Thursday, March 28, 2013

Thunderbird and copying between IMAP accounts

The Issue
If you have multiple IMAP accounts and wish to copy messages with attachments between the 2 accounts you may find that when you come to open the attachment on the other account that Thunderbird generates the following error message:

This attachment appears to be empty.
Please check with the person who sent this.
Often company firewalls or antivirus programs will destroy attachments.

 This blogget will tell you how to overcome this issue and not to panic when it occurs as the attachment did copy across without any issues.

 Copying The Message
In Thunderbird messages can be copied between accounts using the following steps.

  1. Select [multiple|the] message(s) that you wish to copy to the same folder in another account
  2. Right click one of the sselected message(s)
  3. Select the Copy To option
  4. Then select the Email account you want to copy to
  5. Then select further to drill down to the folder you wish to copy the messages to
  6. Once at the lowest level of selection the messages will start to copy
  7. Your original messages will still remain on the original server
Moving The Message
In Thunderbird messages can be moved between accounts using the following steps.
  1. Select [multiple|the] message(s) that you wish to move to the same folder in another account
  2. Right click one of the sselected message(s)
  3. Select the Move To option
  4. Then select the Email account you want to move to
  5. Then select further to drill down to the folder you wish to move the messages to
  6. Once at the lowest level of selection the messages will start to move
  7. Your original messages will be removed from the original server
Shorter Method
  1. Select [multiple|the] message(s) that you wish to move to the same folder in another account
  2. Click and hold one of the selected messages
  3. Drag to the folder on the other account
  4. Messages will start to be moved between the accounts
  5. Your original messages will be removed from the original server
Looking At The Messages In The New Account
Now select the folder of the account you have just copied the Email messages to, and find one of the Emails that contains an attachment.  When you attempt to view the attachment you will receive the message described at the beginning of this document:
This attachment appears to be empty.
Please check with the person who sent this.
Often company firewalls or antivirus programs will destroy attachments.

 Rectifying The Error
Use the following steps to resolve the issue:

  1. Right click on the folder
  2. Select Properties
  3. Click the Repair Folder button
  4. Now select a different message and then the one with the attachment
  5. Select the attachment and it will now open
Do this for any folder where you receive this error with attacments and you will be able to view them again.  Most of the issues revolve around the MIME boundary being set incorrectly and the repair folder sorts these out so that the attachment can be found again.

Posted by at 3 comments:
Labels: , , , ,

Monday, February 25, 2013

Useful SSH fingerprint check

http://blog.binarymist.net/2013/02/16/establishing-your-ssh-servers-key-fingerprint/

To save you going there, here is the info;

Establishing your SSH Server’s Key Fingerprint

When you connect to a remote host via SSH that you haven’t established a trust relationship with before,
you’re going to be told that the authenticity of the host your attempting to connect to can’t be established.

me@mybox ~ $ ssh me@10.1.1.40
The authenticity of host '10.1.1.40 (10.1.1.40)' can't be established.
RSA key fingerprint is 23:d9:43:34:9c:b3:23:da:94:cb:39:f8:6a:95:c6:bc.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no':

Do you type yes to continue without actually knowing that it is the host you think it is? Well, if you do, you should be more careful. The fingerprint that’s being put in front of you could be a Man In The Middle (MITM). You can query the target (from “it’s” shell of course) for the fingerprint of it’s key easily. On Debian you’ll find the keys in /etc/ssh/

On

ls /etc/ssh/

you should get a listing that reveals the private and public keys. Run the following command on the appropriate key to reveal it’s fingerprint. For example if SSH is using rsa:

ssh-keygen -lf ssh_host_rsa_key.pub

For example if SSH is using dsa:

ssh-keygen -lf ssh_host_dsa_key.pub

If you try the command on either the private or publick key you’ll be given the public key’s fingerprint, which is exactly what you need for verifying the authenticity from the client side.

Do not connect remotely and then run the above command, as the machine you’re connected to is still untrusted. The command could be dishing you up any string replacement if it’s an attackers machine. You need to run the command on the physical box or get someone you trust (your network admin) to do this and hand you the fingerprint.

