Posts

Posted on

Moving Zimbra Collaboration Server to a new IP address

Here’s a quick overview how to migrate a ZCS mail server (based on Ubuntu) to a new IP address:

0) Not covered here: Adjusting DNS entries. Make sure you lower the TTLs of the relevant DNS entries a couple of days in advance in order to minimize downtime for clients (e.g. set a TTL of 300 for a 5 minute downtime).

1) Set the new IP address in:
* The relevant DNS entries
* /etc/network/interfaces
* /etc/hosts
* If ZCS runs in a container/VM, don’t forget to adjust its IP address too.

2) If the new IP address is part of a new subnet, make sure to add this new subnet to ZCS’s trusted_networks, otherwise, sending (relaying) messages through ZCS from Zimbra Desktop (or any other mail client) won’t work[1]. This can be set using ZCS’s web admin interface (i.e. https://mail.myserver.com:7071/zimbraAdmin/):
Navigate to “Server settings”, then open the “MTA” tab and set something analogous to the following in “MTA Trusted Networks”:
127.0.0.0/8 w.x.y.z/26

3) Restart networking and the ZCS services (it’s important, as this adjusts the trusted_network setting in ZCS’s amavisd too):
# /etc/init.d/zimbra stop
# /etc/init.d/networking restart
# /etc/init.d/zimbra start

Alternatively, just reboot the server, particularly if it runs in a VM.

Voilà!

Note: The need for the adjustments in step 2) might come as a surprise. Authenticated messages to be relayed through ZCS apparently seem to originate from the external IP address, not localhost/127.0.0.1.

[1] A typical postfix error message might look like:
Delivery Failure Notification: Invalid address: somebody . com.zimbra.cs.mailbox.MailSender$SafeSendFailedException: MESSAGE_NOT_DELIVERED; chained exception is: com.zimbra.cs.mailclient.smtp.InvalidRecipientException: RCPT failed: Invalid recipient somebody@somedomain.com: 554 5.7.1 : Relay access denied

Posted on

iTerm2 – Mac OS Terminal Replacement

iTerm2, the successor of iTerm, seems to be quite a bit better then the default Mac OS X terminal app:

iTerm2 – Mac OS Terminal Replacement.

If only every Mac OS X app (i.e. Quartz) would also support copy on select, middle button paste and the other X11-like features! [1] Further, I’d love to see a terminal app that disallows pasting (cmd-v) from the keyboard-controlled clipboard completely as this is potentially a very dangerous thing.

[1] Note: It’s possible to emulate X11’s behaviour to some degree using BetterTouchTool. It’s still not the same though as X11 distinguishes between the mouse-controlled buffer and the keyboard-controlled buffer and doesn’t just “paste from the clipboard”. For reference, see:

Posted on

Mac OS X Snow Leopard Server: Send e-mail alert if RAID 1 degraded/fails/goes offline

By default, Mac OS X Snow Leopard Server (and later versions likely too) doesn’t send any e-mail alerts when a RAID set degraded. Fortunately, sending such a notification can be implemented using a script, as explained in http://serverfault.com/questions/153956/mac-os-x-server-10-6-apples-software-mirrored-raid-worth-it:

# vi /etc/periodic/daily/150.check-raid

# cat /etc/periodic/daily/150.check-raid

#!/bin/sh
# This script checks for any degraded/offline/failed/whatever software
# RAIDs, and if any are found emails a note to an admin.  To use it,
# replace the ADMIN_EMAIL value with your own email address, drop it in
# /etc/periodic/daily, and change the owner to root.  This’ll make it
# run its check every morning at 3:15am.
#
# Warning: this script doesn’t check anything other than software RAIDs
# built with the Apple (i.e. Disk Utility) RAID tools.  It does not check
# any hardware RAIDs (including Apple’s RAID card), or even any third-party
# software RAIDs.  If “diskutil listraid” doesn’t list it, it’s not going
# to be checked.
#

ADMIN_EMAIL=”youradmin@somewhere.com”

if diskutil listraid | grep “^Status:” | grep -qv “Online$”; then
diskutil listraid | mail -s ‘RAID problem detected’ “$ADMIN_EMAIL”
fi


# chmod a+x /etc/periodic/daily/150.check-raid

Of course this requires that your server can actually send outgoing e-mail messages which may need some manual configuration, as explained in:

Mac OS X Snow Leopard Server: Configuring outgoing SMTP authentication for postfix

[Edit 20130401: Clarified the phrasing, anonymized data]

Posted on

Mac OS X Snow Leopard Server: Configuring outgoing SMTP authentication for postfix

More and more ISPs require customers to use the ISP’s own SMTP server for sending mail (to effectively block spam coming from hijacked customer workstations). Or you simply might want to send outgoing mail using your own SMTP mail server somewhere in the Internet, which  should only accept encrypted, authenticated connection requests.

If you’re lucky, you can configure postfix on your Snow Leopard Server (and later) using the supplied ‘Server Admin’ GUI tool and enter your authentication credentials and the name of your (or your ISP’s) SMTP server there. This is explained in the following Youtube video: Using Your ISPs Mail Server in Snow Leopard Server.

In my case, this wasn’t sufficient, i.e. didn’t work and hence I had to use the CLI tool instead (which appears to be buggy, see later). The configuration of outgoing SMTP authentication for postfix on Mac OS X Snow Leopard Server is analogous to my quite old post about configuring SMTP auth for postfix on Linux, only the commands slightly differ.

Here are the commands I had to use:

# serveradmin settings mail:postfix:smtp_sasl_mechanism_filter = "plain"

mail:postfix:smtp_sasl_mechanism_filter = “plain”

# serveradmin settings mail:postfix:smtp_sasl_security_options = "noanonymous"

mail:postfix:smtp_sasl_security_options = “noanonymous”

# serveradmin settings mail:postfix:smtp_use_tls = "yes"

mail:postfix:smtp_use_tls = “1”

 

The last command reveals a bug in the ‘serveradmin’ tool which will prevent postfix from working correctly as the value is set to “1” instead of “yes”! As a workaround, you need to manually set the value to “yes” in /etc/postfix/main.cf:

 

# vi /etc/postfix/main.cf

smtp_use_tls = yes

 

# vi /etc/postfix/sasl/passwd

# cat /etc/postfix/sasl/passwd

smtp.mydomain.com login:password

# postmap hash:/etc/postfix/sasl/passwd

# serveradmin stop mail

mail:state = “STOPPED”

# serveradmin start mail

mail:state = “RUNNING”

Done that, you can test the new settings by composing and sending a message using the ‘mail’ command:

# mail -s "a test message" myaddress@mydomain.com

(enter the body text and finish editing the message by entering a dot on an empty line)

Check the mail queue with

# mailq

Requeue messages that couldn’t be delivered using

# postqueue -f

[Edit 20130401: Fixed some typos, clarified the phrasing, anonymized data]

Posted on

Got a Zeppelin Air? Upgrade its firmware now.

All in all, after several months of using it, I can strongly recommend the B & W Zeppelin Air. It’s a truly great iPod/iPhone speaker, filling even larger rooms with quite impressive depths and crisp heights. And in contrast to its competitors (e.g. think of the lousy hardware of the otherwise innovative Sonos speakers – what a pity!), you can see, feel and hear its excellent build quality. It’s been engineered by the guys who equip the famous Abbey Road Studios, supply the audio system for Jaguars and invented extravagant speakers like the Nautilus, after all.

The only thing which wasn’t satisfying so far, is the Zeppelin Air’s buggy default (software) implementation of Airplay, i.e. that the Zeppelin Air lost the Wifi connection after a while in stand-by mode. As I finally found out, all that’s needed to fix this is a firmware upgrade to version 2.00.24 [updated 20120930]. At least, my Zeppelin Air hasn’t ever lost its Wifi connection anymore since. So, if you experience Wifi connectivity issues with your Zeppelin Air (likely), don’t hesitate and upgrade the Zeppelin’s firmware now, although it’s somewhat cumbersome (you need a suitable USB cable, e.g. from an external hard drive or printer, as this isn’t included in spite of the Zeppelin’s upmarket price). It’s well worth it!

Zeppelin Air firmware download at Bowers & Wilkins Support.

Posted on

MagicPrefs

MagicPrefs.

“MagicPrefs is a free application for OS X which aims to improve the functionality and configuration options of the Apple Magic Mouse, Magic Trackpad and the MacBook glass trackpad.

It features the ability to bind a variable number of finger clicks, taps, swipes, pinch and other gestures to functions like Middle Click, Hold Down Both Mouse Buttons, Spaces, Expose, Dashboard, Recent Applications, Tweet, Read Tweets, Google Reader etc.”

A must-have.

Posted on

Notes on tracing code execution in Django and Python « SaltyCrane Blog

Eliot from the SaltyCrane blog wrote a nice Django management command that allows to easily trace a Django runserver simply by executing ./manage.py trace runserver. Works great!

Django trace tool, django-trace is [..] a Django management command that uses sys.settrace with other Django management commands. https://github.com/saltycrane/django-trace.

via Notes on tracing code execution in Django and Python « SaltyCrane Blog.

Posted on

Samsung Audio Dock DA-E750 supports AirPlay and AllShare

Das Samsung Audio Dock DA-E750 ist das erste Audio-Device mit integrierter Docking Funktion, das über ein einzigartiges Dual Dock System verfügt. [..]

Darüber hinaus „verbindet“ das Samsung Audio Dock DA-E750 auch kabellos – und zwar nicht nur mit dem Samsung Galaxy S II und Galaxy Note über AllShare. Auch Apple iPod, iPhone und iPad können sich barrierefrei über AirPlay andocken. [..]

Der gute Ton macht die Musik
Für audiophile Enthusiasten spielt das DA-E750 alle Stücke. Das Gerät ist mit Samsungs exklusiver Hybrid-Technologie an Röhrenverstärkern ausgestattet. Sie erzeugt die, für diese Verstärkertechnik typischen, klaren und warmen Klänge. Das 2.1-Soundsystem samt integriertem Subwoofer sorgt für 100 Watt sattem Sound. Das Samsung Audio Dock ist aber nicht nur für die Ohren, sondern auch für die Augen konzipiert. Die Lautsprecher sind aus Fieberglas gefertigt. Das Dock selbst verbirgt sich kaum sichtbar im Hintergrund und die Oberfläche aus Holz verleiht dem Produkt ein elegantes Auftreten.

via Offen für Neues? Samsung Audio Dock DA-E750 verbindet

Would like to listen to it to compare it to other high-end Airplay iPhone/iPod/iPad docks like the B&W Zeppelin Air.

The Samsung DA-E750 isn’t a steal, but considering the high-quality components and manufacturing, a price of around 700 CHF seems reasonable.