Die Minimalistin aka Tanja Dovens from Berlin, Germany is not quite like any other netlabel artist, as she is one of the few, that actually have a classic background. Her latest release on Enough Records, called “end-welt” (German for “final world”), however, explores gloomy, black veiled territories, somewhere between dark ambient, digitalised goth and industrial. Both the black and white cover art and the track titles are sometimes a bit too ostentatious, but maybe that is a principal problem with artists that try hard to comply to the rules of people they like to be associated with.

From a musical perspective Tanja Dovens’ music - as one could expect from someone who claims to be influenced by minimalist music - is rather repetitive, as it tries to capture single moments and describe them from different angles. Quite striking to me was how “die minimalistin” avoids abrasive, chaotic outbursts that would give the subjects of her desperate sceneries more authenticity. This contradiction is most obvious in “die kälte” (German for “the chill”), where a poem describes a state of mind that should be hard to bear and result in yells of anxiety. Instead, the lyrics are presented in a calm, almost unaffected voice, not unlike a scenery description of Grantchester Meadows at spring time. This emotional indifference may be unintended, but it leaves the dull impression of a fin de siecle emulation of what is supposed to be a psychotic momentum in life.

“end-welt” is perhaps the most daring track, with glassy dissonances hovering over steaming water inside of a caldera. Unfortunately the promising beginning is spoilt by overly hard limiting which completely eliminates any dynamics. Additionally, as result of the gated reverbaration, the sound becomes rather flat and mushy and amplifies structural weaknesses in this track’s arrangement. More focussed was die minimalistin’s work on the follow up tune “tausendschön” (not really translatable, perhaps something like “a thousand beautiful”) which creates an ambiguous atmosphere of weird bleeping analogue synthesizer lines recorded in a narrow metal tank, something like a hybrid between Detroit sound a la Drexciya without rhythm section and dark ambient textures with interfering chromatic overlays.

Drawing a final conclusion is not easy here:
The arrangements in “end-welt” are most convincing where die Minimalistin can keep the mood and tension at bay and totally glide off her hands once the thematic progession makes escalation, clarity and sharp contrasts necessary. An interesting work, perhaps most appealing to a goth audience who may feel comfortable with the created “instant depression” scenery, but I have a hard time with entirely recommending it to people who care more about music than superficial posturing.

One of the key passages in Neil Postman’s Amusing Ourselves to Death came to my mind recently, when I got tired of all the marketing drivel you have to bear as a musician:

What Orwell feared were those who would ban books. What Huxley feared was that there would be no reason to ban a book, for there would be no one who wanted to read one. Orwell feared those who would deprive us of information. Huxley feared those who would give us so much that we would be reduced to passivity and egoism. Orwell feared that the truth would be concealed from us. Huxley feared the truth would be drowned in a sea of irrelevance. Orwell feared we would become a captive culture. Huxley feared we would become a trivial culture, preoccupied with some equivalent of the feelies, the orgy porgy, and the centrifugal bumblepuppy. As Huxley remarked in Brave New World Revisited, the civil libertarians and rationalists who are ever on the alert to oppose tyranny “failed to take into account man’s almost infinite appetite for distractions.” In 1984, Orwell added, people are controlled by inflicting pain. In Brave New World, they are controlled by inflicting pleasure. In short, Orwell feared that what we hate will ruin us. Huxley feared that what we love will ruin us.

I confess, it is my personal problem: I should not care about it, but somehow I cannot join the crowd anymore and pretend there is nothing wrong with wasting my time with dishonest posing and trivialities.

One disappears without a trace whilst another prefers a graceful departure. Kikapu chose the latter and closed their shop after several months of inactivity with a final release. This of course is rather sad given the interesting back catalogue they had, but on the other hand one should know when it is time to leave and move on with new things. As their past releases remain available via archive.org, the music will survive, which is principally a good thing. In any case thanks for the music and all the best to the former Kikapu team.

Last night someone (ab)using a cable connection in Quebec left a long trail of entries in my weblogs, because the harvester’s link extraction mechanism was broken and resulted in lots of erraneous requests. The user agents were variants of IE explorer strings, some of them apparently truncated (maybe they exceeded the maximum allowed length in the spamware) and thus easy to distinguish from genuine visitors. François had encountered these visits before me, as you can read in this forum thread.

Here is a sample from my weblogs to give an idea about how these requests look like:

24.200.17.2 - - [23/Jan/2008:03:08:35 +0100]
"GET / HTTP/1.1" 200 6547 "-"
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
24.200.17.2 - - [23/Jan/2008:03:08:37 +0100]
"GET / HTTP/1.1" 200 37342 "-"
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET"
24.200.17.2 - - [23/Jan/2008:03:08:39 +0100]
"GET /category/misc/ HTTP/1.1" 200 12797 "-"
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1"
24.200.17.2 - - [23/Jan/2008:03:08:40 +0100]
"GET /feed/ HTTP/1.1" 200 33547 "-"
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET"
24.200.17.2 - - [23/Jan/2008:03:08:42 +0100]
"GET /2007/12/ HTTP/1.1" 200 36766 "-"
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"

Note the randomly changing user agent. Whois reveals the following about 24.200.17.2 (modemcable002.17-200-24.mc.videotron.ca):

CustName:   Videotron Ltee
Address:    300 Viger Est
City:       Montreal
StateProv:  QC
PostalCode: H2X-3W4
Country:    CA
RegDate:    2006-06-28
Updated:    2006-06-28

NetRange:   24.200.17.0 - 24.200.17.255
CIDR:       24.200.17.0/24
NetName:    VL-D-MM-18C81100
NetHandle:  NET-24-200-17-0-1
Parent:     NET-24-200-0-0-1
NetType:    Reassigned
Comment:
RegDate:    2006-06-28
Updated:    2006-06-28

I am not certain about the origin, though: It is possible that these requests came from the actual spammer. But this might as well be some zombified Windows machine on autopilot, which is now part of a botnet and serves as socks proxy to those who have good reasons to conceal their identity. Neither the ip addresses in François’ weblog nor that one here return any search results in Google, as one would expect from known sources of abuse. Often this signalises an individual or outfit that utilises a botnet with “fresh” proxies. Sometimes this is automatically done by malware which includes a scan and spam engine as payload.

As a workaround, I added the following SetEnvIf rule to my list of fake IE user agents:

SetEnvIfNoCase User-Agent "\.NET( CLR( [0-9.]{1,9})?)?$" block

The spamware’s broken link extraction is good for another rule:

SetEnvIfNoCase Request_Uri "//|%20title=%22" block

The “//” check within Request Uris also eliminates a lot of probes for vulnerable scripts that originate from compromised servers. In case you are worried about any http requests being blocked as result of the rule, rest assured that the protocol string http:// is not part of the Request Uri environmental variable.

Whenever I do my archaeological digs in Youtube to learn more about past music and how it spawned future music, I stumble across these entries by fanatic zealots, which read like being written by some seven year old kid. It is irritating to see seemingly adult persons even wage religious wars about “their” idol, once someone doubts the devine power and keeps him/her for an ordinary person. Who are these people? I am asking because it seems to me like a strange phenonmenom that I cannot seem to understand. Or maybe I can?

I remember some time back in my teen days (a few centuries ago) when I had the silly notion of becoming and being treated like someone I admired just by imitating this person. Of course this is a logical fallacy, as it bases on the idiotic assertion that there are objective criteria for admiration that equally apply to all people. However, what I find impressive may not automatically mean anything to someone else. Consequently it did not take that long for me to figure out that it makes you look rather silly, when all you do, say and practice is a mere quotation of someone else, you expect people to behave predictably to any stimulus you provide to them and deny the possibility they might disagree with your views.

I wonder why these fanatics at places like Youtube cannot seem to find out about this simple fact? Someone had a lucky day and wrote a good piece of music. That is marvellous, sometimes it even happens to me, but that alone is nothing special. What about performance artists who take the poses their audience want to see from them? I guess that qualifies as giving in or start believing the own hype. A fatal combination? You have the artist who wants to be recognised as an accepted member of society. A zealot’s idolatry, however, has nothing to do with the outside world but merely with him/herself, reducing the artist to a fetish and making him irrelevant as a person. Hmm, I sense a conflict here that boils down to the artist feeling misunderstood and abused.

Conclusio: Do not believe that as a renowned artist your life suddenly changes. Not more or less than for the fanatics waging wars for their idols at Youtube. Do not believe that “fans” are interested in you as a person. Actually they cannot, for if they did they would sacrifice their fetish and had to look for a substitute. Obviously nothing changes, except for the increased awareness of being excluded from those you tried to reach. Which only leaves art itself as a motor to carry on. Doing one’s work whilst waiting for Godot.

Just when you think it could not happen, it does anyway…
I have just discovered that Internet Explorer 6.0 has the habit of omitting the trailing slash of a domain name, whenever it is not explicitly appended in a request. This only works for requests of the webroot (like www.example.com), because in all other cases Apache will automatically launch a 301 redirect to the url version with a trailing slash. This is irritating to me because all other browsers will automatically add the trailing slash if it is missing.

Here are some log entries to illustrate what it looks like when you omit the slash of the domain name:

192.168.0.16 - - [22/Jan/2008:09:42:11 +0100] "GET / HTTP/1.1"
200 41369 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
192.168.0.16 - - [22/Jan/2008:09:42:13 +0100]
"GET /wp-content/themes/nodepet/style.css HTTP/1.1"
304 - "http://www.nodepet.com" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"

I marked the referrer string as bold. By sending this broken referrer string, IE is likely to break scripts which rely on the usual behaviour (i.e. referrer checker against hotlinking or script automation) and deny access to legit visitors. Curiously, if you do add the slash to your request from the start, IE 6.0 will behave like any other browser:

192.168.0.1 - - [22/Jan/2008:09:48:16 +0100] "GET / HTTP/1.1"
200 41369 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
192.168.0.1 - - [22/Jan/2008:09:48:17 +0100]
"GET /wp-content/themes/nodepet/style.css HTTP/1.1"
304 - "http://www.nodepet.com/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"

Up to now I thought a good indicator for a bot generated fake referrer is the missing slash and would make a good SetEnvIf rule to deny access on, however now it seems like this approach is generating false positives. On the other hand, by loosening the check, I open the up the flood gates for spambots, which is not really something I am keen on.

As default Sendmail listens to each ip address it can find on a host. if those are aliased and not separate interfaces, mail will always be send and received from the main address (eth0 on Linux). This is less than optimal in case you have a couple of ip addresses to play with and like to separate services from ip addresses that are primarily meant to serve web pages. Ideally we have ip addresses in different subnets and are able to select the least troublesome ip address for sending and receiving mail, which is not listed on any blocklist or reveals a history of spam from its previous owner in search engines. The goal of this article will be to configure sendmail in a way, that it only listens to one interface and uses it for sending and receiving mail, pretending to the outside world to be a separate server and revealing less about our server setup. The example refers to Debian Linux, but should work similar on other Linux flavours, too.

Assumed we want to use the ip address 10.10.0.1 as main “mail interface” but at the same time make sure that local mail submissions (daemon notifications on root via loopback) are still working as expected, than we can add the following entries to sendmail.mc:

DAEMON_OPTIONS(`Addr=127.0.0.1, Family=inet, Name=MTA-v4, Port=smtp')dnl
DAEMON_OPTIONS(`Addr=127.0.0.1, Family=inet, Name=MSA, Port=submission')dnl
DAEMON_OPTIONS(`Addr=10.10.0.1, Family=inet, Name=MTA-v4, Port=smtp, M=bh')dnl

Our loopback will now listen on two ports, because on Debian submission is used by daemons to send their notifications to root. This may be Debian specific and other Linux distributions may not require the submission port to be open for local mails. The address used for communication with the outside world features two “Modifier” flags. These flags tell Sendmail to use the same interface and its hostname for sending and receiving email. Mind the order, you cannot mix different interfaces as this will result in at least one of them not getting started at all. Best is to group them by address and port number.

In order to make these changes take effect, you need to switch into the /etc/mail directory and run make. This will update the residing configuration files accordingly. After that you should change to /etc/init.d and restart sendmail. If everything was working as expected, you should be able to see something like this when typing netstat -an

tcp        0      0 127.0.0.1:25          0.0.0.0:*             LISTEN
tcp        0      0 127.0.0.1:587         0.0.0.0:*             LISTEN
tcp        0      0 10.10.0.1:25          0.0.0.0:*             LISTEN

In case you still see sendmail sitting on all interfaces, check whether the previous Family=inet lines, that did not specify any addresses are still around. In case they are you need to remove them, switch to /etc/mail, run make, change to /etc/init.d and restart sendmail again.

The Japanese On-Li netlabel appears to have closed its shop as only a Sakura advertisement for server plans will show up where the label’s site used to be located and none of the links are working any longer. This is rather sad news, as I liked their most recent release by Daenn. Yet a favourable review about an unavailable download is not really to anyone’s benefit. Therefore I shall wait a few days to see whether the page will resurrect from the death and if not I shall modify the download link to a location on my server, so those who want to have the release can download it, even if the label is no more.

Update: The label is back again and and so are all the releases.

