Goodbye macOS Server, Hello Synology!

Warning, this will be more of a rant rather than a helpful trinket; perhaps a cautionary tale. I’ve written several times over the years about how Apple was slowly ruining what was once one of the best server suites available. Between cutting out features, to continual quality control problems, to just plain (it seems) complete disinterest.

Server was a small to medium business web, email, calendar, directory, blog, dhcp, dns, and netboot server that many people used and relied upon. At it’s peak it was flawless and powerful, yet easy to manage. This is the very product this Blog ran on up until about February 1st, 2018.

Apple announced at the beginning of 2018 that it would be deprecating just about all of the remaining features for hosting your own services, instead focusing on making it a tool to manage their devices as part of their Device Enrollment Program. The thing is, it did this already with Profile Manager and there was no reason to remove the other features which were all open source and relatively easy, I assume, to implement for a billion dollar company. Little ‘ol me implemented many of them for production environments at work, and I certainly don’t have billions backing me.

I suppose it’s hard for Apple to concentrate on anything else when you’re more concerned with iPhones and iPads, both of which are being outpaced by better products in that space.

I’ve moved on to a Synology 1718+ NAS device which will be preforming the following functions for our household:

  • Audio Station + iTunes Server
  • Blog Server (WordPress)
  • Client Mac/Windows back up (replacing Apple’s Time Machine for the Macs)
  • DNS
  • Email Server
  • File Server
  • Photo Station (replacing Apple’s Photos app) which also includes a WordPress plugin to integrate with this blog)
  • Web Hosting
  • Wiki

All with multi-drive redundancy with a SSD cache and simple to manage all via a web browser.

This is the device that Apple could have been making for years now with their own design flare. It could have been the evolution of macOS Server and the Airport had Apple been paying attention to the demand and that computers (and devices they attach to like these on a network) are still relevant, wanted, and needed.

I’m delighted with this device and strongly urge those with Apple proprietary products to move away from them. Even if some of your services/applications are still supported, Apple could take those toys out of the sandbox too. They are no longer a company that allows people to create, develop and evolve. They are a company only for people to consume what others have done, and consume that content in a very restrictive sandbox that they control.

Posted in General Happenings, macOS Server, Tech Trinkets | 2 Comments

Automatic Call Recorder

One of the neat and useful apps I found for my Android phone is one called Automatic Call Recorder. It does just what you would expect, any call made or received to your cell phone is automatically recorded and saved.

The saved recording can then be saved to Google Drive or Dropbox so you could email it or just save it to your computer for future reference.

Why would you want this? Let’s say you have your car in for service and the mechanic calls and says, “hey, we found something else, it’ll be $200-$250 more than we expected.” You think about it and say, “sure, do it.”  Then you show up to the dealer and get hit with a $500 extra expense.  You now have a voice recording made automatically of your conversation to play back that has the agreed upon price.

That is just one example of it’s usefulness too!

“Now, that can’t be legal!” you say! Well, it depends on where you live. New York State is a single party consent state, so that means so long as one person in the conversation knows they are being recorded, it is perfectly legal.

I’ve linked to the free version which is ad supported. There is a Pro version available that removes the ads and will automatically sync to your cloud service of choice. The app developer suggests that you try the free version and make sure it is compatible with your phone before purchasing the Pro version.

There are also call recorders for Apple’s iOS, but because of the very restrictive nature of Apple, they are not automatic and you can only make calls from within them. Also, it seems the ones I found charge you by the minute to record.

Posted in Tech Trinkets | Leave a comment

Get Lyrical

I have a fairly huge iTunes music library and would consider myself a bit of a music buff, having music from almost every genre. I’m also particular about making sure my music is properly tagged with every field possible.

One of those possible tags you can include as part of the file metadata is the complete song lyrics. Get Lyrical is a little app that will do this for you. I prefer to let it just run in “Active tagging mode” and as each track is played in iTunes, if there are no lyrics for it yet, Get Lyrical will go out on the internet, find them, and write them into the file’s metadata automatically.Get Lyrical is free, but consider a donation.

Posted in macOS, Tech Trinkets | Leave a comment

YouTube – Trekyards

One of the things I very much enjoy with our Android TVs and Roku boxes is the ability to stream YouTube channels. I’m finding more and more content that is living room-worthy and fun to just sit back and watch.

I love all things Star Trek and these two fellas deliver. Stuart Foley and Samuel Cockings bring a web series called Trekyards that does in-depth features on the ships of Star Trek, including canon and fan made designs.

A lot of times with the ship discussions they get well known Star Trek personalities from behind the scenes that actually designed them and quiz them on their design choices and reasoning.

They also do episode analysis of the new Star Trek Discovery series as well as branching out into Orville episodes.

As mentioned above, they have branched out a bit into “Fleetyards” that does the same with all manner of Sci-Fi spaceships.

The result is a well made show with lots of content and a fun and entertaining series to watch. Check them out!

Posted in TV | Leave a comment

ASSP – Anti-Spam SMTP Proxy Server

For almost two decades I’ve operated my own email server for the family. It’s a fun hobby item, but does require some maintenance to defend against the constant barrage of spam and malicious actors trying to break in.

For most of that time I’ve been using ASSP (V2) as the front-end to incoming email and send mail and thought it was time to give it a plug here. Being an IT professional, I’ve been exposed to several of ASSP’s counterparts: Spam Assassin, Barracuda Spam Email Proxy, and the like – and I always seem to come back to ASSP because it seems to just do more than the others can despite it not being well known.

