Nicholas Skinner

Introduction

I was initially looking into off the shelf hardware, however was unable to find any readily available equipment (to the hobbyist market in low quantities) that was reasonably priced, and fit the requirements. Therefore partly as a personal project, and partly in preparation for a possible commercial product I decided to put together a prototype active RFID tracking System.

The solution I came up with is based on 3 main hardware components, and 5 software components. It utilises mesh networking meaning that only a single reader needs to be physically connected to a PC, all other readers just require power.

Hardware:

• Tags – Carried around / placed on assets to be tracked.
• Reader Nodes – Placed around the area where the assets need to be tracked in.
• PC Reader – Connected to the PC, receives data from reader nodes and sends it to the PC.

The main hardware component used is the Synapse RF Engine, a 2.4 GHz transceiver module with built in support for running Python scripts, 2 UARTs, a number of GPIOs, and a 2.5uA low power mode.

Software:

• Tags – Software running on the tag to send out a “ping” at a defined interval, then put the “tag” to sleep before sending another ping.
• Reader Nodes – Software running on the reader node hardware to listen for tag “pings”, and after receiving a ping, send the tag ID, reader node ID, and received signal strength to the PC Reader.
• PC Reader – Software running on the reader hardware to receive data over the air from the many reader nodes and forward it to the serial / USB interface.
• PC Serial to HTTP data forwarder – Software running on the PC that listens for data from the serial / USB connected PC Reader, and forwards that data via HTTP to a server.
• Location tracking processing / display GUI – Web based software to process the tag data into a location, and display it on a map.

The software consists of Python used by the Tags, Reader Nodes, PC Reader. C# used by the “PC Serial to HTTP data forwarder”, and PHP, HTML, JavaScript, SVG used by the “Location tracking processing / display GUI”.

Video showing simulation of tracking between 8 rooms, using 5 tags. For real life demo showing a single tag moving between 3 rooms see below.

System Design

The system was originally designed around the principle of Trilateration. Reader Nodes are placed at fixed known positions around the room / rooms containing tags that need to be located. As long as a tag is within range of at least 3 reader nodes the tags position can be calculated by using the signal strength of the tag to each of the 3 nearest readers. However this approach turned out not to be very feasible since past around 2 meters the signal strength started fluctuating in a seemingly unpredictable way. It may be possible to predict / error correct for the fluctuations however I opted to go for a simpler approach of just plotting tags next to the reader with the highest signal strength (the one they are nearest to). This now means that readers need to be placed in each room (ideally centrally) where tags need to be tracked and it is only possible to determine a tag is in a room, and not its position in that room (although it is not used the original trilateration code has been left in the download).

Using a two part system of sending the tag data to a web server (via a locally run data forwarding application) then displaying it back to clients in the browser has a number of advantages:

• Main application processing / display logic can be maintained in a single central location for one or more deployments.
• Location display / viewing GUI is cross platform (can be accessed via most modern browsers the have support for SVG excluding Internet Explorer).
• No software to install on client PCs viewing the map.
• Multiple users can logon and view the map at the same time.

The use of mesh networking means that only a single device needs to be directly connected to a PC, all the others just need to be within range of any other unit that itself is either close to the PC, or close to another reader that is close to the PC. The makes setting up the system much easier as there is no need to wire each node to the PC / the network or have a PC next to each node. The nodes just require 3V power.

Tag Hardware

Parts List

Per individual tag

Qty	Name	Supplier	Cost (£ GBP)
x1	Pocket Card Enclosure	Teko PC.4	3.56
x1	RF100P86 Synapse RF Engine	Future RF100P86	15.09
x1	VBH2032-1-LF Battery Holder	Farnel 1216359	0.84
x1	CR2032 Battery	Rapid 18-0386	0.88
x1	Small Stick On Feed (sold in packs of 4)	Maplin FE32K	0.89
x1	Large Stick On Feed (sold in packs of 4)	Maplin FW38R	0.89

Note: I used a CR2032 battery from Rapid however both Farnel, and Future also have a selection available from various manufacturers.

Building The Tag

I choose the Teko Enclosure because of its compact, credit card size. Unfortunately however this meant that the RF Engine would not fit vertically inside. I could have used one of the alternate form factor modules (sold by companies such as Panasonic that also support the Synapse firmware) however having the pins broken out is actually useful for updating the tag Python software / firmware at a later date. I therefore decided to bend over the pins, allowing one side to be plugged into the evaluation board as normal (albeit it a much looser fit) and the other to be plugged into the IDC header via an extension cable. I tried a number of approaches to bending over the pins, including bending them all at once using pliers, and trying to bend them against a flat surface, neither proved very fruitful. In the end I found the best approach was individually bend each using the tip of the pliers.

In terms of wiring things are fairly straight forward, pin 24 on the modules goes to (-) on the battery holder, and pin 21 to (+) on the battery holder. I soldered to the top of the module to avoid obstructing the pins meaning they can still be plugged into the evaluation board/extension cable for reprogramming. I also used some heat shrink tubing to tidy things up.

