Email commonly includes the sender’s address in two places. The From header in the message body is the one that most people are aware of, and this is the address that email recipients see. However, the sending mail server also adds a Return-Path before the message body. Recipients don’t generally see this address, but it is important for two reasons. First, it is used in a number of anti-spam checks. Second, it’s the address that typically receives non-delivery reports if a message can’t be delivered for any reason.

Here’s how to set up a VPN that has all these features:

• Works natively on iOS
• Doesn't require you to manage certificates or keys
• Automatically connects when your device is online

It should also work on Windows, macOS, and Android via the StrongSwan app, but I haven’t tested it. Please post about your experiences using this guide with other devices in the comments!

At some point in the last few months, ProFTPd stopped working on several of the servers we maintain. Since it was working before, we didn’t change any of the configuration files, and it stopped working on several servers independently, I’m guessing that this was due to a change in the default config of ProFTPd, or at least the Debian Jessie version of ProFTPd. There’s an easy workaround but not a real solution at time of writing.

Windows versions prior to Windows 8 cannot view the content of CD/DVD images such as .iso files without the use of an external program. A long time ago I used to use a free program called Daemon Tools to open/mount CD image files. Nowadays there are several alternatives out there, but nearly all of them seem to have issues on Windows 7. Old versions of Daemon Tools don’t work. Newer versions allegedly include browser toolbar spyware, as do most other free alternatives.

Here’s how to encrypt a single file using a password and a salt:
openssl aes-256-cbc -salt -in filename -out filename.enc -base64
Type a strong password when prompted.

Here’s how to decrypt the same file:
openssl enc -d -aes-256-cbc -a -in filename.enc -out filename
You’ll need to re-enter the passwod that you used to encrypt it.

If you want to encrypt multiple files, combine them into a tar or zip archive before encrypting them.

Building a small Linux cluster is a lot simpler than I thought it would be. That said, there are a number of snags and pitfalls along the way, and it’s hard to find a comprehensive and up to date set of instructions online. There are also different approaches, either doing everything manually or using a system such LTSP. This post describes my experiences setting up a cluster manually.

After spending a long time trying to work out why some pings were randomly dropped between hosts on different segments of a virtual LAN connected by a transparent IPsec VPN tunnel, I discovered that the MTU for the underlying connection on both ends of the VPN should be set the same. The default for ADSL is usually 1492, whereas 1500 is frequently used for other connection types such as cable or fibre. When I changed the settings at both ends to 1442 (allowing some overhead for IPsec) then the random ping loss stopped.