The Trouble with NetSol

One of our clients hosts their domain and DNS with Network Solutions ("NetSol") (their first mistake).
For those who don't know: NetSol is the oldest, more arcane domain services provider.

Today, we wanted to update some DNS records (A, CNAME). An easy task with other providers such as eNom or GoDaddy.
Here is the story.
For references "@" is the domain name in question, a common

Cannot Delete A Record for www.
Our first step was to remove the A record for the www. entry, which we wanted to replace with a CNAME.
In the DNS manager provided by NetSol we check a box labelled "Delete" and press save.
The record was not deleted, the IP address portion was, but the entry it-self was not.
The result was that a lookup for "www.@" was simply empty. WTF?

We contacted support, and after more than 20 minutes of navigating the IVR and waiting we were connected with a CSR who mumbled and didn't know a freaking thing about DNS.

We explained to them our issue, which they didn't understand.
After repeating 'We want to delete the A record for WWW' about a dozen time they got it.

The CSR then looked at our account, made some adjustments and asked us to verify.
All the entries were gone! What the FUCK?!
Except, that the 'A' record section of their manage won't allow us to remove the entry for 'www', it's hard coded.
What an epic fail.

So, now we had to re-create all the A records the previously existed.
Good thing we had documentation.

So we tried the whole process again.
Checked the "Delete" box next to www again and selected delete.
Waited for their slow caching system to referesh the data (five minutes) and saw the same results.
The A record persists, with a blank entry, and prevents us from creating a CNAME record for www..

In short, the DNS "Manager" provided by NetSol is a flaming pile of crap.

How to Fix It

Firstly, NetSol, could improve their system so that it actually functions, uses caching properly and allows the user to manage A, CNAME and other records with full authority.

Another option is to choose an alternate DNS provider - such as that provided by eNom or GoDaddy (or dozens of others).

For us, we assisted the customer with migrating their domains out of NetSol.

Moving Mail via IMAP from Account to Another

Most of the hosting providers these days provide for IMAP access to your mailbox.
This is great, but what if you want to move messages from one IMAP account to another?
We wrote this little tool for it: imap-move.

The IMAP Move tool was written with a few, very specific, intended purposes but there could be others.

1. Archive messages from IMAP into a local directory
2. Move message from one Mailbox to another Mail Account

The tool keeps track of the moved message (by mail message ID) so it can be run over and over on the same source mailbox w/o having to repeat it's work - this can save time when you have 40k+ messages.

List the Source Folders/Labels

imap-move.php -s imap-ssl://user@domain:password@imap.gmail.com:993/ --list

Source: user@domain
01 Follow up; 0 messages 0 bytes
02 INBOX; 1080 messages 108104263 bytes
03 Misc; 0 messages 0 bytes
04 Priority; 0 messages 0 bytes
05 [Gmail]; skip [container only]
06 [Gmail]/All Mail; skip [skip list]
07 [Gmail]/Drafts; skip [skip list]
08 [Gmail]/Sent Mail; skip [skip list]
09 [Gmail]/Spam; skip [skip list]
10 [Gmail]/Starred; skip [skip list]
11 [Gmail]/Trash; skip [skip list]
11 Folders, 1080 messages, 108104263 bytes

Copy to Local Directory

Please note, this is not a MAILDIR (or, at least I don't think it is)

imap-move.php \
  -s imap-ssl://user@domain:password@imap.gmail.com:993/ \
  --copy /path/to/storage

Copy one IMAP Account to Another

This can take a long time, the application has a lot of spew, maybe use |tee or something.

imap-move.php \
  -s imap-ssl://user@domain:password@imap.gmail.com:993/ \
  -t imap-ssl://noob@domain:password@imap.gmail.com:993/ \
  --move \
  --copy

A Week without Flash

Adobe Flash is a flaming pile of crap.
Firstly: it's got loads of security issues and consumes hella memory (>=100M!).
Additionally: ads and tracking issues, impact on web-surfing performance, &c.

So starting Monday of this week we to a (seemingly) dramatic step - removed Flash from our systems.
Not use using FlashBlock (which is awesome!), not just disabling the Plug-In (also an option); fully gone.

Must say, I've hardly noticed the difference.

Many pages, especially on ad-ridden sites (looking at you Cheeseburger), load much faster.

Adobe Flash Fail Sites

Not everything was great. To watch YouTube we had to enable their HTML5 beta.
Also, some functionality of both Google Analytics and Google Finance depend on Adobe.
Lots of other stuff does too.

Important to Remove

If, like us, you want to see the death of flash!, start removing it.
This way, we can start to skew the analytics numbers to show less and less browser support.

Old, crappy technologies don't die out on their own, we have to actively kill them.

Getting Started with PhoneGap on Linux without Eclipse

Eclipse is a great editor and all, but I'm a much bigger fan of jEdit which I've been using since forever (at least 10 years). So, when wanting to do Android development and especially when using PhoneGap most of the existing documentation focuses on Eclipse.

This shows a full manual process, from installing the Android SDK and PhoneGap, creating the initial project and building the sample provided by PhoneGap. The target system is Linux (Gentoo) and we'll mostly be working in the home directory of a non-privileged user.