To secure the module in the enclosure I used two small stick on feet on the module itself, and two larger stick on feet to wedge the battery holder into a corner of the enclosure.

Not being as adept as I could be with finding productions on Digikey’s site I took the approach of ordering two parts (3M1324-ND, SAM1242-12-ND) really designed for PCB mounting and soldering a ribbon cable to them. A better approach (if such parts exist) would have been to purchase connectors that can mount directly to ribbon cable (therefore requiring no soldering), and to purchase suitable sized ribbon cable to fit.

Note: If you are going to use the same approach I did and solder the connections then ensure the solder does not leak into the socket, otherwise it will not be possible to plug it in to the evaluation board.

Reader Node Hardware

Parts List

Per individual reader – at least 3 reader nodes are required

Qty	Name	Supplier	Cost (£ GBP)
x1	50mm x 50mm x 20mm ABS Box	Maplin N53FK	1.59
x1	RF100P86 Synapse RF Engine	Future RF100P86	15.09
x1	2.1mm DC Socket	Maplin JK09K	1.69
x1	Regulated 3V DC 400mA Power Adapter	Maplin MG76H	7.99

Building The Reader Node

As with the tags in terms of wiring, the reader nodes are fairly straight forward, with pins 21 and 24 going to the appropriate connections on the DC plug.

As with the PC reader it would be possible to use the “SNAPstick USB Module Interface” to avoid the soldering work, and in this case a USB power supply e.g. plug form or cabled form would also be required.

Using the Maplin N53FK box I found the modules only just fitted alongside the DC Plug, I had to remove one of small plastic mounting stands in the box to make it fit. The other small mounting stand served to secure the module in the box with one row of pins on the module fitting between it and the outer case wall. After the module and DC plug were fitted inside the box some space remained between the top of the module and the top of the box, therefore I used a single packing peanut to secure things. Something like hot glue could also be used however the packing peanut means the modules can quickly and easily be removed and put back into the box, e.g. for reprogramming (however generally it would be possible to reprogram them over the air).

Note: If you are looking for additional range the Synapse RF100PC6 (including a transmit amplifier) or RF100PD6 (including a transmit amplifier and allowing connector of an external antenna) may be more suitable for the both the PC reader, and reader nodes.

PC Reader Hardware

Parts List

Qty	Name	Supplier	Cost (£ GBP)
x1	50mm x 50mm x 20mm ABS Box	Maplin N53FK	1.59
x1	RF100P86 Synapse RF Engine	Future RF100P86	15.09
x1	TTL-232R-3V3 USB to Serial (3.3v level) Cable	SK Pang	18.98
x2	LP2950ACZ-3.0 Voltage Regulator	Farnel 1685546	0.64 ea
x1	6 Way 2.54mm Molex Header	Rapid 22-0846	0.48
x1	Cable Tie

Building The Reader

To simplify the process of linking the 3V Synapse module to the PC (i.e. avoid using a MAX232 and the extra PCB / wiring that would involve) I used a 3V FTDI USB to serial cable. The USB end plugs straight into the PC and provides a virtual serial port, the other end connects to the UART pins on the Synapse module. In terms of power, to avoid the need for an external power supply I used an LP2950ACZ-3.0 Voltage Regulator to convert the 5V power provided by the USB port / FTDI cable to the 3V needed by the module. The LP2950ACZ-3.0 however is only rated for 100mA therefore I used two in parallel to provide 200mA (the Synapse RF Engine datasheet quotes a transmit current of 110mA and a receive current of 65mA).

To save some of the work involved in building the readers a SNAPstick USB Module Interface (as included in the evaluation kit), and a RF100P86 could be used instead however it would still require a suitable enclosure, and USB extension cable bringing the cost to ~50 GBP per reader.

[View: Module Wiring | Connector Wiring | Connector & Module]

Tag Software

The Python tag software is fairly straight forward, it performs 5 main functions:

1. Set transmit power level for the tags.
2. Initialise GPIOs to optimise current consumption in sleep mode.
3. Turn off relaying of messages for other devices in the mesh network (it will only be powered up for a small amount of time every specified interval therefore this would not be very useful, also it may use up extra current).
4. Send out a ping (via multicast RPC) to any reader nodes in range with the tag id, and a TTL of 1.
5. Go to sleep for e.g. 10 seconds.

Specifying a TTL of 1 on the multicast RPC call causes only readers that are directly in range of the tag to receive the ping, otherwise by default any nodes not in direct range of the tag would be forwarded the call from readers that were. This would mean it would not be possible to work out which reader actually communicated with the tag directly and which communicated 2nd hand.

The software is loaded onto the tag via the Synapse “Portal” application available for Windows, Mac, and Linux, also included with the evaluation kit.