Now when you try to establish your SSH connection for the first time, you can check that the remote host is actually the host you think it is by comparing the output of one of the previous commands with what SSH on your client is telling you the remote hosts fingerprint is. If it’s different it’s time to start tracking down the origin of the host masquerading as the address your trying to hook up with.

Now, when you get the following message when attempting to SSH to your server, due to something or somebody changing the hosts key fingerprint:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
23:d9:43:34:9c:b3:23:da:94:cb:39:f8:6a:95:c6:bc.
Please contact your system administrator.
Add correct host key in /home/me/.ssh/known_hosts to get rid of this message.
Offending RSA key in /home/me/.ssh/known_hosts:6
  remove with: ssh-keygen -f "/home/me/.ssh/known_hosts" -R 10.1.1.40
RSA host key for 10.1.1.40 has changed and you have requested strict checking.
Host key verification failed.  

The same applies. Check that the fingerprint is indeed the intended target hosts key fingerprint. If it is, run the specified command.
Posted by at No comments:

Monday, February 11, 2013

Application Support Analyst Generic Steps

For those new to or about to start their carrier as an application support person, here are some guidelines for investigating an application issue.

User Side Checks


  1. Make sure they have the correct connections for the application, hostname, IP address, port number, etc.
  2. Check that the users environment to ensure any application environment variables are set correctly.
  3. Check the routing tables on the users system. Make sure their default gateway is correct.
  4. Ensure that their firewall (especially Windows) isn't blocking the application connectivity. Desktop applications may sometimes be blocked.

Network Checks


  1. Can you access the application?
    Use a web browser or the application (you may want to check network traffic with something like wireshark or fiddler)
  2. Are you able to access the application from different locations? E.g Web browser or from a different host using something like ncat or Telnet.

  • telnet hostOrIP appPortNo
  • ncat hostOrIP appPortNo

  1. Are you able to connect to another service running on that host, e.g. ping, or an Email service?
  2. Check that the load balancers are able to connect to the application and that the load balancers are configured correctly.
  3. Check with nmap to identify what ports are available on the host.  You will need a more intrusive view rather than just the basic check as it may well miss your applications port.  Or you can tell nmap which port to check.
The use of ncat would allow you to see if you can connect to the specific ports for an application response. Also these steps should allow you to see if connection is possible, or whether a firewall or switch is causing issues, so you should try from different networked hosts.
However, connection to an application port may not be enough to confirm it is working, so you should be able to send it a message to check that it responds since this will tell us if the process has hung.

Checks on the application host


  1. Log on to the host and check that the process is still running. You'd be surprised how often its not if the connection is down.
    ps -ef
  2. Check the log files for any application warnings or errors. If you have a Java stack trace ask a developer to get involved and perhaps send a copy of the stack trace to them if it's not obvious what the issue might be.
    egrep -ir 'ERR|WARN' /var/log/*
  3. Check that the firewall is allowing the application port through. This will vary depending on the operating system. You can also use nmap here on the host to see what ports are available or if the application port is open.  For Red Hat systems and those using iptables then iptables -L should help.
  4. Check that the host can connect to any load balancers that it may be attached to, especially for return information.
  5. Check that the network interfaces are responding, especially if there is more than one.
  6. Check the routing tables of this host just in case there is one route in and another out. Sometimes routing loops or mis-configuration of the network makes traffic take a different route back causing the users application to refuse or not see the return data.
  7. Ensure that the host can connect to the database server port. There could be a connectivity issue here. Again, similar checks to connecting to this host from a remote location should be used to ensure connectivity to the database is available.  The key thing here is that in the production environment you will only have a limited set of hosts to use to check that connectivity to the DB server is there as they may be on different VLANs.

Final Steps


  1. Check the support documentation for similar symptoms
  2. Never be afraid to ask someone for help. Someone may have already seen this issue before.
  3. Gather as much information as possible before speaking to the next level support making sure you have;

  • Network connectivity information from all sides (user, application server, other hosts in different networks, load balancers and firewalls)
  • Log information if you are able to access the logs
  • Users configuration information (gateway, variables, firewall)

Disclaimer

This is a starting point, and I'm sure there are other techniques and pieces missing, but in most cases the generics here will provide a good basis for acquiring the relevant information to diagnose issues with an application. Other methods and ideas to build this to a useful learning platform for people coming in to the application support arena would be welcome.
Posted by at

Monday, September 24, 2012

Blackberry outage and iPhone release: Coincidence?

