IPv6 in Mongolia

Last week the first Mongolian Network Operators Group meeting was held in Ulaanbaatar. Unfortunately I couldn’t attend but I managed to get a list of the attendees and added their organisations to the IPv6 Survey. No great surprises in the list. Most of the local companies only had IPv6 access through their email systems and only because they were using Google.

Problems creating new posts using WordPress 5.2.3

I recently tried to post a blog entry after upgrading WordPress from v4 to v5 and discovered that I couldn’t save a draft or publish it. The diagnostic in the console wasn’t all that helpful to me. Entries such as

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.mrp.net/blog/index.php?rest_route=%2Fwp%2Fv2%2Fposts%2F255&_locale=user. (Reason: missing token ‘x-http-method-override’ in CORS header ‘Access-Control-Allow-Headers’ from CORS preflight channel).
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.mrp.net/blog/index.php?rest_route=%2Fwp%2Fv2%2Fposts%2F255&_locale=user. (Reason: CORS request did not succeed).

This came as quite a surprise and challenged my ability to work out how to fix it. Fortunately I eventually discovered mention of a change of editor (which I had noticed) and that the old one was available so I installed it and my problem was solved. I still don’t understand what is going on with CORS but I have a viable workaround.

Implementing DKIM and DMARC

Attending the Global Cyber Alliance’s DMARC Bootcamp has motivated me to move past just implementing SPF and so implementing DKIM and DMARC too. So far the bootcamp hasn’t talked about implementation details but searching the web turned up some useful tutorials on how to implement it on a Debian host using postfix and bind9. The first one was

https://www.linode.com/docs/email/postfix/configure-spf-and-dkim-in-postfix-on-debian-9/

I didn’t need the SPF instructions but the DKIM ones were very useful. At step 8 it sets the algorithm as “rsa-sha256” but I changed it to “sha256” instead. This means that the “txt” file generated can be simply cut’n’pasted into the DNS without modification. I use bind9 rather than Linode’s DNS manager so I didn’t bother joining the multiple parts of the public key as bind9 was happy with the record as it was (always handy when you plan to create a script to update it).

I chose to make the selector more specific, in case I needed more than one update a month while I was debugging it but maybe a single digit would have been sufficient and I used an inet socket rather than a local one (for no particular reason).

The section on DMARC in this tutorial only configured the DNS record so I had to search for another page to find out what to do with it and I found that at

https://www.skelleton.net/2015/03/21/how-to-eliminate-spam-and-protect-your-name-with-dmarc/

opendmarc is in the standard repository so there is no need to play with backports. I added “IgnoreAuthenticatedClients true” to the opendmarc.conf file to take into account that users use an authenticated submission to send email. Without it there was an erroneous Authentication-Results indicating that dmarc had failed for mrp.net. This didn’t seem to have any impact on sending email to Google but I wanted to get rid of it.

Applying the mysql schema also turned up a problem when creating the domains table failed. It looked like it should have worked but it would seem that a character was larger than I expected. I added “DEFAULT CHARSET=utf8” to the domains and reporters commands to get around that problem.

When I first used the report_script I executed it in a directory that opendmarc couldn’t write in so the opendmarc-reports script failed. It seemed prudent to modify the script to “cd ${WORK_DIR}” even if it was only to be accessed via cron.

I haven’t modified spamassassin’s rules as I want to check the SPAM like email I receive to see if it would make a difference.

So far I’ve received aggregate reports from Google and Oath. It would seem that a number of sites in China are trying to send it email using my domain while the Oath report showed an attempt from Taiwan.

Updated the web site again

I’ve changed the theme again and gone through the web site updating the photography pages so that they use a common configuration (and should use the theme’s font rather than some random one). I have tried to implement a content security policy, centralised the CSS and cleaned up the javascript.

www.markpriorphotography.com

I finally decided that it was too much additional effort trying to make my regular web site display my photography in a way I liked and so I went out and tested some of the dedicated photography sites. These sites are aimed at people who want to sell prints but my main interest was in how they displayed the images. I finally settled on Zenfolio as they had a theme that I liked, one that included a full page slideshow, and so I’ve been slowly populating it with images. Shooting RAW affords me the “luxury” of  being able to play in a digital darkroom and that has allowed me to rescue some images that would have been discarded had they been JPEG. Hopefully my skills in Lightroom are improving, it’s certainly getting better although I’ve tried Capture One and I might migrate to it once Adobe want me to give them more money (especially if they decide to discontinue the non CC version of Lightroom).