When programming the tag you should plug it into the evaluation board rather than run it on battery and program it over the air because leaving the module on the workbench un-programmed, even for just a few minutes will quickly drain the small battery (15mA when idle according to the datasheet) and 40mA / 110mA when receiving / transmitting.

[Download: Python Source]

Reader Node Software

The reader node Python software is responsible for receiving a multicast ping from the tag, and then forwarding it back to the module connected to the PC, along with the signal strength of the tag that sent the ping, and the id of the reader itself. Thanks to the SNAP (Synapse Network Appliance) protocol the intricacies usually involved with using a mesh network are all abstracted away from the programmer meaning it can be done in only 2 lines of code (excluding comments, variables).

[Download: Python Source]

PC Reader Software

The PC Reader Python software handles receiving data from the reader nodes (which themselves receive data from tags). It initialises the serial port, connects UART 1 (itself connected to the FTDI cable, which appears as a virtual serial port on the PC side) to STDIN/STDOUT (i.e. meaning that any Python “print” statements cause that data to be sent over the UART to the PC), and then initialises it to 9600 baud. The software prints the tag ping data to the serial port (after decoding the hex values to plain text).

Example: 003c02,001a06,57
(i.e. [tag id],[reader id],[signal strength]

If the tag that sent the ping is in range of e.g. 4 reader nodes at that time, 4 lines will be received with the same tag id, but different reader ids, and varying signal strengths depending on which reader nodes the tag is closer to.

Note: There is not a command / function to send data to the UART, Python access to it is available only by e.g. cross connecting the UART with STDIN/STDOUT.

[Download: Python Source]

PC Serial To HTTP Data Forwarder

The data forwarding application listens for data on the virtual serial port created by the FTDI adapter, and sends it to a HTTP server via HTTP Post. The local “COM Port” (e.g. COM 6) and remote servers HTTP address (http://www.example.com/locationtrack/?p=clientapi&password=track111) running the server software should be specified. If no HTTP server API address is specified tag data will be logged to the screen only (useful for debugging / testing).

It does not simply pass data straight through to the web API however does some initial processing, firstly in order to minimise HTTP requests (improve performance), and secondly in order to group tag pings together based on a 1 second time limit (something that would be otherwise unnecessarily complex to do on the web application side). It is assumed a tag is in the same location when any reader reports seeing that particular tag within a 1 second window from when the tag was first seen by any reader.

The application includes an “Auto Connect” checkbox which will cause it to automatically open the connection to the serial port when the software is loaded.

Note: One of the selling points of using the Synapse module (Python / high level language / RPC) based solution is the ease of use of it, everything is very much simplified for the programmer over other options such as perhaps using a Nordik nRF24LU1, and controlling it over I2C with an AVR in “C”. However this does bring with it additional licensing costs if you use over 6 modules on a network at a time using Portal. Therefore I coded a custom client side data forwarding application, rather than loading a Python script into Portal to do this and using RPC calls which would have been a simpler solution. In terms of deployments using the C# application also simplifies things avoiding the need for Portal to be installed / configured, the C# application just requires setting the COM port and URL.

The .net framework is required to run this application, it is available from Microsoft Update or as a download from microsoft.com.

C# Express Edition is available for free from Microsoft for viewing / editing the source code.

[Download: C# Source | Application Executable]

Location Tracking Processing / Display GUI

Coded in PHP this part of the code is responsible for accepting data from the HTTP Data Forwarder, converting the signal data into a location on a map, saving the data to a MySQL database and displaying it to one of more users viewing the map. The frontend is coded in JavaScript and SVG (using the jQuery SVG plugin). AJAX is used to poll the server for tags that have moved and JavaScript / SVG is used to dynamically animate them to their new positions on screen.

When the map is first loaded the tags will animate from their last 2 positions coming to rest at the current live location. JavaScript code has been written to ensure that tags are not placed on top of each other but rather clustered around the closest reader.

Support is provided on GUI for adding maps (one or more), readers, tags, and users (who can login) to the system.

[Download: PHP Source]

[View: Demo]

Video showing a single tag moving around the map plan diagram corresponding to its real world location in one of 3 rooms. The tag ping interval was set to 3 seconds.

Video showing failed attempt to use trilateration to determine the unknown position of tag using the known position of 3 readers, and signal strengths to them.

General Notes

I would suggest purchasing the Synapse Starter Kit (Future Electronics), since although modules are programmable over the air, a serial connection is required in some situations such as deleting running scripts that are in an infinite loop, or have disabled the RF interface used by the “Portal” software for uploading new software.

Synapse Wireless software, and documentation is available from the Synapse forum.

Download All

Includes all project files as linked individually above (Tag Python, Reader Node Python, PC Reader Python, C# Data Forwarder Source, Data Forwarder Binary, PHP Processing / Display application).

