The answer is, of course, “no, but…”. But, first, let’s understand the question itself.

In “everyone used”, what does “used” mean? If you followed my previous posts on this subject, you’ll know that there are two distinct parts: having an SPF record for your domain, and configuring your SMTP server to reject email purporting to be from an address with a valid SPF record, when it doesn’t come from an authorized server.

Let’s assume that the question implies both.

So, if every legit organization had an SPF record and enforced SPF in their incoming email servers, what would it mean?

It still depends on what was meant by “enforced”. For instance, as it is now, it makes sense to use an SPF record (and reject mail coming from an unauthorized server, as I mentioned before), but not to require an SPF record, as most of the world is still not using it.

If that changed, though… it would certainly make things a lot easier for the “good guys”. Think about it: what does SPF prevent? The faking of sender addresses. Who ever does that? Spammers. Therefore, who has ever a reason not to use an SPF record? Spammers. In a world where every legitimate organization used SPF, having such a record wouldn’t mean that the sender wasn’t a spammer, but not having one would certainly mean that he was. Ergo, reject any mail from a domain without an SPF record, even before verifying whether the origin server is authorized for that domain.

Of course, spammers would adapt, and have SPF records for their own domains. But never again would they be able to fake a sender address. They would never again be able to efficiently pretend to be your internet provider, or your bank, or Facebook, or anything like that. They would have to use their own domains in the sender address… and they don’t exactly tend to look “nice”; besides, they’re not what your ISP or your bank would use.

A world with SPF would mean a world where you could actually trust the “From:” field. Can you imagine such a thing?

Related posts:

1. SPF, part 3: configuring Postfix to check SPF records when receiving mail
2. SPF, part 1: what is SPF, and how to fight spam with it
3. SPF, part 2: how to configure SPF for a domain

restart Postfix. Check your logs to see if everything is working properly.

But what to look for? Here are a few real life examples, from my own Postfix log file:

Nov 26 07:07:27 sh postfix/policy-spf[10685]: : SPF none (No applicable sender policy available): Envelope-from: bounce-1492514-406278644@lyris.diskeepermail.com
Nov 26 07:07:27 sh postfix/policy-spf[10685]: handler sender_policy_framework: is decisive.
Nov 26 07:07:27 sh postfix/policy-spf[10685]: : Policy action=PREPEND Received-SPF: none (lyris.diskeepermail.com: No applicable sender policy available) receiver=sh.dehumanizer.com; identity=mailfrom; envelope-from="bounce-1492514-406278644@lyris.diskeepermail.com"; helo=lyris.diskeepermail.com; client-ip=68.177.217.241

This (note the “SPF none”) is what will happen for most emails: no SPF record exists. Unfortunately, most of the world is still not using it. The mail passes this check, since it’s not a good idea to enforce SPF yet (but may fail one of the remaining ones, such as an RBL list or SpamAssassin.)

Nov 24 16:19:56 sh postfix/policy-spf[32619]: : SPF pass (Mechanism 'ip4:209.128.72.240/28' matched): Envelope-from: promotions@iambic.com
Nov 24 16:19:56 sh postfix/policy-spf[32619]: handler sender_policy_framework: is decisive.
Nov 24 16:19:56 sh postfix/policy-spf[32619]: : Policy action=PREPEND Received-SPF: pass (iambic.com: 209.128.72.242 is authorized to use 'promotions@iambic.com' in 'mfrom' identity (mechanism 'ip4:209.128.72.240/28' matched)) receiver=sh.dehumanizer.com; identity=mailfrom; envelope-from="promotions@iambic.com"; helo=ns1.iambic.com; client-ip=209.128.72.242

Above is an example of a legitimate mail from a sender with a properly configured SPF record. The record says “here are the server(s) that send email from this domain”, and the origin server is indeed one of those. The email passes (note the “SPF pass”), and, if you’re using SpamAssassin, it takes that into account, meaning that the mail is less likely to be considered spam. (See? That’s a great reason to have an SPF record for your domain!)

