User-to-user mail SPF and privacy borkage

Per bug 12655

On our newer, Ubuntu-based Apache configuration we’ve been using sSMTP as a minimal local SMTP sending agent. This emulates the ‘sendmail’ binary and simply passes messages off to a hub server with no local queuing… but it’s not without its problems.

sSMTP forces the message’s ‘From’ header and the SMTP envelope sender address to be the same, which causes some problems for us when that ‘From’ address is a user’s offsite e-mail:

  • Servers which validate SPF records may reject the messages outright
  • In case of delivery problems, bounce messages will be sent back to the user, possibly including the recipient’s address which is supposed to be kept private.

As a workaround for such configurations I’ve introduced a config var $wgUserEmailUseReplyTo. When set, a wiki-specific address is used as ‘From’, and the user’s address is put in ‘Reply-To’.

This is uglier — you don’t see a clean ‘Sender’ column in your mail client — but mails will get through and private data won’t get tossed around inappropriately.

In the long term I’d like to see us either dump sSMTP (a local-only postfix or something would work fine) or patch it to let the envelope sender be set separately.

Mobile MediaWiki

I’d like to revive some interest in improving support for mobile browsers.

Extremely limited WAP-based browsers are at least sort of served by the experimental WAP gateway, but there are a lot of smartphones and other handheld devices that get on the “real” web with greater or lesser degrees of success, and I’d like to see us improve the default look & feel of MediaWiki on them.

At the moment I think we can roughly divide the mobile browsers into two categories:

  • Those that render much like a full desktop browser and let you zoom as necessary (iPhone/Mobile Safari, Opera Mini, …?)
  • Those that have very limited CSS and JavaScript or strip a lot of stuff down (Opera Mini in “mobile view” mode, most others?)

At the moment, all I’ve got access to are an iPhone and the Opera Mini simulator applet, so that’s what I’ll be putting the occasional bit of time into. These already pretty much “just work”, but the UI can be very awkward due to the desktop-size layout; I’d like a cleaner handheld stylesheet that lets most pages be legible when you get to them.

If you’ve got another device and you’d like to help testing and developing for it, please stake your claim.

Alternatively if you’ve got a spare device you can donate to us, that’d be great too! (Especially if it doesn’t need a service subscription to get on the net…)

Google Transit WTF?

One of the great joys of my life is Google Maps. It’s attractive, fast, easy to use, usually gives workable directions, and lets you do cute things like customize your route with a simple drag-and-drop (ooooh).

Plus it’s built in to iPhones now. :D

But… When you’ve gone carless in the big city, the driving directions aren’t always helpful — you want to find the best metro or bus route to take.

There’s a fairly complete online trip planner for Bay Area transit at 511.org, but it fails in every way that Google Maps succeeds — it’s ugly, slow, confusing, and if you want to adjust to an alternate route it’s almost impossible to figure out how.

Google keeps taunting me with a little link on Maps to “take public transit” which never ever is able to find any directions from anywhere to anywhere.

Eventually I discovered that it does give you directions… but only if you put in exact train stations as your start and end points. If I already know which stations I need, I hardly need a transit planner now do I?

Even if it did work, here in San Francisco it includes BART but not MUNI, which has more in-town rail lines and about a hojillion buses and thus is far more likely to be what I’d take.

Update 2008-05-08: It actually works now!

Mandatory Apple reactions

Like every other Apple fanboy, of *course* I have to post my reactions to the MacWorld announcements…

iPhone updates: Firmware updates are welcome, but nothing earth-shattering.

AppleTV movie rentals: Potentially very cool… The price point is about even with going to a BlockBuster store without having to get off your ass. I will say though I’ve gotten pretty comfortable with Netflix’s flat monthly fee and huge selection.

Limited selection for TV is the reason I haven’t used my AppleTV much in months except for playing music in the living room… My shows are available on iTunes, but half of my lady’s aren’t, so we ended up getting cable.

If the selection’s decent and downloads actually *do* start “in seconds”, the new AppleTV software should be perfect for spur of the moment rentals, but if we’re already paying a flat fee for Netflix I don’t have much incentive to use it frequently… unless I have to see something *now* I can put it on my queue and wait.

I’m assuming of course that the software update will come for older AppleTV units…

MacBook AIR: A year or two ago this would have been the answer to my prayers — the fairly compact form factor of the MacBook, while thinner and lighter than my first love, the PowerBook G4 12″. I’m a bit leery of the lack of an optical drive and losing some of the wired ports, but it’d make a great travel / conference / meeting machine and everything but the FireWire can be replaced with USB extras for “what do you mean, there’s no WiFi?” emergencies.

I have the suspicion though that the iPhone’s going to eat up a lot of my computer-on-the-go requirements; it’s already got mail and web, and an official SDK should let us see extra apps come in (chat, organizers, games ;) that lessen the need to lug a laptop around town.

Seeing Apple lurch towards solid-state drives is verrrrrrrrry exciting, but the cost is still high and the capacities too small for a primary-use computer (my iPhoto or iTunes libraries *each* would fill the optional 64GB SSD, and they’re only going to get bigger).

Now if we can just get the pervasive connectivity that the iPhone delivers built in to the laptops…

Sweeeet

Hadn’t noticed this before… on Leopard, when you do a window screenshot (command-shift-4, space) it now captures the window’s drop shadow over a transparent background.

Shadow! Shit yeah

That’s pretty cool for demo screenshots; I used to use temporary white backgrounds and capture an area around the window manually, but this is way prettier. :D

Compartmentalization

So my fiancée and I recently moved into a cute little Victorian flat in San Francisco. Not the fanciest place, but it was a great price for the neighborhood and it’s got character.

One element of character in an older building is, naturally, batshit-insane electrical wiring.

The flat has a pretty classic linear layout: living room out front, den behind it, bedroom, kitchen, bathroom, and a hallway going all along the side. You’d think this would give a natural way to partition the electrical circuits by part of the house — in case of overload, one room at a time should go, right?

But no. For some mysterious reason, about 90% of the wall sockets are on the same circuit. That means my computer in the den, the microwave in the kitchen, and the space heater in the bathroom.

So if I’m so foolish as to try to fire up the computer to check my e-mail while my oatmeal’s in the micro and my lady’s in the shower, *boom*. It all goes out.

Nice.

Leopard Spotlight

Spotlight keeps deciding it has to index my external hard drive all over again. Is this going to happen every time I reboot? Or is it just because I almost never have to boot unless I’m recovering from a crash or power outage?

Sigh. At least it lets me search the internal drive while it’s doing it.

Sunny California

Ugly winds & rainstorm hit San Francisco yesterday; our power was out all day, and even the local Starbuck’s eventually went out, so no more internet in the afternoon. :( Some disruption to public transit, but still managed to get around. Yay!

Wiki data dumps restarted

Maintenance is still pending on the old dump server… I’ve moved the files over to storage2, one of our backup servers, and restarted a couple of dump worker threads. Currently one of those is running on the old server, but it won’t be too fatal if it dies for now. :)

TitleBlacklist, title protection

A few days ago support for protecting deleted or not-yet-created pages from creation went live. Today I’ve also enabled Vasiliev’s TitleBlacklist extension, which allows admins to preemptively block potential titles via regular expressions.

Currently just the local blacklist is enabled, at MediaWiki:Titleblacklist on each wiki.

The regex behavior is a little different from the existing SpamBlacklist, so admins be sure to check the docs and test your entries. :) But it should come in rather handy for certain kinds of spam and silliness attacks.