by ezs | Feb 8, 2014 | evilzenscientist
A fun day.
First up there is a feature gap on Azure – where there is no reverse DNS – i.e. PTR records – for virtual machines.
The main problem I am having since moving things to Azure is that mail delivery from Postfix is getting some hosts rejected – because the receiving MTA receives no host on reverse DNS lookup of the sending MTA. Imagine I sent mail to foo@bar.com – and my MTA is running with a public IP address of {x.x.x.x}. The receiving MTA does a reverse lookup for {x.x.x.x} and finds no record. The mail is bounced.
My solution is to send mail via Office 365 – reconfiguring Postfix to relay via Office 365 using SMTP. The added challenge – Office 365 uses TLS for security and requires STARTTLS.
As I mentioned – a fun day grinding through docs and understanding what was needed to get this to work.
The short version:
This is the additional config for Postfix – here I am using SLES 11 SP2 – this is in /etc/postfix/main.cf
# Use Office 365 as relay
relayhost = [smtp.office365.com]:587
# Use credentials for auth to Office 365
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous
smtp_send_dummy_mail_auth = yes
smtp_always_send_ehlo = yes
smtp_tls_security_level = encrypt
smtp_use_tls = yes
smtp_tls_CAfile = /etc/ssl/certs/cacert.pem
# misc
tls_random_source = dev:/dev/urandom
#logging
#smtpd_tls_loglevel = 2
#smtp_tls_loglevel = 2
#enhanced logging for Office 365
#debug_peer_list = smtp.office365.com
#debug_peer_level = 4
The plaintext username/password pair were placed in /etc/postfix/sasl_passwd
[smtp.office365.com]:587 Office 365 authentication:complex password
I also modified /etc/postfix/sender_canonical to remap the default from name to the same name used for Office 365 authentication
wwwrun@myhostname.com Office 365 authentication name
Finally I found an interesting set of bugs/features in WordPress – where the assumption is that the default PHP mailer is being used and that the wrong from email is being injected into the PHP mailer function. Messy. Opened for two years now.
This was resolved by using the WP Mail Options plugin to overwrite the mail from field.
End result – all working.
by ezs | Jan 28, 2014 | evilzenscientist, Uncategorized
Early start this morning – head into Seattle to meet a truck and driver delivering a Perceptive Pixel 55” interactive touch screen for an event this evening.
The screen and PC are not too big – but they are fragile and expensive – so the shipping case is enormous! Over 1200 pounds (500kg) of wood, steel, wheels and hardware.
Delivery was an adventure; two hotels with similar sounding names within 100 yards of each other; narrow alleys; rubbish collection; cyclists and bad drivers.
Eventually the box was unloaded and we went for an unescorted trip through the back offices of a large hotel. Guaranteed to get security interested and come find you 😀
by ezs | Jan 19, 2014 | evilzenscientist, Uncategorized
Every time I move blog server I need to tweak PHP settings.
For my own sanity – here are the main ones:
memory_limit = 512MB
max_execution_time = 300
post_max_size = 32M
upload_max_filesize = 512M
by ezs | Jan 19, 2014 | evilzenscientist, Uncategorized
Starting back up the training for a 5K later in the Spring.
Foggy and cold this last few days.
Slow – but every day is an improvement.
by ezs | Jan 18, 2014 | evilzenscientist, Uncategorized
Sad to see Novell do another, seemingly fatal, round of layoffs.
The few good people left seem to be gone; those that are left pretty much bare bones product maintenance. Looks like the entire legacy Attachmate product line and the legacy Novell product lines have been merged under a single management structure.
From what I hear it’s “do less, with less” – which is a sad whimper to end with.
Best wishes to those that got let go; it’s a different world outside. Almost six years since I walked away.
by ezs | Jan 11, 2014 | evilzenscientist, Uncategorized
The never ending saga of running infrastructure has gone full circle. All of my self-hosted blogs and websites have moved from a Hyper-V server in my garage and up to Microsoft Windows Azure.
I spent a decade (2001-2011) self-hosting. Running both email and website on platforms as diverse as NetWare through RedHat, SUSE and finally Windows Server. In early 2011 I decided to get out of the hosting game and move the blogs to GoDaddy and the mail to Exchange Online (then BPOS, now Office 365).
GoDaddy really frustrated me. Poor performance, poor logging, strange “go slows” and unexpected disconnects of SSH. Understandably “I got what I paid for” – but frustrating none the less.
It has taken eighteen months – but slowly the various blogs and websites have been culled and archived, moved back to self-host and now up to Azure.
Windows Azure has really improved over the past two years – I started by evaluating the Platform as a Service capabilities back in November 2011. Functional – but missing some capabilities that I needed to run the photo blogs (all written for the LAMP stack).
More recently as the Infrastructure as a Service capabilities have moved from preview to production I tested this blog running on Azure. Performance and uptime have been great. The blog is running a SLES 11 SP3 platform on Azure – and it’s as functional as running on bare metal or any hypervisor.
I finally took the time to move the family blogs and business website to the platform over the last week or so. The migration of WordPress blogs and Gallery photo sites is pretty simple now.
by ezs | Oct 11, 2013 | evilzenscientist, Uncategorized
Over the course of 5½ years I have had four different and evolving roles – and numerous offices. Today I moved back down to the ground floor of Building 121 on the Redmond campus; my fourth office in this build – and the tenth office overall.
by ezs | Oct 1, 2013 | evilzenscientist, Uncategorized
I recently changed role at Microsoft – and blogging about technology and the application of that technology is going to become a lot easier.
My new position is as the Chief Technology Officer – or Chief Technology Architect – for the World Wide Microsoft Technology Centers.
I will be working with a first class global team of technology architects and leads to really define the portfolio view of the entire conversation and offering in the MTC. The MTC is the pinnacle of the Microsoft technical sales organisation – hosting some incredible customers on a daily basis around the globe.
An incredible asset for Microsoft and our customers – and I am feeling both challenged and excited for the new opportunity.
by ezs | Sep 12, 2013 | evilzenscientist, Uncategorized
I remember a few years ago talking to the marvelous Jeffery Snover about PowerShell – and my mind was blown. The possibilities of scripting, remotability, the modular design – were all magical and innovative.
This week I’ve been updating servers on my Hyper-V infrastructure – most of them are server core – reducing the memory and patch requirements significantly.
Using a PowerShell I’ve been able to upgrade them all to Windows Server 2012 R2 with minimal fuss and effort.
by ezs | Sep 11, 2013 | evilzenscientist, Uncategorized
I took advantage of the enforced, unplanned outage to update SLES 11 from SP2 to SP3.
All good – the only tiny gotcha was running the MySQL upgrade manually at the end.
Otherwise – looks happy so far.
Recent Comments