Search Results

Search found 6397 results on 256 pages for 'secure emails'.

Page 169/256 | < Previous Page | 165 166 167 168 169 170 171 172 173 174 175 176 | Next Page >

Jail Linux user to directory for FTP login

- by Greg

I'm planning on using vsftpd to act as a secure ftp server, but I am having difficulty controlling the linux users that will be used as ftp logins. The users are required to be "jailed" into a specific directory (and subdirectories) and have full read/write access. Requirements: - User account "admin_ftp" should be jailed to /var/www directory. - Other accounts will be added as needed, for each site... e.g: - User account "picturegallery_ftp" should be jailed to /var/www/picturegallery.com directory. I have tried the following, but to no avail: # Group to store all ftp accounts in. groupadd ftp_accounts # Group for single user, with the same name as the username. groupadd admin_ftp useradd -g admin_ftp -G ftp_accounts admin_ftp chgrp -R ftp_accounts /var/www chmod -R g+w /var/www When I log into FTP using account admin_ftp, I am given the error message: 500 OOPS: cannot change directory:/home/admin_ftp But didn't I specify the home directory? Extra internets for a guide how to do this specifically for vsftpd :)

Read the article
Protecting Windows SMTP service against the spam

- by MainMa

Hi, I'm trying to use a Windows SMTP service on Windows Server 2008, but I can't understand how to secure it. Basically, if I open firewall for local network IPs only for %windir%\system32\inetsrv\inetinfo.exe and keep Connection and Relay settings of SMTP Virtual Server to "All except the list below" (with an empty list), a few minutes later I see spam appearing in Queue directory. (Why? Isn't firewall intended to block this?) Now, if I set Connection or Relay to "Only the list below", specifying the range of local IPs, I can't use the SMTP server nevermore (a "Unable to read data from the transport connection: net_io_connectionclosed." exception is thrown). So what is the way to get rid of spam from internet but let send mails from local network?

Read the article
Customised email alerts through MailChimp API

- by user1293351

I am building a site that runs an automated process every 30 minutes to match up new flights with their respective user. Once this process is completed I want to email the flight details out to the respective user. However the flight info will be different for every single user with their being 0-300+ potential emails. Is this something that the MailChimp API will allow or do? I found this page http://apidocs.mailchimp.com/api/how-to/transactional-campaigns.php which I am not sure if this effects me. Is the STS more suited to this? http://apidocs.mailchimp.com/sts/1.0/ Thanks Alex

Read the article
How can I create a new email account in Java?

- by Jeremy Goodell

I am able to send and receive emails from my JSPs and associated Java code using the Java Mail API (javax.mail.*). Now I would like to create a new POP3 email account programmatically when a user registers for my site. I've found surprisingly little information about this with web searches. I would think it would be a somewhat common problem. It appears that the Java Mail API does not provide any assistance in this area. I have many email accounts available under my godaddy account, and to manually create an account, I just go to the godaddy email control panel, click Add, and specify the email address and password. This is exactly what I would like to do via a Java program. Any ideas?

Read the article
weird characters in HTML email

- by sims

Hi stackers! I'm reading email from a maildir and some emails have weird sets of characters in them: =3D =09 I think =3D is = and =09 is a space. There are some others, but I'm not sure: =E2 =80 =93 Does anyone know what these are and what encoding issues I'm dealing with here? BTW, I tried fetching these email via POP3 and it's the same thing. The reason I'm posting this on SO is not because I'm using a regular mail client to read the data. I'm reading via PHP out of maildir files. Perhaps a regular email client would detect what encoding this is and deal with it. Thanks!

Read the article
how to connect public web server to internal LAN

- by DefSol

I have a VPS which is my public web server for all my clients. It's running server 2008 and I would like to have it connect via secure connection to my internal LAN. I would like this to be a route so access is bi-derectional. Have read about Server & Domain isolation, but am concerned this may prevent public views to the webs sites on the server. I currently have a PPTP tunnel, but I'm wanting better security (IPSec or SSL etc) and it's not given my bi derectional access. (In fact my backups aren't copying accross but this could be an acl issue) The goal is to provide easy/automated backups of data & sql db's to my internal LAN, as well as a means to provision new sites & db's from a workflow occuring internally. Internal lan is windows based with ISA 2006 at the perimeter. Thanks

Read the article
Protecting PHP packages on server

- by Jack

Hi, I am a php developer and have recently decided to make one of my Magento extensions commercial. I have downloaded and configured MageParts CEM Server and that is all working perfectly in regard to licencing and delivery of module packages. The only issue is that the directory that the packages are stored in could be accessed by anyone. I tried this in a .htaccess file, but now it is not working. <Files services.wsdl> allow from all </Files> deny from all Clients are receiving a 403 Forbidden response. Have I done something wrong in the .htaccess file or would there be a better way to secure the directory? Any help would be greatly appreciated.

