About Me

PBX My name is Paul Bissex, and e-scribe.com is my consulting business. I build web applications using as much open source software as possible. From September to June I teach web design and other important non-photographic professional skills to photographers. In the '90s I wrote technology commentary and reviews for magazines, newspapers, and web publications, including Wired, Salon.com, FamilyPC, the late lamented Web Review, and the Chicago Tribune. Feel free to email me.

Book

I'm co-author of "Python Web Development with Django", an excellent guide to my favorite web framework. Its strong points include an introduction to Python, and better coverage of Django 1.0 than nearly anybody else. Published by Addison-Wesley, it is available from Amazon and your favorite technical bookstore as well.

Colophon

This runs on Django, served by Apache and mod_python. The database is SQLite. The operating system is FreeBSD, on a VPS hosted at Johncompanies.com. Comment-spam protection by Akismet. Vintage topo imagery from the Maptech archive. The markup engine is Markdown.

Pile o'Tags

Stuff I Use

Akismet, del.icio.us, Django, dpaste.com, Emacs, FreeBSD, Freenode, jQuery, LaunchBar, MacPorts, Markdown, Mercurial, OS X, Postfix, Python, SQLite, Subversion, TextMate, Trac, Ubuntu Linux, wmii

Spam Report

At least 59046 pieces of comment spam killed since January 2008, mostly via Akismet.

SPF-enabled spam domains

Among the many anti-spam measures on my mail server -- which help me reject 5000 spam attempts per day -- is SPF. SPF allows domain name owners to specify which mail servers are allowed to send its mail. That makes it an excellent way to detect address forgeries, a favorite spammer tool.

One of the early questions raised about SPF was: won't spammers just buy their own domains and set up their own SPF records that say it's all OK? You can read the answer in the SPF FAQ, but the short version is: Yes, they will, but it won't give them a free pass.

That's because if spammers register a domain, publish SPF records for it, and send spam, they've identified that domain as one intended to be used for spam. Very good blacklist fodder.

With that in mind, here's a list of about 50 domain names that have recently been used to send me spam. All of these have published SPF records, and all the spam I received was from servers approved by those SPF records.

In other words, as far as I can tell, these are domains that exist primarily, if not purely, to send spam.

andhostforum.net bestgolfstoreonline.com besttrustsecure.com builtsouthernnet.com buymarketonthenet.com craigslisttips.net easybuymarketonline.com emarsys.net faithonlinesecure.com ftpaccessonline.com ftpaccesssite.com ftpbacknetwork.net golfwarehousestore.com grape-selector.com gymsupportnetwork.com hughesnewstoday.com isthegreatnetwork.com junebugnews.info leadz411.info limestone-llc.com miltonfranchise.com mystorageadvice.com newshoppingstoreonline.com newvoicesdirect.info opalstemcompany.com photohutnow.com photohutstore.com purchasestoreonthenet.com qsoftsuppliers.com qualityneedsten.com raisedsourceplace.com realitynewstoday.com selectsupplychains.com shoppingmarketinternet.com sportshoppingsite.com ssltoycart.com ssltoycartonline.com storagesitesolution.com storagesolutionnow.com syncddnsreporter1.com tealsteamco.com theshoppingstoreonline.com tonyprojectednews.com truepeoplenetwork.com trustdatasecure.com trustnewsdirect.com trustsecuresite.com trusttravelsecure.com turemlmarketing.com twistinginthewind.net understorageneeds.com upperdecknow.com wonderseems.info yoursecurevidonline.com yourweathersearch.com

If for some reason a perfectly innocent non-spammy domain of yours has made it into this list, please let me know. (You might have to use my contact form, since I've already blacklisted all these domains!)

Wednesday, June 3rd, 2009
email + spam + tips
1 comment

Chess via iPod

I'm still loving my iPod touch. It's really a great little handheld computer. I'm able to do almost everything I need with the stock apps, but there are a couple free third-party apps that have earned a permanent place on it. One is the game Chess With Friends from NewToy.

Chess with God This is a version of what is also known as "postal" or "correspondence" chess. You make a move and send it to your opponent; your opponent makes a move and sends it back to you. (In this version, the CWF app rather than your mail carrier is the middleman.) You can pick somebody out of your address book, or ask the CWF app to find you a random opponent. Nice touches include in-game chat, step-by-step replays, and optional email or SMS notifications.

