Blog

Posted on

“Run Your Own Mail Server” Kickstarter prelaunch up

Pretty much what the subject says. The Kickstarter page is up. If you do Kickstarter and want to know when this goes live, hit the button.

Why do both sponsorships and a Kickstarter? Different people have different comfort levels with different options. Some folks want to make the book exist. Some folks want to get the book as soon as it exists. Some of you want a vague awareness that the book exists so yuo can more easily avoid it.

If the Kickstarter does well enough backers will get an online launch party/Q&A, additional ebooks, and more. Rewards will include the book in ebook, paperback, or hardcover, signed or unsigned, Eddie Sharam’s original cover art, or (for the truly deranged) a complete set of all current IT Mastery books.

I will not be doing direct sales off my web site, the way I did with OpenBSD Mastery: Filesystems. Trying this instead, to see if the social element outweighs Kickstarter’s 8% fee. Even if you’re not a Kickstarter user, I’d appreciate you sharing the link with those who might be interested. Thank you.

Posted on

New Prohibition Orcs novelette out

The Prohibition Orcs Kickstarter offered a stretch goal of “I will write an orc baseball story.” The story went to backers at the end of December, and now I’m releasing it to the public. As with all my standalone short fiction, it’s exclusive to my store.

“Fair Balls” contains baseball! Found Meat! Pure orcish wisdom, shared beneath the Sun. All in the name of that darkest of arts: “reading.”

What’s a novelette? Too long to be a story, too short to be a novella. The weird midrange crap that trad publishers sneer at.

Posted on

Penguicon 2024 Schedule

I’ll be at Penguicon this weekend. Come by, say hello, buy a book or heckle a talk. All talks are fifty minutes.

Friday, 26 April

  • 5 PM: hang out in bookstore
  • 7 PM: Reading (Orcs? Tech advice column? Nonfiction? Who knows?)

Saturday, 27 April

  • 10 AM: The Good, the Bad, and the Yikes: 20th-Century SF (panel)
  • 11 AM: How I Make a Living Writing
  • 1 PM: How to TLS when You Don’t Know TLS (my talk, given by Bagel Garrison)
  • 2 PM: BSDCan Concom Call (Not a Penguicon event, but it’s where I’ll be)
  • 3 PM: Run Your Own Email Server
  • 4 PM: Prying Money Out of an Indifferent Public: Self-Promotion for Creators (panel)
  • 6 PM: It’s Always DNS, and What to Do About It

Sunday, 28 April

  • hang out in bookstore

The “hang out in bookstore” blocks are actual work, sort of. I watch over other folks’ books, they watch over mine. If you want to buy a book send money via Paypal, show the watcher your receipt, and walk out with the book.

I’ll have a select, uh, selection of books, the sort of stuff that usually sells at Penguicon. If there’s a particular title you want, let me know in the next few days. I’ll bring a copy with your name on it. Otherwise, I might not be bringing that book at all.

Pretty Spam

Today we have a chunk from Run Your Own Mail Server.

Email clients like Outlook and Thunderbird expect to communicate with a fully functional mail system. You don’t have one yet. Testing your IMAP configuration requires a client that handles IMAP separately from sending mail. If you are already cozy with your preferred mail client and can make it test receiving separately from sending, use it. Configure an IMAP account in your client, try to connect, and see what happens.

If you don’t have such a client, I recommend mutt (http://www.mutt.org). One advantage mutt has over other mail clients is that you can run it on the server, letting you test features like IMAP and mail submission without worrying about the network between your desktop and your server. You should have already configured your packet filter as discussed in Chapter 1, but you couldn’t test it until something was listening on those ports.

Mutt is a command-line email client, by default displaying only text. That’s fine—the question is not “can we view the pretty spam?” but “can we log into IMAP and view our messages?”

With any luck, I’ll have a Kickstarter notification page next week.

41: Fresh Piglets

I have done no writing this week. My gig as BSDCan con chair sucked up my time. Next week, I’ll be going through Run Your Own Mail Server tech edits. I can probably find a snippet of new text then.

These weeks happen.

Rather than skip the podcast, I chose to read something already published. My goal for this silly thing is to learn to read casually, after all. So here’s a chunk from Forbidden Taste, a Prohibition Orcs tale available exclusively in the collection Apocalypse Moi.