Read the article
Create and use intermediate certificate authority on Windows Server 2012?

- by Sid

Background: Server OS is Windows Server 2012. GUI is installed as we come upto speed with powershell. Setup is staging, not production (yet). We have our (internal, domain limited) Root CA installed. I would like to take the Root CA offline to secure storage but before that I'd like to setup an intermediate CA which can take over actual live, online (int-RA-net) functionality Can someone guide me covering: creating the intermediate CA certificate request installing the intermediate CA certificate on domain controller (certification authority role already installed with Root CA online right now) use the intermediate CA to generate a certificate (any use certificate, just for demonstration purposes) Obviously this certification chain would be invalid on computers outside our domain (self trusted root - our root certificate is NOT from common 3rd parties). This last point is NOT a problem.

Read the article
Windows service running under network credentials doesn't autostart

- by David Alpert

I have a Subversion Server running as a resident service on a Windows XP Pro machine. That service needs to access a secure network fileshare, so I used the Services-Properties-Log On tab to tell the service to run as a user who has access to the target fileshare. That works out fine until the machine restarts, when the service fails to autostart. I am able to start it manually by logging in, going back to that Services-Properties-Log On tab and reconfiming the explicit credentials. Do I have to manually start this service under alternate credentials every time the machine reboots? Is there something else I can do to make sure that my Subversion server service autostarts with proper access to authenticate against this network share?

Read the article
for a single-table inheritance in rails, how do I know the 'type' when creating a record?

- by Angela

I have several models which are very similar: Contact_Emails, Contact_Letters, Contact_Calls -- and I think life could be easier making them into a Single Table Inheritance called Contact_Event. However, the way I have it set up now is when something is created for a Contact_Email, I have a dedicated controller that I call and know that I am passing the arguments that are approrpriate. For example, new_contact_email(contact, email). I then have: Emails.find(email.contact_id), etcera, all very specific to that Model. I'm not sure how I extract the class/models to use. For example, I currently have the following because I have separate controllers for each model: def do_event(contact, call_or_email_or_letter) model_name = call_or_email_or_letter.class.name.tableize.singularize link_to( "#{model_name.camelize}", send("new_contact_#{model_name}_path", :contact => contact, :status => 'done', :"#{model_name}" => call_or_email_or_letter ) ) end What I really want is to: link_to("#model_name.camelize}", send("new_contact_event_path(contact,call_or_email_or_letter)"

Read the article
Securing a local server physically

- by Daniele

We are an online business. We have a very powerful server with hard disk mirroring in our office that we are using for a variety of internal business-critical functions. We want to keep that machine in our office but we want to make sure it is as secure as possible (within reason). Obviously we are already backing it up everyday off-site. My question is more about not-too-expensive physical measures to protect the machine against thieves and disasters such as fire. What would you suggest?

Read the article
SSH tunnel & Rsync thru two proxy/firewalls

- by cajwine

Screnario: [internal_server_1]AA------AB[firewall_1]AC----+ 10.2.0.3-^ ^-10.2.0.2 | internet 10.3.0.3-v v-10.3.0.2 | [internal_server_2]BA------BB[firewall_2]BC----+ Ports AC,BC has valid internet addresses. All systems run linux and have root acces to all. Need securely rsync internal_server_1:/some/path into internal_server_2:/another/path My idea is make ssh secure tunnel between two firewalls, e.g. from firewall_1 firewall1# ssh -N -p 22 -c 3des user2@firewall_2.example.com -L xxx/10.3.0.3/xxxx and after will run rsync from internal_server_1 somewhat like: intenal1# rsync -az /some/path [email protected]:/another/path I don't know how to make a correct ssh tunnel for rsync (what ports need tunnel) and to where i will make the rsync? (remote comp address in case of ssh tunnel) Any idea or pointer to helpfull internet resource for this case? thanx.

Read the article
sSMTP Configuration Question

- by SevenCentral

I've installed sSMTP on Ubuntu 10.04 via: sudo apt-get install ssmtp My configuration file is: # # Config file for sSMTP sendmail # # The person who gets all mail for userids < 1000 # Make this empty to disable rewriting. [email protected] # The place where the mail goes. The actual machine name is required no # MX records are consulted. Commonly mailhosts are named mail.domain.com mailhub=smtp.gmail.com:587 # Where will the mail seem to come from? #rewriteDomain= # The full hostname hostname=somedomain.com # Are users allowed to set their own From: address? # YES - Allow the user to specify their own From: address # NO - Use the system generated From: address #FromLineOverride=YES [email protected] authpass=**** usestarttls=yes Am I transmitting my credentials in clear text? Is calling ssmtp a secure operation? Thanks.

Read the article
squid transparent proxy on all ports

- by Yves Richard

I have setup squid as a transparent proxy by redirecting port 80 to the native squid port 3128. I know there are issues with getting secure ports like ssl and imaps to go though the proxy but can I redirect all other ports through the proxy as well. I am trying to get a better idea of bandwidth usage. I have setup iptables to log usage and i am getting most traffic going into the related/established rule. I am trying to determine the origins of this traffic by sending traffic to squid for more detailed logging.

Read the article
Sending email from Drupal contact form, but GMail marks it as "Forged"

- by James Shields

Hi, My Drupal site sends email to a GMail account, but the emails sent all go into the Spam folder, and GMail puts up a bar with the message "This message was likely forged and did not originate from your account." Although I can create a filter to prevent them going to Spam, I want to start sending newsletters, and I suspect they'll have the same problem. I suspect the problem is with the way I've set up either PHP or Drupal to send mail. As far as I know it's just using the sendmail function. I've set the from address to "info@..." where ... is the site domain. Any tips on how I can make set up my outgoing mail so it won't be refused by GMail (and presumably other major mail providers)? Thanks, James

Read the article
Convert Eregi_replace to preg_replace in PHP

- by alexy13

I need help converting eregi_replace to preg_replace (since in PHP5 it's depreciated): function makeClickableLinks($text) { $text = eregi_replace('(((f|ht){1}tp://)[-a-zA-Z0-9@:%_\+.~#?&//=]+)', '<a href="\\1">\\1</a>', $text); $text = eregi_replace('([[:space:]()[{}])(www.[-a-zA-Z0-9@:%_\+.~#?&//=]+)', '\\1<a href="http://\\2">\\2</a>', $text); $text = eregi_replace('([_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3})', '<a href="mailto:\\1">\\1</a>', $text); return $text; } (It turns text links and emails into hyperlinks so that the user can click on them)

Read the article
How to route traffic through a specific SOCKS proxy on a per-app basis?

- by GJ.

I'm running a certain desktop app (actually via AIR if it makes any difference) which doesn't have any built-in proxy configuration settings. I need to get all traffic just from this app directed through a secure SOCKS proxy. This implies I can't use the global network preferences, as these would affect many other apps. Is there any way to force all network communication through a given SOCKS proxy on a per-app basis? It would also be helpful to know if there's a way to perform such routing globally, based on specific IP addresses (as this could allow for some reasonable workaround).

Read the article
Installing httpssl module on a running NGINX server

- by Rob

Hi, New to NGINX, we inherited a project that runs Django/FCGI/NGINX on a hosted RHEL box. A requirement has come in that the site now needs to have ssl enabled. Client was pretty sure the person who had built the site had made it so they could use ssl. I backed up the conf file, added the server block for the ssl instance and tried to reload. Reload failed because it didn't recognize the ssl in this line: ssl on; Not an NGINX expert, but the David Caruso in me tells me that the server (sunglasses on) is not secure. I know that you need to configure NGINX at install with this module. If this didn't happen, how hard/risky is it to reconfigure a running nginx box with this module given that we didn't configure it in the first place.

Read the article
Automated testing of a website for IE7 javascript errors?

- by Andreas Bonini

This week I decided to add a new element to a javascript array by copying a similar one from a previous line; unfortunately I forgot to remove the comma so the end result was something like var a = [1, 2, 3,]. The code went live late Friday afternoon just before everyone left for the week-end, and it completely broke everything in Internet Explorer 7 (and lower I assume) since it's such a great browser. Since there was no one to read emails (week-end) it went unnoticed for quite a while, and I really don't want something like this to happen again (especially in my code).. This is not the first of weird IE7 problems; I was wondering if there was a way to automatically test key pages looking for javascript or css errors, or really anything that IE8 would output in its new console in development tools. If there isn't, what do you usually do? You test the website after every change with all the browsers you support? (Something I'll do from now, at least for IE, if there is no way to run automated tests)

Read the article
Dovecot and StartSSL problems with issuer

- by knoim

I am using dovecot (1) and trying to get my StartSSL certificate running. ssl_key_file points to my private key I tried pointing ssl_cert_file to my public key, with and without using the class1 certificate from http://www.startssl.com/certs/sub.class1.server.ca.pem as ssl_ca_file aswell as combing them with cat publickey sub.class1.server.ca.pem chained My mail client keeps telling me the certificate has no issuer, but doing openssl x509 on my public certificate tells me it is C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Class 1 Primary Intermediate Server CA My option for the CSR were: openssl req -new -newkey rsa:4096 -nodes Dovecot's log doesn't mention any problems. EDIT: Doesn't seem to be a problem with dovecot. I am having the same problem with postfix. openssl verify gives me the same error.

Read the article
How to decide where to purchase a wildcard SSL certificate?

- by user664833

Recently I needed to purchase a wildcard SSL certificate (because I need to secure a number of subdomains), and when I first searched for where to buy one I was overwhelmed with the number of choices, marketing claims, and price range. I created a list to help me see passed the marketing gimmicks that the greater majority of the Certificate Authorities (CAs) plaster all over their sites. In the end my personal conclusion is that pretty much the only things that matter are the price and the pleasantness of the CA's website. Question: Besides price and a nice website, is there anything worthy of my consideration in deciding where to purchase a wildcard SSL certificate?

Read the article
Allow users to view Word documents only and not be able to edit, copy or save them.

- by Alexander

Hello In a traditional Windows Server 2003 environment with AD, we have shared a folder for our policy documents (MS Word). These documents get edited/updated now and then by the administrator(principal of college). Users only have read-only access to the folder, but they can still save-as and then change the content. Sharepoint is a possible solution but not easy to implement. We also thought of using a CMS on Linux and installing Joomla to let users only view the docs with a document management system... but is it possible to automatically retrieve the policy folder on the network and convert or put it in a format that users can only view and not copy? We also thought of saving the docs to secure pdf format but the principal wants an automated system. Basically she just wants to work in Word and the policies must be available to staff members on the network. Any ideas? Much appreciated.

Read the article
Rails accepts_nested_attributes_for callbacks

- by Rabbott

I have two models Ticket and TicketComment, the TicketComment is a child of Ticket. ticket.rb class Ticket < ActiveRecord::Base has_many :ticket_comments, :dependent => :destroy, :order => 'created_at DESC' # allow the ticket comments to be created from within a ticket form accepts_nested_attributes_for :ticket_comments, :reject_if => proc { |attributes| attributes['comment'].blank? } end ticket_comment.rb class TicketComment < ActiveRecord::Base belongs_to :ticket validates_presence_of :comment end What I want to do is mimic the functionality in Trac, where if a user makes a change to the ticket, and/or adds a comment, an email is sent to the people assigned to the ticket. I want to use an after_update or after_save callback, so that I know the information was all saved before I send out emails. How can I detect changes to the model (ticket.changes) as well as whether a new comment was created or not (ticket.comments) and send this update (x changes to y, user added comment 'text') in ONE email in a callback method?

Read the article
What are some good methods to improve personal password management?

- by danilo

I want to improve my personal password management. I usually use secure passwords, but overuse them for too many different places. My questions: What methods do you use to create passwords, e.g. for different online sites/logins? What methods do you use to remember those passwords? Memory? Pen&Paper? Software storage? Is there some good way to store my passwords somewhere, so I can always have access to them when I need them (e.g. a webbased solution on my own server) but at the same way keep them away from unwanted access? Edit: Someone on another site mentioned http://passwordmaker.org/. Have you had any good or bad experiences with that software?

Read the article
creating Contact in Active Director with Exchange

- by Data-Base

Hello, I made a VBS script that imports users and creates a Contact Objects everything working OK till I found that users does not appear in the GAL (Global Address List) looking around I found that I need to use the attribute (showInAddressBook) I tried to use it but I get some errors (Null ......) but my supplied inputs are not empty and I have a checking function before sending the inputs to showInAddressBook so what should I use in there? I used the users names, but it did not work also the users are externals (just to use them in our GAL) they have different emails than our normal users any idea on what should I use with showInAddressBook ? cheers

Read the article

< Previous Page | 165 166 167 168 169 170 171 172 173 174 175 176 | Next Page >