[Download: All Code]

Issues

• With the non trilateration approach of placing tags nearest to the highest signal strength reader, readers need to be carefully situated, particularly if they are in different sized rooms adjacent to each other in order to avoid false readings.
• If building the readers again I would use a different type of DC socket, as the one chosen was fairly loose when used with the 3V adapter plugs.
• I was expecting to achieve a longer battery life, as it stands battery life is around 1 week for a 10 second ping interval, and around 2 days for a 3 second interval on the CR2032. In terms of increasing battery life the main options would be decreasing the ping rate (therefore increasing the sleep time), or going for a different battery however this would likely require a larger form factor enclosure.

OpenBeacon Suitability

At first glance OpenBeacon hardware (as used at conferences such as the CCC’s 24C3) would appear to be an ideal choice, their website even mentions it is “meant to be used as a reference platform by hardware and software developers”, however the more I looked into it the more it did not seem suitable for my particular requirements:

• Form factor of 20 EUR white tags is not particularly ideal (open circuit board / battery).
• Keyring tags are available however they cost 25 EUR each + 5 EUR for the case, i.e. 30 EUR in total per tag.
• USB readers are available for 85 EUR however require a PC by each reader, not particularly suitable for even a small deployment with e.g. 4 or 5 readers.
• Ethernet readers are available but at a cost of 340 EUR’s they are somewhat expensive and still require a network cable to each, not ideal.
• Readers are not able to provide received signal strength but rather rely on the tags broadcasting at a set (limited) number of power levels meaning a position can not be calculated as accurately as it may otherwise.

Other Projects

If you are interested in this project you may find these others also of interest: Parallel Track, a free (for personal non commercial use) server side vehicle tracking application coded in PHP designed to be used with Python supporting Telit hardware modules running the embedded TModSoft software (firmware). Track Any Mobile, a web application for mobile phone tracking using the MSC (MSISDN) available using an SS7 API provider.

Finally got around to writing up / making available for download a number of projects that I have for sale. Some are new such as Takeaways Direct, and some I have had around for a while such as Parallel Track but have not made the source code available before:

• Takeaways Direct – An online restaurant and takeaway ordering application coded in PHP.
• Parallel Track – A vehicle tracking application coded in PHP, available (currently) at no cost for personal non commercial use (commercial use requires a license).
• Telit Module Remote Update Script – A Python application that can be integrated into your own Python applications on the Telit Modules to enable remote software updates via HTTP and GPRS.
• Animal Tracking Script – A Python application for the Telit modules suitable for animal GPS based tracking. It can however also be used in any situation where low power consumption / batter operation is required.

Setting up Apache securely for multiple system users each with their own domain name(s), and subdomains on CentOS 5.

This post is a follow on to: Setting Up Exim Mail Server For Multiple Domains, it describes the configuration I am currently running on my own server for web hosting.

I looked into various options, and in terms of balancing features (i.e. not restricting the functionality that can be used in PHP), security (not using e.g. PHP Safe Mode that is no longer recommended, or requiring 777 permissions on directories that need to be writable), install complexity, and maintainability for CentOS 5 this seemed to be the best approach. All software is sourced from standard CentOS repositories therefore can be installed / updated easily via “yum”. The trade-off of this approach is performance, PHP is running as CGI therefore will not be as fast as using PHP as a module or using something like FastCGI.

To keep things secure each person who is in control of a particular domain name/names will be setup with a single user account on the system. The hosting space for these domains will then be placed in that users home directory. This approach has the advantage that there is not a direct link between domains and user accounts, meaning that a (perhaps more traditional) one domain per user account approach can be taken but also has the advantage that if a single person has multiple domains they can all be setup in a single user account meaning there is no need to e.g. setup multiple SSH/SFTP/FTP logins on the client side, and on the server side those domains can access each others files/resources without any permissions issues, or alternate workaround being needed. Each user account has a single Apache configuration file meaning a single place to e.g. setup a WordPress MU install for a specific user on the system.

Install Packages

1. Install Apache:

   yum install httpd

2. Install PHP, and any additional PHP extensions you need:

   yum install php
yum install php-gd
yum install php-mysql
yum install php-mbstring
yum install php-imap
yum install php-soap
yum install php-xml

Configure Apache

1. Set the daemon to start on bootup, and start the service:

   chkconfig httpd on
service httpd start

2. Create directory to hold virtual host configuration files:

   mkdir /etc/httpd/virtualdomains
chmod 700 /etc/httpd/virtualdomains

3. Create directory to hold virtual host log files:

   mkdir /var/log/domlogs
chmod 701 /var/log/domlogs

4. Add the following in at the end of your “/etc/httpd/conf/httpd.conf” file:

   #Turn off default following of symlinks (will turn it back on later as SymLinksIfOwnerMatch)
<directory />
Options -FollowSymLinks
</directory>

   #Provide default install page
   <LocationMatch "^/+$">
   Options -Indexes
   ErrorDocument 403 /error/noindex.html
   </LocationMatch>

   #Allow system users to make use of various options such as SymLinksIfOwnerMatch (for mod_rewrite etc) in their .htaccess files
   <Directory /home>
   Options +Indexes +SymLinksIfOwnerMatch
   AllowOverride FileInfo AuthConfig Limit Indexes
   </Directory>

