail pile) to make sure it is working properly. If all is OK, the BCC will be removed out of the rule, and the users might see a bit less spam.

I'm still having a problem with the anti-spam software's rule service. I was watching the memory utilization on the server, and the memory graph value kept getting higher. When the server is first started, memory utilization is about 20-25%. But the value seems to slowly creep up to about 65-75%. When it gets that high, the rule service bounces off and on, and messages slowly pile up. Stopping and restarting the service (as I think I have mentioned before) doesn't help; only a reboot will get things back to normal. I'll need to call the vendor again to see if that helps in the troubleshooting.

We met Stacy and Jason at Mel's Diner (the same Mel's chain that you saw in "American Grafitti") for dinner to celebrate Jason's new apartment. He moved into a studio apartment downtown yesterday. It will be a good thing for him, because he does like his privacy. And it is pretty affordable for his income. Of course, we helped him out a bit with his initial expenses (the rent deposit) which he will pay back over the next several months. And my wife took him grocery shopping to stock up the pantry. He's pretty excited about the apartment. It's a bit closer to his work, and it is in a fairly decent area. I'll miss seeing him around, but that is the progression of life.

I think that the old house will close tomorrow. That's good news, all that is left is to wait for the new house to close next week. I'm taking Friday off this week for a bit of family time, and then next week we'll prepare to move out of the apartment into the house. And I do have the truck reserved for that Saturday.

Good news on the home sales front. The money is deposited, the papers are signed, the title is recorded. The sale of the old house is all done. And the purchase of the new house is still on track. The loan has been funded (underwritten), and all the paperwork is on it's way to the title company. We should be able to sign all the papers by Monday of next week.

The only thing left to do at the old house is a visit with the new owner so I can tell him about all the little details of the property. Things like how the water well works, where the irrigation and sprinkler pipes and valves are, and all the other little things that you learn over the years of living at a house. And there is the golf cart that is still there, which I am a bit upset about.

Several years ago, two of my son's friends decided to drive a golf cart over to my house. It's a Harley-Davidson two seater with a gas engine. They got it almost to the house, and then the engine died, so they pushed it the rest of the way to my house. And left it there. I had asked them (and their father, who I knew) to come and get it over the years, and repeated that request as we were selling the house. I called the father again tonight to ask him to come and get it, and all of a sudden he claims that it is not his. And he refused to get the cart. I was really ticked off, and ended up hanging up on him.

I'm still angry about it. I almost want to get a trailer and take it over to his house, and dump it in his driveway entrance (blocking access, of course). Or, to dump it in his pond. Although that would be satisfying, it's probably not worth the effort and hassle that will probably ensue. So I figure I got a couple of options. I can call a local golf cart business (there are several around here due to some large senior communities) and see if they want to pick it up for free. Or I can call one of those charity auto places that will pick up old cars to see if they will come and get it. It's not street-licensed, so I don't have to mess with registration or anything, so either of these choices might work. But I am still upset with my ex-friend (the father). But I can deal with it.

For those of you readers in the U.S., don't forget about the lunar eclipse Thursday night. In the Sacramento area, the best time is about 815 to 930pm, I believe. Lunar eclipses hold a special place in our family. Over 27 years ago, I proposed to my wife while we were watching a lunar eclipse in a grassy field at a nearby college. That decision has worked out pretty good, I think. (Although you can insert your own joke here: one of my favorites is "I've been married 25 years, and they have been the happiest 10 years of my life." Whenever I say that, my wife usually responds, sarcastically, "You are so abused.")

Busy day tomorrow. Lots of stuff to do at work, the King's game (NBA) is tomorrow night, and there's the "E.R." season finale. And it's getting late, so that's all you get tonight.

Well, the Kings won, so it's on to Dallas for the last game. And the Lakers are done. Somewhat disappointing that there won't be a re-match on the finals (assuming a final win for the Kings). The Dallas team is quite a tough competitor.

The anti-shopping rule on the anti-spam mail server is turning out to be quite successful. It is catching quite a lot of marketing junk, while letting valid mail go through. It's a real balancing act to block the bad stuff while still letting through the good stuff. There is the occasional one that shouldn't have been blocked, but it's only under 20, out of about 40-60,000 messages a day. There is some stuff still getting through, but overall it has been fairly successful.

I worked a bit on some more auditing of the Netware side of the network. I am currently using BindView to do the auditing. It has a lot of different ways to look at things. I need to spend some more time with it, especially on the formatting of the reports. You can output to a spreadsheet format, but it is somewhat 'click-intensive'.