ASSP is coded in Perl and is available for just about every operating system possible. It has a bevy of Perl modules that are needed or optional to enhance features. And, oh boy, features – there are a ton:

  • Multiple Weighted DNSBLs
  • Multiple Weighted URIBLs
  • Greylisting
  • Weighted Regular Expression Filtering
  • Bayesian
  • Penalty Box
  • SenderBase
  • Attachment Blocking
  • ClamAV and FileScan
  • Blocking Reporting
  • LDAP support
  • Backscatter Detection
  • Recipient replacement / GUI user access rights management
  • MIME charset conversion / DKIM check and signing
  • Multi DB support for all hashes / level based open plugin support
  • Transparent TCP proxy support
  • Plugins: archive, full attachment check and replacement, OCR
  • Damping (steal spammers time)
  • AUTH to relay host / POP3 collector
  • Configuration value and file synchronization
  • Block Reports design could be customized
  • Razor2 and DCC support via Plugin
  • SNMP support (monitoring, configuring, controll-API)
  • User group import (file or LDAP or command based)
  • Automatic crash analyzer Hidden Markov Model
  • IPv6 socket support
  • Word stemming (several languages) for Bayesian analyzer
  • Perl module autoupdate via PPM or CPAN
  • Hidden Markov Model spam detection engine
  • Full unicode support
  • DMARC support
  • Private Whitelist (legacy, domain based, user based)
  • Private IP and Domain lists (legacy, domain based, user based)
  • CPU affinity settings
  • Web file commander
  • Graphical statistic output (SVG)
  • Native SSL support for target hosts
  • Client SSL-certificate validation
  • Private SMIME signing
  • Corporate SMIME signing, using a single privat certificate
  • Content based executable attachment blocking
  • Content based compressed attachment blocking
  • BATV check and signing
  • Message-ID signing and check FBMTV
  • Remote support

The options are simply dizzying but very powerful. Fortunately, they’ve done an extremely good job of providing a default settings package that does just about what most admins want out of the box.

Where ASSP shines, at least for me, is:

  • Granularity of settings: You can turn them on or off easily, and where it comes to spam scoring you can tweak them up or down for individual hit types to fine turn your scoring numbers that ultimately decide what is spam and what isn’t.
  • Automatic white list generation: one of my users sends an email to someone and that domain is automatically whitelisted for a year (default settings) as a known good recipient. This helps prevent a reply being tagged as spam due to things like a server misconfiguration on the other end.
  • Automatic spam reporting. You can configure your ASSP to have a specific email address that reports spam or nospam. Forwarding or redirecting to that email adds it to your bayesian checks. Yes, I know others offer this but it typically requires a “real user” be added to your email server.
  • “Non-standard” ports for sending: You can configure a non-standard port number that your users send mail though that is still authenticated against your primary SMTP gateway. Why? VPN that blocks standard send mail, and by using a non-standard port for your users it will generally stop harvester bots from hamming well-known ports with dictionary attacks or, in the case of port 25, simply deny any authentication attempt.
  • Speaking of port 25 attacks, after x number of failed auto attempts, you can have it add an attacking IP to your firewall rules to drop all traffic from that IP at your front door. It will do this by default for at least it’s own internal process for a user defined period of time if you don’t opt for the firewall flag.

All this is configured through a web browser via a fairly organized web portal. On that note, the dizzying array of options does make the page seem overwhelming and a lot has been added over the years. I think a talented HTML GUI wizard could do wonders for the project, but the bottomline is it works.

Posted in macOS Server, Tech Trinkets, Windows | Leave a comment

TV Category Introduction & Pluto TV – Free TV!

For those that know me, you know that I’ve operated my own media centers for years based on Kodi. Kodi is a nice platform, but they have always been lacking in standard channel support like Hulu or Netflix. Plus the upkeep of dedicated Linux boxes for the immediate family has chewed into too much of my time.

So, I’ve recently changed to using Emby for my local media to replace the Kodi functionality, using Mi Boxes (AndroidTV) on the primary TVs and cheap refurbished Roku’s on the smaller TVs in the house along with the Emby channel.  The upkeep demands are minimized and now I have channel options I did not before.

I figured I’d start a TV category here to share interesting things I’ve found that others may enjoy.  It might be an interesting YouTube channel, or a channel/app I found for my Roku and/or AndroidTV box.

To start with, Pluto TV! I’m a cord-cutter and don’t miss cable TV and it’s cost one little bit. Pluto TV gives you a number of interesting channels for free, and it is totally legitimate. They have a scrolling guide that presents their 100+ channels nicely.

There are a number that are my particular favorites, from the movie channels that span various genres, old TV shows, to even a dedicated Mystery Science Theater 3000 channel – you can definitely find something of interest!

While you do have to watch the occasional commercial (hey, they have to pay the bills somehow!) that is a small thing to put up with for quality streaming channels to your device.

It streams perfectly with my Android TV and Roku and it available for many Smart TVs and never your regular computer.  Be sure to create an account to sign in so their viewer membership goes up! The more viewers, the more attractive they become to sponsors, which will make more channels available. Gee, it’s like the way TV worked in the 80s!

Posted in General Happenings, TV | Leave a comment