If the humans took offense, Uruk would wake without her. Her boys would return from school to find a dead stove and empty pot. Her clan would never know what happened to her.

She could return to the tenement. Let curiosity gnaw all her days. Her heart thudded against her ribs like an angered sow protecting fresh piglets, making her vision throb.

Or she could choose this war.

Vara took a deep breath and unbuttoned her coat.

January sliced deep, cutting through her canvas pants and both burlap shirts and digging for bone. Vara’s sweat burst into steam, instantly ripped away. She held her coat open, offering January her warmth even as the ache settled into her ribs and thighbones. “I choose this war.” Shivs scraped up her sleeves. January might not be as rapacious as October, but if Vara denied the Dead Month its due, January would claim it another way. “This war is for blood.” She commanded her shivering fingers to still themselves. “This war is for life.”

Yes I’m a full-time writer, and I do my best to stick to the pulp tradition, but I do have non-writing weeks. Sometimes there’s a non-writing month. I’d like to ask all four of my listeners if they mind me falling back to published works in those weeks, or if you would prefer I skip the podcast? Comment below to let me know.

40: Failure is a Renewable Resource

Today’s reading is from next month’s FreeBSD Journal Letters column.

Perhaps you have extensive monitoring and log analysis, all meticulously tuned to inform you of every little wobble. You can identify the host spewing stray packets with a single netflow query and know how many times a second hopeful spambot flings garbage at xmlrpc. php. Your mail server sneers at spam. You’ve even taught fail2ban manners without resorting to a spiked club. You have all this, right? Or do you merely have plans for all these? Plans offer the greatest gift, which is Hope, but hope and a good swift kick to the teeth will get you a minuscule stash of legal narcotics and a substantial dentist bill. Are you protecting the dream or the reality? Dreams can be moved. Whatever you’re planning to do can be planned just as well elsewhere, and always remember Rule of System Administration #15: Today’s plans address yesterday’s failures. Failure is a renewable resource

A new collection of Letters, Dear Abyss, should go through Kickstarter later this year.

Posted on

March’s Malformed Sausage

(This post went to Patronizers at the beginning of March, and the public at the beginning of April)

Last month, I mentioned blood pressure problems.

The good news is, I have the blood pressure under control. The bad news, it’s given me a cough so fierce that I occasionally fall over. People have told me I work to hard, so now I’m taking a thirty-minute break every four hours around the clock for a breathing treatment that leaves me wheezing and quivery but functional. It’s an opportunity to prove the maxim “sleep is for the weak,” and I needed to develop my abs and rib muscles anyway. The doc changed my meds yesterday, so I’m hopeful I can exchange these side effects for less inconvenient ones.

This is all covid damage. I’m not risking developing more problems. You want me at your events, enforce a mask policy. I got too many books to write to put up with any more symptoms.

I also failed to finish Run Your Own Mail Server last month. See the above cough. I’m down to one technical issue, MTA-STS, and a few social issues that only require spewing words. I was tempted to wait on this post until I write those, but that’s pretty much a guarantee that I won’t complete either. You folks are my strongest supporters, and I need to give you the attention I agreed to. (Not the attention you deserve, of course. I don’t have that much attention.)

One of the headaches in this book has been its constant violation of one of my usual writing rules: do the hard part first. When I approach a new project, I rank the contents in order of difficulty. Usually, there’s at least one thing I haven’t previously done. Those are the things I need to write first. Writing the stuff I know how to do is pretty straightforward, but the unknowns wreck my plans. RYOMS could only be written in one way, though. The services must be set up and documented in a particular order, without shortcuts. If the book said “This is wrong but we’ll come back and fix it later,” I know perfectly well that none of you would go back and fix it. We have to set it up right the first time. Which led to some extra work. I use pyspf-milter so I wrote about it, but rspamd turns out to be a wiser choice. Retreat, refactor, rearrange, try again.

On the fiction side, I sold a new Rats’ Man’s Lackey tale to a magazine. The RML tales have a strange publishing history; every magazine or anthology I’ve sold one too has collapsed before they could publish my tale. Once a story destroys a publication, I put it up on my bookstore. I’ve written enough of those to release a collection, but a few buyers are still in business so I have to wait for them to implode–uh, publish. Publish.