Finally, the following:

Nov 24 19:57:13 sh postfix/policy-spf[1210]: : SPF fail (Mechanism '-all' matched): Envelope-from: pedro@dehumanizer.com
Nov 24 19:57:13 sh postfix/policy-spf[1210]: handler sender_policy_framework: is decisive.
Nov 24 19:57:13 sh postfix/policy-spf[1210]: : Policy action=550 Please see http://www.openspf.org/Why?s=mfrom;id=pedro%40dehumanizer.com;ip=204.212.122.254;r=sh.dehumanizer.com

is a good demonstration of the usefulness of SPF. You’ll notice that the mail pretends to come from my own domain, but since I have configured the SPF record for it, Postfix is able to see that the origin server is not authorized to send mail from that domain. And, since my record ends with “-all“, it means that the record is to be “taken seriously”, so the mail is refused then and there (note the “SPF fail”), even before checking RBL lists and the like.

Related posts:

1. SPF, part 3: configuring Postfix to check SPF records when receiving mail
2. SPF, part 2: how to configure SPF for a domain
3. What if everyone used SPF?

Now that you know how to configure an SPF record for your domain(s), the natural next step, if you administer an email server, is to start checking SPF records for mails you receive.

Now, spammers are infamous for not respecting rules, not “playing nice”, so, you might ask, what makes me think they’ll set up SPF records for their domains, which would be kind of self-defeating? The obvious answer is that SPF doesn’t depend on the spammers’ collaboration. Since legitimate email senders use SPF to tell the world which servers they use to send email, it prevents others — such as the aforementioned spammers — from faking sender addresses to pretend they’re from those senders / domains.

To put it simply: if there’s an SPF record for the “gmail.com” domain, then you can — and should — reject mail purporting to be from something@gmail.com that doesn’t come from the servers listed in that record. In other words, anyone who fakes a @gmail.com address can’t fool your server, assuming you have it configured to use SPF.

Now, how to do that? There are many ways, of course, depending on the email server you use. The simple recipe below uses postfix-policyd-spf-perl to make Postfix reject mail from domains with properly configured SPF records, when the mail comes from an unauthorized server (that is, one not listed on the record.) This assumes you already have Postfix up and running.

• install postfix-policyd-spf-perl. In Ubuntu, just do an apt-get install postfix-policyd-spf-perl .
• add this line to /etc/postfix/main.cf:
  spf-policyd_time_limit = 3600s
• add the following to /etc/postfix/master.cf:

  policy-spf  unix  -       n       n       -       -       spawn
       user=nobody argv=/usr/bin/policyd-spf

  (change the path of policyd-spf if it’s installed somewhere else; that’s where the Ubuntu package puts it.)

• in /etc/postfix/main.cf, find the smtpd_recipient_restrictions section, and, immediately after permit_mynetworks (and permit_sasl_authenticated, if you’re using that), add:
  check_policy_service unix:private/policy-spf
• restart Postfix. Check your logs to see if everything is working properly.

Now, remember when in part 2 I mentioned a lesser-known reason for configuring the SPF record for your domain? It’s this: it’ll stop a lot of incoming spam. These days, a lot of spam email pretends to be from you (that is, it uses your email address as both the “From:” and “To:”), or at least from your domain (e.g. administrator@yourdomain, manager@yourdomain, and so on.) I don’t know why spammers do that, but apparently it works, or else they wouldn’t do it (maybe victims get confused and think the email comes from someone in their company, or maybe webmail services tend — or at least did so once — to trust the user’s own address, I don’t know.) Well, if you have SPF for your domain and your email server checks SPF records for incoming mail, then spam messages such as these will be always rejected, even when other methods of stopping spam (RBL lists, SpamAssassin, etc.) fail. Never again will you receive emails pretending to be from your own address.

Related posts:

1. What if everyone used SPF?
2. Postfix’s log file when using SPF: what it looks like
3. SPF, part 1: what is SPF, and how to fight spam with it

• The OS is now Ubuntu Karmic Koala (9.10), and all the server’s running software comes from the standard Ubuntu packages, which means that whatever version is in Karmic¹, that’s what I’m running here.
• I’ve switched, definitely, from Apache to nginx. It’s faster, more efficient, and ridiculously easier to configure (to put it in perspective, in terms of ease of configuration, it’s like OpenBSD’s amazing pf to the unholy abomination that is Linux’s iptables.) nginx works perfectly with the two pieces of software I use the most on my server, WordPress and MyBB, even while using a SEO plugin with the latter, which requires some non-trivial redirect rules.
• As I don’t trust any ISP’s email server to distribute the mail my server sends (mostly confirmation emails from my forums), and since most ISPs and companies these days block mail sent from dynamic IP addresses, I keep a 256 MB Slicehost slice, with a static IP address and, most importantly, reverse DNS, which I use as a smart host for my home server. The slice doesn’t have a lot of power in terms of CPU (and it’s not meant to), but, as bandwidth is much cheaper in the US than in my poor country, the “small” limit the cheapest slice includes is a lot; I use it for serving static files, mostly for my forums (all images and Javascript files are served from there), and I still have bandwidth to spare.
• I’ve stopped using a Squid proxy in my home network, and nowadays access the web directly… except for when I indulge in one of my newest weird habits: reading webcomics like this one or this one while having lunch or dinner. At such a time, moving instantly from comic to comic is a must… so I simply re-enable Squid (with more aggressive caching than I’d use for normal browsing; after all, existing comics typically aren’t going to change, are they?), do a nice little wget in my server to download and cache the entire comic, and then enjoy reading the whole of it (in as many meals as it takes) as if it was stored locally…
• A few changes to my email server’s configuration, mostly related to spam filtering… but I’ve been writing about that, haven’t I? And there’s still more to come.

1. with updates, of course — people who are afraid of installing updates (“but… it might break something!”) are nothing more than mewling weaklings who are utterly incompetent as sysadmins; they should never be allowed within a mile of any server. Even one running Windows.

Related posts:

1. SPF, part 1: what is SPF, and how to fight spam with it
2. SPF, part 3: configuring Postfix to check SPF records when receiving mail
3. An Anti-Spam gateway #4: Postfix, part 2

Suppose you have a domain and send email from it (in fact, even if you don’t, this is still a good idea; more about that later). How to configure SPF for it?

Easy: you simply add a specially formatted TXT record to the domain. (Where? If you have your own public DNS servers, you’ll have to edit the zone file¹; else, if your domain (note: the domain, not the web server) is maintained by a registrar or ISP, it should provide for you an administration interface where you are able to add and edit records.)

OpenSPF.org provides a “wizard” to build an SPF TXT record for your domain, and I suggest you try it out. However, I think I can give you an example that is mostly self-explanatory, which is the SPF TXT record for my own dehumanizer.com domain:

v=spf1 a a:mail.dehumanizer.com a:sh.dehumanizer.com a:sh2.dehumanizer.com mx include:netcabo.pt -all

(In fact, that record is kind of overkill; I could remove about half of it and everything would still work. But it’s useful as an example.)

v=spf1 means it’s an SPF record.

a means that “dehumanizer.com” (the host that that name resolves to) is authorized for that domain. I could remove that one, as the following one takes care of it (it’s the same host).

a:mail.dehumanizer.com means that mail.dehumanizer.com is authorized. The same for the following two (sh.dehumanizer.com and sh2.dehumanizer.com; the latter doesn’t exist anymore, so I could remove it.)

mx means that the mx records for the domain are also authorized. They’re currently mail.dehumanizer.com and sh.dehumanizer.com, which were previously taken care of, so I could remove this one as well.

include:netcabo.pt means that whatever is authorized for the netcabo.pt domain is also authorized here. This is from when I used my ISP as a smart host, some time ago; as I no longer do that, I could remove this one too.

Finally, -all means, in effect, that, yes, I’m serious about this, all of the authorized servers for this domain are listed, which means that any other hosts are unauthorized, and emails coming from them with a “From:” of this domain should be refused. You should configure this part only after successfully testing your configuration. Until then, there’s a “soft fail” option, ~all, which means the same, but adds “but don’t take it seriously.”

If you’ve been paying attention, you’ve probably already noticed that I could replace that record with the much simpler:

v=spf1 a:mail.dehumanizer.com a:sh.dehumanizer.com -all

for the exact same results (and I’ll probably do that a bit later today.)

What’s the benefit of this? Well, as you are telling the world “mails from my domain come only from my servers”, the rest of the world will more easily be able to kill mails pretending to be from your domain… while also “respecting” legit mail more. In effect, you tell other servers “here’s how you can tell which mails from my domain are genuine”. Many ISPs and filtering systems (such as SpamAssassin) take advantage of a properly configured SPF record to raise the “trustworthiness” of emails coming from the correct servers (while lowering it, or even simply refusing to accept the mail, for messages coming from a server not listed in the SPF record.)

There’s also another (lesser-known) advantage of using SPF for your domain, when you also receive email to it. But that’s for part 3, where I’ll explain how to configure Postfix to look at SPF records when receiving mail…

1. note: put the entire record contents between quotes; e.g. for Bind, use dehumanizer.com. IN TXT "v=spf1 a a:mail.dehumanizer.com a:sh.dehumanizer.com a:sh2.dehumanizer.com mx include:netcabo.pt -all" (that’s a single line)

Related posts:

1. What if everyone used SPF?
2. SPF, part 3: configuring Postfix to check SPF records when receiving mail
3. SPF, part 1: what is SPF, and how to fight spam with it

(Later note: here are parts 2 and 3.)

You may have heard of SPF (Sender Policy Framework), but what is it? To put it simply, it’s a way for domain owners to say to the world: “these servers are the only ones that send email from this domain.”

What is the point? Well, if you have been using email for any amount of time, you’ve probably noticed that a lot of spam fakes its sender address (the “From:” field). In fact, you may have found yourself that it’s incredibly easy to do; most SMTP servers simply accept any sender, as long as either 1) the destination address is theirs, or 2) your IP address is on their client list. In other words, a company’s email server accepts mail to the company’s employees, and also allows those employees to use it to send mail to the rest of the world.

SPF, when correctly configured by everyone involved, prevents that.

“Everyone involved” is, of course, an utopic scenario. Still, there is no reason for you not to do your part, whether you are a domain owner who sends email from that domain, the administrator of an email server that receives mail to its users, or both.

More to come…

Related posts:

1. What if everyone used SPF?
2. SPF, part 3: configuring Postfix to check SPF records when receiving mail
3. SPF, part 2: how to configure SPF for a domain

While many of Firefox 3′s new features are mostly of interest to web developers, “the rest of us” can also find much to like in it. It’s faster, takes up less memory, looks better, seems incredibly to be more stable than the stable version (!), and I love the new URL bar, where you can start typing something and it usually suggests what you want after just a few characters. In Firefox 2 you had to start typing from the beggining of an URL (which is always the hostname), but now you can type any part of URLs (including paths after the hostname), site names, and it also looks through your bookmarks, so it can work even if you’ve just cleared your browsing history.

Related posts:

1. Firefox 3.0 beta 4
2. Firefox 1.5 beta 2
3. Thunderbird 1.5b1

Try it — by using the portable version, it won’t affect your Firefox 2 installation in any way. You may find that soon you’ll be using it all the time, just like me.

Related posts:

1. Firefox 1.5 beta 2
2. Firefox 3.0b5!
3. Software I like #2: Mozilla Firefox

I began by changing the most problematic site to Lighty (listening on port 81), and using Apache’s proxy module to redirect it there. After the results were promising, I went and changed each site at a time, dealing with the particular problems of each (I use lots of redirects, and the syntax is a bit different, and, furthermore, Lighty doesn’t support .htaccess files.

WordPress was relatively easy (just one line). MyBB would have been even easier (nothing to do), if not for the fact that I use an SEO mod which uses an .htaccess file for nicer URLs. But everything was easier than I expected.

After each site had been “moved”, it was just a matter of stopping Apache and moving Lighty to port 80.

Memory usage is way down, and so is swap file usage (basically, it’s not being used, and it was, before — a lot). Barring any future problems, I’m quite happy with this set-up, and would advise this change to anyone who’s never tried anything other than Apache on an Unix system. I’ll probably try doing the same thing on my home server, too.

Related posts:

1. Apache 2.2.0 is out
2. Blogging tips #3.5: Be quick or be dead
3. MySQL 5.0

You can now also click on any of the above column titles to sort the table by that particular value/rank. Incoming links and Pagerank are “the more, the merrier”, while Technorati rank and Alexa rank are “the lower, the better”, so sorting takes that into account.

A note of warning: I’ve mentioned before that you shouldn’t really take any of these ranks too seriously, and this is especially true for the Alexa ranks. Alexa is a nice idea (it’s the only one that measures traffic instead of incoming links), but it has the following problems:

• it only counts hits if the user has installed either the Alexa toolbar (for Internet Explorer) or the SearchStatus Firefox extension (I recommend the latter, since, as everyone knows, MSIE sucks), and
• it often lumps all subdomains for a particular domain together (i.e. doesn’t distinguish between aaa.domain.com and bbb.domain.com, even though they may be totally unrelated). It apparently has some hard coded exceptions for some (not all) blogspot.com blogs… but the values aren’t really reliable. Still, you can use it to measure the changes in traffic for one site.

Incidentally, the application I’ve coded (and have been improving) to generate this table from a list of blogs is almost ready for public release.

Related posts:

1. Adventures with my Technorati ranks "toy"
2. My Technorati ranks "toy"
3. Testing Technorati tags

Here it is: Technorati Ranks for Planet Atheism members

The implementation was ridiculously simple (and there’s a lot of room for improvement), but, other than Carlos’ tool, I didn’t find any scripts or utilities to do this. And, yes, I searched. Therefore I may release the code soon, as the 2nd project on software.dehumanizer.com, since this can be a fun “toy”.

[EDIT: added each blog's Google PageRank to the table. Why not? ]

Related posts:

1. More additions to the PA top Technorati ranks table
2. Adventures with my Technorati ranks "toy"
3. Testing Technorati tags

A couple of days ago, however, I was reading the “what’s new” list for Suse 10.3 Alpha 3, and found this entry:

On x86-64: Firefox is now a 64-bit package and uses nspluginwrapper to handle 32-bit i386 plugins if needed.

Naturally, I had to investigate. I downloaded a 64-bit build of Firefox from Autofox, and nspluginwrapper. With that wrapper, I can use Flash without any problems. (Not Java, though; I think Blackdown offers a 64-bit plugin, but it’s Java 1.4.2 only. But I have found out that I don’t miss Java in the browser at all, for the past few days.)

The browser feels faster. I tend to use bookmark folders to open dozens of bookmarks at the same time on different tabs, which actually makes the browser “hang” for a couple of seconds, and those delays seem shorter now. No, I didn’t do any benchmarks. But the overall experience just “feels” better. It even appears to be more stable, though that may actually come from the fact that I’m using a 2.0.0.4pre build, which is the latest version (2.0.0.3) plus bugfixes… or maybe it’s because this version was built with a non-ancient, and possibly less buggy compiler.

Related posts:

1. Flash 9 for Linux (beta) is finally available
2. Firefox 3.0 beta 4
3. Firefox tip: closing tabs with middle-click on Linux

The web page linked above tells the “story” in more detail, but, basically, I’m much too chaotic to use traditional task management programs (every time I tried, I seemed to spend more time updating tasks than actually doing them), but I wanted something to remind me, every day, of doing something — from “clean up GMail’s spam folder” through “update a blog” to “do the laundry, if necessary”. There was already a similar program (frequent-task-reminder), but it lacked some features that I wanted (such as non-accumulating tasks), and so I wrote my own.

It’s really basic stuff, with no bells and whistles, and the PHP code would probably scare you, so impressionable young people should avoid looking at it. But maybe — just maybe — you’ll find it useful.

Related posts:

1. My Technorati ranks "toy"
2. Adventures with moonmoon and tidy
3. Adventures with my Technorati ranks "toy"

I accept that making some HTML code validate in validator.w3.org shouldn’t be the be all, end all of the problem. A piece of code can validate and yet be… horrible. On the other hand, a piece of code may not validate because of a minor problem, and yet be better than 99% of what you see out there.

Still, that applies mainly to your code. What if you’re aggregating other people’s code? What if they’re using bad HTML, which their blogging systems (mostly Blogger or WordPress) automatically converts to a feed, which is then converted back to (simplified) HTML by a Planet? And what if you want all of that to validate?

Well, tidy works very well; it fixes the worst problems, mainly, badly nested code, and unclosed tags. But… well, if you’re being pedantic (like the W3 validator is), then there are still problems.

They’re mostly one of the following: 1) img tags without an “alt” attribute, and 2) proprietary attributes.

tidy, by default, doesn’t deal with those (since its point is for you to correct your code, and those problems should really be fixed in the code itself). But you can make it do so.

How? Well, here’s the command line I’m using for Planet Atheism:

/usr/local/bin/tidy -wrap 79 -m -i -utf8 --alt-text "" --drop-proprietary-attributes 1 -asxhtml filename

It should be obvious what each parameter does. The “ alt-text "" ” part adds some empty alt text to any img tag that hasn’t got one. The “--drop-proprietary-attributes 1” part removes those weird attributes inside other tags, which make the W3 validator choke. I don’t want them anyway, since a Planet site is supposed to display a basic version of a post — not a Flash-y, YouTube-d, animated one.

The result is: complete W3 validation, and readable code. From many other blogs, by many different authors. Automatically. What more could anyone want?

Related posts:

1. Adventures with moonmoon and tidy
2. Quick HTML page creation
3. Blogging tips #3: Valid HTML

moonmoon is still on version 0.2, however, and, while it removes “dangerous” tags from feeds automatically, it doesn’t (yet?) deal with unclosed tags. As most of PA’s members are as far from being geeks as possible, they tend to use WYSIWYG editors, and aren’t really worried about “validating HTML”. So, from time to time, a post would make every other post after it show in bold or italic. Annoying, to say the least.

Yesterday, it was even worse: some posts “spilled over” to the sidebar. And it wasn’t just one post causing it, but two, from different blogs, at the same time!

Well, enough was enough.

“Fixing” moonmoon (or, more precisely, SimplePie) was out of the question; I simply don’t know enough PHP / XML parsing to do it. But I tried something else: I saved the generated HTML to a file on the site’s directory, and used tidy on it. Surprise: this new version was perfect! So, I got the idea of using tidy on the generated HTML every time.

Now, PHP has a tidy module, but in PHP5 I would have to compile PHP by hand. Ubuntu doesn’t have a package for that module, unfortunately, and I really didn’t want to make an exception from using apt packages on that server. So, I had to find another way.

My solution was to dump all the page into a buffer (using the ob_ functions in PHP), save it to a temporary file, use the system command to apply tidy on it, load the altered file, and show it to the browser. It’s probably not very efficient, but it works… better than I expected, too. It may be a crude solution, but I’m proud of it anyway.

Related posts:

1. More about tidying up HTML
2. Adventures with my Technorati ranks "toy"
3. My Technorati ranks "toy"

Moving the WordPress blog was simply a question of following these instructions. Basically, you go to the WP options in the old blog, change the 2 URL fields to the new address, dump the database, do a search & replace to change any images and other URLs in the database to the new address, import the database to the new server, copy the files, and that’s the proverbial “it”.

As for redirection, there came the eternal dilemma: if you redirect everything, then people will be lazy and keep using the old address (thus wasting your bandwidth); if you don’t, it’s inconvenient, and you lose everything you had in terms of incoming links and SEO.

What I did was to redirect (301, to signify a permanent move) every URL except the front page, which shows a message telling people about the change, and redirects after 5 seconds. I believe that this is the best of both worlds. Any link to an individual post will be redirected transparently, but whoever arrives at the front page will told about the change of address, encouraging them to update their bookmarks.

Related posts:

1. The Tlog has moved!
2. Goodbye, Apache; hello, lighttpd!
3. Blogging tips #8.1: Use FeedBurner

Uhhh? Obviously everyone *knew* that triple-click-control-middle-abcde-enter-enter-space(*) with your leg above your back would close a tab. What would *you* be thinking about? If Apple has close buttons on each tab, and not a single close at the right side, nor no-buttons at all, what do you think is the best user experience?

(*) did you know that most computer-savy users *still* don’t know about the right mouse button? Unbelievable, but true.

Two big problems tere, IMO. First, “triple-click-control-middle-abcde-enter-enter-space with your leg above your back” is a strawman attack. You can’t present something absurd as your opponent’s position, show that it is indeed absurd, and then pretend that you have refuted his original position as well. Middle-click is simple, quick and pratical, and your example isn’t. Sorry, I’ve been reading a lot about logical fallacies on Wikipedia.

Second, you seem to equate Apple with user-friendliness, which is an argument to authority: if Apple does it, then it must be correct. If Apple does it that way, then that must be the most user-friendly way possible.

Well, telling people about the middle button would be a much better idea than introducing multiple “dangerous” close buttons that only get in the way anyway… but maybe that’s just me.

Should the close buttons be added simply because Apple does it? Like I said, I don’t agree that Apple should be considered the “standard” for user-friendliness. If it was, then it would never change, would it? It would already be perfect. But it isn’t.

A thing should be as simple as possible, but not simpler (paraphrasing Einstein). If you take away usefulness (note that I don’t say “features”, but real usefulness) just to make it simpler, you’re making the software less useful. If the software doesn’t do what I want it to do, then it’s not useful to me, even if it’s the most easy to use piece of software in the world… right?

And, historically, that’s what Apple did (I admit that I haven’t used MacOS X yet, though I was familiar with previous versions). Their philosophy was: “normal” users should never need to do this, so we’ll actively prevent people from doing it – even if they happen to be advanced users. For some reason, I have a problem with this kind of attitude. To be fair, I don’t know if it’s changed in OS X.

Besides, “user-friendliness” is a subjective concept. To most people, the most important thing for a piece of software isn’t really being simple, clean, or logical, but simply being what they already know. Between Windows XP and MacOS X, they’d say Windows was more “user-friendly”, merely because, with MacOS, they’d have to learn new stuff – which is the thing people hate the most about computers.

The close buttons on tabs waste space, make it easy to close tabs by mistake, are harder to click on than the entire tab, and there was already a quicker, easier way to do it. People don’t know about it? Find a way to tell them. Hell, pop up an information window the first time a user opens a new tab, or something. It’s much better than adding a redundant, confusing feature that will only make the browser more difficult to use to anyone who already knew how to close tabs quickly.

What’s next? Take tabs away completely, because many people don’t know how to use them anyway, and they only make the browser “more confusing”?

Related posts:

1. Fixing tab annoyances in Firefox 2.0
2. Firefox tip: closing tabs with middle-click on Linux
3. Firefox 2.0 alpha coming soon?

However, there were a couple of changes to how tabs work, and I, for one, didn’t like them at all. Looking around, I found the solution to one of them, and the other one was pretty easy to figure out.

Here’s the changes, and how to “undo” them:

1- “X” close button on every tab

This one, to me, qualifies for the “What were they thinking?” award. Don’t people know that you can close any tab simply by middle-clicking on it (yes, even on Linux)? Not to mention that the “X” button is both harder to click on than the entire tab, and makes it easy to close tabs by mistake, when you just wanted to select it? In other words, there’s already an easy way, and they add a more difficult way, which, besides, can easy lead to mistakes?

Sigh. Sorry about the rant.

Fix: open about:config, look for browser.tabs.closeButtons, and set it to 2 (no close buttons) or 3 (a single close button on the right of the tabs, like in previous Firefoxes – though, again, middle-click makes it useless).

2- tabs don’t get smaller past a certain point; if you have too many, you need to scroll the tab bar to see them all

Maybe I’m weird, but I have tab folders with 10-15 bookmarks of a particular subject, and I like to open them all, with a single click, daily. In Firefox 1.x, the tabs would get as small as they needed to be, to fit in the window. Now, they don’t get smaller than a certain size, and force the user to scroll.

To me, this is annoying. I haven’t found an option to completely disable this behavior, but I can make it virtually go away by reducing the minimum tab width to a much smaller value.

Fix: open about:config, and change browser.tabs.tabMinWidth to a much smaller value, like 1.

Related posts:

1. Firefox tip: closing tabs with middle-click on Linux
2. That user-friendliness thing again
3. Software I like #2: Mozilla Firefox

“Resumo” is, in this context, Portuguese for “short version“, and it’s included by default in all Sapo queries. But why is this happening?

I’ve tracked it down to an AWStats bug, which I reported to the author, along with a patch. That patch, in addition to fixing that problem, also adds support for Clix queries. For more details, including the patch itself, please visit the SourceForge page for this bug.

Related posts:

1. Software I Like #4: AWStats
2. Browsers and search engines
3. Blogging tips #5: Adding your blog to search engines and directories

List of changes here.

Apparently, there’s a new problem when running on a server with FastCGI installed: it may give a 500 error in some cases. If that’s your situation, there’s a workaround.

Related posts:

1. Coming soon: big list of "blogs about blogging" feeds
2. WordPress 2.2 upgrade
3. WordPress 2.0

At last! Until recently, the newest version was Flash 7, which is only a couple of years old. But now you can download the Flash 9 beta, which is working perfectly here (SUSE 10.1)!

Now I can enter TotalWar.com again!

EDIT: just switched back to Flash 7. Some pages, such as this one, made the browser hang for several seconds each time I switched to that tab – and that’s in a fast computer. It seems the “beta” label is well deserved.

Related posts:

1. Using 64-bit Firefox on Linux
2. Firefox 3.0 beta 4
3. Firefox 1.5 beta 2

But you may prefer middle-click to work as in the Windows version. If so, just open about:config, then search for

middlemouse.contentLoadURL

and change it to False. Simple as that.

Related posts:

1. Fixing tab annoyances in Firefox 2.0
2. That user-friendliness thing again
3. AdSense tip: NEVER ask your readers to click on ads!

I’ve only tried it out for a minute, and all of my contacts were still using MSN Messenger 7.5. Still full of ads, but there’s a Mess.be patch to remove them, and tinker with it, which I haven’t installed yet, but I’ve used the MSN 7.5 version for months, and it made it bearable.

One new feature: you can talk to people while “appearing offline”, now. Of course, they’ll instantly realize that you aren’t really offline…

Second, Opera 9 is finally out. Lots of new stuff to explore. It passes the ACID2 test, and is still by far the fastest modern browser in the world. Firefox is still my primary browser, but Opera is a joy to use. Also (via Pedro Fonseca), a list of 10 features you’ll find only in Opera. Note that all of them are for version 8.0 – the new version has even more unique features.

Related posts:

1. Windows Live Messenger final: tomorrow?
2. Free Opera
3. Firefox 3.0 beta 4

So, I searched around, and there’s a plugin to solve these 2.0.3 annoyances (and which will deactivate itself automatically if the version isn’t 2.0.3). It’s called WordPress 2.0.3 Tuneup, and it fixes:

* #2760 “Are you sure?” dialog for comment editing no longer appears
* #2761 “Are you sure?” dialog no longer adds slashes to info passed through it
* #2764 After editing a comment, you are properly redirected back to your original location
* #2776 New in version 0.2: “Are you sure?” dialog for user editing no longer appears
* #2782 New in version 0.3: “Are you sure?” dialog for link editing no longer appears
* #2806 New in version 0.4: Deletion of links works when JavaScript is turned off

I’m using it now, and it’s working great.

Related posts:

1. A guide to weblog comments
2. Performancing 1.1 for Firefox is out
3. WordPress 2.01

My first community, which no longer exists, used Drupal, some years ago. It’s a pretty powerful system, with lots of options, tons of plugins and themes, sane defaults, and pretty easy to use.

I think I’ll play with the new version in the next couple of days… I don’t know whether I’ll actually use it for something, or just play with it. We’ll see.

Related posts:

1. PHP 5.1.0
2. WordPress 2.1
3. Chess