So what might have stopped me from using DSL after so long? It wasn’t the price as I’m still paying the same price per month for Comcast Performance (12Mbps) as I was for AT&T FastAccess DSL Direct Extreme 6.0 (6Mbps) connection. Obviously the speed was an improvement for the same price, but my long dislike of cable modem networks made it worth the sacrifice in lower speeds. Ultimately what it came down to was the constant problems I’ve had with AT&T DSL service over the past several years. I’d already complained enough that they rolled a truck out at no cost and they replaced my modem and the optical network card (ONC) that serviced my home. I couldn’t understand why I had any problems with my DSL service as the line was fiber optic up until the last 25 yards as the fiber ended in the beige box in my neighbor’s yard across the street and was copper to the NTI and then only about 3′ of cat5e cable between the NTI and the modem. After the modem and ONC swap-out we’d had pretty stable service until the past couple months when once again the connection was dropping. It didn’t appear that the DSL modem was ever going out of sync we were just losing layer 3 IP traffic.

So we lost internet for a couple hours Monday and it came back on it’s own, then we lost internet again on Tuesday for a couple hours in the late afternoon and again it came back online on it’s own. Then yesterday (Wednesday) between 10:30am and noon it went down again and was still down at 7pm when we got home from work. I’d had enough! Wasted 40 minutes on the phone with DSL technical support and they claimed everything looked okay which I expected as they always do. 30 minutes after getting home with our new cable modem we were online without any problems.

On the way into work this morning I was speaking with one of the AT&T DSL tech support managers that I’ve gotten to know over the past years. He’s looking into it from his side, but realizes we’ve left AT&T DSL service, but wants to try and figure out where the breakdown was. He’s sent me an email with the details to check for 2 known issues that none of the tech support staff ever asked me to check to see if it’s a failure there. If it’s not one of those known issues than it’s something different for them to try and determine but this has been on-going now for nearly 3 years on this DSL line.

At this point the wife and I are both very happy with the speed and service on the cable modem. When I told her about my conversation with my support manager contact she replied “We like comcast better” and “speed is our friend” so we’re not going back even if it turns out to be one of the known issues, but if not maybe they can figure out what it is and help it from happening to another customer. Aside from the disconnections we had no other complaints with the AT&T DSL service and I don’t ask a lot of any provider as I don’t use them for anything but the connection. Provider email accounts just get used as spam traps as I never use them for any email address.

Recently there had been work being done to add FastCGI access to the Linux Hosting plan which already offers PHP5, Python 2.4 and Perl 5. Ruby is still not available on the system as a whole; however, that doesn’t stop you from adding it to your own account which is precisely what I did. Armed with the ability to test out FastCGI I proceeded to work on getting a very simple test RoR app setup and running.

To start with I needed to get Ruby installed. To do this I simply logged into my shell account (another great feature of Web.com’s Linux Hosting) and proceeded to download the necessary sources:

$ wget ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p174.tar.gz

$ wget http://rubyforge.org/frs/download.php/60718/rubygems-1.3.5.tgz

With the source downloaded I then extracted them into the tmp/ directory in my account and built them.

$ tar -xzf ruby-1.8.7-p174.tar.gz -C tmp/

$ tar -xzf rubygems-1.3.5.tgz -C tmp/

$ cd tmp/ruby-1.8.7-p174/

$ ./configure –prefix=$HOME

$ make

$ make install

$ cd ~/tmp/rubygems-1.3.5/

$ ruby setup.rb

With this completed you should have Ruby 1.8.7 and RubyGem 1.3.5 ready to go. You can test by running the following couple of commands:

$ ruby -v

ruby 1.8.7 (2009-06-12 patchlevel 174) [i686-linux]

$ gem -v

1.3.5

Now we’re ready to rock and roll… We just need a few gems to be thrown in and we’ll have Ruby on Rails ready to go and be able to use MySQL for the database. So we’ll start off with the basics…

$ gem install rails mysql fcgi

This should install any other gems that are necessary for dependencies and you can check the final list of gems installed running gem list later if you’re curious to see them all. Now would also be a good time to go ahead and clean-up your tmp/ directory as you won’t be needing all that source any more so why use up the disk resources.

Now we just need a Rails application to run, so we’ll start out with building one from scratch although if you have one ready to go then you could just upload it to your home directory. For purposes of this I’m just going to setup a Rails webapp aptly called “test” as follows:

$ rails -D -d mysql ~/test

Now we just need to go create our webapps public/.htaccess file with the necessary configuration settings. For my example I used the following for my .htaccess file:

Options +FollowSymLinks +ExecCGI

<IfModule mod_fastcgi.c>

AddHandler fastcgi-script .fcgi

</IfModule>

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteRule ^$ index.html [QSA]

RewriteRule ^([^.]+)$ $1.html [QSA]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteRule ^(.*)$ dispatch.fcgi [QSA,L]

</IfModule>

Armed with this we just need to setup the virtual host. I set this up as test.example.com so it ran isolated from my regular non-Rails website. To do this I logged into my support account (outside scope of this entry) and setup test.example.com as a website content path as /test/public. Then while still logged into the support site created the necessary database tables test_development and test_production. You could also setup separate database uses at this time for the databases as well if you liked.

Once the databases were created I needed to edit the test/config/database.yml file with the necessary database name and credentials. Also set the database host to the appropriate hostname provided for your account. You’ll then need to setup and migrate the database.

$ cd ~/test

$ rake db:migrate

$ rake db:setup

Everything done you’re now ready to test it out and see if it all works. If you open up your browser and go to http://test.example.com and you should see the default Ruby on Rails welcome page. If you click on the “About your application’s environment” link it should drop-down and show you the version information for your Rails application. From here you’re ready to begin the rest of your webapp development.

So I’ve been a loyal and faithful user of a very good service for the better part of a decade. Well I guess it’s true all good things come to an end! In setting up Alternative Haven I placed the donation link on the site and 2 days after it was put up I get a notification from PayPal that my account has now been permanently limited and to remove all links and references for Acceptable Use Policy (AUP) violation. I of course promptly removed any links and references to PayPal and responded back as such and asking to get my account status return. I did go and re-read the AUP as I hadn’t done so since 2000 when I opened the account and I’d had no reason to believe I needed to constantly go back and re-read a bunch of legal text. So I was unaware that they had updated the AUP to make using PayPal for adult services a prohibited use. Now wait a minute, don’t you have to actually do something to violate something?

That’s correct, I’ve had my PayPal account essentially terminated without having even done any transactions that violated the services AUP. I merely placed a link that could have violated the AUP and been a violation. So an account with over 9 years in good standing is unceremoniously terminated without actually doing any transactions which violated the agreements. A simple notification that the links were against the AUP and told to remove would have seemed a much more reasonable and proportional response but I guess we’re talking about PayPal the big jaugernaut throwing themselves around.  Now you don’t actually have to perform any transactions at all and you can have your account pulled from you.

As if that wasn’t enough, when they limit your account you can’t actually close it and you can’t remove any of your banking or credit card information. All of that is taken out of your control which leaves you only with the option of reporting the accounts as compromised or stolen and having all new account numbers issued to you by those institutions. I don’t know about anyone else but I am very uneasy with the idea of having my credit card and bank account numbers on a site I’ve lost control of by a company that is willing to take these extreme steps without any warning. I am also unfortunately being forced to find a new Xen VPS hosting provider as VPSFarm.com currently only handles PayPal for payment options although I have been informed that they are working to provide other means to pay by credit card directly.

At this point I can no longer endorse PayPal as a reputable online payment processor. I will be checking out what other alternatives are out there but I’d be more apt at this point to endorse Google Checkout or Amazon before I would recommend PayPal to any current or future clients.

Updated: Have spoken with Gabriel from PayPal Executive Escalations and gotten the party line of “We’re sorry for any inconvience” but even though you didn’t actually do any transactions that violated PayPal’s AUP/TOS you thought about doing it, so we’ve permanently limited your account. When questioned about being able to remove my banking and credit card information was told I couldn’t because of “auditing per government regulations” but again “PayPal is not a bank”, and that I would have to trust them that nothing would be done with the account information. I’ve gone and reported 3 of the active credit card accounts as lost/stolen and I’m in the process of working out closing the checking and savings accounts at two separate banking institutions without causing myself undo burdens (namely being without ATM debit card and checks).

If you have any Rails experience, are interested and don’t have a problem working on an adult-oriented website then please get in touch with a sample of your work. Given the nature of the site and the fact it is in stealth development mode we have to be vague on the details at this time.

Over the years the URL I’ve used for my key policy has changed, as well the URL itself has evolved with the times. Originally it was simply a text/plain file returned back. I have not turned it into a manager that not only presents the key policy, but also provides links to the detached signatures of the policy and verifies either the MD5 or SHA1 checksum of the policy file if provided.  This policy manager is currently being worked on to be able to provide as both a shareware and licensed versions. As it involves GPG key usage the license will be generated for the users GPG key.

Those interest can feel free to check out my key policy and watch as it evolves. Those wishing to potentially make use of the policy manager can also inquire further as there is no current targeted date for a general release.

There are so many methods out there to try and curb the amount of spam out there but never seems to be enough adoption of them. I try my best to implement what I can as I’ve fallen victim of several “joe jobs” in the past. As a result of that I looked at Sender Policy Framework (SPF) before it got introduced into the IETF track and became spf2.0/mfrom,pra. I’m still running my spf1 classic records and it has helped a bit, but I wonder just how many servers really bother to check and honor the policies published.

Likewise, recently I’ve taken the time to implement DomainKeys and DKIM on our servers. On our newest domain which hasn’t even been put to use yet so there are no email addresses in the wild I’ve actually been working to set the policy stating all emails will be signed. As I maintain the only legitimate servers that should be sending email out with the domain it shouldn’t be a problem and should hopefully limit the use of it for phishing and spam.

Another tool in the aresenal that has helped considerably has be greylisting. It’s simple, it works with existing protocols and I’m surprised more sites don’t use it. So you incur a small delay in email delivery time but it eliminates untold amounts of spam just by simply delaying the inevitable. For the longest time greylisting and SPF were more than enough to help keep my inboxes clean of most spam although I still dealt with a handful or so.

The other tools I’ve found invaluable but some consider controversial is use of DNS RBLs. While not all RBLs are created equal there are some very good ones out there that have reputable organizations behind them. I do limit the number of RBLs I check but the ones I check eliminate a fair amount of the spam that once made it through to my mailbox. The composite RBLs are even nicer as they cover more with a single query which helps speed up performance when you have multiple RBLs along with DK, DKIM and SPF all making DNS queries as well.

A good metric that things were working for me was when I had it down to less than a handful of spam messages getting through to my inbox a day. I then updated one of my forwarded email addresses on a server that had no RBLs in use to my regular mailbox address. Within 24 hours the number of spam messages that had gotten through numbered in the hundreds. I worked quickly to get that address using the same blacklists as my main mail servers and the volume of spam nearly disappeared.

Bottom line is with existing technologies it’s easy to curb the spam if more mail servers made use of them. When we can finally get authoritative authentication with the messages being delivered that will help even more. Although sadly as it’s already shown all too well, as the technologies advance to reduce the spam the spammers themselves have evolved to get around them.

Never a slow day when you’re wearing the postmaster/abuse hat but it comes with the job.