I’m most of the way of a massive Terry Pratchett Discworld reread, not just studying his craft but how he improved his craft. There’s something fascinating about reading a large body of work in the order it was written. The quality of Pratchett’s early work was borderline, but some editor saw something unique in his craft and decided to give the kid a chance. You can see him improving with every book. At a technical level, there’s a certain fascination in saying “Oh! This is where Sir Terry discovered cliffhangers!” “Hey, he learned the difference between description and setting!” “Ooooh, he figured out how to stop violating drifting point-of-view, thank you Om.” This binge gives me hope for my own craft, because nothing Terry with his craft did was magic. The art expressed through his craft was magic, but art is not craft. I started reading Pratchett when The Light Fantastic came out, and in retrospect I can honestly say he taught me how to improve my craft.

Note that you can’t binge-study James Patterson. This kind of study requires examining the work of someone who writes their own books. You also can’t binge-study Ayn Rand, because she never got better.

Anyway, this binge study leaves me feeling validated about my method of deliberately practicing one skill per project. That’s a dangerous feeling; I don’t study to see what I’m doing write, I’m looking for ways to improve. I’ve found a few, but I still suspect I’m missing something big. Oh well. I guess, in a year or two, I’ll have to… study Pratchett again.

I’m going to cut this a little short, because the coughing has backed off and I desperately want to finish RYOMS this week. Thanks for supporting me, everyone!

Posted on

xz backdoor vs “$ git commit murder” sale

I’ve gotten half a dozen messages on various forums declaring that the xz backdoor is eerily reminiscent of a major plot element of $ git commit murder.

I’ve been a sysadmin for decades, and hanging around with operating system developers nearly as long. I came up with a plan for a “difficult but achievable” hack. I checked with various actual developers to see if it was realistic, and adjusted the hack based on their feedback.

Target a userland tool. Hook it into the operating system core. Proceed from there. The plan is easy, the execution fiercely difficult, the coincidence unsurprising.

I can say that if Dale had developed this hack, it would not have damaged the host’s ability to serve SSH requests. He would have caught that and fixed it before deployment.

I feel compelled to acknowledge this similarity, however. Coupon code xzhack gets you 50% off $ git commit murder and $ git sync murder at my store. This expires 8 April 2024.

To all the sysadmins who are having a bad weekend because of this hack, I offer my sincere condolences. Just because the blast missed me this time doesn’t mean I don’t feel your pain, or that I won’t be caught next time.

To the author of the hack I would like to say: you are a dick.

Posted on

Vultr backed down, but so what?

(Quick note, because very busy day.)

Vultr had a rights grab in their ToS. They just took it out, after community outrage.

So, is everything fine?

Nope.

This is exactly what Findaway tried. I’ve read the whole ToS. There is no misunderstanding.

The CEO has said that users are not lawyers. I am not a lawyer, true. But I deal with a lot of intellectual property contracts. My books are intellectual property, and I have to read ToS and contracts for every one of them. When reading a contract, you have to assume that the other party will be sold to a complete bastard who will exploit the contract as far as possible.

It’s highly unlikely that Constant Contact (Vultr’s parent firm) would use a book stored on my site to make a film. But suppose their parent company did so. A film I didn’t want made would come out, destroying the value of any film I might have made. I could sue, spending my money to fight a much larger firm. This is a losing proposition.

Perhaps Vultr’s lawyers are merely incompetent.

But their parent firm is a content company. And many content companies are doing rights grabs.

Rights grabs are becoming more common, though. I believe that the only way to stop them is to stop doing business with any company that attempts one. Backing down from a rights grab is too late.

39: I Carry A Grudge

This book won’t be in progress long. I hope.

These block lists are distributed via DNS, and are called DNS Block Lists (DNSBL). (You’ll also see Reputation Block Lists, or RBLs, but that term is trademarked.) By refusing all mail from hosts on a reliable block list, you immediately stop the overwhelming majority of spam.

That’s the catch: a reliable block list.

This is the Internet. Just as anyone can run a web site, anyone can publish a block list—and you can’t tell by the name. These projects were overwhelmingly founded by infuriated geeks, and often grew beyond their original intent and scale. “Spam Eating Monkey” is a highly trustworthy list provider, while some official-looking lists should more properly be named “HTML Email Is Immoral And I Carry A Grudge.”

The scheduling on RYOMS is gonna be weird due to outside forces I can’t control, but I’ll get it in your hands as soon as possible.