Monday, November 19, 2007

Pimlico

I was just discussing this passage with a friend; it's from G.K.Chesterton's book Orthodoxy.

Let us suppose we are confronted with a desperate thing—say Pimlico. If we think what is really best for Pimlico we shall find the thread of thought leads to the throne or the mystic and the arbitrary. It is not enough for a man to disapprove of Pimlico: in that case he will merely cut his throat or move to Chelsea. Nor, certainly, is it enough for a man to approve of Pimlico: for then it will remain Pimlico, which would be awful. The only way out of it seems to be for somebody to love Pimlico: to love it with a transcendental tie and without any earthly reason. If there arose a man who loved Pimlico, then Pimlico would rise into ivory towers and golden pinnacles; Pimlico would attire herself as a woman does when she is loved. For decoration is not given to hide horrible things: but to decorate things already adorable. A mother does not give her child a blue bow because he is so ugly without it. A lover does not give a girl a necklace to hide her neck. If men loved Pimlico as mothers love children, arbitrarily, because it is THEIRS, Pimlico in a year or two might be fairer than Florence. Some readers will say that this is a mere fantasy. I answer that this is the actual history of mankind. This, as a fact, is how cities did grow great. Go back to the darkest roots of civilization and you will find them knotted round some sacred stone or encircling some sacred well. People first paid honour to a spot and afterwards gained glory for it. Men did not love Rome because she was great. She was great because they had loved her.

Saturday, November 17, 2007

Brew 33: Winter Warmer

I have not been brewing much lately, an error I hope to fix this week. The first brew is a Winter Warmer, like Brew 26. This brew was the most smoothly executing brew I can remember. Strangely, the O.G. is closer to 1.050 than 1.060, so it will be less potent.

Anyway, here's the recipe....


Date of Brew: November 17, 2007
Ingredients
  • Grains
    11.5 lbs Crisp Maris Otter
    1 lb Simpson's Crystal
    0.25 lbs Simpon's Chocolate
  • Hops
    1 oz Northern Brewer (60 mins)
    1 oz Fuggle (30 mins)
    1 oz Kent Goldings (1 min)
  • Yeast
    Wyeast #1728 Scottish Ale Yeast #1014295
  • Additives
    1 tsp Irish Moss

Mash
4 gallons, 153 F for 60 min.

Number of Gallons in Boil: 6
Boil Time: 60 mins
Gallons in Fermenter: 5

Saturday, September 8, 2007

Brew 32: Oatmeal Stout

This brew is in honor of the late Michael Jackson, the ``Beer Hunter'' who passed away last week. This style is one he popularized; this batch is a kit from Northern Brewer.

Some notes: this time I tried doing a two stage mash, holding the temperature at 153F for one hour, then 170F for ten minutes. To do this, I kept the mash in the kettle on the stove. This did not work as well as I hoped. The thermometer, a probe type, fluctuated wildly as the probe moved around, and it took forever to figure out if I had reached a target temperature or not. Time to get a real thermometer I suppose. The final gravity was low, but within the style guidelines, so I think it will be okay. Other than that, the brew went very very well. Each time I do a brew, it seems more streamlined than before.

Here are the notes.

