Asylum-ET™

First off I would like to say that this laptop has been a complete joke since the beginning.
When I purchased the laptop I asked the fellow at Staples if it included a restore CD because I intended to install WinXP Pro on it. He said that it did and that would not be a problem and claimed to have done the very same thing himself. I paid a little over $1000 USD for the laptop.

Well the laptop does not come with a restore CD but rather a restore from hard drive with some 3rd party software. I guess this is typical now because the makers are to cheap to include a disc and they anticipate your having to buy a new hard drive with OS installed. They also refused to sell me a restore CD when I called the company so eventually I was able to get everything running as intended but what a process and to know that I have now voided my warranty by installing a different OS was not comforting. A week later the price dropped 300 bucks and I asked for the difference from Staples. They declined due to the OS being upgraded. I then demanded that Staples refund me the difference or I would return the entire $3800 worth of merchandise I had bought the very same day along with the $1000 laptop. Oh no sir let us help you out. A few weeks after that the optical drive started to fail and about a week after that would not do much more than beep at me. So now I was stuck with what I had and there was nothing to do about it unless I wanted to put more money into it and replace the drive.

Recently I picked up an external lightscribe optical drive and decided to go ahead and try to install a new OS. I chose Suse 10.3 since I have been happily using it on my host for about a year now.

First I downloaded openSUSE-10.3-GM-i386-mini.iso and burned it to a CD. I next booted from this CD and started on the install. I selected all the general settings. The screen for the network setup caused me a little grief. After messing around a bit with a few options I decided to not use the Wifi just yet so I hard wired the network connection. I selected HTTP and then entered the ip address and directory location of the repository for the install. See the opensuse website for more details.

The rest of the install process was straightforward except for the one thing I must make note of. The Averatec 3200 had WinXP Pro on it and I was not ready to just wipe it out altogether even though I was aware that this very well could destroy it I figured it was a chance I had to take. While in the partition screen, I selected to resize the Windows partition to 20GB, which was the default that the Suse installer chose for me. That worked out just fine and Windows still boots as expected.

After the installation was completed we want to make sure that everything is up to date so make sure that we have internet connection and then open up a terminal program (Shell – Konsole) and start Yast like this.

user@host:~> su
Password: <your root password>
user@host:~> yast

When the Yast Control Center opens up select Software > Online Update and press Enter.

Once loaded you should see a few or more updates available. You will want to look them over and select the applicable ones for your install by using your spacebar to select them. You will know an item is selected when a + plus mark appears next to it. Once you have selected what you wish to update tab to OK and press Enter. One thing differs at this point from what I was use to on my host and that is when the update finishes it returns to the main Yast screen which on my host you must press Finish.

Next while still in Software we use the down arrow and select Software Management to add any additional software packages we wish to use. If there is a specific package you want to find you may tab to [Search] and press Enter. Type in at least part of the software packages name. For example I want to install an irc client so I type in bitchx or irc even.

Using the up/down arrows select bitchx and press the spacebar to select it. You can go through and do the same for any other packages as well before Accepting and installing otherwise you can just repeat the above steps.

When you have completed your tasks in Yast just tab to [Quit]
When back in the terminal type exit and then enter.

Compatibility issues and other notes:
So far there are no issues that I have noticed except that the VIA S3G UniChrome Pro IGP display adapter has a minor bug that does “NOT

We have recently really pissed off some folks with our willingness to tell it as it is and as a result we have seen a serious increase in the amount of Spam related traffic. It could very well be coincidence but that is highly doubtful given the IP addresses of the offenders. Just the same we have investigated the traffic and found that the majority are attempts at email forgery where a Spammer tries to send email with our domain as the return address so it would seem to have come from us.

Well even though we never forwarded the messages on to the return addresses that had been supplied which would have discredited us and eventually caused bans against our domains we decided to implement a bit of a defense against this insolence. We recently implemented something called SPF. For those that are not familiar with SPF it stands for “Sender Policy Framework”. SPF is a fairly new method of determining the validity of email being sent. It checks the emails and makes sure that the sender has a valid SPF record in DNS and if not drops the email and gives the offender a notice describing their violation and what to do in the event that they are trying to send legitimate email.

Installing the packages needed and configuring SPF was a rather simple task but at the same time it has proven to be a bit of a double edged sword. By using SPF we gain the protection against forged emails like Spam, Fraud, Worms and Phishing but at the same time it is still fairly new and not everyone uses it or in the case we are going to discuss they do not use it properly. We have seen that this poses a bit of an issue in that we have found emails from legitimate services such as technorati that get dropped.

The way the technology works is that 2 parties are required for successful messages to be sent. Each party (domain) publishes an SPF record in their DNS zone for the domain. When one of these domains tries to send an email to the other the receiving domain checks to see if the message complies with the sending domains policy and if not is then considered a fake. Depending on what has been specified in the SPF record the messages can be sent anyway, bounced, dropped and so on. Due to what is considered attacks against our server we have decided to drop all messages that appear to be forged leading us to the technorati issue.

We noticed email being sent from technorati that is getting dropped. We contacted technorati right away to inform them of the issue. We did not hear back from them and do not expect that we will until they fix their SPF record. After having thought about it for a bit we decided to look into it a bit further by checking their SPF record and what we have found is that the record does not include the server IP that they are sending email from. It does include a range of IP addresses but this one they are using is not close to being included. We then contacted them one more time to inform them of our new findings and suggested a fix.

It has only now been about 24 hours since contacting them but we have not seen a fix yet and notice yet more messages from them are being dropped. This is a bit unfortunate but their email is not important enough for us to change our decisions with the implementation of our sender policy. It is a bit disturbing that such a well known website has a miss configure like this but everyone can make mistakes. We just hope for their sake that it does not go on for to long especially since they are listed as one of the most frequently used domains that have implemented SPF.

Before I finish up. We highly recommend that if you are not already using SPF you do so immediately to protect yourself, your domain, your reputation and your users from damages that could very well be irreversible. Just remember that getting yourself blacklisted is the easy part.