Time and Stuff to Do in it

A perennial trickiness seems to be how to actually accomplish those things which have been chosen. There seems to be an entire industry built up around telling everyone else how to do the things they already want to do anyway. Naturally, I’m a bit skeptical of any how-to whose website is nothing but an advertisement and a store, where you purchase the books and training courses to use the system. Yes, GTD, I’m looking at you. But Lifehacker, that repository of all tips nerdy and geeky, seemed to stand by it pretty hard. So I gleaned what I could of the system without having to shell out the bucks. (I was in college. Who wants to spend money on things that feel like they should be free?) I was able to piece together the basics, and it seemed pretty useful. But as with every other system I tried, it felt good in those first few days where the boundless enthusiasm I have for any project was carrying me through, but as soon as that wore off, it all fell apart. All those lists are all very well and good, but only so long as I look at them.

Which, I want to make very clear, is not a failing in the system itself. It’s just that the very thing I was looking for isn’t solved by it. I did learn a lot of useful things from it. It takes a lot of seemingly-obvious facts and combines them into a model, which if you’re able to actually get off your butt and follow it, can be extremely powerful. But as with most caches and channels of power, it must be approached carefully. Additionally, sometimes the seemingly-obvious isn’t noticed nearly as early as you’d think it would be, especially if the person who needs to notice is as oblivious as I am.

Also, it feels really unbalanced to have separate context lists, when the only one that ever has more than one thing on it is @home/desk/computer.

There is very much a difference between the facets of “keeping track of what to do and choosing the order to do it in” and “actually getting off my butt and doing the stuff I just chose”. Currently, I’m trying Mark Forster’s (you may have heard of AutoFocus or SuperFocus or one of his many revisions of them) “Final Version (FV)” for listkeeping and a modified version of “Pomodoro” for actually-doing-stuff. Maybe I’ll call it “The Last Tomato”. My main change to Pomodoro comes in two main parts, both stemming from the fact that the task is always the same: “follow the list”.

Since everything goes on the list (including games and internet reading) that leaves the tricky question of “what do I do in my 5-minute breaks? or my half-hour/hour breaks?”. The chain-building from FV already has built-in a rewards system and since the things I usually consider breaktime are already in the list, my current strategy is to “skip” the breaks and use the timer more to delineate my time so I am aware of its passing. Also, if I have something that takes more than one tomato of time, one tomato is probably more than long enough for it to be “worked on” and if I spend more than that in a row I’m probably not gonna actually get around to the other stuff. So when the tomato alarm goes off, I do something else. Also, if I get distracted reading too many articles on wikipedia or lifehacker or cracked or any of several other notorious time-sinks, the alarm will let me know time has passed at some point before all of the time has passed.

This being my first day of “Last Tomato” it’s really too early to say if it’s going to be “The System” or not, but I’ve played with FV a bit before and think with the added focus of remembering that time is passing it has a lot of potential. Last time I tried FV the thing that broke me from it was that my list, having everything on it, got really long and unwieldly and I was asking myself why I was reading the name of each book I’ve heard of and every game I’ve remembered I like in the last week, every time I go through the preselection to build the next chain. But I think if I can remember to relax a bit and not worry so much and let the system work itself out, that it at least has a chance of lasting longer than others tend to.

And even if it doesn’t, at least I’m not as stressed as I was in college. Seriously, that stuff was hard.

Sender Verification and its Callouts

In the constant fight against spam, one of the many useful tools is Sender Verification. You may have seen references to this when poking around in the exim configuration manager. But what is it? What is it for? What problems can it “cause”?

One of the occasional tell-tale signs of spam, is that it is coming from a sender address or domain that does not exist. Why would you send an email without having your own email address? There are several possible reasons, but the most common answer to that question is that either you are a spammer or you have something misconfigured. And if you are a spammer, I probably don’t want your filthy spammy email anyway. So one way I can filter you out right away so I don’t have to see your spammy email messges is to tell my mailserver daemon not to accept any mail from a domain or address that does not exist. This is called Sender Verification.

There are two main parts to Sender Verification. In exim, these are referred to as Sender Verification, and Sender Verification Callouts.

The more basic of the two is Sender Verification. This is why Sender Verification must be turned on before you can enable the Callouts. Sender Verification just checks if the domain exists. So, for example, if I get an email from an address called “iamlegitiswear@totallynotaspammer.com”, the mailserver will check if the domain “totallynotaspammer.com” exists. Currently, at the time of this writing, that domain does not resolve:

[skaryzgik@localhost ~]$ dig any totallynotaspammer.com +short @ | wc -l

So my mailserver sees the domain not resolving and figures “uh-oh, this looks bad!” and rejects the mail. And I don’t have to see the spammy spammy message, and exim tells off the sending server. By which I mean, it returns an informative error so that the server admin can see that something weird is going on and they should check their security settings.

Sender Verification Callouts can help stop the receiving of spam in other cases, where the domain itself exists and resolves just fine, but the actual address does not. The way Sender Verification Callouts accomplish this, is that they send a test email to the sender’s address. If the test email works, then the sender address must work, and this particular check will not block the mail. If the test email does not work, the callout fails, and exim decides the sender address does not exist and rejects the message.

Yay! I have less spam running through my server! But wait, there’s more!

Sometimes, Sender Verification or Sender Verification Callouts can appear to cause legitimate mail to not work. For example, here is a problem I see occasionally. The complaint is usually along the lines of “Halp! My php script can’t send mail!”. There are many cases in which a php script would want to send mail, for example if it is a well-protected forum registration page which is resistant to forum spammers. You may want your forum to send each new registrant an introductory email with useful informative links and a few of the basic rules and terms. But the mails don’t get sent and you see errors about addresses not existing but you know very well the recipient exists because you just sent an email there.

Yeah, customers like to panic. Anyway, the sender verification, especially when it’s doing the callouts, if it can’t find the sender, will refer to them as a recipient, because they are a recipient – of the test mail.

So then you might be thinking, “okay, so the server thinks cpaneluser@host.domain.tld doesn’t exist. How is that better? It obviously exists! It’s my main cpanel email user?”

The weird thing about hostnames is lots of people don’t bother to make sure they resolve. They don’t realize they’re used for anything. Similarly with nameservers, but that causes other, sooner-noticed, problems. Make sure the hostname has an A record. WHM has a special page for it so you don’t even have to edit the dns zone yourself.

Of course, you still have to make sure the domain the hostname is under hasn’t expired.

Happy spam hunting!

EDIT: It has been pointed out to me that with these recommendations, you still wouldn’t be able to receive mail from many noreply@ messages, since they do not usually accept mail. I have added finding a suitable solution to my shiny-new to-do list.