2000 12 07

                    LINUX NEWS
            Thursday, December 7, 2000


1) Sean’s Notes

2) Linux News

    Do Your Part
    Strut Your Stuff
    Creative, but...
    Windows Whistler vs. Gnome 1.2, KDE 2.0

3) Linux Resources

    Command Line Weenies
    System Basics
    Journaling Filesystems
    Keep Tux Safe
    Using Snort

4) App o’ the week

~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~ CYBERSTATEU

Win Free Certification Training from CyberStateU.com. It’s really simple. Follow this link!


and fill out the entry form. You can win free certification training courses in hot Internet technologies such as Microsoft, Novell, Cisco, Computer Telephony and Linux. Can not be combined with any other offer. Limit one entry per person.

For information on how to advertise in this newsletter
please contact adsales@BrainBuzz.com or visit

1) Sean's Notes

It's hard to believe this is already the sixth week of the
Linux newsletter!  Thanks to all of you who sent your
feedback to me at mailto:swalberg@brainbuzz.com
... Keep it coming!

I was talking with a friend the other day, and he was
wondering how he could get some of the email sent to his
personal account forwarded to his Blackberry wireless
device.  Not all of them, mind you, just from certain people
or certain subjects.  Plus, the message still has to end up
in his regular mailbox.  This, along with other mail
filtering problems, is the realm of procmail. Want to put
your mailing lists in their own folders?  Procmail is the
answer. Filter out spam?  You guessed it...

Procmail is a utility that is fed "recipes" which dictate
what it should do with messages.  It tends to be called
from your mail transfer agent, such as sendmail.  Most
distributions tend to have procmail available, but if you
can't get it from there, the links at the end of this
article will lead you to the sources.

Before putting procmail to work, you've got to get your MTA
set up first.  Some distributions, such as RedHat, make
procmail your default local delivery agent so this is done
for you.  Otherwise, you need to create a .forward file
with the following contents:

"|IFS=' '&&exec /usr/bin/procmail -f-||exit 75 #username"

(you'll want to replace the "username" with your username.
Don't forget the double and single quotes too!)

Recipes go into the .procmailrc file in your home directory,
and must only be writable by the owner.  Before you can
start writing the rules though, you'll have to tell
procmail about your system (within .procmailrc):

MAILDIR=$HOME/mail      #you'd better make sure it exists
LOGFILE=$MAILDIR/from   #recommended

The rules themselves take the form of

:0 \[flags]
<zero or more conditions (one per line)>
<exactly one action line>

If the condition starts with a \*, it means that we're
passing along a regular expression, or a string to match
within the header:

\* ^Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>

This rule looks for the Sender: field in the header and
matches it up against the Bugtraq phrase (a popular
security mailing list).  If so, the action "bugraq" means
to dump the message into the folder called "bugtraq",
which is located in the directory specified above in
$MAILDIR.  This is your basic "sort my email into folders"
type of recipe.

One of my favorite rules, and one that illustrates nested
rules, is to pretend that my account doesn't exist (ie send
a bounce message) when the sender is from a certain domain,
ie spammer.com:

<div class="highlight"><pre><code class="bash">:0
<span class="se">\*</span> ^From: .<span class="se">\*</span>spammer.com
<span class="o">{</span>
        <span class="nv">EXITCODE</span> <span class="o">=</span> 67
        :0 h:
<span class="o">}</span>

The first condition is to match the From: field with
anything ending in spammer.com (.\* means match anything).
The action is then enclosed in a nesting brace, and consists
of an action and another rule.  EXITCODEg means return a
bounce, and the next two lines mean to dump the headers of
the message into the "bounce.log" folder.  Slick, eh?

Now, to help out my friend:

<div class="highlight"><pre><code class="bash">:0 c
* ^Subject: important
! me@blackberry

You'll notice the "c" flag, which means to generate a
carbon copy.  In this recipe, we generate this copy with
the subject begins with "important", and send it to
me@blackberry (the ! means to send to an email address).

