Maxis Transparent Proxy is Causing Problems to Developers

I had to transfer 2 WordPress blogs to another hosting provider last night, as the free one is going to expire today. It should be as easy as:

  1. Transfer the files
  2. Transfer the database
  3. Change DNS servers in registry to the new DNS servers
  4. Configure the new hosting location

In a few hours after the DNS propagation is finished I should be able to point to the new site. If not, I should be able to use the host file /etc/hosts to point to the new server and make sure it works well.

I’ve had the trouble with Maxis transparent proxy before when it was blurting out random errors to random sites.

Today, even when OpenDNS is already updated with the new IP (DNS propagation has finished), the transparent proxy is still outdated and points to the old server.

maxis-transparent-proxy-troubling-developers

I am sure if I call Maxis or even use its MaxisListens Twitter account, they will not even understand the concept of DNS.

The thing with transparent proxy is, as long as it’s HTTP traffic it will be going through it (not HTTPS), and it does not matter if I use a host file.

Oh well. I guess I can’t test this quickly right now except by using an anonymous proxy or connecting to an external VPN. Who appreciates time these days?

BTW, making modifications in domainregistry.my was very fun and it took me more than 30 minutes to modify one domain.

SMTP Smart Host Setup for Postfix in Snow Leopard

snow-leopard

PHP does not have any SMTP authentication mechanism in its configuration, and most developer opt for PEAR packages to perform email sending via custom ports and SMTP authentication.

I am one of those who will avoid using external packages as much as possible unless really necessary, and of course because I wanted a quick solution to my problem (or an excuse to be lazy).

By default, PHP sets SMTP as localhost and port 25. Under normal circumstances, this should be no issue as the built in Postfix will just connect to the destination server and delivers the mail. However, if your ISP blocks outgoing packets to port 25, the mail will go nowhere.

1. Enabling Postfix on Snow Leopard

Postfix is not enabled by default. You may choose to run it by default on system startup.

$ sudo vi /System/Library/LaunchDaemons/org.postfix.master.plist

Add before the closing </dict> tag:

  <key>RunAtLoad</key>
  <true />
  <key>KeepAlive</key>
  <true />

Start Postfix:

sudo launchctl
launchd% start org.postfix.master

You can test by using telnet on port 25 if you speak SMTP protocol.

2. Configuring Postfix to use a Smart Host

A smart host is also called a relay. This means that you need an SMTP account somewhere in the Internet to send the mail for you. With spam problems, open relays are identified in databases and are blocked by destination servers, so this means that legitimate mail servers requires authentication.

I used my Yahoo! SMTP account to help me send my test emails. Yahoo! allows for PLAIN authentication. The not so good thing about this method is that your password is transmitted plain text.

GMail is more secure and requires TLS authentication and this requires postfix to have SSL support but since I need this quick I have no time to research and find out whether it is. (Excuses, excuses).

i. Create a storage file for the password, for example /etc/postfix/relay_passwd

plus.smtp.mail.yahoo.com USERNAME:PASSWORD

ii. Secure the config file

$ sudo chmod 600 /etc/postfix/relay_passwd

iii. Create the hash database for postfix

$ sudo postmap /etc/postfix/relay_passwd

iv. Configure /etc/postfix/main.cf:

relayhost = [plus.smtp.mail.yahoo.com]:587 
smtp_sasl_auth_enable = yes  
smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd  
smtp_sasl_security_options =

v. Restart Postfix

sudo launchctl
launchd% stop org.postfix.master
launchd% start org.postfix.master

You should be all set. Test sending an email from PHP.

BTW, if you’re wondering, if you are a Yahoo! Mail web user, chances are that you don’t have SMTP access. However, I have heard that some countries still do have free SMTP access for now.

Connecting to Exchange using Entourage via Outlook Web Access

I wanted to be able to use my personal laptop to check my work email, so that I don’t have to carry around the 3kg DELL beast all the time. Sure, I can use the Blackberry but typing long emails on it can prove painful especially with fat fingers.

I have VPN access, but Cisco (official) VPN client keeps on and on causing my Snow Leopard to crash (kernel panic). The built in VPN client used to work until some security changes were made to the VPN concentrators.

Googling around I found a helpful hint, to set up my Entourage to connect to my work email via the Internet (not having to connect via VPN).

entourage-exchange

All of the fields are self explanatory, but one field was the problem: “Exchange Server”.

If your organization has a “OWA” or Outlook Web Access, you can try entering <servername>/exchange/<your_full_email> into the field and see whether it works. For example if your OWA is owa.romantika.com and your full email is [email protected].com you would use:

owa.romantika.com/exchange/[email protected]

One thing I have not figured out yet, is whether or not my organization has public facing LDAP server (for address lookups). Since this is not a standard configuration, the server names are unpublished anywhere. But since it’s available I guess it’s not against the rule.

Hope this helps. I can now check my emails from my Entourage, but that’s it. No VPN access.

BTW I think you can use the same technique with an installation of Microsoft Outlook too!