Is it just me, or coincidence that on both releases of the iPhone last year and this year that Blackberry's internet connectivity just happened to be trashed prior to or on the day of the iPhone release?
Is there some fowl play going on somewhere?

  • 10th October 2011 - Blackberry suffer a network outage
  • 14th October 2011 - iPhone 4s goes on Sale
  • 18th September 2012 - Blackberry suffer a network outage
  • 21st September 2012 - iPhone 5 goes on sale

Now if that's not a marketing ploy then I don't know what is. If I was Blackberry I'd be looking at who the cause of the outage is rather than what, and I'd find out when Apple plan to release the next iPhone and if it occurs again would draw up a law suit if I was them as this is too close for comfort.

 Next time Apple release a new iPhone I will be watching the Blackberry network with anticipation and if another outage occurs (since the rest of the year the network is fine), then it can only be assumed that Apple are causing it to make Blackberry customers think that they should get an iPhone (even though the tech in the iPhone is at least a year old by the time Apple release them).
Posted by at No comments:

Wednesday, September 19, 2012

BASH issues that break the rules

I always thought BASH was too complex for it's own good. Unlike the commercial KornShell, BASH has things that break the rules of a good shell, such as forking a process for a built-in command, or caching commands instead of tracking them as aliases.

As I find some other annoyances with the Bourne Again Shell I'll list them in here and the reasons.


  1. Caching commands.
    Instead of tracking aliases to the real command BASH decides to use a different command (built-in) to deal with tracking commands that you have already run.  In the KornShell you would normally run alias -t to see what commands have been tracked when you install a new command and the old version is still running.  However, with BASH you have to use the hash built-in command to identify what commands are being tracked.  The -l or -t option will display a list of the commands tracked, whilst the -r allows you to remove the tracked command(s).
  2. Piping a while loop in BASH forces the built-in into a sub-shell, which means that any variables that you create inside the while loop body will be lost after the execution of the loop ends.  In KSH the while loop remains part of the shell process that is running, so you have access to the variables created in the loop once the loop execution ends.  Try the following code in both shells, and notice the major issue that the BASH generates which breaks all the rules on shell built-ins.

    cat /etc/passwd | while read line
    do
        if echo $line | grep steve >/dev/null 2>&1
        then
            newvar=$line
        fi
    done
    echo "This will only show in KSH: $newvar" 
 
Posted by at No comments:

Sunday, August 12, 2012

Play On Linux - Microsoft software in Wine the easy way

Just come across this tool for Linux, and testing it out with Office 2007 at the moment.

http://www.playonlinux.com/en/download.html

Install the repo, then install the playonlinux package.

Once installed run playonlinux, follow the first time run steps.

Once installed then you can install applications and have it perform the wine configuration for you.
Posted by at No comments:

Thursday, August 9, 2012

vlc-2.0.3-1.fc17.x86_64 main libvlc error

Having recently upgraded from F14 to F17, I found 1 small issues with my update on VLC.  F17 was so easy to install and on my HP DV3 pretty much worked, apart from the regular kernel line hack acpi_osi= to make the display come up.

VLC on the other hand decided that on my laptop didn't want to work for my account, but did on another user account.

When I ran it from the command line I received the following error;



VLC media player 2.0.3 Twoflower (revision 2.0.2-93-g77aa89e)
[0xa51bd8] main interface error: no suitable interface module
[0x97f108] main libvlc error: interface "globalhotkeys,none" initialization failed
[0x97f108] main libvlc: Running vlc with the default interface. Use 'cvlc' to use vlc without interface.
Segmentation fault (core dumped)

On further investigation into my environment I comment out my LD_LIBRARY_PATH that was currently set in my .bash_profile, logout and back in and hey presto VLC started to work again.

The trick here was the Segmentation fault at the end and the "no suitable interface module"
Posted by at No comments:
Subscribe to: Posts (Atom)