Handling multiple identities/accounts in mutt

Since mutt seems to be all the rage these days at work, I might as well document here a few things about my .muttrc that might be useful to others.

(I recommend that you start off with the Debian or Ubuntu package for mutt since a large chunk of necessary customization work has already been done by the Debian maintainers.)

Here is how I handle two user accounts. Let's start off by listing both of these addresses so that mutt can recognize emails using these as being sent by me:

alternates "(fmarier@gmail\.com)|(francois@debian\.org)"

Now this is to allow me to change the From address within the editor, in case I forgot to set the right one before pressing 'm':

set use_from

and this one pre-fills the From address when replying to emails based on the email account that received the original mail:

set reverse_name

Here are the two settings that I'm going to change when switching to a different identity (from address and status bar display).

# default profile
set from="francois@fmarier.org"
set status_format="-%r-francois@fmarier.org: %f [Msgs:%?M?%M/?%m%?n? New:%n?%?o? Old:%o?%?d? Del:%d?%?F? Flag:%F?%?t? Tag:%t?%?p? Post:%p?%?b? Inc:%b?%?l? %l?]---(%s/%S)-%>-(%P)---"

Here are the macros I use to switch from one account to the next (bound to ESC-1 and ESC-2):

macro index \e1 ":set from=francois@fmarier.org\n:set status_format=\"-%r-francois@fmarier.org: %f [Msgs:%?M?%M/?%m%?n? New:%n?%?o? Old:%o?%?d? Del:%d?%?F? Flag:%F?%?t? Tag:%t?%?p? Post:%p?%?b? Inc:%b?%?l? %l?]---(%s/%S)-%>-(%P)---\"\n" "Switch to francois@fmarier.org"
macro index \e2 ":set from=francois@debian.org\n:set status_format=\"-%r-francois@debian.org: %f [Msgs:%?M?%M/?%m%?n? New:%n?%?o? Old:%o?%?d? Del:%d?%?F? Flag:%F?%?t? Tag:%t?%?p? Post:%p?%?b? Inc:%b?%?l? %l?]---(%s/%S)-%>-(%P)---\"\n" "Switch to francois@debian.org"

And this is the code that uses these macros to switch to the right identity automatically:

folder-hook =inbox 'push \e1oi'
folder-hook =debian-inbox 'push \e2oi'

(The 'oi' part at the end is there to restore the default sort order.)

Finally, I've got this convenient shortcut which allows me to switch to my inbox quickly and to go from one inbox to the next:

macro index I "c=inbox\n" "Switch to inbox"
folder-hook =inbox 'macro index I "c=debian-inbox\n" "Switch to debian-inbox"'
folder-hook =debian-inbox 'macro index I "c=inbox\n" "Switch to inbox"'

Next up: indexing your emails using mairix.

Searching through the contents of emails in mutt

Mutt has a built-in feature for search the body of emails in the current mailbox (see ESC-b) but it's also possible to make this extremely fast by plugging-in external tools. Here's a quick description of my mairix setup.

After installing the package,

apt-get install mairix

create a .mairixrc in your home directory containing something like:

base=/home/username/Mail
maildir=inbox:archives*:sent*
mbox=debian*:jokes
mfolder=search
database=/home/username/Mail/.mairix_database

(This assumes that you store your mail in ~/Mail and that you want the search results in a new ~/Mail/search maildir folder.)

Then you need to run mairix once to index all of your emails:

mairix

which you will of course want to run regularly. I created this cronjob in /etc/cron.d/mairix-username:

17,37,57 * * * * username /usr/bin/on_ac_power && /usr/bin/mairix || true

(To avoid waking up the hard drive needlessly, I prefer to restrict the indexing runs for when I'm running on AC power. Take that out if you're not running it on a laptop.)

Finally, the last bit of setup is in ~/.muttrc:

macro index \eb 'c=search'<enter><shell-escape>'mairix ' 'Enter Mairix search term'

which makes mairix take over the ESC-b shortcut.

If you use GPG, you should also add this to your ~/.muttrc to make sure that mairix can see all of your messages by saving them as clear text:

set fcc_clear=yes
bind index s decrypt-save
bind pager s decrypt-save
bind index \ec decrypt-copy
bind pager \ec decrypt-copy
Saving a Windows Media Player stream using mplayer

The Gentoo folks have a great howto on ripping Windows Media Player streams (typically identified by an .asf, .asx or .wmv prefix) using mplayer.

