Pages

Friday 16 February 2024

 Hello world. This is Paul Smith, one of the Doc's old friends.

It's my very sad duty to let his readers know that, having suddenly become more ill at the end of January, there will be no more updates of this blog by the great man.

He passed away, surrounded by his loving family, on Monday the 12th of February, leaving a huge hole in their lives and the lives of his many friends, wider family, geocaching mates, pals from S&S and a broad selection of other jobs/work/interests...

I'd the pleasure of knowing him, his wit, his unique perspective, and especially his kindness (except to telephone scammers!) for over 16 years - we used to geocache together, where I heard many colourful stories from his life, and enjoyed many a good-natured argument about issues of the day (we usually ended-up agreeing) - and am grateful our paths crossed again in recent months as he battled bravely (always very stoic!) with his health challenges.

I hope this blog will remain as a little online insight into a complex, charming, sweet man - indeed, a gentleman - and more people will discover the Wisdom of Solly through his past posts here. They'll give me comfort, I know.

I'll sign off this post with a salute to the man, and to his faithful band of acolytes here; he enjoyed writing for you.





Saturday 13 January 2024

Fiat service - latest information

Fiat service - latest information

Glyn Watkins have offered me a full refund; I'll send them the non-working key.

Fiat say that this resolves the issue.  "Not quite", I told them, "I've wasted a lot of time and effort to get precisely nowhere, and it appears to be a Fiat problem. I'd like compensation."

They offered me a £100 voucher, which I accepted; it'll go towards the new spare key which I'll get from Thames Motor ... I hope. 

When the voucher doesn't arrive , I'll spend more time chasing that.



Monday 8 January 2024

Dkim, Spf and Dmarc

Dkim, Spf and Dmarc

Beginning in February 2024, Gmail and Yahoo will begin implementing new requirements of large senders to combat spam and abuse through email.

1. You have to be sending from a domain that you won (so, not gmail.com etc).

 2. You have to set up Dkim, Spf and Dmarc

Dkim is  Domainkeys Identified Mail. When you send an ekail, a Dkim record is included. This lets the receiving mailer check that it really did come from your server.

Spf is Sender Policy Framework.

When you send an email message, the receiving system will check to see if there is an SPF record published.

  • If there is a valid SPF record AND your sending IP is on the list, you PASS.
  • If the IP is NOT on the list, you FAIL the SPF check and could either be rejected or placed in the spam folder.

Spf isn't as good as Dkim

Dmarc is Domain-based Message Authentication, reporting and conformance.

It helps domains deal with domain spoofing and phishing attacks by preventing unauthorized use of the domain in the Friendly-From address of email messages.

So, how do you do that? I'm doing it for a linux mail server. I'm not a "large sender", but I'm doing it anyway. First, let's install some software.

yum install -y opendkim
yum install -y opendkim-tools

Then edit the configuration file:

pico  /etc/opendkim.conf

For what to do, see https://www.vttoth.com/CMS/technical-notes/356-setting-up-dkim-with-sendmail

The key lines to add/modify are:

...
Mode   sv
...
KeyTable       /etc/opendkim/KeyTable
...
SigningTable   refile:/etc/opendkim/SigningTable
...
ExternalIgnoreList     refile:/etc/opendkim/TrustedHosts
...
InternalHosts  refile:/etc/opendkim/TrustedHosts
...

Now create a subdirectory (put your domain name where I put example.com).

mkdir /etc/opendkim/keys/example.com/

opendkim-genkey -D /etc/opendkim/keys/example.com -d example.com -s default

chown -R opendkim:opendkim /etc/opendkim

systemctl start opendkim; systemctl enable opendkim

And edit sendmail.mc (in /etc/mail) to add

INPUT_MAIL_FILTER(`opendkim', `S=inet:8891@localhost')

then:

make
systemctl restart sendmail

cd /etc/opendkim/keys/example.com
You'll see a file  default.txt. Gaze on that. Then go to /var/named/db.example

add

default._domainkey  IN  TXT ( "v=DKIM1; k=rsa; " "p=MIGfMA0.................IDAQAB" )

Restart the DNS server by doing: systemctl restart named

And the dkim can be tested using https://dmarcadvisor.com/dkim-check/

domain = example.com selector = default

Next, spf. You need to tell it the range of IP addresses. Add to /var/named/db.example

If you have mailers that don't do rDNS (reverse DNS) then use  a:another.example.com


example.com. IN TXT "v=spf1 ip4:212.58.55.192/26 a:another.example.com ~all"

Finally, Dmarc

dmarc.example.com. IN TXT "v=DMARC1; p=none; adkim=r; aspf=r; rua=mailto:email-address-for-reports"

P=none means take no action, just report it to the email address email-address-for-reports

Other options are: quarantine and reject.


So now we have three lines added to example.db

default._domainkey  IN  TXT ( "v=DKIM1; k=rsa; " "p=MIGfMA0.................IDAQAB" )

example.com. IN TXT "v=spf1 ip4:212.58.55.192/26 a:anoher.example.com ~all"

dmarc.example.com. IN TXT "v=DMARC1; p=none; adkim=r; aspf=r; rua=mailto:email-address-for-reports"

Restart the DNS server by doing: systemctl restart named

Test using  https://dmarcadvisor.com/dkim-check/

 


 

 

Fiat service - more lack of

Fiat service - more lack of

Following the advice of Barry at Glyn Hopkin, on January 5th I took my non-working spare key to another dealer, because as of December 31, Glyn H is no longer a Fiat dealer.

So I went to Thames Motor. Looking at their forecourt, they're a very big Fiat dealer! They took my keys, and after about an hour, they said they couldn't program the key. They said that either the key wasn't working, or it was the wrong sort of key.

So I called Fiat, and told them where we were, and I called Glyn Hopkin and gave them the same information.

Fiat said they'd look into this. Barry wasn't at Glyn, but his helper asked me to put the whole story in writing and send that, which I have.

So now it's been over two months, and all I have is a piece of plastic that, apparently, can't be made into a key.

I don't see how Glyn can help me further, because they are no longer a Fiat dealer. I don't see how Thames can help, they already tried to program the key I got from Glyn.

Let's see what Fiat says, they said they'd reply by 9 January.

A spare key is a small matter; I wonder how these people would deal with something more important? As of now, if a friend asked me whether they should buy a Fiat, I would advise not.