I found a golf-cart dealer that will come and get that off of the old house's property. I also talked to the new owner, who moved his motor home onto the property yesterday. He's doing some major remodeling; I suspect that it involves removing the siding and insulation and replacing all the windows. Then he is going to put stucco on the outside. He may also be doing some remodeling inside; I suspect that the kitchen will be his major focus. He told me on the phone that there will be some major changes, and I told him that it's his place, he can do what he wants. He moved from the San Francisco area, and I suspect that he made a good profit on his house, because of the way that home prices have increased in that area. We arranged for me to stop by on Saturday to do a walk-around of the place It will be interesting to see what he has accomplished in just a few days. (He is a construction worker, so he has the skills and tools that he will need.) I suspect that it may have been unnecessary to bring in the rug-cleaning company to do the whole house before we left, but the house did look nice for when they took possession.

Got home and had a nice dinner of marinated chicken breasts. And I forgot to look at the lunar eclipse, as I was watching the Lakers lose, and then the Kings win. I did manage to see a little piece of it when I finally remembered.

And I did work a bit on that security paper that I've mentioned. The current title is "Is there a felony in your computer?". I need to make another pass through it, and verify some of the information. So you might see it this weekend.

Tomorrow I'll be staying home from work. We're going to sign the papers for the new house purchase. We're going to grab the grandkids (and their Mom) and take a trip to the zoo or a park. The weather is supposed be really nice tomorrow, so it will be a pleasant day. And I suspect that there will be some furniture shopping that will happen. I may stop by Best Buy to take a closer look at some big screen TVs and satellite equipment, and a computer system for the college-bound daughter. We'll probably also do a drive-by of the new house, since we will be in that area.

A busy day today. We had an appointment at the title company at 9am to sign the papers for the new house purchase. All is well there, looks like it will be recorded next Friday. The sellers wanted a couple of extra days to move out, and that wasn't a problem for us. We're going to do another walk-through on Wednesday evening. I'll have to bring the digital camera along to take some detailed pictures (some more) that my wife can use as she goes furniture shopping. And I need to do some more measuring to help out in that process.

So we did all this signing of about two inches of paperwork. (Did you ever notice that when you do your signature a lot, it starts to look different each time?) But the title company is very good, as was the financing process. Very professional, and very easy. Of course, a good credit report helps on that.

After the signature marathon, we drove over to my daughter's house to get her and her two children (cute grandchildren, of course) so we could go to the zoo. A quick transfer of car seats, and we were off.

The Sacramento Zoo is not that big, only about 41 acres. But it is just big enough to walk around without feeling that you are on a 20 mile hike. The grandkids liked it, and that was the whole point. We saw the monkeys and giraffes, and hippos, and birds, and flamingos. The zoo does have a good reptile house with lots of snakes and lizards and turtles. The flamingos were interesting. There was a flock of about 30, and they would start calling and squawking. When they do, they turn their heads back and forth as they watch you with first one eye and the other.

After the zoo, we stopped at the Golden Arches restaurant for lunch (Happy Meals all around, please). And then back to my daughter's house to take them home. Then, as I predicted, it was furniture shopping time. And that's how we spent the next three hours. Very exciting. Not.

We did go to one place (Naturewood) that my wife had been too before and found a nice couch set. It's an L-shaped thing, with a recliner on one end and an ottoman that is connected to the couch. Sort of like a recliner that doesn't un-recline. It was very comfortable, and looks like a winner for the downstairs family room. I think that it will be quite comfortable for watching the new big screen TV. We're going to look closely at the dimensions during the walk through, so we can determine the configuration of the couch. You can get the couch with different sections to change the width of each part of it. And we want to take the fabric samples with us so we can match the existing window treatments.

Then back to the title company to get one last paper signed that wasn't ready this morning. Then off to the real estate office to sign off on the house and inspection papers. By this time it was about 5pm, so we decided to stop by Chipolte's (mexican taco/burrito/wrap fast food place). It was my first time there, and it was quite good (and filling). We finally got home about 6pm, and it was time to relax a bit. I sat out on the porch and relaxed with the paper and a book. Also did a bit of surfing, checked the mail, and made my daily stops at the various Daynotes gang.

Tomorrow morning it's off to the old house to visit with the new owner, to show him all the secrets of the property, and also to see what he has done to his house for his remodeling. And, I suspect, some more furniture shopping. Although I plan to see if I can get my wife to go with my daughter so they can do the first pass through the various stores. I mentioned all the furniture shopping to my real estate guy, and he told me what he does when he has to go furniture shopping with his wife. He walks into the furniture store, finds a comfortable chair, and waits for his wife to come and get him when she finds something he needs to see. That cuts down on all the walking around. Sounds like a good plan to me. I'll let you know how it works out.

Daynotes	a daily journal of our activity	Send us email
Digital Choke	an action that is sometimes needed for your computer; also a short techno-story available here.	Send us email