Northern Brewer Oatmeal Stout

Brew Type: All Grain Date: 9/8/2007
Style: Oatmeal Stout Brewer: Mattox Beckman
Batch Size: 5.00 gal Assistant Brewer: John and Heidi Fisher
Boil Volume: 5.77 gal Boil Time: 65 min
Brewhouse Efficiency: 57.6 % Equipment: My Equipment
Actual Efficiency: 57.6 %
Taste Rating (50 possible points): 0.0
Ingredients
Amount Item Type % or IBU
6.50 lb Pale Malt, Maris Otter (3.0 SRM) Grain 72.2 %
1.00 lb Oats, Flaked (1.0 SRM) Grain 11.1 %
0.50 lb Caramel/Crystal Malt - 80L (80.0 SRM) Grain 5.6 %
0.50 lb Chocolate Malt (450.0 SRM) Grain 5.6 %
0.50 lb Roasted Barley (300.0 SRM) Grain 5.6 %
1.00 oz Chinook [13.00%] (60 min) Hops 52.2 IBU
1 Pkgs Irish Ale (Wyeast Labs #1084) Yeast-Ale
Beer Profile
Estimated Original Gravity: 1.038 SG (1.035-1.060 SG) Measured Original Gravity: 1.038 SG
Estimated Final Gravity: 1.010 SG (1.010-1.018 SG) Measured Final Gravity: 1.005 SG
Estimated Color: 32.0 SRM (35.0-200.0 SRM) Color [Color]
Bitterness: 52.2 IBU (20.0-50.0 IBU) Alpha Acid Units: 2.6 AAU
Estimated Alcohol by Volume: 3.7 % (3.3-6.0 %) Actual Alcohol by Volume: 4.3 %
Actual Calories: 163 cal/pint
Mash Profile
Name: My Mash Mash Tun Weight: 0.00 lb
Mash Grain Weight: 9.00 lb Mash PH: 5.4 PH
Grain Temperature: 72.0 F Sparge Temperature: 168.0 F
Sparge Water: 3.93 gal Adjust Temp for Equipment: FALSE
Name Description Step Temp Step Time
Dough In Add 11.70 qt of water at 164.4 F 153.0 F 60 min
Mash Out Heat to 170.0 F over 2 min 170.0 F 10 min
Carbonation and Storage
Carbonation Type: Corn Sugar Carbonation Volumes: 2.4 (1.8-2.4 vols)
Estimated Priming Weight: 3.8 oz Temperature at Bottling: 60.0 F
Primer Used: - Age for: 4.0 Weeks
Storage Temperature: 52.0 F

Thursday, August 30, 2007

Goodbye, Beer Hunter

I received word via hunahpu's blog that Micheal Jackson, the author of many wonderful books and articles about beer, has passed away. I am planning to brew something in the next week; I absolutely will have to brew something in his honor.

Connecting to AT&T DSL with the Encore ENDSL-AR DSL Modem

This post is updated: the modem doesn't quite work yet.

After the burglars stole my 2wire modem, I picked up an AT&T / 2Wire 2700HG-B from Best Buy. It works okay, except that it has a highly annoying habit of rebooting itself randomly, several times a day. It always seems to know when you're in the middle of a 10 hour backup operation, or need to download a lecture slide in the next two minutes.

So I decided it was time to get a new modem, and pick up some flashable WRT54GL routers. I found a modem at NewEgg.com that got good reviews, the Encore ENDSL-AR.

AT&T was mildly helpful in getting it connected. After being on hold, listening to a sales pitch for their cell phone service, and being transfered twice, telling the computerized operator my phone number three times only to have the techs ask again, I got just enough info to figure the rest out through trial and error. This hold system definitely fails the ``don't look stupid'' test.

Anyway, enough complaining. Here's part of what you need to do... or at least, what I needed to do. First, plug everything in, and browse to http://10.0.0.2/, which is where the setup page lives. Go to the WAN Configuration page (Of course, you realize, if you need these instructions, you aren't going to be able to access my blog. Save this entry to your hard drive first.) It will ask you which adapter, I told it Pvc 0. Next, you'll get a screen for the WAN configuration. Here are the settings I needed, a * indicates that this was the default setting:

  • Virtual Circuit: Enabled *
  • Bridge: Disabled *
  • IGMP: Disabled *
  • Encapsulation: PPPoE LLC
  • DHCP Client: Disabled *
  • Static IP Address: 0.0.0.0
  • Username: username@sbcglobal.net (of course, put your own AT&T/SBC email address here)
  • Password: ***** (I think you know what goes here.)
I didn't change any of the other settings.

You need to hit the submit button, and then click on the save configuration link, then tell it to save and reboot.

You're not quite done yet. Next, you need to bring up the WAN page again, and select Advanced PPP Configuration. From there, go to PPP Account Configuration (the link is at the bottom of the page). You will need to type in the account name in the table below (on mine it was ``'') into the Acct ID field, and reinput your username and password. Don't forget the ``@sbcglobal.net'' part, or whatever yours should be.

Save and reboot again, and this time you should be connected. Good luck!