To run this recipe on multiple incoming email addresses,
we'll have to craft the regexp with caution:

<div class="highlight"><pre><code class="bash">:0 c
* ^From: <span class="o">(</span>fred@somewhere.com<span class="p">|</span>joe@elsewhere.com<span class="o">)</span>
! me@blackberry

If we had put two conditions in one rule, they would be
ANDed, ie

<div class="highlight"><pre><code class="bash">:0 c
* ^From: <span class="o">(</span>fred@somewhere.com<span class="p">|</span>joe@elsewhere.com<span class="o">)</span>
* ^Subject: important
! me@blackberry

would only generate the page if fred or joe sent an email
with the subject of "important".  So, without getting
into a lot of complex stuff, we'll stick with the two
separate rules to handle everything.

Through the use of a program called "formail", you can
rewrite the email in transit, i.e. to change the subject.
That's outside the scope of this week's article, but check
out the man page for "procmailrc" on how to do this.  You
can also pass the message through another program, or
delete it entirely (action=/dev/null).  Procmail is fun!

You can get the procmail code from:


Some great sites on writing recipes:

"man procmailrc"

Let's hear what you've got to say on the discussion boards.

RedHat Board:

Linux/Unix Mail:

Finally, feel free to email me with your thoughts and

Long live the Penguin,


2) Linux News

Do your part
Brainbuzz, your community site, needs your help in changing
the future of Microsoft's head...  Or is it Microsoft's
head's head? How about the head of Microsoft's head? There
we go! Get all your friends to sign too!


Strut your stuff
Skilldrill is a new section of the Brainbuzz.com web site.
Take a test in various subjects, including RedHat, and see
how you rank with all the other Brainbuzz members. Link
your transcript with your online Resume from the jobs
section, and show potential employers that you know your
stuff. Bragging rights are on the line!


Creative, but...
It seems someone has written a trojan whose payload is Linux
propaganda. If you see a message with "Check out this new
flash movie that I downloaded just now ... It's Great. Bye",
don't run the attachment!  I know us Linux folk can be a
bit... insistent...  when it comes to promoting Linux, but
causing damage to Windows boxes is taking it too far. If
you feel the need to write a virus in order to promote Linux,
I think we'd all prefer you to put your energy into an open
source project instead. At the end of the day, you'll do
more good for Linux that way.


Windows Whistler vs. Gnome 1.2, KDE 2.0
KDE vs GNOME comparisons are pretty common, but how do
these user interfaces stack up to the Redmond empire's
next release?  This article highlights the key similarities
and differences.


3) Linux Resources

Command Line Weenies
Everyone using Linux is going to come into contact with the
shell at one point or another. Often, it's the fastest way
to get something done. Learning how to make effective use
of the shell is difficult, but this article will walk you
through some of the basics, like how to chain commands


System Basics
Learning how the filesystem is laid out, and how to work
with files is fundamental to working with Linux. It isn't
obvious how everything is supposed to work, so follow this
article for a primer on file operations.


Journaling Filesystems
I've talked about journaling filesystems before -- a
filesystem that commits data to a log, much like a database,
so that in the event of an unclean shutdown no data is lost.
This article explains how the default filesystem, ext2fs,
works, and how a journaling filesystem is different. It
also shows how to install ReiserFS, one of the more stable
JFSs out there.


Keep Tux Safe
As changes are made to a running machine, the security of
the box can be compromised. It's up to the administrator
to keep on top of security all the time. Here are a few
things to keep in mind.


Using Snort
Snort is an open sourced Intrusion Detection System (IDS).
It listens on your network for any traffic matching known
attack signatures. Like many security tools, it's pretty
hard to use if you're new to the IDS game. Linuxsecurity.com
takes you through the steps to install, update, and test
your Snort IDS solutions. Happy hunting!


4) App o' the week
If you're using Linux as a mail server, or as an SMTP
gateway, you may want to get it to perform some basic virus
scanning. The Anomy Mailtool is a powerful PERL script that
will enforce policies on incoming and outgoing mail, such
as removing .VBS files from email, protecting the Exchange
server from the MIME vulnerabilities, and forcing
executable attachments to be renamed before being executed.


(C) 2000 BrainBuzz.com. All Rights Reserved.


         This message is from BrainBuzz.com.

You are currently subscribed to the
   Hottest Linux News and Resources
   as: sean@ertw.com

To un-subscribe from this newsletter by e-mail:
   send a blank email message to:


To Subscribe to this newsletter by e-mail:
   send a blank email message to: