1. The autoresponder loop

If you setup an autoresponder to simply reply to any incoming email with a ‘I’m away email’ then you can get caught in a loop if the sender has setup a similar autoresponder. i.e. I received an email from ebay, to which my autoresponder replied to say I was away, to which ebay replied that ‘my message was important to them’ or somesuch, to which my autoresponder replied to say I was away to which … you get the idea. I had set up various filters etc to keep my emails to the minimum so I could pick them up remotely on my iphone, where I was paying according to the volume downloaded. This loop generated an email about every other minute until I was ironically rescued from drowning in auto emails by:

2. The automatic update

If you forget to switch it off, Windows will automatically check for updates and install them, if that means a restart then your emails are no longer checked and the autoresponder doesn’t kick in.

These two both caught me out but a third which I DID manage to do but which I don’t see often mentioned is to ensure that your computer is set not to sleep after a certain amount of time.

Solutions:
1. It is unfortunately difficult to make this 100% foolproof as not all autoresponders reply with a copy of your original email, so you can’t simply check for a word used in your original email to stop the process. My best effort would be to create a rule which sits above your autoresponder, which checks for :
- a word (such as ‘autoresponder’ or whatever you have used in your reply)
- certain give-away addresses, such as ‘donotreply@’, ‘blackhole@’ etc
- any domains which you happen to know of which has this kind of receipt notification set up

If any of the above are found stop the system from processing any more rules, so it never reaches your autorresponse rule.

2. stop the computer from updating

Go to : control panel > system and security > windows update > change settings.

Change important updates to: anything except install automatically.

Note that this does pose a minor security risk but you can’t have your cake and eat it, just remember to turn it back on when you return.

3. stop the computer from sleeping

Go to : control panel > hardware and sound > power options > edit plan settings.

Change put the computer to sleep: never

These settings in 2 and 3 are for Windows 7.

I used logiprint very successfully – I uploaded my own design and they contacted me before printing to get some adjustments as they thought what I had uploaded might not be perfect. On receipt the card quality was good, as were the colours used.

I subsequently tried 123print and have just thrown them in the bin. The paper quality was not as good, the colour was not good (the white background was off-white) and the cut was also not good. This latter may have been my fault in terms of the graphic I uploaded but logiprint had contacted me specifically to avoid this problem so clearly a better service.

Based on on my experience I would recommend Logiprint, I would recommend avoiding 123print.

has anyone else got good/bad recommendations?

The site I have been developing, ScienceAfrica, is a social network which is limited to the students and staff of a number of Universities. Despite the site not being advertised, optimised or officially launched in any way it has already attracted unwanted registrations.

Controlling this however is easier said than done – most of the plugins I tried seemed to have unwanted side effects or just didn’t work and I also found that it was necessary to consider WordPress MU and BBPress registrations as separate, despite the fact that a user of one is automatically able to login to the other.

My solution? I have decided the easiest thing to do – for this specific project – is to remove any online registration and make it on request only. This means we have to manually add members but gives total control.

I would however like to come up with a solution that gives the best of both worlds, i.e. a system that allows you to :

- limit online registrations to specific domains / blacklist certain domains

- have a process of authentication of users

If anyone has any ideas let me know.

The plugins don’t appear to be categorised in any useful manner so I’ve trawled through and here’s my list:

Registration

• Approve user registration – adds a manual check
• Clickcha – adds a visual puzzle to forms to prevent ‘bot submissions. Works on registration and forum posts
• Human Test for BB Press – displays 2 random numbers, add them to complete registration.
• New User Notification – sends email notification, could be used in conjunction with ‘Approve user registration’.
• bb-NoSpamUser – blocks registrations based on a centrally controlled database of IP addresses, emails and username.
• Project Honey Pot – not entirely clear, but appears to block according to centrally controlled criteria.
• reCAPTCHA for Bb Press – uses the reCAPTCHA project from Google to display fuzzy text which needs to be entered when registering. Needs a free account with Google reCAPTCHA.

Forum use

• Force login – requires users to login in order to see any forum posts
• Forum restriction -restrict access to forums to certain individuals and hide them and their topics from all others.
• reCAPTCH Bb Press as above, adds it to forum posts
• Private forums – set viewing access to forums

Administration

• bb Press Moderation suite – contains a number of tools
• Mass Edit – allows moderators to bulk edit posts/comments
• bb moderation hold – holds posts for moderation.

Reading the cutting I very quickly became suspicious – it is written in the ‘advertorial’ style, i.e. blatently advertising a particular product but written in a sycophantic editorial fashion. The idea behind this is that people trust an editorial article, in which a person has put their name and reputation behind recommending something more than advertising which has just been paid for by the company in question.

[edited]*

Looking at the piece more closely there was no by-line and nothing to identify which publication the cutting had come from. The paper had been ‘cut’ in a strange way that almost looked perforated. This along with the fact that I couldn’t for the life of me think who ‘J’ might be led me to look more closely at the post-it note and envelope. Both carried very distinctive handwriting but something did not look right – there was no indentation on the paper, and the lettering was so exact that I could only conclude it was printed.

After doing the legwork I decided to check out Google and came across this post which confirmed my suspicions – thanks to SEO Creative for putting it online.

Here’s my pretty much identical version*. Before finding the SEO Creative post I actually found a number of people saying that Chris cardell’s material was OK(ish) and some had found it useful. Doing this kind of marketing is (in my opinion) stupid – which is clearly (in my opinon) what they think we are.

* following the receipt of a cease and desist letter from Chris Cardell’s lawyers I have now removed my copy of the marketing, as well as a sentance included within the content of my blog post. The removal of the sentance does not imply acceptance that it was in any way false or incorrect but has been removed pending further investigation.

It was not my intention to infringe on his copyright and I have therefore removed the image.

The envelope and post-it note were addressed specifically to me, are therefore mine on receipt and will remain on the site.

1. install wordpress MU, BuddyPress and bbPress

Although that gets the basic setup going if you want to use display the forums as part of a Group you still need to do one or two other things to integrate these two together:

2. go to example.com/wp-admin
3. click on forums setup, click to use existing bbpress installation
4. enter URL (may be autopopulated, check it has correct folder, I had to append /forums/)

using forums with groups
1. click to add a new group, enter name and description
2. ensure ‘enable discussion forum’ is checked
3. follow the instructions

Notes on privacy:
Something that I had not appreciated initially, is that while a group may be private or or even hidden so that posts to the group cannot be seen by anyone not a member of that group, forum posts are displayed in both the group forum AND the public forum. Group members need to be aware that forum posts are NOT private regardless of the settings of the group itself.

I’ve used www.example.com as my example, substitute this for your own domain.

Setting up WordPress MU
1. Setup the database
2. download http://mu.wordpress.org/download/
3. unzip and upload the contents of wordpress-mu to the root of the webserver
4. go to www.example.com
5. follow the instructions to setup WordPress up with access to the database. Exclude ‘www.’ from the server address.
5.a. NB for this to work make sure that you have http://example.com (as opposed to http://www.example.com) registered as a A record for your domain, otherwise it will not work
6. login to test it is all working OK using the supplied username and login. make a note of these for future ref.

Setting up Buddypress 1.2.3
MANUAL  INSTALL – I recommend the automatic install
1. download http://buddypress.org/download/
2. unzip and upload to /wp-content/plugins/folder NOT mu-plugins folder

AUTOMATIC INSTALL
1. login to wordpress
2. go to plugins -> add new
3. search for and install buddypress
4. activate a buddypress compatible theme -> follow on screen instructions

Setting up bbpress
1. download http://bbpress.org/download/
2. create the directory where you want the forums, i.e. root/forums will mean users access them via www.example.com/forums
3. unzip and upload contents of bbpress to /forums directory
4. go to www.example.com/forums/
5. enter the database configuration info requested:
– for ease of use suggest using same database as WordPress
6. check the tick box to add integration settings for WordPress then cookie settings
– enter the wordpress and blog address as http://example.com
– all of the cookie and salt info is found in wp-config.php. Click on the ? to get the exact description of which value to enter.
7. check to add user integration

Integrating WordPress with bbPress
1. login to bbpress – if already logged in after installation, logout, then login again.
2. go to settings_wordpress integration
3. Enter user mapping andn save, suggest:
admin->key master
editor->moderator
everone else->member
4. check that the cookie & salt values entered are correct as entered previously
5. got to www.example.com/wp-admin/
6. go to Plugins->add new->bbpress integration->install->activate
7.go to settings->bbpress integration
8. enter the info requested and save:
–bbpress URL : http://example.com/forums/
–leave the plugins field
– wordpress type -> MU
9. scroll down to the bottom and the manual cookie settings should be populated with code:
define( ‘COOKIEHASH’, ‘xxxxxxxxxxxxxxxxxxxxxxx’ );
define( ‘COOKIE_DOMAIN’, ‘.example.com’ );
define( ‘SITECOOKIEPATH’, ‘/’ );
define( ‘COOKIEPATH’, ‘/’ );
Copy and paste this code into wp-config.php

You should be done! Do all of the above before attempting to use the installation.

I haven’t yet had opportunity to test it out but will be interested to see how it performs and will post feedback here.

Sex:

viagra

satisfy/satisfaction

penis/pen1s

Gambling:

royale

casino

Spoofs:

received

reminder

amazon

skype

verizon

address (my address has changed)

mailbox

Gifts:

wathes (watches!)

watches

warranty

received

real

Medicine:

Codeine

Symbols:

$%!?

Desperate/vunerable:

diploma

degree

Misc:

we

something

Using the above I managed to delete about 300 of my initial 360. There were 21 false positives, mostly message failed or undeliverable notices ro auto-emails that were genuine, and about 40 which didn’t fall into any of the above and were not sufficiently volumous to make it worth trying to search on each one.

When I started I thought it would be easier than trawling through them but there were a lot more variables than I expected. It would probably make sense to do this if you’ve been away for a couple of weeks and come back to 3,000+ spam emails but on a daily basis I think I’ll just reach for the delete button.

Unfortunately we’re now looking to move hosts from Windows -> Apache and as a part of this I’m having to move the security certificate. Thawte have a ‘knowledge base’ article to help with this but 2 thirds of the way down it says ‘Run the following command using OPENSSL’.

Having been to openssl.org and made little headway I asked a thawte support rep for, well support. His response was that they support the cert but not third party applications. While on the one hand I can understand this, on the other if you are going to direct a customer down a certain route which they have no alternative but to go down you should not just wash your hands of it and say ‘good luck’ – or at least not if you don’t want to piss your customer off!