Kerio offers a 30 day full featured demo you can download from
http://www.kerio.com/kms_download.html. You can install that on Windows, Linux or Mac OS X.

Once you have done the initial setup (domain name and Admin password),
you'll do the rest of the configuration using the GUI administration console.
You can install that on any machine - Windows, Linux or Mac OS X again. It's
a free download, so install it where ever you like. For example,
you might want to be able to administer this server from home. As long
as your router lets port 44337 through to your Kerio Mailserver, you
could do that.

I'm not going to go through the entire configuration here (though
I'm happy to do that by phone or even on-site if you are near me), but
there are a few areas I want to make sure you are aware of.

IP Address Groups

You want to go here first. As you can see, Kerio has defaulted to
using the common private IP address groups for your local lan. You'll
need to edit these to reflect your lan setup and remove any subnets
that don't apply. If you have VPN's, you probably want to add
those subnets here too.

Services

In Services, you define the services and port numbers for Kerio. Shut
off services you aren't using and set their Startup Type to Manual.
Here you can also limit services to the local lan if appropriate and
set the maximum number of concurrent connections allowed. Choosing
a suitable number can keep your server from being loaded down in
the event of DOS (Denial of Service) attacks. For example, if you
only have forty people in your entire organization, there's no reason
to allow 1,000 concurrent HTTPS connections to the server.

In the picture below, I changed the default port for HTTP to 8080
because this server runs a webserver on port 80. Kerio uses HTTP for
a limited Web based administration tool (users who have access to that
can add and maintain users and change passwords but can't access other
Admin functions).

Deleted Items in Domains

You probably want to enable this option. It makes your life easier
when users accidentally delete things they should not have. If this is active, you can just visit the Domain Settings -> Users section and click
one button to recover Deleted Items.

SMTP Limits

There are several limit settings in the SMTP Server section that can
help prevent DOS attacks and cut back on spam.

Content Filter

The spam and anti-virus sections are easy enough, but you'll need to
spend some time in the Attachment Filter section. You need to decide
exactly what your policies will be for attachments; which to allow, which
to block.

Archiving and Backup

Be sure you understand that Archiving is done before the mail is delivered
to the user or sent out, so all messages will be captured (you have options
for only capturing inbound, etc.). Backup is a snapshot in time and also
includes the very important configuration files.

Advanced Options

Do peek in here. There are more security options that you probably want
to set. For example, there's no reason to tell connecting clients your
software version, and there is no reason to let anyone know your lan
ip scheme. Check those to hide those things.

Logs

It's very important to set your log rotation and retention policies.
If you don't. your logs will just grow and grow, By right-clicking in
the log area, you can get a menu that includes "Log Settings". Choose
this to set how many logs to keep and how often you will rotate them.

Other things

Of course there is much more to look at and possibly configure. Much
of it will be very obvious if you have worked with other mailservers. Kerio
does have extensive manuals on-line at http://www.kerio.com/supp_kms_manual.html and of course you can
also call me.

| << Home | 1:20 PM | Technorati | Ping

The other day someone called me about removing hard drives previously
added to the kernel configuration.. my mind went blank.

I said that I knew it was "mkdev dot-something" and told him to
look in /usr/lib/mkdev with "lc -a". I was too busy to look
there myself (and didn't have easy access to a SCO box right then anyway)
but told him to look through the "." files in /usr/lib/mkdev to see if something looked
right. I also told him that it could be done manually and quickly referred
him to http://wdb1.sco.com/kb/showta?taid=105052 and hastily said "You need to take the stuff out
of mscsi, remove the device files.."

And I didn't mention space.c and for some reason he didn't read that
article (maybe he wasn't able to get email where he was) so he got
all screwed up.. had to restore parts of /etc/conf from backup.

Here's the thing, folks: my knowledge of SCOish details is fading. My
*interest* in things SCOish is going away even faster. Yes, I can
still help you with most things, but that list of things is slowly
getting smaller because I'm simply forgetting it - it's not
getting used often enough, so it's going away.

It is time to get off SCO. Way past time. Think about it.

| << Home | 3:00 PM | Technorati | Ping

Last week I had someone ask a few questions about Kerio Webmail. Nothing serious, just a new
user a little confused about how to do certain things.
I did get them straightened out, but it took two emails and one
brief phone conversation. I wish I'd known about Skitch then.

By the way, I found out about Skitch from The Big Book of Apple Hacks. There's a lot
of other good stuff in there.