The human angle is what makes it fun. Most chess players have been periodically disheartened by computer opponents that beat humans (those who play at a mortal level like I do, anyway) coldly, soundly, and rapidly. The variety of human players that the CWF random-opponent feature delivers is a welcome change.

You get to pick your own screen name. People who know you can search by this name if they like, so it serves a useful purpose in addition to being a nametag. It also is occasionally the source of some amusement, as in the screen capture included here from the end of a recent game.

Monday, May 11th, 2009
apple + fun + games + iphone + mobile
2 comments

Aesthetics and computation

This evening, the Western Mass. Developers Group was treated to a talk by Ben Fry of Processing fame. It was excellent and inspiring. Having not much prior exposure to Processing or his work, I left hungry for more. (The title of this post is taken from the name of the group at the MIT Media Lab where Fry did his PhD work.)

I liked the graphical-REPL flavor of his live demos. Surprisingly, the feeling reminded me of being a kid flipping through Alan Kay's article about the Xerox Alto in Scientific American 30 years ago.

He gave a fun tour of creations by Processing users, with various highlights along the way including magazine cover art, a Superbowl ad, a scene from Minority Report, and the work by Robert Hodgin that was picked up by Apple for the iTunes 8 visualizer. Along the way he was concientious about giving his co-conspirator Casey Reas (not in attendance) his share of the credit.

Turnout was good, by our small-town standards: a full room, 25 people or so. Many had come out of the woodwork from local colleges (notably Smith and UMass). O'Reilly gave us a few copies of his book, which we had a drawing for at the end.

I found his work to be a heady mix of technical acuity, aesthetic commitment, and pragmatism. And I liked his dry sense of humor -- jokes that many non-technical audiences probably wouldn't have even known were jokes.

His work is especially interesting to me because I've straddled the design/enginering line most of my professional life.

At the end I asked him about this cross-disciplinary world of his, and whether he had observations about qualities that were good predictors of success. He thought for a moment. His answer, which included mention of a Harvard class he taught to a mix of art/literature/CS/etc. majors, began with one clear word: "Curiosity."

Tuesday, May 5th, 2009
art + design + engineering + f2f + programming
2 comments

Hello from BarCampBoston

Greetings from Boston -- specifically, BarCampBoston. My first "unconference". Nerds galore.

The format is (mostly) half-hour talks from attendees on whatever subjects interest them -- as long as other attendees have also expressed interest. It's all tracked on a big board in the lobby. So far I've been in discussions involving localization, designing for technophobes, cloud computing, physics simulation in games, and Lisp. The level of interactivity is high -- as is the collective expertise brought by the participants.

This is taking place in MIT's Stata Center, a wild-looking Frank Gehry creation that clearly houses a lot of fun regular old MIT stuff in addition to transient visitors like us. Walking down a side hall during lunch I peered through the glass of a closed door into a large office containing a pile of what looked like robots.

Update: In BarCamp spirit, I gave a talk. The title was "Moving from PHP to Django". Much like some of my earlier blog posts on the subject, I talked about how to make the transition from PHP to Python/Django smoother and more enjoyable. At the end, I noted that I had two copies of our book on hand. I made a special offer: buy one (at a great discount price, in fact) and I would donate the proceeds to BarCamp. I had two takers and made my donation immediately after. Thanks, guys!

Saturday, April 25th, 2009
f2f + fun + pwdd

robots.txt via Django, in one line

A significant difference between developing Django sites versus static-HTML-based approaches (among which I count PHP and the like) is that static files, aka "media", live in a dedicated spot.

Sometimes you need a piece of static content to be available at a specific URL outside your media root. robots.txt for example. This can be done in pure Django (i.e. without even touching your Apache configuration), and is especially nice if your robots.txt content is short. The example below serves a basic "keep out" configuration.

At the top of your root URLconf, add this import:

from django.http import HttpResponse

and below, among your list of URL patterns, add:

(r'^robots\.txt$', lambda r: HttpResponse("User-agent: *\nDisallow: /*", mimetype="text/plain"))

The lambda r bit is a concise way of creating a function object which accepts (and discards) the HttpRequest object that Django provides to all views. The "mimetype" setting (aka "content_type" in Django 1.0) is important too, because robots don't like text/html.

So there you have it -- a classic one-line (plus an import) robots.txt solution.

Saturday, April 25th, 2009
django + tips + web development
4 comments

Search

Twittering

Follow me

Feeds

RSS feed

Atom feed

Older Posts

Complete archive

E-Scribe News : a programmer’s blog