Everybody has some words one loves to misspell, like for instance “seperate” instead of “separate”. As long as these typos occur within the document body, they are easy to correct, but once the document name itself has been misspelt and was spidered this way, simply renaming may result in people getting a 404 error as search result, rather than the desired information they were looking for. This is of course not what a sensible webmaster wants, especially if the document is ranking well for its relevant keywords in search engines, therefore the best solution on an Apache server is to utilise a set of Rewrite Rules to remedy the problem:

Let us assume the site www.example.com has a popular page with the path

http://www.example.com/seperate-code-from-gui.php

and we want it to look like

http://www.example.com/separate-code-from-gui.php

then the best would be to check for requests containing the misspelt word and permanently redirect them to the corrected version. This can be realised with the following Rewrite rule:

RewriteEngine On

# typo handling
RewriteCond %{THE_REQUEST} seperate-
RewriteRule (.+)seperate(.+)$ $1separate$2 [R=301,L]

Best served with ice and within the <directory> section of a virtual host or the .htaccess file of your choice ;-). Please note, that the line RewriteEngine On should only be added in the event of its absense. If it has already been added, there is no need for any redundancy.

So what does this funny thing do? The Rewrite condition checks whether a request contains the misspelt “seperate” expression followed by a dash. In case it does, the Rewrite rule is applied and a permanent redirect (301) to the corrected spelling will be performed. Because of the redirect, it does not make much sense to continue with any further checks, therefore the “L” (=last) flag is used to stop parsing more rulesets. As you may have noticed two expressions in brackets are used in the Rewrite rule, both of which contain captured data that must not be altered. They are called back references for that matter and are stored in variables, that have been assigned in the order they appear (read from left to right) and can be used in any order you see fit for in the replacement string.

By now, both bots and visitors will be directed to the right document, no matter what spelling was used. This is of advantage whenever people had linked to the previous spelling. Additionally, we tell search engines with a 301 redirect to permanently replace the obsolete uri with the new one. Yahoo is a special case, whatever it has fetched once will remain forever in its index, thus a lot of patience or prior dictionary checking for the correct spelling is required ;-).

Not all email addresses can be concealed from visitors passing by on our site. Ideally a webmaster should be reachable with a visibly attached email address so he/she can be notified of potential problems, ranging from spam to legal issues such as copyright infringement. By the time an email address is exposed on an easily accessable site, however, it is prone to being spidered by spambots and will inevitably lead to the webmaster being delighted with unsolicited pi11s, p0ker and pr0n offers. User Agent or Ip based filtering does not entirely solve the problem, because a User Agent can be easily forged so it will look like an average browser and if the spammer uses his home connection for data gathering there’s no way to tell him/her from legitimate visitors. In a situation like this, disposable email addresses that forward messages to one’s actual accounts come in pretty handy, as they can be deleted and replaced by a new one, once the spam threshold has surpassed the webmaster’s patience level.

On of these services is Spambob: Spambob comes in three flavours to satisfy one’s particular needs:

spambob.org addresses like example@spambob.org can be arbitrarily specified without registration, any mail for this address will be immediately deleted on the server, thus they are only useful for processes that do not require a confirmation.

spambob.com addresses like example@spambob.com can be arbitrarily specified without registration, too, but messages for an address are kept for at least seven days on the server. There is a query mask allowing you to review incoming messages for the account in use. Note that these addresses are not suitable for private or confidential messages as they can be viewed and fetched by anyone.

spambob.net addresses like example@spambob.net work exactly like casual forwarders: You specify the account name and an email address where your messages will be forwarded to, receive a confirmation mail to that address and once confirmed the address will be ready to go. Contrary to the previous addresses these ones do ensure privacy and can only be viewed by the actual user, so they are ideal whenever addresses have to be exposed in public but inquiries have to be kept confidential. Once an account gets flooded with spam it can be deactivated by going to the Spambob site and following the same procedure as during the registration, with the difference that “Deactivate forwarding” has to be selected as option.

There is no limit regarding the number of accounts to be created, so you can use multiple accounts for each website, pretty handsome for analysis of the spam’s origin. And the best of all, the service is entirely free. I have been using this service for quite a long time now and have been happy with it so far, because it keeps my actual email addresses safe from harvesters.

Update: It appears that some time around March the service gave up its ghost and went away to meet its maker, as since then the servers have no longer been reachable. So those who still had redirectors in use may found themselves in the inconvenient situation that all the mail that was supposed to reach the inbox is now lost in Nirvana.