Skitch runs on Mac and lets you capture screen shots, annotate them,
and then drag them where you want them (or store them on the
Skitch.com website). It's a free, time limited beta right now, but
unless the final price is outrageous, I'll definitely be buying this
because it really makes support easier.

Here's the problem: someone asks me how to do something. If it's
a command line task, that's easy. I can either tell them what to type or
if it's really complicated I can send it in email. But when it's
graphical, it's much harder. "Click up by the, umm, well, right next to
where the first column is.. but kind of to the right?"

Yeah, that's helpful. But if I had known about Skitch, I could have created this:

The user wanted to use the "flag this message" function, but was
clicking on the flag at the top of the column rather than where he actually
needed to. Using Sketch would have let me show him exactly where to click.

He also couldn't see how to delete people from a distribution list
he had created. It's pretty simple; a Skitch shot would have
told the story quickly:

The beautiful part about that is how easy Skitch makes it. Click the
little camera in Skitch, surround the area you want, click it, and there it
is in Skitch. Annotate it, shrink it, grow it, and then then just drag it
to where you want it - it's that easy.

Skitch can also import image files, which is how I made this:

I did a normal Shift-Apple-4 to capture Skitch itself, then had
Skitch open it. I marked it up, sized it, and dragged it to my desktop -
all done!

Skitch can also capture images from your iSight camera:

OK, maybe that is a little too much annotating. But you get the idea:
Skitch is a great tool for your Mac.

| << Home | 10:31 AM | Technorati | Ping

The author of this post requested to remain anonymous because
he still does work for companies mentioned here.

I have worked with Ericsson for 4 years followed by Cisco Systems for 6 years. Both companies were very advanced users of hi-tech. Both insisted on extremely accurate time reporting for every imaginable task, both refused to open tracking items for PC wows. The sort of thing like you arriving the office and need to reboot your PC 3 times before it get onto corporate network ( e.g. 30 min lost). Or PC (almost) hangs or becomes very slow as it has run out of memory and you have important docs open so you you spend the next 40 min slowly closing every open application to ensure a safe shutdown. In Cisco all PCs were spec'd for email and internet use. However over 50% of staff were engineers in the field and we all got the same crummy 512M of RAM. Smart engineers went and bought their own.

No effort was ever made to track time for now applications to calculate the actual cost of introduction in terms of lost productivity. It allowed IT departments to hide behind sloppy products they supply to their clients. Sure, outsource your whole IT to Bangalore (Cisco) But at least allow everyone to track how much time they waste attempting to explain so some half English speaking indian what your problem is.

I think if more companies like IBM did trials with MACs and accurately recorded the user non-productive time due to not having full PC availability then you would see big wigs suddenly wake up. Microsoft has been so successful because they have hidden behind the vested interest of IT departments refusing to expose just how much time their clients are losing because of MS Windows. Its called saving your own asses.

I would estimate that while working with Win XP I would spend minimum of 10% of my productive time solving WinXP issues. On a MAC maybe 1-2%. At least when a MAC crashes it just goes down quick and hard! but Apple have basically stuck to the Unix principle of keep it small and simple and let the combinations of different flexible programs tackle your problem.

All this is a huge hidden cost for companies who would be aiming at 500k-1000k $USD per employee in terms of revenue. They should wake up and smell the coffee..

p.s. I'm suffering on MAC without a good ssh client.The only reason I run Parallel is so I can continue to use SecureCRT. I have hundreds of machines to maintain and there seems to be nothing for MAC that allows good complete telnet/ssh/Sessionstorage/logging/password storage/Key strorage and generation. Any suggestions?

| << Home | 5:10 AM | Technorati | Ping

"_self">Index by Subject

• Sreekrishnan Venkateswaran


• Prentice Hall


• 9780132396554

Regular readers here know that I have been very disappointed with
most Linux kernel and device driver books. I did like The Linux Kernel Primer, but until
this "Essential Linux Device Drivers" book landed on my desk, that
was about it.

I admit that it's very hard to write a good book in this area. You
simply have to make assumptions about the readers knowledge - if you don't,
you'll be writing an encyclopedia or two. However, I still think
that my complaints have been justified, and this author proves that
you CAN write a readable, information packed book about Linux device
drivers without glossing over vast areas.

Well, that's not entirely true: vast areas are still passed by
at break-neck speed, but there's a difference here: every chapter
tries to give a high level overview of the area to be discussed,
which is then followed by very well explained examples of code, and
finally finishes up with pointers to the parts of Linux source code
that are relevant. That's a formula that works, and the author also
often includes pointers to other relevant resources too. With a little
Googling, you should be able to really get a lot out of this book.

As you'd expect, this starts out with an overview of the kernel itself, and
it's probably the best I've ever seen. Individual Linux boot messages are
pulled out, explained, and the the source code that produced them is examined.
It then goes on to discuss kernel locks, briefly looks at procfs and memory allocation, and closes (as each chapter does) with pointers to where to look in the source for the subjects discussed. The next few chapters cover more
basic concepts like kernel locks and threads, and then the rest of the
book is all device drivers.. starting simply and progressing to
more complicated hardware, but always following the format of first giving an overview of the how and why, then presenting sample driver(s), a bit on how to most easily debug, and finally pointers to real kernel sources.

Very well done, and I recommend it. It is a bit expensive, but I think
it's worth it.

"126" height="32" alt="graphic of book cover" /> Order (or just read more about) "http://www.amazon.com/exec/obidos/ASIN/0132396556/aplawrencescouni" target="_top">Essential Linux Device Drivers  from Amazon.com

| << Home | 8:33 AM | Technorati | Ping

"_self">Index by Subject

• Chris Seibold


• O'Reilly


• 9780596529826

This is the Mac book I've been waiting for! It's actually
more than a "Mac" book; as the title implies, it also has
content for iPods, iPhones and Apple TV - I don't happen
to own any of those other things right now, but that's OK: this is a great
book even if all you have is a Mac!

Wow - two exclamation marks in the first paragraph.. I don't
do that very often.

But this compilation deserves it. This isn't the often silly
or cosmetic hacks you'll find all over the web; some of that is
here but there's a lot of real geekery included. The very first
hack in the book covers booting your Mac from a USB thumb drive, the
last covers (with pictures) disassembling and cleaning a Mighty Mouse.
In between there's stuff about swapping out your drives to get more
space or to boot an entirely different OS, using your Mac with X10
controllers and the like, building a small battery backup for your cable
modem.. oh, it just goes on and on.

There are some mistakes here.. well, not necessarily mistakes, but
old hacks. For example, this talks about enabling Safari's Debug menu.
That option is gone now; the Developer Menu replaces it and that can be
turned on or off in standard Preferences, no "hack" needed. But
there is so much of value here we can easily forgive a small oversight
like that!

I'd have to say that so far, this is my choice for "Best Book of the Year"
in the geekish genre.
You want this book if you own a Mac. Really. Click the link below
now while you are thinking about it. You won't be sorry.

"126" height="32" alt="graphic of book cover" /> Order (or just read more about) "http://www.amazon.com/exec/obidos/ASIN/0596529821/aplawrencescouni" target="_top">Big Book of Apple Hacks  from Amazon.com

| << Home | 8:10 AM | Technorati | Ping

I was talking to someone about my early business failures and
mentioned that my mistakes cost me a little more than $100,000 and
that it had taken me quite a few years to dig myself back out from that.
My companioned exclaimed "That's nothing, dude: I lost more than
half a million!"

I expressed surprise and shock. "Wow - how did you manage to
get out from under?", I asked.

"What do you mean?"

What do I mean? I mean how did you get back to solvency after
such a horrible loss? I've known other peple who have suffered
like that and some of them never did recover - my hundred thou
was pretty tough, but five times that or more is unthinkable, at
least for me - it would take me fifty years to climb out of a hole like
that!. I wondered how he had built himself back up.

"Well, I mean that if XXX hadn't screwed me on the deal, I would
have been able to sell my share of the business for half a mill. Thanks
to his lawyers, I got thirty thou."

Ahh.. slight difference there. You see, I actually LOST money.
I went into debt. I OWED money. I had to pay it back, drop by
painful drop. My companion simply got less than he thought he
deserved. That's not the same thing at all.

I was reminded of that when someone else complained about losing
money on an investment. The stocks had been riding high, but took a recent
tumble. He'd "lost" money.. or so he said. But in fact the stock was
still worth far more than he had paid for it, so really he hadn't lost
anything - in fact he'd done pretty darn well. Again, that's not
a loss.

I certainly understand that it's disappointing to get less than you
expected. I've experienced that myself, but I don't think of those
as losses. Real losses hurt, they don't just disappoint. And they can
keep on hurting for years.

I did crawl my way back. Those days are far behind me now. But
I sure do remember what it felt like, and never want to be there again.

| << Home | 4:51 AM | Technorati | Ping