Install the Android SDK

At this time of this writing it was version: android-sdk_r15-linux.tgz.

Might take some time to complete all the downloads during update sdk.

wget http://dl.google.com/android/android-sdk_r15-linux.tgz
tar -zxf android-sdk_r15-linux.tgz
rm android-sdk_r15-linux.tgz
cd android-sdk-linux
tools/android update sdk --no-ui
echo "PATH=\"\${PATH}:~/android-sdk-linux/tools\"" >> ~/.bashrc

Install PhoneGap

Download the latest, at this time PhoneGap 1.2.0.

wget https://github.com/callback/phonegap/zipball/1.2.0
unzip 
cd phonegap-1.2.0

Building the Sample

cd ~/phonegap-1.2.0/Android/Sample
android update project --path $(pwd)
ant debug

Running the Sample

~/android-sdk-linux/tools/android

Using this UI create a AVD Tools -> Manage AVDs

~/android-sdk-linux/platform-tools/adb devices

Now install to the running emulator

~/android-sdk-linux/platform-tools/adb -e install -r bin/PhoneGapExample-debug.apk

See Also

• AVD Command Line (CLI)

Credit Card Brand Logos as CSS Sprite

We recently had cause to create some CC icons for a checkout process, we just needed the four most common. Had a heck of a time getting good downloads, quality images &c. Google has a good image they use; one image file used as sprites - smart.

Other sites the downloads were not working, or there was some restrictive license on the images. The card vendors themselves also don't make this easy - requiring registration to download? WTF? Why not post to their Facebook pages, make downloadable from the Pictures section.

So, we searched and went directly to each brand, downloaded their source images and created this image sprite, as a indexed- PNG so it's roughly 8K! It has a hot and cold view of each of the four major credit card providers. Use as needed, no-fee, no-charge, no-license, no-restrictions.

To use it, do something like this:

.cc { height: 36px; }
.cc div { background:url(http://cdn.edoceo.com/img/cc.png); border:1px solid #666; float:left; }
.cc .mc { background-position:0px 0px; height:32px; margin:2px; width:56px; }
.cc .vc { background-position:-56px 0px; height:32px; margin:2px; width:56px; }
.cc .dc { background-position:-112px 0px; height:32px; margin:2px; width:56px; }
.cc .ac { background-position:-168px 0px; height:32px; margin:2px; width:56px; }
.cc .mb { background-position:0px 32px; height:32px; margin:2px; width:56px; }
.cc .vb { background-position:-56px 32px; height:32px; margin:2px; width:56px; }
.cc .db { background-position:-112px 32px; height:32px; margin:2px; width:56px; }
.cc .ab { background-position:-168px 32px; height:32px; margin:2px; width:56px; }

<div class="cc">
  <div class="mc"></div>
  <div class="vc"></div>
  <div class="dc"></div>
  <div class="ac"></div>
</div>

<div class="cc">
  <div class="mb"></div>
  <div class="vb"></div>
  <div class="db"></div>
  <div class="ab"></div>
</div>

Add some JavaScript card type auto-detection and adjust the card indicators as necessary.

Thanks to merchant account blog for some pointers. More information about CSS Sprites can be found on CSS Tricks.

Network Solutions DNS Migration - Caution Parking!

We recently assisted with a migration of DNS services to the Network Solutions (worldnic.com) which is a pretty normal operation.

The process went as normal, transferred the domain to Network Solutions ("NS"), waited a few days for that to process. Once in Network Solutions the WHOIS information was updated and again we waited 48 hours for the next move.

A zone-dump was acquired from the existing DNS provider, including all A, CNAME, SRV and TXT records. We initiated the DNS migration (Switch NS) process at NS and then proceeded to update their DNS with the proper records. After two hours the settings were verified via direct query using dig. All was well.

About eight hours later the client called, they had noticed an issue on the web-site. Imagine our surprise when, upon examining the DNS records we found two new records that we did not create!

Apparently, some time between 11pm and 7am these two records were added. The two A records were for @ (i.e.: domain.tld) and www. They pointed to a parking page IPv4 address run by NS. Our existing records were still in-place.

The client was seeing the issue due to the round-robin effect of these two addresses. Some times seeing the proper site/host and other times not.

Simply deleting these spurious records and waiting 7200 seconds did the trick.

McAfee "Secure" / HackerSafe - Bad Config?

For some of our clients that require PCI compliance we had been using the "McAfee Secure" (aka: HackerSafe) product. Changes to their site over two years ago eliminated the need for this snake-oil type service - so we canceled the service circa 2010q1.

Oddly, their service has continued to scan and send "alerts" for our system.

We contacted McAfee regarding this issue (877-302-9965) and confirmed that our account had been closed "for some time"

Attempts to login to the McAfee control-panel failed, as did attempts to reset our password using the known/proper email address on file. We were told by the system: "A mail has been sent to the email address" - cute. We waited two hours for this message.

It appears, that like so many other snake-oil security products McAfee's system will also repeatedly nag you about spurious events.
So, just be aware and careful.

Internally it's a good idea to use tools like OpenVAS to check your systems as well as a third-party provider.