   #Enable PHP (only for .php extension), and add it to pages considered as index
   <FilesMatch \.php$>
   SetHandler application/x-httpd-php5
   </FilesMatch>
   AddType text/html .php
   DirectoryIndex index.php

   #Virtual hostnames
   NameVirtualHost *:80

   #Default page for domains not setup
   <VirtualHost *:80>
   DocumentRoot /var/www/html
   </VirtualHost>

   #Include all the individual virtual host configuration files for processing
Include virtualdomains/*.conf

5. Comment out everything in “/etc/httpd/conf.d” this default file runs PHP as a module.

6. Restart Apache such that it reads in the new configuration:

   service httpd restart

User Account Setup

Follow this setup process for each system user account that will be hosting a website / websites.

Note: The system user account “nstech” is used in this example, it is assumed this system user has already been setup using e.g. “useradd nstech”.

1. Create a file (will be blank initially) to hold Apache virtual host configuration:

   touch /etc/httpd/virtualdomains/nstech.conf
chmod 644 /etc/httpd/virtualdomains/nstech.conf

2. Allow all system user accounts (inclusing the “apache” user account) to recurse the directory tree:

   chmod 711 /home/nstech

3. For security reasons suEXEC has a number of restrictions on what it will allow to be executed, therefore each user will need a copy of the PHP binary that has its “user” and “group” set to that accounts username, has appropriate permissions, and is placed in a suitable directory such as “/var/www/cgi-bin” (suEXEC has a hard coded path that it is not possible to change without recompiling). However copying PHP for each user is inefficient, therefore e.g. a bash script can be used that then calls the PHP binary itself:

   mkdir /var/www/cgi-bin/nstech
chown nstech:nstech /var/www/cgi-bin/nstech
chmod 755 /var/www/cgi-bin/nstech

   /var/www/cgi-bin/nstech/php-cgi.bash
   ------------------------------------
   #!/bin/bash

   /usr/bin/php-cgi "$@"

   (script from Stuart Herbert's PHP Blog)

   chown nstech:nstech /var/www/cgi-bin/nstech/php-cgi.bash
chmod 755 /var/www/cgi-bin/nstech/php-cgi.bash

4. Create a directory to hold all log files for the users domains:

   mkdir /var/log/domlogs/nstech
chmod 750 /var/log/domlogs/nstech
chown root:nstech /var/log/domlogs/nstech

Domain / Subdomain Setup

Follow this process for each new domain or subdomain that will be setup in a users account.

Note: The domain name “www.ns-tech.co.uk” and user account “nstech” are used in this example

1. Create a directory on the file system that will serve as the webspace for the domain being setup, and set appropriate permissions:

   mkdir /home/nstech/www.ns-tech.co.uk
chmod 750 /home/nstech/www.ns-tech.co.uk
chown nstech:apache /home/nstech/www.ns-tech.co.uk

2. Create (initially blank) log files for the user, and give the user permissions to view them (e.g. read them via PHP scripts or SSH).

   touch /var/log/domlogs/nstech/www.ns-tech.co.uk-error_log
chmod 750 /var/log/domlogs/nstech/www.ns-tech.co.uk-error_log
chown root:nstech /var/log/domlogs/nstech/www.ns-tech.co.uk-error_log

   touch /var/log/domlogs/nstech/www.ns-tech.co.uk-access_log
   chmod 750 /var/log/domlogs/nstech/www.ns-tech.co.uk-access_log
   chown root:nstech /var/log/domlogs/nstech/www.ns-tech.co.uk-access_log

   touch /var/log/domlogs/nstech/www.ns-tech.co.uk-bytes_log
chmod 750 /var/log/domlogs/nstech/www.ns-tech.co.uk-bytes_log
chown root:nstech /var/log/domlogs/nstech/www.ns-tech.co.uk-bytes_log

3. Append the virtual host configuration onto the existing virtual host configuration file for this user:

   /etc/httpd/virtualdomains/nstech.conf
-------------------------------------
<VirtualHost *:80>
SuexecUserGroup nstech nstech
DocumentRoot /home/nstech/www.ns-tech.co.uk
ServerName www.ns-tech.co.uk
ServerAlias ns-tech.co.uk
ErrorLog /var/log/domlogs/nstech/www.ns-tech.co.uk-error_log
CustomLog /var/log/domlogs/nstech/www.ns-tech.co.uk-access_log combined
CustomLog /var/log/domlogs/nstech/www.ns-tech.co.uk-bytes_log "%I %O"
Action application/x-httpd-php5 "/cgi-bin/nstech/php-cgi.bash"
</VirtualHost>

4. Restart Apache such that it reads in the new configuration:

   service httpd restart

Note: As far as I am aware the setup process described is reasonably secure however as with securing anything somewhat complex such as PHP, with Apache, and multiple system users but still allowing a reasonable amount of functionality there are a number of thing to consider. You are advised to test the security of this setup yourself in case I have missed something. Any issues please leave a comment below.

I was recently asked to put together a high spec’ computer primarily for gaming.

I usually use Intel motherboards, and since the recipient was keen on a processor using the LGA 1366 socket this meant the DX58SO X58 Express Chipset board was the only option.

I went with the following components:

Component	Name	Cost (£)
Case	Evercase Giga ECE4252	14.95
Hard Drive	500GB Seagate Barracuda 7200rpm	79.55
Motherboard	Intel DX58SO Extreme Series	187.55
Memory	3GB Corsair Dominator 1600MHz DDR3 Kit	71.21
Graphics	Gigabyte GV-N98TSL-1GI Fanless 9800GT 1GB	109.00
Processor	Intel Core i7-920 ‘D0 Stepping’ Quad Core	217.30
CD/DVD	Sony DRU-870S 24x DVDRW	28.26
Rear Fan	Scythe Kaze Jyuni 1900RPM Slip Stream 120mm Fan	8.80
Front Fan	Arctic Cooling Arctic Fan 8L, 80mm Quiet Rear Cooling Fan	2.60
PSU	Zalman ZM600-ST 600W	69.95
	Total	789.17

I first started running my own dedicated server a number of years ago. At the time I was not particularly impressed with the control panel software available (Plesk, cPanel) as it seemed to somewhat take over the server and then meant that if you had any custom requirements there was always the extra task of checking if they were possible to do with the control panel / how to do them in a way that was compatible with the control panel. Also there was the extra cost of licensing the control panel software. I therefore decided to configure the server from scratch.

This post discusses setting up SMTP services using the Exim mail server software in a virtual hosting environment with support for:

• Multiple domains
• Multiple accounts (mailboxes)
• Catch all accounts
• Authenticated SMTP relaying
• Forwarding
• Forwarding to multiple addresses (lists)
• Forwarding of messages to system users to external accounts
• Bouncing email with/without a custom message
• Blackhole’ing email
• Using Postini spam filtering (blocking email sent directly to the server)

The server was setup such that there were several “customers” who each had their own user account on the system. Mail for accounts is stored in users home directories under “/mail”. Each customer can have one or more domains.

Background

Exim is very powerful however unfortunately that power comes at the cost of complexity in terms of setting things up. Its not just a case of point and click, or adding a line to a text file for new accounts, you first have to actually setup the rules in Exim that tell it (e.g. in the case of accounts) to accept messages from domains hosted on the server in the ACL, “route” that mail to a custom “transport”, configure the transport to (depending on recipients address and domain) lookup where to store the new mail on the server.

After a reasonable amount of time spent both reading the Exim documentation and searching on the Internet I was able to come up with a configuration supporting the above features centred around the following text files / directories:

• “/etc/exim/authrelay” – A list of usernames/passwords allowed to relay mail.
• “/etc/exim/userdomains” – A list associating domains back to user accounts on the system.
• “/etc/exim/domains” – A directory containing files for each domain name that themselves contain a list of mailbox accounts for that domain.
• “/etc/exim/virtual” – A directory containing files for each domain name that themselves contain a list of forwards (including catch all, bounce, blackhole) for that domain.
• “/etc/exim/postini_filtered” – A list of domains where mail should only be accepted for delivery from the Postini spam filtering service.
• “/etc/exim/userforward” – A list of local system user accounts for which mail should be forwarded to alternate accounts to cater for system services such as cron which by default send results of commands run to e.g. useracctname@localhost.

I recently had a requirement come up for a web application involving communicating a certain set of information over the telephone and receiving a response from the party on the other end acknowledging receipt of that information. I looked into various possibilities, the main one being Asterisk “the world’s leading open source PBX” (according to their website) however that would have involved a reasonably amount of setup in terms of the server, a VoIP provider, and actually getting TTS (Text to Speech) working using e.g. Festival.

I therefore started looking into alternatives, and came across the following:

• AQL
• Messaging People
• CDYNE Phone Notify

I chose CDYNE Phone Notify, it basically provides a VoiceXML type service however it does not use the VXML standard.

See below for some of the advantages, disadvantages, and other things to note that I found when testing it out and integrating it into a PHP based web application:

Advantages:

• Straight forward to interface with via SOAP (I used PHPs standard SOAP extension).
• Easy to code scripts ranging from the simple to the more advanced.
• Advanced script can be interactive and dynamic, taking user input via DTMF, sending it to a server you specify via HTTP and then proceeding with the script depending on the response received from the server.
• Range of voice languages, ages, genders available.
• Retries calls automatically up to 3 times.
• Debugging via email containing log of what happened via the call.
• Possible to change voices, voice speed, and insert pauses as and when required during a call.
• Handles inbound calls*
• Can transfer calls back to the PSTN depending on user input*
• Possible to download converted TTS MP3 file*
• Can record speech over the phone*

* Not features I had a need for / tested.

Disadvantages:

• Charge is made even if calls are not successful, i.e. recipient does not answer (a limited number of retries are however available at no extra charge).
• I have heard more realistic TTS sounding voices, and eventually went with a US voice because they seemed clearer / easier to understand than any of the UK voices available, rates are reasonable / inline with other VoIP providers for the UK.
• They operate a payment system whereby your credit card is billed depending on your usage at the end of each month. This opens up the possibility of an application e.g. getting stuck in a loop and this resulting in a very large bill at the end of the month. A pre pay system would avoid this. However apparently they do monitor accounts for out of the ordinary usage levels.

Other things to note:

• Surcharge for international calls, as it is a US based service (however this is somewhat to be expected).
• Wiki contains all the documentation you need however it could be organised in a way that makes it easier to fine.
• Documented commands “StatusChangePostUrl” “MaxCallLength” do not seem to work when specified on the “NotifyPhoneAdvanced” SOAP call, only when specified on the script as “~SetVar(maxcallseconds|60)~” and “~\StatusChangePostURL(example.com)~”.

Overall although it has some disadvantages I was impressed with the features available from the CDYNE Phone Notify service and the ease at which they can be utilised in PHP.

I have recently been testing out the iPhone applications “Trails“, and “Every Trail” for recording bike trips, along with geo-tagged photos.

View Trail Recorded With:

• Every Trail
• Trails

Every Trail Features:

• Uses Google Maps (requires an Internet connection to show your position on a map).
• Shows current position only on map (not a track log) and shows where photos have been taken.
• Allows you to take a photo while recording the trip (however requires unlocking / relocking the application each time).
• Features seamless integration with the Every Trail website, with uploading of geo-tagged photos directly from the phone.
• Shows basic trip information.

Trails Features:

• Uses maps from Open Street Map (does not require an Internet connection – maps can be pre downloaded for specified areas / zoom levels over WiFi before you leave).
• Shows current position overlaid on map along with a track log showing where you have been.
• Can change map type to “Terrain + Cycle” to show some cycle trails depending on your location.
• Has handy default settings to choose from depending on if you are “Jogging”, “Hiking”, “Biking” or “Driving”.
• Allows you to take a photo while recording the trip (without unlocking / relocking the application each time – this significantly streamlines the process of taking photos).
• Can upload trips directly to the Every Trail website however does not upload geo tagged photos (photos must be manually uploaded).
• Allows basic editing for tracks directly on the phone (along with removal of inaccurate GPS readings, and labelling of waypoints).
• Has the ability to import GPX files (however the file I tried to import did not seem to work properly).
• Shows comprehensive trip information including speed/altitude graphs when you turn the phone sideways.

The ability of Trails to download maps on e.g. a fast WiFi signal before starting is a major advantage, and made navigation much quicker. With Every Trail you could otherwise be left with either no map in the case that there is no GSM signal, or having to constantly wait around for maps to be downloaded over slow GPRS (if you are in a remote location with no 3G). This is likely due to its use of less license restrictive Open Street Map mapping data. Use of Open Street Map also means some cycle trails are also available in Trails, and if it happens to show the route you are taking, then navigating it with your iPhone becomes a whole degree of magnitude more straight forward.

A major disadvantage with Trails however is that it is not very geo tag friendly – photos do not have any EXIF taken date, or EXIF latitude / longitude information saved to them. It is worth noting that photos taken with Every Trail also seemed to be similarly lacking in either an EXIF taken date or latitude / longitude however Every Trail appear to have somehow got around this issue in a way that Trails has not because it does not have the ability to upload photos directly from the phone. Every Trails handling of photos on the phone itself however is less than ideal. It shows an icon on the map of where you took the photo but I found this unnecessary, it also seems to slow down response time when viewing / moving the map. If I had taken any more photos this would have likely become more of an issue.

I thought the geo tagging issue with Trails may have been due to not having something configured correctly, however after checking the developers site he has a tutorial on how to geo tag photos using software on your PC or Mac. I am therefore assuming the application just does not support geo tagging. I used the “Geosetter” application recommended on the site, and the only way I could get photos taken on the iPhone to show up correctly was to set the photo taken datetime to the file creation datetime manually for every photo (photos taken using a Sony DSC W5 did not have this problem), a somewhat tedious and time consuming process, and then photos still had to be uploaded manually to the Every Trail website.

Both applications resulted in the battery draining much faster than it otherwise would however this was to be expected. Admittedly I did not follow the recommended advice of turning off WiFi and 3G, and turning down the backlight (may not be very feasible on a sunny day anyway) however if you are going to use either application for longer than 4 hours and need to make calls and still need to use the phone normally afterwards then you may need to look into an external battery pack or plug in battery booster.

Overall if your main goal is showing a trip with geo tagged photos taken with the iPhone, you can put up with the slightly longer winded approach to taking photos (unlock/relock phone each time) and you are not really going to be relying on the phone for navigation, the Every Trail iPhone application is the simpler, more straight forward approach.

If however you are looking for a much more polished, and feature complete application that can show you in real time a range of statistics, you will be using the iPhone for navigation, and either not taking photos, or using a separate digital camera (which you will correctly set the time in before departing) Trails is the better application.

I recently went to the Isle of Wight on holiday, and while there went on two bike trails which I recorded using the "Trails" iPhone application (see below). I am planning on posting a review of Trails versus Every Trail shortly.

Isle Of Wight – Yarmouth to Freshwater (Route 1)

Widget powered by EveryTrail: GPS Community

Isle Of Wight – Sunshine Trail (Route 13)

Widget powered by EveryTrail: Share GPS Tracks

Geo-tagged photos also available on Flickr:

When running an AdWords campaign part of the process for improving ROI often involves adding in a number of broad match keywords, then setting up Google Analytics and using the Override Bid Term Filter to find out the exact keywords that triggered a broad match. The end goal being to remove the broad match keywords and add in exact/phrase match keywords in their place which are usually both more effective (they are more targeted) and therefore more cost effective.

With a new campaign using Google Analytics is the simple solution however I recently took on the job of assisting a client who had already been running a campaign, but did not have the “Override Bid Term Filter” installed. They did however have Apache log files, therefore I wrote a PHP script to extract the search terms from the referrer reducing the cost of running a further broad match campaign in order to determine exact/phrase match keywords to bid on.

[Download]

I have been growing increasing frustrated with Microsoft Outlook which I have been using as my primary email client since around 2000.

• Often crashes, especially if used with IMAP accounts.
• Never shuts down properly (.pst files are ~2.5GB).
• Searching is very poor / slow.
• Generally does not seem to be very fast.

Switching to another application was therefore not a decision I took lightly, especially since with a number of different accounts (I am involved in a number of different businesses), it is handy managing them all in one place. Another reason for switching however was that they are mostly all POP3 accounts, and I recently purchased an iPhone which works better with IMAP than POP3.

I considered Zimbra however although there are hosted solutions available for individual users it does not seem to be primarily aimed at that market. I therefore decided to go with Google Apps. Google Apps supports using your own domain name e.g. “@example.com” rather than “@gmail.com”, along with calendar, and contact syncing to the iPhone. To set it up you just need to signup and switch over your MX records to Googles servers / verify you own the domain with Google (either setup a CNAME record or put a text file on your web server).

I am still in the process of moving over accounts to GMail and have moved 4 so far. I was hoping to just have a single GMail account however in the end this has not worked out. GMail does allow you to add multiple addresses to “Send mail as” and has a “Reply from the same address to which the message was sent” feature however some email clients such as Outlook 2007 will show “From yourusername@youmainmailaccount.com on behalf of yourusername@yourdomain.com” which does not look particularly professional. The other issue is that the iPhone does not seem to allow setting up multiple senders.

I have therefore currently setup two Google Apps accounts, one for my main email and 1 for my other 3 businesses. They are all liked in some way therefore it is not too much of an issue for mail to show the “on behalf of” line.

Setting up multiple Google Apps accounts I was expecting that cookies may prove to be an issue i.e. I might have to keep signing in/out of different accounts (or use the Firefox Profiles workaround) as you would if you have multiple regular Google Accounts, however it turns out this is not the case as cookies are handled on a path level / you login at e.g. “http://mail.google.com/a/yourdomain.com”

Setting up multiple GMail accounts however then leads to another problem, GMail Notifier only supports a single account. I am therefore planning on setting these account up in Thunderbird and running it just to get the desktop notifications (i.e. I will see the notification then login to webmail to take advantage of conversation view / searching etc).

I have been using GMail for a few weeks now and on the whole am very happy with it however there are a few issues I have experienced regarding sending executable program files via email, and backing up email.

GMail does not support sending or receiving .exe files via email, even in .zip files therefore I have resorted to setting up a send only account in Outlook for sending messages although have not yet found a way around the receiving issue (luckily however I generally do not receive many .exe attachments via email).

In terms of backups I looked into a few options however am not sure there is a perfect solution available at the moment. A common solution seems to be running Thunderbird and using the Work Offline Synchronise feature but this did not seem too elegant to me. I therefore looked into a few software applications.

• MailStore – Looks like the best however does not support automatic backups (scheduling) in the free version (paid version is 349 USD).
• Forwarding messages to another POP3 account, or using e.g. Fetchmail to retrieve them via POP3 is a possibility however does not preserve labels or sent items.
• g-archiver – A viable option however after their recent issue with sending peoples passwords to one of their developers I thought it was best to avoid.
• GMail Backup – I chose to use this in the end. It can be used from the command line and therefore easily scheduled however does seem to store messages with long names (as separate files) in a single folder which is not particularly ideal as I now have a folder with +6,000 files (mail for around 1 year as when switching to GMail I imported mail from Outlook) that is not great from a performance point of view.