You can visit the site at http://www.markpriorphotography.com and let it show you a sample of my work. Otherwise use the menu to visit the portfolio and a collection of trips. The slideshow feature seems to work best with the Chrome browser.

100 Countries?

A number of people are aware that I had a travel goal of qualifying to join the Travelers’ Century Club (TCC), not that I really had any intention of actually joining. This was more about motivating me to get out of a travel rut and visit some new countries than anything else. In November last year I finally hit 100 “countries” but it doesn’t seem all that significant. The TCC’s country and territory list is claimed to have 324 entries (although at least 329 entries appear on their list) compared to the 194 United Nations’ member (and observer) states. While I can agree that some places deserve to be recognised while not being a member state there is a lot to disagree with on the TCC list so it hardly feels like I’ve made it to 100 countries and territories.

So what’s wrong? I think the problem lies in their “Enclaves/Continental Separation” rule. It states:

Continental land areas having a common government or administration but which are geographically discontinuous either by reason of being separated by foreign land not under their control, by being located on separate continents, or by being separated by a natural body of water shall be considered as separate territories provided their population exceeds 100,000. Multiple fragments separated by the same foreign country shall only count for one territory.

There are places where this works fine but there are also a number of cases where it is plainly stupid. Joking aside, from an Australian context listing Tasmania as separate from the rest of the continent because of Bass Strait makes no sense at all. Canadians would also recognise the same situation with Prince Edward Island classified as being separate from Canada. This is potentially made worse than Tasmania because PEI is virtually surrounded by Canada and is so close that it’s connected via a bridge. Additionally Newfoundland-Labrador isn’t included separately (even though it was only admitted to the Canadian confederation in 1949) because Labrador shares a land boundary with the rest of Canada, and Québec is culturally different from the Anglophone part of Canada but that clearly doesn’t count.

Dividing Egypt, Russia and Turkey into two continental areas seems arbitrary and a case of padding the list, as is dividing Indonesia into island groups. Separately recognising overlapping Argentine, British, and Chilean Antarctic claims results in three countries from one landing but it doesn’t recognise visiting a base of a country that doesn’t have a territorial claim that predates the Antarctic Treaty.

It would be easy to just dismiss the TCC list and go with the UN one but then that would diminish places such as South Georgia, that while a British Overseas Territory is in another hemisphere to the UK.

In the end I think I’ve visited somewhere between 71 and 103 counties and territories so maybe I have at most 29 to go and I should just keep visiting new countries.

Blood Moon

 

Blood Moon

Lunar eclipse: Blood Moon

 

Last night there was a lunar eclipse that resulted in a red tinted moon. There was some cloud cover so not ideal but it provided an opportunity to exercise the new tripod (wow is it light, love carbon fibre) and the ancient Tamron 500mm mirror lens. I think the mirror lens has gone the way of the dodo but it still provides a small form factor telephoto lens. The f/8 aperture isn’t anything to write home about but at night it’s hardly an issue. The following image was taken just after the total eclipse had finished.

Partial Eclipse: soon after the end of the full eclipse

Updated the web site

I haven’t finished updating all my photo albums yet but I thought it was time to migrate to the new site anyway. I’m still working through the photos though so expect more photos to appear in due course.

Rebuilding the web site (again)

I discovered that the plugin I was using to display photos on my web site is no longer being developed or supported so I thought I better hunt down some new software that I was happy to use going forward.

Of course things like that don’t just stop there, after finding three different slideshows that might work, as I decided to try to make the web site iPhone/iPad/Android friendly and that took me down the Rapidweaver Theme rathole where I found that my original photo plugin didn’t play nice with newer themes.

So now I’ve rebuilt the web site using a new responsive theme, and found an app to build slideshows straight out of Adobe Lightroom. Only problem now is converting all those old slideshows into new (and improved) ones. Not helped by the lack of photo cataloging of the older photos.

It sounded so simple in the beginning…

Iguaçu Falls

Brazilian platform

Over flying the falls