Now, the only problem is this: I can get out just fine, but none of my incoming connections work. I've tried setting a DMZ host, and playing with some of the other settings, but nothing seems to be working. It's labor day now, so I'll have to wait before calling tech support.

Saturday, July 14, 2007

A Change of Focus

I have decided to change my research focus. I am now going to pursue Machine Learning.

This has been coming for a while now. I have not been truly excited about a programming language research project in a long long time. While much of research is drudgery, you do have to have some moments of inspiration to keep going. Those simply haven't been happening.

On Monday I sat down and took stock of my situation. What is it that I really like to do with computer science? Given some free time (or just when procrastinating), what do I do? I have long wished that my field required the use of statistics: I love using data to try to tease out correlations and probabilities. I also like experiments, databases, and I am absolutely fascinated by genetic and evolutionary computing---it's like playing with God's toolbox. From languages I have learned about types, functions, representations, and models. I've been programming databases, playing with genetic algorithms, and studying statistics on the side. Put all these things together, and what emerges is machine learning: it covers all of these things.

On Wednesday I went to visit a good friend Bill Hsu, who has been in this field for quite some time. I did not realize when we made our appointment that I would be making this decision, but it was certainly a nice coinciding. He gave me a quick introduction, took me to the closing ceremony of a machine learning summer school his students were attending, and gave me a list of books to read to get started.

One great thing about being an academic is that by saying the word, I can change my job description. Instead of feeling like I'm procrastinating when I write a simulation, now all of a sudden, I'm being productive!

So where to go from here. I'm now reading Machine Learning, by Tom Mitchell, and have three more books in queue. I estimate it will take a number of months to read them and start to get up to speed. After (or during, more likely) reading those, I will be able to start reading current publication, playing with my own experiments and simulations, and seeing where the open problems are. The fact that my school has quite a few faculty already in this area should be a great asset.

This is the first time in a very long time I've felt excited about doing research.

Tuesday, May 22, 2007

Brew 30 and 31

Brew #30, a Gewürztraminer, is finally bottled. This one contained elderflowers. There was a near-disaster when I transfered to secondary because the flowers clogged the port. I was able to save 5 of the six gallons, and half a gallon got used to make sangria, so things turned out well anyway.

Yesterday I started brew #31, an Australian Grenache/Mourvèdre. The initial gravity on this one was 1.106, and it had tons of oak to put into it. I tasted the sample for the specific gravity. Pretty good, I'm betting on lots of tannins.

Lovena Peng Loo 1972--2007


It's been a very sad few days. A friend of mine was senselessly murdered by burglars this past weekend.

I got to know Peng over a few days when I was in Malaysia. We both stood in Ian and Julianne's wedding. It was my first time in Malaysia. Peng would look after me, teaching me bits of Cantonese so I could understand better when people spoke "chinglish". She even gave me a Cantonese name, which she used over the years as we kept up over gmail and IM.

I've been rereading those conversations. She would check up on me when she found out I had a cold, teach me Cantonese phrases, and talk about career searching. She was so willing to serve God with the gifts she had, and so intent on hearing from Him about that. I told her that the most important aspect of her job would probably not be the activity, but the people she would minister to. That's just the kind of person she was....

We always thought it was great that even though our Meyer Briggs personality types were exact opposites, and that we lived literally a world apart, we would talk and keep up with each other.

I will really miss her.

Now we do not want you to be uninformed, brothers and sisters, about those who are asleep, so that you will not grieve like the rest who have no hope. For if we believe that Jesus died and rose again, so also we believe that God will bring with him those who have fallen asleep as Christians. (NET) I Thes 4:13

Tuesday, May 1, 2007

What Computers were Meant to Be

Today I got the new version of Mathematica. I first learned to use this in 1989 when I took a class from Dan Greyson as a freshman at UIUC. The first example they showed was to type in some function and take its derivative. Seeing the answer pop up on the screen, my reaction was "this is what computers were meant to be."

Now we're at version 6. There are many new features. Many. The things that will catch your attention when you look at the web page will be all the fancy presentation abilities, but there are other nice things as well. One that I particularly like is the "curated information": databases of all kinds of information about chemicals, cities, stocks.... Imagine your almanac was embedded into Mathematica. The command

ChemicalData["Caffeine", "MoleculePlot"]
brings up a (interactive!) picture of one of my favorite molecules:

Here's another feature that will be handy for investment research. This command brings up a nice visual to illustrate a certain banking decision I made last month.

DateListPlot[FinancialData["NTBK", All]]

One of the first of my own programs was to make a picture of a fractal called the Sierpinski Gasket.

I have a lot of ideas for how I'm going to use this. It's interesting in its own right, since I am a programming language professor, and this is a very interesting programming language. But it will also help with administration: I've been collecting exam score data for years now, and I've really been wanting to do some statistical analysis to see how effective various teaching techniques will be. It will be much easier to do that now.

I should have gotten this a long time ago.

Saturday, April 21, 2007

AMB-0: On Dijkstra and Writing

I have long admired E.W. Dijkstra for his contributions to computer science, and his very precise thinking and communication. I discovered the other day through a colleague's blog[3] that Dijkstra's works are all online.

I found that he had a habit that will benefit me in two ways. The habit was to write a series of papers called ``EWD's'' which often were unpublished, but instead were circulated to various colleagues. Some of these writings were theorems, some became full-blown papers, some were just refections on things he had seen recently. It reminds me of a blog, except that many of them were hand-written.

Dijkstra explained the benefit he derived from doing this in his thousandth entry[2].

On a more contented note: I am reasonably pleased with life, about as pleased as we poor mortals may be allowed to be, and in this contentment the EWD-series plays a major role. If there is one ``scientific'' discovery I am proud of, it is the discovery of the habit of writing without publication in mind. I experience it as a liberating habit: without it, doing the work becomes one thing and writing it down becomes another one, which is often viewed as an unpleasant burden. When working and writing have merged, that burden has been taken away.

The habit is also liberating in a much more profound sense. I consider, for instance, EWD975[1] on the Theorem of Pythagoras--of all theorems!--a major achievement of the last semester. It was an unadulterated pleasure to write it; one of its recipients called it ``absolutely bloody marvellous.'' Had I only written with publication in mind, it would never have seen the light of day. Not only would aforementioned recipient have been denied his enjoyment, I would have been so too: what I sent out was Sunday's version, which I could only write after the discovery that I could still improve on Saturday's version, The only way to discover that a neglected or ignored topic is worth writing about is to write about it.

The first benefit I will gain from this series is that I now have a mentor. A long time ago I learned that if one wanted to learn to write well, then one should read things that were written well. I now have a large collection of well-written essays to read. Further, the topics themselves are very interesting in their own right (such as the above-mentioned Theorem of Pythagoras)!

The second benefit is that I can emulate this habit. I have thought before that writing without regard to publication was an important habit, but rarely had I seen it done before now. With this encouragement, I will start my own series. This will help me sharpen my thinking and communicate my ideas with my colleagues.

Bibliography

1
Edsger W. Dijkstra.
On the theorem of Pythagoras (EWD 975).
circulated privately, 1986.

2
Edsger W. Dijkstra.
Twenty-eight years (EWD 1000).
circulated privately, January 1987.

3
Joel F Klein.
Jfk bits: Dijkstra computer inversion quotes, April 2007.
http://jfkbits.blogspot.com/2007/04/dijkstra-computer-inversion-quotes.html.

Wednesday, March 28, 2007

Begin the evacuation

I've been a bit frustrated with my bank, Netbank, for a while now. Last year they sent out a notice that they were lowering their checking interest rates. I was pretty annoyed. Didn't anyone tell them that every other bank on the planet was raising their rates? I began looking half-heartedly for alternatives, but since most of my savings were in the likes of Ing and Emigrant Direct anyway, it didn't seem too urgent.

This past week, I've been looking at various stock prices, setting up the Magic Formula account I wrote about in a previous post. I happened to look at NetBank's financials. I was pretty shocked. As of this writing, their stock prices are $2.26. They've been losing money three years in a row now, and dropping services like crazy. One of the latest to go was their quickpost deposit option...

For a good contrast, click on any of the other banking sites you see, such as Citibank, Ing, Bank of America....

Ing has just opened a new all-internet checking account. So, I've decided to jump ship. NetBank's insured, so if they do manage to kill themselves off you shouldn't lose any money (so please don't start a run on the bank and say it was my fault!), but I'm tired of getting less service when everyone else is tripping over themselves for my business.

Oh, and if you do decide to go with Ing, let me know. We each get a referral bonus if I refer you. :-)

Friday, March 9, 2007

The Spring Forward Fairy

Hey Kids,

Now is that special time of year when the Spring Forward Fairy gives us an extra hour of daylight at the end of the day. She does this at 2:00am by magically making it become 3:00am instantaneously. This sets us free from the land of Winter, where it's always cold and never daylight. She even does this even if you were bad this year, unlike a certain other rather judgmental character from somewhere near Canada. All she asks is that you lose an hour of sleep. The combined sleep gives her the power to make this change.

You do need to know that this year is special. She's coming out early this year. So, you will feel sleepy *this* Sunday morning. You might want to go to bed early or something to get ready.

This next part is difficult, but I think you're old enough to know. There is no Spring Forward Fairy. She's really just our personification of an energy policy set by the faceless U.S. Bureaucracy. Not only has a cherished childhood fantasy been ruined, but you've probably worked out that if the Spring Forward Fairy isn't changing the clocks for us, then that means we have to do it ourselves.

So, don't forget to do that.

There are two ways to go about it though. If you still want to believe in the magic and insist that the spirit of Spring Forward Fairy is real, even if the persona is metaphorical, then you can stay up until 2:00am and make the change right then, keeping with tradition. You might want to have a few close friends on hand in case you have more than one clock, so that you can change them all simultaneously. Or, if you find yourself rather jaded by this whole experience you might want to do the more practical thing that most grown-ups do and just set the clocks forward by one hour just before you go to bed.

Think about it. If she were *really* magic, she would have figured out a way to do this without making us lose sleep.

Sunday, February 4, 2007

Adventures on the CTA: Free Coffee!

Yesterday when I got on the bus, I was the only one on it. The bus driver said that she was at the stop early and we had to wait a few minutes. Since we were outside of the 7-11, and since it was nothing degrees F outside, she went in for some coffee. And she gave me a coupon for a free coffee!!

That totally made my day.

Today I brought some of Brew 28 to the Superbowl party. Everyone really liked the beer. The first five minutes of the game was really good too.

Saturday, February 3, 2007

Brew #29: India Pale Ale

Today I brewed another Northern Brewer recipe, this one is an India Pale Ale.

This time I tried a few new things. First, I used some software to manage my brew. I purchased the Beer Smith package. Very easy to use, and can even be run under Wine if you don't want to use a Windows machine. The software was especially helpful in doing the multi-stage infusion. It calculated the amount and temperature of water I would need for each step.

This enabled me to do a two stage infusion. The first was at 151 degrees, the second at 165 degrees. I undershot a little, because when I did the first stage, I didn't wait long before taking the temperature. It was 161 F, so I added 2 quarts of cold water. This dropped it considerably, so I'm thinking the temperature was okay after all, but just needed a minute to transfer the heat from the water to the grains.

Beersmith also generates an HTML brew sheet, so I'm going to paste that in here.

#29: Northern Brewer India Pale Ale

Brew Type: All Grain Date: 2/3/2007
Style: English IPA Brewer: Mattox Beckman
Batch Size: 5.00 gal Assistant Brewer:
Boil Volume: 6.00 gal Boil Time: 60 min
Brewhouse Efficiency: 70.0 % Equipment: My Equipment
Actual Efficiency: 55.4 %
Taste Rating (50 possible points): 35.0

Ingredients
Amount Item Type % or IBU
11.50 lb Pale Malt, Maris Otter (3.0 SRM) Grain 92.0 %
1.00 lb Carafoam (2.0 SRM) Grain 8.0 %
1.00 oz Nugget [13.00%] (60 min) Hops 42.9 IBU
1.00 oz Fuggles [4.50%] (30 min) Hops 11.4 IBU
1.00 oz Fuggles [4.50%] (1 min) (Aroma Hop-Steep) Hops -
1.00 oz Goldings, East Kent [5.00%] (10 min) (Aroma Hop-Steep) Hops -
1 Pkgs Thames Valley Ale (Wyeast Labs #1275) Yeast-Ale

Beer Profile
Estimated Original Gravity: 1.066 SG (1.050-1.075 SG) Measured Original Gravity: 1.052 SG
Estimated Final Gravity: 1.016 SG (1.010-1.018 SG) Measured Final Gravity: 1.005 SG
Estimated Color: 5.8 SRM (8.0-14.0 SRM) Color [Color]
Bitterness: 54.3 IBU (40.0-60.0 IBU) Alpha Acid Units: 3.5 AAU
Estimated Alcohol by Volume: 6.5 % (5.0-7.5 %) Actual Alcohol by Volume: 6.1 %
Actual Calories: 226 cal/pint


Mash Profile
Name: Double Infusion, Medium Body Mash Tun Weight: 9.00 lb
Mash Grain Weight: 12.50 lb Mash PH: 5.4 PH
Grain Temperature: 72.0 F Sparge Temperature: 168.0 F
Sparge Water: 1.81 gal Adjust Temp for Equipment: TRUE

Name Description Step Temp Step Time
Saccrification Add 15.00 qt of water at 169.4 F 153.0 F 60 min
Mash Out Add 8.75 qt of water at 205.7 F 170.0 F 10 min


Mash Notes
Double step infusion - for medium body beers requiring a protein rest. Used primarily in beers high in unmodified grains or adjuncts.

Thursday, February 1, 2007

Spiders on the Train!

Normal people, when they go shopping, end up buying shoes or gadgets or cars. Today I bought a tarantula. She's a Pinktoe (Avicularia avicularia) from the look of her, but then she is only six to eight months old. She could turn out to be a he, or she could also turn out to be a Peruvian Pinktoe (Avicularia urticans). Time will tell.

In any event, she's beautiful. Here's a picture:

Pinktoe Tarantula

The photo really does not do justice to the colors. Her abdomen is a reddish purple, her carapace is has a blue metallic tint. And of course, she has pink toes.

One of the attractions of this species is that they are very docile. None of the other four spiders in my collection are handleable, so it's nice to have one that I can bring out. I've also been wanting to learn a few techniques for picking up a tarantula that would work on even more aggressive species, but you need to practice on one that's more compliant. I hope she doesn't mind.

The guy working at the petstore was not too happy when I wanted to look at her. He got the kind of look... well, okay, he got the kind of look most people, including many of my dear friends and family reading this, would get if someone asked them to hold a "giant" spider. (Come on, she's only the size of two quarters end to end. Let me go to my room and get you a real giant spider....) The lady behind the counter who carried herself as a proprietor would had to get it out for him.

Of course, I took her on the train home. This time is was the metra. No constipated people yelling "Yummy yummy!" today. I had to put her in my coat sleeve, a trick I learned from Mrs. Snake the last time I had an adventure in animal transport. Note: she was in a "to-go"-like container. I don't think I would keep a loose spider in my sleeve. Not that I would mind the spider, it's just that it would get out.

She does seem docile when I held her; but she did one surprising thing. Most tarantulas, when they get to the end of your hand, turn around and try the other direction, or else they feel over the edge until they find your other hand waiting for them. This one jumped! Very luckily, I caught her. Definitely will want to keep her over the wood floor or a blanket next time I take her out.

If there is a next time.... One problem is that I have actually managed to develop an allergy to certain kinds of spiders...! I hope she is not one of them.

Tuesday, January 30, 2007

Nine Rules for Eating Well

One of my favorite bloggers whom I don't know, Maki of I was Just Really Very Hungry, posted a link to an essay called Unhappy Meals, which talks a lot about how to eat well, and be healthy from your food. The article is 12 pages long, and very interesting. Of course, I read Just Hungry because I like how Maki thinks about food, and she posted this link because she liked how Michael Pollan wrote about food. So, by the transitive property, you would expect me to like it too.

So. If you like how I think about food, then you'll probably like how Maki thinks about food, and you'll therefore probably like how Michael Pollan thinks about food, and will therefore enjoy the article. Give it a read!

Or, if you're in a hurry, the quick summary is "Eat food. Not too much. Mostly Plants."

Saturday, January 20, 2007

Brew #28 Belgian Dubbel: Bottled

Brew #28, the Belgian Dubbel, is now bottled. Of course I tried some of the green beer, it definitely has a Belgian character to it, it reminds me a lot of Chimay's Brown Label.

I bottled 21 beer bottles of various sizes, and also one champagne bottle just to see what would happen. I'm hoping to save it for something like a year to see how the character of this beer changes over time. I put about 2.5 gallons of it in a keg, partly because bottling is pretty tedious, and partly because I'm afraid I'm going to run out of the Irish Red that's on tap now, and partly as yet another an experiment to see how bottling and kegging affect the taste. Officially, I should wait until February to start in on it... "Ready in Two Months" was the tag line in the instructions. I'm looking forward to this one!

Final gravity: 1.006. This gives an ABV of 5.7%. A tad lower than is typical, I think because there was extra water in the kettle when I added the spargings. But that's fine.

The Carmenere/Cabernet-Sauvignon is also ready to bottle, I'll probably do that in the next day or two.

Thursday, January 4, 2007

Getting Postfix to work on Ubuntu with Gmail

Here's what I want to do. I have an Ubuntu box (Edgy-Eft) at home, and I want to be able to send out email, and I want to use gmail as my relayhost. There are several sites online that explain bits of how to do this, and Mike Chirico's is particularly good. I used his tutorial as a starting point, but I noticed I had to do a few things differently to get it working on my own system, so I'm documenting the differences.

Differences

Disclaimer: Different about my setup is that I am using the Ubuntu packages, whereas Chirico's tutorial has you compile the packages yourself. There's nothing wrong with doing that, in fact, it's probably good for your soul, but I'd prefer to make use of the Ubuntu package manager as much as possible. Further, I'm not interested in using fetchmail, so I've done nothing with that.

Installing Postfix

The first thing I did was install postfix.

# apt-get install postfix
I told the configuration script that I was installing for an internet site. Happily, debian/ubuntu's postfix comes with TLS and SASL compiled in.

Generate Your Certificates

In order to connect to gmail, you need a certificate. Here's what happened when I generated my certificate.
# /usr/lib/ssl/misc/CA.pl -newca
CA certificate filename (or enter to create)

Making CA certificate ...
Generating a 1024 bit RSA private key
.....................++++++
.........................++++++
writing new private key to './demoCA/private/cakey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Illinois
Locality Name (eg, city) []:Chicago
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Prancing Tarantula
Organizational Unit Name (eg, section) []:
Common Name (eg, YOUR name) []:Mattox Beckman
Email Address []:mattoxbeckman@gmail.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Using configuration from /usr/lib/ssl/openssl.cnf
Enter pass phrase for ./demoCA/private/cakey.pem:
Check that the request matches the signature
Signature ok
Certificate Details:
        Serial Number:
            d5:0c:4b:bb:48:17:c3:b0
        Validity
            Not Before: Jan  4 22:42:34 2007 GMT
            Not After : Jan  3 22:42:34 2010 GMT
        Subject:
            countryName               = US
            stateOrProvinceName       = Illinois
            organizationName          = Prancing Tarantula
            commonName                = Mattox Beckman
            emailAddress              = mattoxbeckman@gmail.com
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                33:0A:41:44:07:7D:0F:4C:10:B8:8C:4A:89:8C:CC:0E:18:EF:CA:92
            X509v3 Authority Key Identifier: 
                keyid:33:0A:41:44:07:7D:0F:4C:10:B8:8C:4A:89:8C:CC:0E:18:EF:CA:92
                DirName:/C=US/ST=Illinois/O=Prancing Tarantula/CN=Mattox
Beckman/emailAddress=mattoxbeckman@gmail.com
                serial:D5:0C:4B:BB:48:17:C3:B0

            X509v3 Basic Constraints: 
                CA:TRUE
Certificate is to be certified until Jan  3 22:42:34 2010 GMT (1095 days)

Write out database with 1 new entries
Data Base Updated
Now generate a private key...
# openssl req -new -nodes -subj '/CN=prancingtarantula.net/O=Prancing Tarantula/C=US/ST=Illinois/L=Chicago/emailAddress=mattoxbeckman@gmail.com' -keyout FOO-key.pem -out FOO-req.pem -days 3650
Generating a 1024 bit RSA private key
.........................................++++++
....++++++
writing new private key to 'FOO-key.pem'
-----
And sign it...
# openssl ca -out FOO-cert.pem -infiles FOO-req.pem
Using configuration from
/usr/lib/ssl/openssl.cnf
Enter pass phrase for ./demoCA/private/cakey.pem:
Check that the request matches the signature
Signature ok
Certificate Details:
        Serial Number:
            d5:0c:4b:bb:48:17:c3:b1
        Validity
            Not Before: Jan  4 22:48:47 2007 GMT
            Not After : Jan  4 22:48:47 2008 GMT
        Subject:
            countryName               = US
            stateOrProvinceName       = Illinois
            organizationName          = Prancing Tarantula
            commonName                = prancingtarantula.net
            emailAddress              = mattoxbeckman@gmail.com
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            Netscape Comment: 
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier: 
                16:B2:33:D3:E7:E9:4D:2B:76:71:5D:D7:EC:AF:47:22:FA:38:AB:54
            X509v3 Authority Key Identifier: 
                keyid:33:0A:41:44:07:7D:0F:4C:10:B8:8C:4A:89:8C:CC:0E:18:EF:CA:92

Certificate is to be certified until Jan  4 22:48:47 2008 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
Now I copied them to the /etc/postfix directory.
# cp demoCA/cacert.pem FOO-key.pem FOO-cert.pem /etc/postfix
# chmod 644 /etc/postfix/FOO-cert.pem /etc/postfix/cacert.pem
# chmod 400 /etc/postfix/FOO-key.pem
One difference from the tutorial: when running postfix, you may get warnings like this one:
Jan  4 17:21:59 calvin postfix/smtp[28881]: setting up TLS connection to
smtp.gmail.com
Jan  4 17:21:59 calvin postfix/smtp[28881]: certificate verification failed
for smtp.gmail.com: num=20:unable to get local issuer certificate
Jan  4 17:21:59 calvin postfix/smtp[28881]: SSL_connect error to
smtp.gmail.com: -1
I've copied them in so people searching for them will find this. These warnings are because postfix doesn't know where to find the Thawte certificate that gmail used to sign its own certificate. Ubuntu includes it in its ssl package. You need to append it to the cacert.pem file you generated earlier.
cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem >> cacert.pem 

Transport

To cause the mail to be routed, you need a transport file. Here's mine:
# Contents of /etc/postfix/transport
#
# This sends mail to Gmail
*               smtp:[smtp.gmail.com]:587
Different from the tutorial is the specification of port 587. If you leave that off, postfix will attempt to connect to port 25, which is blocked by many ISPs now. If you get a timeout error in your log file, that's what's happening. The Gmail help pages say you should be able to use port 465 also, but that times out for me as well. You'll have to add another line if you expect to receive mail at your machine.

SASL

You now need to set the SASL passwords. My file looks like this one:
# Contents of sasl_passwd
#
[smtp.gmail.com]:587             mattoxbeckman@gmail.com:password
Of course, replace password and the email address with something appropriate for your system. Again, note the 587... if you leave that off, you will get very confusing log messages like this one:
Jan  4 18:20:30 calvin postfix/smtp[31770]: 49D438A6F: 
to=, orig_to=, 
relay=smtp.gmail.com[64.233.163.109]:587, delay=7661, 
delays=7660/0.1/0.19/0.03, dsn=5.5.1, status=bounced 
(host smtp.gmail.com[64.233.163.109] said: 
530 5.5.1 Authentication Required 16sm56842404nzo 
(in reply to MAIL FROM command))
This will be very frustrating because you will see the passwords are there, but they just aren't being used. Be sure to hash the files:
# postmap sasl_passwd
# postmap transport

Wrapup

The lines in tls_per_site, main.cf and master.cf are like the tutorial. Just paste them into your own versions, and you should be good to go.