Here's the gist of it:

 mplayer -noframedrop -playlist "<url>" -dumpstream -dumpfile <file>

For example, saving the third video on this Radio-Canada page (Espace video) for later viewing:

mplayer -noframedrop -dumpstream -dumpfile file.asf -playlist http://www.radio-canada.ca/Medianet/2008/CBFT/3600SecondesDextase200803011900_4.asx

which can then, of course, be converted to MPEG4 using mencoder:

mencoder -o file.avi -ovc lavc -lavcopts vbitrate=16000 -oac mp3lame file.asf
Increase the security of your Linux kernel with the grsecurity patch

Wikipedia has a pretty good explanation of what grsecurity and PaX do, but in a nutshell, here's what this set of patches buys you:

  • non-executable stack
  • address-space randomization
  • role-based access control
  • chroot hardening
  • enhanced auditing

If you're looking for a quick way of downloading the latest stable Linux kernel with the grsecurity patch already applied, clone this git repository (which can be browsed here):

git-clone http://git.catalyst.net.nz/linux-2.6.24-grsec.git

I also maintain an RSS feed (well, an Atom feed actually) keeping track of the latest grsecurity and PaX test patches:

http://feeds.feedburner.com/grsecurity

Finally, make sure you run paxtest to make sure that the protections offered by grsecurity and PaX are properly enabled.

Two-tier encryption strategy: Archiving your files inside an encrypted loopback partition

Even with a fully encrypted system (root and swap partitions), your data is still vulnerable while your computer is on. That's why Bruce Schneier recommends a two-tier encryption strategy.

The idea is that infrequently used files are moved to a separate partition, encrypted with a different key. That way, the bulk of your data files is protected even if your laptop is hijacked or if an intruder manages to steal some files while your main partition is decrypted.

On Debian and Ubuntu, a secure archive area can be created easily using an encrypted loopback partition and the cryptmount package.

Add this to /etc/cryptmount/cmtab:

archives {
  dev=/home/francois/.archives
  dir=/home/francois/archives
  fstype=ext4
  fsoptions=defaults,noatime

  keyfile=/home/francois/.archives.key
  keyformat=builtin
  keyhash=sha512
  keycipher=aes-xts-plain64
  cipher=aes-xts-plain64
}

Create the key and the 3GB loopback partition:

sudo cryptmount --generate-key 32 archives
sudo chown francois:francois .archives.key
dd if=/dev/zero of=.archives bs=1G count=3
mkdir archives
sudo cryptmount --prepare archives
sudo mkfs.ext4 -m 0 /dev/mapper/archives
sudo cryptmount --release archives

Fix the permissions so that you can write to this partition with your normal user account:

cryptmount archives
cd archives
sudo chown francois:francois .
cryptmount -u archives

Then you can mount and umount that partition using:

cryptmount archives

and:

cryptmount -u archives
News feeds (RSS/Atom) for MythTV.org and SchedulesDirect.org

I have created two separate RSS/Atom feeds that might be of interest to MythTV and Schedules Direct users:

They are updated once a day by a small Perl script.

You can also subscribe to these feeds by email:

Disabling the GMail spam filter and handling it yourself using SpamAssassin

I've been using GMail ever since they decided to allow users to download their mail using POP. I was happy reading my email as usual in mutt. The only problem was that I had to log onto the website once in a while to clear out my spam folder and fish out the false positives.

However, as the amount of spam I receive daily started growing exponentially (in part thanks to my involvement in Debian), I became more and more dissatisfied with this solution. I had to login several times a day just to keep the levels of spam down to a manageable level. I tried emailing the GMail support team a few times without success.

The solution came just as I was looking at switching to a different email provider: IMAP access.

Using fetchmail, I can now download my received and sent mail using POP and then download (and purge) the contents of my spam folder. Here are the relevant lines of my ~/.fetchmailrc:

poll pop.gmail.com protocol pop3 user "fmarier@gmail.com" is "francois" password "" fetchall ssl
poll imap.gmail.com protocol imap user "fmarier@gmail.com" is "francois" password "" folder "[Gmail]/Spam" fetchall ssl

I can then run all of my mail through my own local SpamAssassin setup.