background preloader

NSA-proof your e-mail in 2 hours

NSA-proof your e-mail in 2 hours
You may be concerned that the NSA is reading your e-mail. Is there really anything you can do about it though? After all, you don’t really want to move off of GMail / Google Apps. And no place you would host is any better. Except, you know, hosting it yourself. The way that e-mail was originally designed to work. Today we kill your excuses. Now fair warning: it took me about two days to figure the stuff out you’re going to see in this blogpost, starting from knowing basically nothing about modern e-mail servers. So bookmark this blog post, block off a Saturday next month, and get it done. Edit Some people are complaining that the NSA is pulling all the e-mail over the wire anyway, so encrypting your own server is stupid. In the next two hours, we’re going to fix this. You’re going to host your own mail.It’s going to be encrypted on the server, locked-on-boot, SSH on reboots to unlockWhile we’re at it, let’s fix some things that annoy me about GMail:Better SPAM detection. OpSec OpenDKIM

You Are the Network Email with Postfix, Dovecot, and MySQL Dovecot allows users to log in and check their email using POP3 and IMAP. In this section, you'll configure Dovecot to force users to use SSL when they connect so that their passwords are never sent to the server in plain text. Users will have to connect using the standard SSL ports - 993 for IMAP and 995 for POP3 - and only those ports. Dovecot 2 uses a number of different configuration files. You'll modify a total of 7 Dovecot configuration files. Congratulations!

Single Sign-On with SAML on Force.com Abstract With the proliferation of SaaS and other web-based applications, identity management is becoming a major concern for businesses. Just think about the number of usernames and password you regularly type each day. You probably log into your company's network, portal, webmail, benefits system, Google Apps, bespoke applications and of course Force.com applications. Now multiply this by the number of users in your company and think about the support and security implications. You need dedicated resources to manage your identity store, respond to password reset requests, provision new users for each system and deactivate users that no longer need access. Implementing a Single Sign-On (SSO) infrastructure enables users to sign in once and have access to all authorized resources. Benefits of Implementing SSO Implementing SSO provides not only time-saving benefits for end users but financial benefits for your company. In other words, there are substantial benefits to implementing SSO.

Sovereign Peer-to-Peer s3ql - a full-featured file system for online data storage The S3QL project has moved to BitBucket - please update your links! About S3QL S3QL is a file system that stores all its data online using storage services like Google Storage, Amazon S3 or OpenStack. S3QL effectively provides a hard disk of dynamic, infinite capacity that can be accessed from any computer with internet access running Linux, FreeBSD or OS-X. S3QL is a standard conforming, full featured UNIX file system that is conceptually indistinguishable from any local file system. S3QL is designed to favor simplicity and elegance over performance and feature-creep. S3QL was written and is currently maintained by Nikolaus Rath. Features Transparency. Development Status After two years of beta-testing by about 93 users did not reveal any data-critical bugs, S3QL was declared stable with the release of version 1.0 on May 13th, 2011. Please report any problems on the mailing list or the issue tracker. Typical Usage mkfs.s3ql umount.s3ql /mnt/s3ql

DEMETOLE-TICS: Cuadros de Mando Pentaho Con la ultima versión estable de la plataforma BI descargada de la web de Pentaho (la 3.5.2), y siguiendo las instrucciones de Prashant Raju para esta versión en la plataforma Windows utilizando MySql, realizamos la instalación y configuración de nuestro sistema realizando los siguientes pasos:1) Requisitos previos: maquina virtual Java y la base de datos MySQL (u otra de las soportadas). Para poder ejecutar la plataforma de BI de Pentaho es necesario disponer de una máquina virtual Java instalada en el equipo donde vamos a trabajar. Pentaho recomienda la versión 1.5 de Sun JRE. Con versiones anteriores no funciona y la 1.6 no esta oficialmente soportada (es la que tengo instalada yo), aunque si funciona. Para ver la versión instalada, ejecutaremos el comando: java -version. En el caso de no disponer de la máquina, podemos descargarla en la web de Sun. JAVA_HOME c:\Program Files\Java\jdk1.6.0_17 PATH c:\Program Files\Java\jdk1.6.0_17\bin;..... jdbc.driver=com.mysql.jdbc.Driver

Bittorrent in a P2P social network Plugins/FTS - Dovecot Wiki The following FTS indexers (in preferred order) are supported: Solr communicates with Lucene's Solr server. Lucene uses Lucene's C++ library. (Requires v2.1+) Squat is Dovecot's own search index. (Obsolete in v2.1+) Indexing By default the FTS indexes are updated only while searching, so neither the LDA nor an IMAP APPEND command updates the indexes immediately. In v2.2.9+ the indexing can be done automatically with fts_autoindex=yes setting (see below). The indexing can be done manually (e.g. cronjob) or by a LDA script by running: v2.1: doveadm index -u user@domain -q INBOX v2.0: printf "a select INBOX\nb search text xyzzy\nc logout\n" | /usr/local/libexec/dovecot/imap -u user@domain Of course the INBOX needs to be replaced with whatever mailbox needs to be indexed. Rescan (v2.1+) Since v2.1 Dovecot keeps track of indexed messages in the dovecot.index files. doveadm fts rescan -u user@domain Settings All the FTS settings go inside plugin {} section.

Related: