How I made money with Open Source

By John Connelly
JC Computer Services

I’ve tinkered with many open source products over the past couple years, but I’ve never installed any for a client. For a friend, I installed Mepis on his son’s desktop to stop the torrent of malware, and I’ve played with Ubuntu on my laptop and struggled with wireless driver work-arounds. Never made a dime on it until I was inspired by a frequent forum poster here at The Forcefield. Then, with my inner salesman awakened I scored BIG.

The Scenario: Important client has employees that work from home, some travel across the country. Their current solution is to RDP directly into their 2008 Server. They are forwarding port 3389 to the server, and logging in with very weak passwords. Given the nature of their work, HIPAA laws apply to them. Obviously this solution is a major security breach waiting to happen.

I suggested a VPN solution. I explained what it was, how it worked, and showed them various solutions provided by Sonicwall, Firebox, and Cisco. Given the number of VPN connections they needed, all of these solutions were rather pricey, and had subscription-based licensing fees. They would have agreed to one of them, they had to do something soon. Now that they had a ballpark dollar amount in mind, I told them I could build a VPN appliance for less that had no re-occurring fees. I chose OpenVPN, and here is how I did it.

First, I had to choose between the free community version and the paid version. The free one has the benefit of being….free. The paid version has GUI menus, simple installers, and more extensive tech support. Being new to OpenVPN, and with a big client at stake, I chose the paid version. So I shelled out $50.00 for 10 licenses, this gave me 12 licenses total (2 are free). Given the huge licensing fees that others charge every year, I had no qualms about the amount. The free community-based version can do everything the paid version can do, but I needed to implement this fast and needed some hand-holding.

Based on another recommendation of a forum poster, I chose a simple 1U server to run it on. They already have a rack, and it gave my product the shiny high-tech feel it needed to help justify the big markup. It would have run much the same on a beat-up old Dell I had, but I needed it to look cool.

My next choice was the OS to install it on. There are many Linux distributions supported, including Ubuntu, which I almost went with. In the end I chickened out and went with XP Pro. When I have more time to test and become more familiar with how OpenVPN and Unbuntu work together, I will have it ready for my next client. I downloaded a VMware Player and a VM of OpenVPN, and installed both. The setup was very straightforward. You have to choose between running it routed or bridged mode. I chose bridged. I gave my box an IP on the network, and port forwarded 443 to it. I also changed the default admin password.

Now I had to decide how to authenticate users. They are running AD on the server, OpenVPN supports connections to AD via LDAP. Installing LDAP on the server was simple, I had it replicate the AD directory. In OpenVPN, I entered my admin username and password on the server, and its computer and domain name. It connected, and found my users. I could have chosen to input usernames and password into OpenVPN, or setup a RADIUS server.

Setup on the client was the easiest part. Open a browser, go  to https:\\ OpenVPN will present you with a login screen. Enter your user’s AD username and password, and you will see a customized link to download the client software. The link is generated dynamically when you first log in. For my Windows clients, I used the Windows installer. I had one Mac client, the OpenVPN site recommended I use Tunnelblick (a free VPN client). I could not get it to DHCP properly. A bit of research brought me to Viscosity. For $9.00, I bought one license and it had it working in 5 min. It recognized the client.ovpn file that OpenVPN generates, and imported without any issues.

Finally, I had my users select new passwords that did NOT have word “password” in them. Because OpenVPN was connected to AD via LDAP, it picked up the new passwords too. RDP now uses the internal IP of the server, and I stopped forwarding port 3339 on the router. Done.

The technical part of this job was fun. Setting up an open-source VPN was a great learning experience for me, and gives me a great new product. Salesmanship played a big part in this though, and it does not come naturally for me. In the end, it was an easy sell. I charged the same price for the box as the other commercial guys do, but made my main selling point the licensing fees. Others charge per year, I charge a one-time fee. Perhaps for new clients I will offer a smaller yearly maintenance fee. Still learning.


About the author:

John Connelly owns and operates a home based computer business serving homes, non-profits, and small to mid-sized businesses with their IT needs including repair, networking, planning, and more.  JC Computer Services has been in operation for 9 years, six in Plymouth, Ma.  His primary interest is in problem solving which keeps him getting up in the morning despite that his boss is a workaholic.

Beating the IT Budget Crunch

How Savvy CIOs are Cutting Costs and Using IT Compliance Automation to Make Impressive Gains

Agiliance NewsWatch Series


SAN JOSE, Calif. (Business Wire EON/PRWEB ) October 15, 2008 — Typically fall is synonymous with football, pumpkins and leaves crunching on sidewalks and driveways. This October it seems the crunching is coming from IT budgets in the fists of watchful CEOs. Still, theres always a silver lining for smart companies determined to progress in the face of tough economic conditions. Despite being squeezed by increased security threats, compliance pressures and shrinking budgets, savvy CIOs are using the power of automated IT compliance software to help their businesses thrive.

CIOs are watching costs closely as our economy falters at the same time expectations for IT performance are rising

The key is to be bold, but not reckless. In spite of budget constraints – today's high-performing CIO is adept at balancing the competing demands of driving business innovation while coping with economic disruption.

A successful IT risk and compliance program not only reduces IT spending, but can help bridge the gap between senior management's business goals and IT operations by helping to ensure that consistent and accurate information flows across the organization

Automated IT risk and compliance solutions can provide decision makers with the current and accurate intelligence they need to better understand how IT risk affects their entire organization.

CIOs are watching costs closely as our economy falters at the same time expectations for IT performance are rising, says Sara Gates, VP of Strategy, Agiliance, a provider of IT risk and compliance software solutions for Fortune 1000 companies. The key is to be bold, but not reckless. In spite of budget constraints todays high-performing CIO is adept at balancing the competing demands of driving business innovation while coping with economic disruption.

As companies enter a new era of corporate governance, risk management, and compliance (GRC) demands, winning companies are using technology to automate compliance initiatives and get more efficient. In fact, the rising tide of IT security threats and compliance demands, coupled with a struggling economy, is driving the adoption of automated and innovative, intelligence-based solutions for todays risk and compliance challenges. Recent industry reports confirm that highly automated IT risk and compliance solutions are helping companies cut compliance costs by up to 70%.

Beyond Compliance: Making IT Your Competitive Advantage

The fact is IT can be a competitive advantage. The key is that successful businesses must optimize IT by making strategic cost cutting decisions, build IT by investing in projects that give the company a competitive edge and empower IT by strengthening communications between IT and business executives. Recent speculation by leading analysts suggests that senior managements lack of understanding about their risk posture may have been a contributing factor to the crash of many heavy hitting financial institutions. More than ever, companies that want to avoid negative headlines must find ways to erase the lines of division between IT and business that may be preventing visibility into a companys greatest risks or strengths.

A successful IT risk and compliance program not only reduces IT spending, but can help bridge the gap between senior management's business goals and IT operations by helping to ensure that consistent and accurate information flows across the organization, said Kenneth Tyminski, former CISO of Prudential and member, Agiliance Board of Advisors. Automated IT risk and compliance solutions can provide decision makers with the current and accurate intelligence they need to better understand how IT risk affects their entire organization.

Cost Cutting Tips for Beating the IT Budget Crunch

The bottomline is that IT success requires the right balance of belt tightening paired with strategic investments to fuel innovation and growth. Successful CIOs are leveraging IT as an asset in spite of external pressures to control risks while regulators are becoming even more aggressive.

Read more about IT compliance automation and other IT cost cutting tips:

Agiliance IT Risk and Compliance Software

Agiliance offers highly-automated IT risk and compliance management software products designed to help organizations thrive in the face of mounting pressures to manage and balance risk, compliance and IT budgets. By leveraging the power of Agiliance software, businesses can make impressive gains in their IT risk and compliance efforts including reduced audit burden, increased visibility into current compliance and risk status, and improved leverage of IT resources.

To speak to an Agiliance expert about a topic covered in the Agiliance NewsWatch series, please contact Lorraine Kauffman-Hall at 704-882-0443 or To learn more about Agiliance, please visit

To Buy or To Lease Equipment – That is the Question for Small Business Owners

According the Small Business Administration, more than 600,000 small businesses are started each year in the United States. And David Birch, former head of a research firm specializing in small business data, found that 85 percent of businesses fail in their first year. While those new businesses range from home-based, online and traditional brick and mortar establishments, most of these businesses have one thing in common – they need equipment to be able to operate successfully and avoid becoming one of Birch's statistics. But because there are costs, often large ones, associated with starting a new business, many business owners are faced with the question of whether to buy or lease equipment. Commercial leasing expert and founder of Lease with Crystal, Crystal Riley reveals the four questions every business owner should ask before buying or leasing equipment.

Los Angeles, CA (PRWEB) April 29, 2008 — Small business owners need equipment to be able to operate successfully and avoid becoming one of the 85 percent of businesses that fail within the first year of operation. But because there are costs, often large ones, associated with starting a new business, many business owners are faced with the question of whether to buy or lease equipment. Crystal Riley, president of Lease with Crystal, a company dedicated to providing customized commercial leasing programs, believes that the decision to buy or lease equipment should be considered seriously.

"There are several key considerations business owners need to factor in when deciding how to procure new equipment for their businesses," says Riley. "These considerations go far beyond which one is cheaper in the short term. Rather, tax breaks, resale value, and the net cost of the asset all need to be considered carefully."

How Much Will Be Needed for Upfront Costs?
According to Riley, one of the major benefits to leasing equipment is that the upfront costs are far less than if the equipment was purchased. There are very few instances where a lease requires a down payment, thus allowing a business owner to purchased needed equipment without significantly affecting cash flow. "Leasing can be especially helpful for business owners who have less-than-stellar credit or those who need to negotiate lower payments over a longer period of time," says Riley. In addition, when business owners are leasing equipment under $100,000 they rarely have to provide financial statements, tax returns and business plans.

Some business owners who chose to buy their equipment have the money to purchase the equipment outright, but more realistically, a business owner looking to purchase equipment will have to finance a portion of the purchase. While financing the equipment will lead to ultimate ownership, most banks require a 20 percent down payment, which affects cash flow and may tie up lines of credit. "Some lenders may also place restrictions on your future financial operations to ensure that the loan is repaid," says Riley. "This alone can make things difficult for some small business owners who may need to access more loans to keep his or her business afloat."

How Will Buying or Leasing Equipment Affect Taxes?
Both leasing and owning property provide tax advantages to small business owners. Generally speaking, lease payments can be deducted as a business expense on a tax return. As such, the net cost of the lease is reduced, providing an overall savings. Many business owners find that after factoring in these deductions, they often save money by purchasing leased equipment. Conversely, Section 179 of the Internal Revenue Code allows for the deduction of some newly purchased assets in the first year. "In Tax Year 2007, equipment costs up to $112,000 could be deducted," says Riley. "Some equipment is not eligible under Section 179, but tax savings can be realized on almost any piece of business equipment through the business depreciation deduction."

What Will the Equipment Be Worth?
"One of the major disadvantages of leasing equipment is that because you are not purchasing it, it cannot be considered an asset and cannot be sold," says Riley. "Conversely, after you purchase equipment, it's yours. This is especially advantageous when dealing with a piece of equipment that has a long, useful – and I emphasize useful – life and is not in danger of becoming technologically obsolete in a short period of time." According to Riley, leasing is a way to address equipment that may become obsolete in a short period of time is to lease it. A lease passes the burden of obsolescence onto the lessor rather than the purchaser. "When leased equipment becomes outdated, you can give it back to the owner at the expiration of the lease and get new, current, higher end equipment," says Riley.

Riley warns that another major consideration is how much a piece of equipment will depreciate. "A computer system depreciates far faster than office furniture," says Riley. "So, you have to pay special attention to the equipment and make sure that what you spend for it today will not be markedly different than what you can sell it for tomorrow. Certainly, some depreciation will occur simply through normal aging and wear and tear, but it's always something to consider."

How Long Will the Equipment Be Used?
Before leasing equipment, Riley warns that you need to be sure you are really going to use the equipment. "A lease is a contract that lasts over a defined period of time," explains Riley. "As such, if you lease a piece of equipment for three years, and find that after two years, you are no longer using it, you still have to pay that last year of the lease. That is not to say that some leases don't give you the option to cancel the lease, because some do. But they will levy a huge termination fee."

Crystal Riley has in-depth management experience and comprehensive understanding of the business world. Offering a unique skill set that is necessary to effectively put deals together, having served as the special director for music mogul Jimmy Iovine for several years, Crystal rose through the ranks at Interscope Geffen A & M to become a master of campaign development and overall project management. As an executive in the music industry, she committed herself twenty-four hours a day to ensure successful strategic partnerships with Apple, Napster, Yahoo, Starbucks, Microsoft and Facebook. Leaving the industry, Crystal followed in the footsteps of her family, which includes generations upon generations of successful entrepreneurs. Lease With Crystal opened its doors in 2008, with the backing of Lease One – an original inventor in the Equipment Leasing world, with 20 years of experience. Crystal lives in Los Angeles with her family. More information about Lease with Crystal can be found by visiting

When Does Open Source Make Sense?

    Two weeks ago, my quiet Sunday afternoon was interrupted by a knock on the back door; my neighbor from across the street needed some computer help. While I normally shy away from helping friends and family with computer issues due to the “ownership of all future problems” factor, I decided to take a quick look.  (I should note that my neighbor owns a heating and cooling company, so he's a good guy to have owe me a favor in return).

    It seems that he had purchased a brand new PC a week ago and decided that he did not want Windows Vista anymore, so he had his cousin (who is a technician at a local computer repair shop) load a pirated copy of XP Pro. The problem they were having was that the PC would not boot to the XP CD. After spending several hours working on this, his cousin gave up. My neighbor's wife suggested he ask me for some help.

    A quick “CD E:” followed by “DIR” revealed a blank CD. Duh! (I should have gotten the name of the PC shop where his cousin works.) “So, what do we do now?” he asks. Well, I am certainly not going to provide a copy of XP for him to use with his pirated key, and while he does have a valid XP Home upgrade key, I am not going to load his pirated copy of 98 just so he can upgrade. This left one choice: Linux.

    We booted up to a live Mepis CD and verified that his digital cameras, printer, and all peripherals worked properly. Within 10 minutes of clicking the “install to hard drive” icon on the Mepis desktop, we were booted into the freshly installed Linux OS. Both my neighbor and his “computer tech” cousin were impressed by the ease of installation, amount of available software, and how easy it was to figure out how to move around in the OS. Two weeks have gone by now and the only time my neighbor has contacted me regarding the computer was to drop off a case of beer in appreciation and tell me how much he likes his new operating system.
    A small business finally outgrows the residential grade router they were using as a firewall and is looking for an upgrade to something more robust. They receive several quotes for Sonicwall, Pix, Fortigate, etc., but all of these quotes exceed the available budget.  A good time for open source? You betcha! An IPCop firewall would provide excellent perimeter protection, a VPN solution, and web content filtering all in one box. “How can I sell IPCop, it's open source?” you may ask. Well, the answer to that particular question is that you don't sell IPCop, you sell a firewall and support for that firewall.

   The above situations are what I consider to be good examples of the “right” time for open source. My neighbor needed a new PC, purchased one with Vista preloaded and decided he did not care for the new operating system at all. In addition, there were compatibility issues with his printer and the older of his two digital cameras. Linux offered him a “new” operating system without the learning curve he was experiencing with Vista, worked with all of his peripherals, and was free. The small office needed to upgrade their firewall without spending a large amount of money on hardware and licensing. The IPCop provides a very nice solution with an easy to use web interface that the “IT Person” (read: office manager) can use effectively.

    There are other times when a switch to open source makes sense: a client that needs a mail server but can't justify the expense of Exchange can use ZimbraEbox is a great replacement for SBS.  Nagios is a nice option to What's Up Gold or HP Openview. Need an enterprise class router but can't justify Cisco gear? Take a look at Vyatta .

    Do you have users that need nothing more than email, a word processor, and a web browser? Switch them to Linux. Thunderbird, Open Office, and Firefox look and work the same on Linux as they do in Windows. As an added bonus that user's PC is not going to be susceptible to viruses, spyware, and other malware that will eventually affect performance and even become a risk to their personal information.

    The list of open source alternatives to commercial products is growing everyday. A majority of these alternative applications do not require any special knowledge of Linux at all; they are easy to install, utilize web based administration, and have excellent support through the community. Take the time and familiarize yourself with some of the open source applications that are available. Download a few and play around with them. Install Linux on a spare computer and get familiar with it. Thinking “outside of the box” and having something to offer to your customers that all the “other guys” don't is what will set you apart from the competiton.

    As always, if you have any questions, comments, problems, or want to list me as the beneficiary of your life insurance policy, please feel free to contact me at .

Copyright 2008 Todd Hughes.

Selling Open Source

There are many open source alternatives to the proprietary/licensed versions of common commercial software applications. For those of us who serve the small business customer, these alternatives can provide a means to increase our income and drive sales by providing solutions for our customers that they might not otherwise be able to afford.    
     A good example of this is a small company with about 15 users that wants the benefits of a groupware server (mail, shared calendering and documents, etc.) but cannot realistically afford Microsoft's SBS or Exchange. Enter Zimbra, an open source collaboration suite. Zimbra offers everything that Exchange does in an easy to install and manage package: mail server (POP & IMAP), shared calendering, shared documents, and a host of other goodies. Users access their mail and other features via a web browser (ala OWA) making remote access available to the users even when they are at home or on the road.    

    Take a look at the screen shot below, does it look familiar? No, that's not OWA, it's Zimbra! Setup and administration is done via the web interface but there are also several command line tools available to perform various functions such as importing mail from an existing mail server, batch creation of user accounts, etc. User authentication can be done locally or Zimbra can be tied into an existing Active Directory environment for authentication.  As a service provider, you can enable inbound port 22 and port 7071 traffic through the customer's firewall (from your IP address at the shop only!) and have secure remote access to configuration files and the administrative interface to help your customers with any problems that they may have.



Zimbra is installed on top of a basic Linux operating system. I built mine on top of Ubuntu server.  Download the iso image   for Ubuntu Server 6.06.1 LTS and install the operating system. You can accept defaults during the install with the exception of the IP address; if it grabs a DHCP address just use the “back” button and manually assign the proper information. Next, install the Zimbra suite. A good how-to can be found here .

    Setup of Zimbra (including a quick start guide) can be found in the documentation at the Zimbra web site .   

    So, procure a decent server (nothing fancy, P4 2+Ghz, 512Mb RAM, 150-200 GB HD), install Ubuntu/Zimbra, and offer it to your clients as an “open source Exchange” server. Mark up the hardware to include a nice profit and cover your time building the server, charge them a few bucks for installation, offer support at maybe $500.00/yr, and start making some money on open source!

    Keep in mind that Zimbra is just the tip of the iceberg. There's Ebox (an SBS like clone), Snort/BASE (IDS), IPCop (Sonicwall like firewall), MySQL/MyPHP Admin (database and frontend), Ntop (network and bandwidth utilization),  Apache (web server), Nagios (networking monitoring and alerting), PacketFence (NAC), Zenoss (an HP OpenView/What'sUp Gold like clone), Squid/SquidGuard (a Websense/SurfControl like clone), many different versions of the Linux desktop, etc, etc. Start getting familiar with Linux and open source and you will find that you have something to offer your customers that the “other guys” don't.

    As always, if you have any questions, comments, problems, or want to name your first born after me, please feel free to contact me at

Copyright 2007 Todd Hughes


Why Is My Site Not Showing Up In Google?

More and more websites are failing to show up in the world's biggest search engine and increasingly businesses are feeling frustrated with their websites.To solve this problem, leading internet marketing company WebEfforts, suggests five easy steps to improve your ranking.

Birmingham, United Kingdom (PRWEB) February 5, 2008 — More and more websites are failing to show up in the world's biggest search engine and increasingly businesses are feeling frustrated with their websites.To solve this problem, leading internet marketing company WebEfforts, suggests five easy steps to improve your ranking.
News Image

  • Step one: choose your keywords carefully.

Many people fall into the trap of competing for the same keywords. For example, there are over 10 millions searches performed each year on Google for the keyword 'internet marketing'.

However, our research shows that the search term 'internet marketing company' attracts 300,000 searches a year on Google. Often, this longer search term has less competition and reaches your target market more effectively. Hence your chances of ranking on it are higher in Google, and more importantly, achieving online sales.

  • Step two: embed keywords into your website.

Once you have decided on your keywords, you need to make sure they appear throughout your website's text. This communicates to Google that your site is a highly relevant match to the term searched for.

For example, to rank on Google for the term 'internet marketing company' this keyword phrase needs to appear at least three times within one page on your website. You also have technical tags on your website, known as 'Meta Tags', which need to contain this keyword too. We suggest contacting a professional company if you are unfamiliar with changing these.

  • Step three: uncover competitors' online strategies.

So, you may think you have found the best search term and all the text is embedded within your website. But, will it actually work?

Well, look at your top competitor's website and scan across their pages to see what search terms that are continually repeating in their text. Look at the top of the browser on their home page, what keywords appear there? The text there is the 'Title Meta Tag' text, which is very important to Google for ranking purposes.

There are automated ways to research your competitors using internet tools, but these can be expensive to buy for a one-off job. We suggest buying an internet marketing report, which is an affordable way to share the cost of using the tools.

  • Step four: get your keywords noticed.

If any step should be given more emphasis, this is the one. To rank on Google for a search term, Google's search engine won't just take your word for it because it is written on your site. Google wants additional confirmation that you are telling the truth. As a result, Google needs to see other sites pointing to your site for that keyword.

To do this you need to write content for your site and include links to your site on the keyword you want to rank in Google for. For example, to promote Web Effort's on the keyword 'internet marketing company' the content should include a link like:-

"……leading internet marketing company WebEfforts produce the best selling internet marketing report that includes professional keyword research, a web site assessment and powerful competitor research…"

However, you may need hundreds of links pointing to your site to compete against your competitors for that keyword.

In an extract from our report, we noticed that a top competitor had over 1,000 links. If this is the case for your search term, it is best to outsource the work to a professional company with experience in this area. Avoid using cheap services, as the techniques they use can be automated and leave you completely blacklisted from the search engine.

  • Step five: create viral content through online publicity.

To add the icing on the cake, you could get your website noticed on some of the largest News wires such as paid inclusion sites like Yahoo News and Google News. This method normally gives you exposure for 30 days and can provide an excellent source of traffic within days. We suggest using an online distribution service for this.

However, the key is to create viral content, which is content that is likely to be passed on because it is useful. Once this is achieved people will start posting links, from say forums or blogs, allowing the link building work to be done all by itself.

Following these five easy steps will not only improve your ranking on Google, but also drive traffic to your website and potentially increase sales.

For more information, please contact Max Worton at WebEfforts on 01562 884 388 or

About WebEfforts
WebEfforts helps website owners on small budgets drive targeted traffic to their website, see our results. The company is known for its best-selling internet marketing report, which can be viewed online at

Services include: Web Site Management and Administration, Professional Keyword Research, Web Site Assessments, Competitor intelligence, Link Building and Online Publicity.


Email Troubleshooting: Back to Basics

Email has undergone a major transformation in the past decade . What began as a simple means to send a quick message has evolved into a business critical application.  This increased use of email as a primary communication method has placed an emphasis on maintaining the availability of this service to the users. One of the best methods for diagnosing problems with email is what I refer to as “getting back to the basics”.

    Getting back to the basics means separating the email application software from the protocol itself.  Application software can be either an MUA (Mail User Agent) such as Outlook or Thunderbird, or an MTA (Mail Transport Agent) such as Exchange or Postfix. We will concentrate on working with the underlying protocols only.  Troubleshooting  software beyond basic configuration (proper user name and password, correct mail server IP and port number, mailbox setup, etc.) is beyond the scope of this article.

    There are 3 main protocols we will deal with when troubleshooting email. SMTP (Simple Mail Transfer Protocol) is used to send email. The SMTP protocol “pushes” messages, whether it's from the desktop to the internal email server, or from one email server to another. It is important to keep in mind that this is a “best effort” or “store and forward” protocol which means that there is no guarantee of successful delivery. POP3 (Post Office Protocol 3) and IMAP (Internet Message Access Protocol) are used to retrieve email. POP3 and IMAP “pull” messages from an email server to the desktop. POP3 downloads the entire message to the desktop when an email is read. IMAP downloads only the email header information when a mail check is performed, the message itself is actually opened and read right on the mail server (making IMAP a bit more bandwidth friendly). Both of these protocols send login credentials to the mail server in clear text unless the secure version of the protocol (POP3S or IMAPS) is used. While there are other proprietary email protocols in use, we will concentrate on the aforementioned 3 which are considered the standards for internet email transport.

    The most important tip I can give is to pay very close attention to any error messages you may receive related to mail delivery. If a user states “I sent an email, but I got an error message back”, you need to tell that user to copy the error message down verbatim. Email error messages are usually very specific about what the problem is. Here's an example:

This is the Postfix program at host


I'm sorry to have to inform you that your message could not

be delivered to one or more recipients. It's attached below.


For further assistance, please send mail to <postmaster>


If you do so, please include this problem report. You can

delete your own text from the attached returned message.


         The Postfix program


<>: host[] said: 553 sorry,

  your envelope recipient is in rejected. either it has been deactivated or

  does not exist (#5.7.1) (in reply to RCPT TO command)


    The above message comes from my mail server ( and is telling me that my message to could not be delivered. Specifically, the mail server for “” ([]) said that the recipient (joeshmoe) either doesn't exist or his account has been deactivated. Note the “553”, this is an SMTP reply code. Anything in the 500 range means “permanent error”, the 400 range means “temporary error/will try again”, and anything in the 200 range means “success/OK”.

    Troubleshooting sending (SMTP) errors is done on the command line using the SMTP commands. If you suspect a problem between the desktop and the internal mail server you should do this from the desktop, if the issue is suspected to be outside of your network you need do this from the mail server itself. We'll make a connection to the recipients mail server and attempt to send a message “by hand” using some basic SMTP commands and see what happens. If you are testing from the desktop, you already know what the mail server's IP of FQDN is, if you are testing from your internal mail server to an outside server, you need to look up the name or IP of the recipient's mail server. This can be done with “nslookup” (Windows) or the “dig” command (Linux). Once we know how to get to the recipient's server, we'll make a telnet connection to port 25 (SMTP), then we'll introduce ourselves (the “helo” or “ehlo” command), and finally we will send an email and see what type of reply codes we get. Open up a terminal or command prompt and let's get started!

Look up the mail server:

thughes@thughes:~$ dig mx
;                        IN      MX
;; ANSWER SECTION:         736     IN      MX      5

Make a connection (telnet) to that mail server on port 25 :

thughes@thughes:~$ telnet 25
Connected to
Escape character is '^]'.
220 at your service ESMTP NO UCE 

(notice the 220…that means OK)       

Now, introduce yourself by typing “ehlo <something>” (I typed “ehlo howdy!”):

Connected to
Escape character is '^]'.
220 at your service ESMTP NO UCE
ehlo howdy!
250-SIZE 10240000

If you get an error when using the “ehlo” (extended helo) command, the server probably doesn't support the extended version of the command so just use the standard “helo” command. Again, notice all the 250 codes, these mean that this server supports all of the listed options.

Let's send an email:

Type “mail from: <your email address>” (the “<” and “>” are necessary in this command)

Connected to
Escape character is '^]'.
220 at your service ESMTP NO UCE
ehlo test
250-SIZE 10240000
mail from: <>
250 Ok

(There's that 250 again)

Type “rcpt to: <recipient's email address>”

Connected to
Escape character is '^]'.
220 at your service ESMTP NO UCE
mail from: <>
250 Ok
rcpt to: <>
250 Ok

(250 again)

Now we need to add some data to the email, so type “data” and hit the “enter” key,  then type “SUBJECT:” (add a subject), hit “enter”, type “FROM:” (type the from address), hit “enter”, type “TO:” (type the to address), hit “enter” twice, and then type the body of your email. When you're done typing your message, hit the “.” key and you should get a message that the email was sent (“queued”) on the recipient's server, then type “quit”. All of the commands that I typed in the following example are in bold type:

Connected to
Escape character is '^]'.
220 at your service ESMTP NO UCE
mail from: <>
250 Ok
rcpt to: <>
250 Ok
354 End data with <CR><LF>.<CR><LF>
SUBJECT: test email

This is a test email
250 Ok: queued as 56CBE3B018E
221 Bye
Connection closed by foreign host.

This message was sent successfully (“250 Ok: queued as 56CBE3B018E”). If there was a problem, the reply code would have told me exactly what the problem was. You may also have noticed that when I typed in the “FROM:” field, I used an address other than the one that I used in the initial “mail from:” command, this is because the “FROM:” in the headers of the email do NOT have to match the original connecting (“envelope”) sender. This is how spammers spoof email (heh heh).

    Alright, delivery works, now we need to test mail retrieval. Let's do some POP command line magic next. First, we need to telnet to our internal mail server on port 110 (995 for POPS):

thughes@thughes:~$ telnet 110
Connected to
Escape character is '^]'.
+OK dovecot ready.

Now we need to authenticate by typing “user <username>”, hit “enter”, then type “pass <your password>” and hit “enter” again:

thughes@thughes:~$ telnet 110
Connected to
Escape character is '^]'.
+OK dovecot ready.
user thughes
pass *********
+OK Logged in.

We're in!  Now type “list” to see all the emails (they are listed numerically, the first number  is the message number, the second number is the message size), type “retr (message #)”  and hit “enter”, and your message will be displayed. Type “quit” to disconnect from the POP server.

    Finally, let's try email retrieval using IMAP. Telnet to the internal mail server on port 143 (993 for IMAPS) and log in by typing “a01 login <user name> <password>”:

thughes@thughes:~$ telnet 143
Connected to
Escape character is '^]'.
* OK dovecot ready.
a01 login thughes ********
a01 OK Logged in.

Next, lets list our mailboxes. Type “a02 list “” “*”” and hit “enter”:

ao2 list "" "*"
* LIST (\NoInferiors) "/" INBOX
* LIST (\NoInferiors \UnMarked) "/" "Trash"
* LIST (\NoInferiors) "/" "Ebay"
* LIST (\NoInferiors) "/" "Sent"
ao2 OK List completed.

Now we can enter a mailbox:

a02 select INBOX
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft Junk $Label1 $Label2 $Label3 $Label4 $Label5 NonJunk)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft Junk $Label1 $Label2 $Label3 $Label4 $Label5 NonJunk \*)] Flags permitted.
* 1142 EXISTS
* OK [UNSEEN 1131] First unseen.
* OK [UIDVALIDITY 1157335433] UIDs valid
* OK [UIDNEXT 26939] Predicted next UID
a02 OK [READ-WRITE] Select completed.

Fetch the headers for the first email in the list:

ao2 fetch 1 all
* 1 FETCH (FLAGS (\Seen) INTERNALDATE "18-Aug-2006 09:43:33 -0400" RFC822.SIZE 21975 ENVELOPE ("Thu, 17 Aug 2006 13:06:55 -0400" "Official: Jul-Aug 2006 (ISC)2 Newsletter" (("(ISC)2 Management" NIL "management" "")) (("(ISC)2 Management" NIL "management" "")) (("(ISC)2 Management" NIL "management" "")) ((NIL NIL "thughes" "")) NIL NIL NIL "<LYRIS-1619473-1789-2006.08.17-16.13.08–>"))
ao2 OK Fetch completed.

Read some mail:

ao2 fetch 1 body[text]

(This should show you the message body)

Close the connection by typing “ao2 logout”:

a02 logout
* BYE Logging out
a02 OK Logout completed.
Connection closed by foreign host.

    That's about it for command line troubleshooting using the basic protocols. The point of the preceding exercises is to confirm that mail can be sent and received. If you are successful using the command line to send/retrieve mail but it doesn't work when using applications such as Outlook or Thunderbird, you can now concentrate your efforts on troubleshooting the software application and configuration.

    The logs on your mail server can provide a wealth of information to aid you in diagnosing problems. Becoming proficient in reading the logs is one of the most important things you can do. Take a look at the mail logs and learn how to read them. Try to follow an email through the logs from the time it hit the server until it was delivered to the recipient.  

    Email headers are also a valuable source of information. You can view the complete headers in most email clients by choosing an option such as “view > all headers”, right clicking the email and choosing “view internet headers”, etc. The exact method depends on which client you are using, Google it if you can't figure out how. Headers are read from the bottom up (use the time stamps as a reference). Below is an example of a full set of headers (I added the comments in bold):

Return-Path: <>

This is my mail gateway delivering the message to my mail server:

 Received: from (unknown [])
by (Postfix) with ESMTP id 280A23B019E
for <>; Mon,  1 Oct 2007 10:51:03 -0400 (EDT)

This is my mail gateway processing the mail internally:

 Received: from (localhost [])
by (Postfix) with SMTP id 4E54FAC07F
for <>; Mon,  1 Oct 2007 11:08:13 -0400 (EDT)

This is the spam processing and scoring on my mail gateway (spamassassin):

 X-Spam-Checker-Version: mailDefender 3.1.3 (2006-06-01)
 X-Spam-Level: S
 X-Spam-Status: No, hits=1.9 reqd=5.0 tests=NO_REAL_NAME=0.55,
 X-Spam-Report: *  0.9 XD_DYNAMIC_IP At least one relay is a dynamic IP *  0.6
NO_REAL_NAME From: does not include a real name *  0.2 XD_MULTIPART Email
contain several alternative views *  0.1 SPF_SOFTFAIL SPF: sender does not
match SPF record (softfail) *      [SPF failed: ] *  0.1 SPF_HELO_SOFTFAIL
SPF: HELO does not match SPF record (softfail) *      [SPF failed: ]

This is my mail gateway receiving the email from the sender's server:

 Received: from ( []) (using TLSv1
with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate
requested) by (Postfix) with ESMTP id E5E2BAC07E for
<>; Mon,  1 Oct 2007 11:07:48 -0400 (EDT)

This is the sender's server receiving the mail from an internal process:

 Received: from ( []) by
(8.13.1/8.13.1) with ESMTP id l91F7mL0022786 for <>; Mon, 1
Oct 2007 10:07:48 -0500

Here's the message:

 Message-Id: <>
 Content-Transfer-Encoding: binary
 Content-Type: multipart/related; boundary="_———-=_1191251268227820"
 MIME-Version: 1.0
 X-Mailer: MIME::Lite 3.01 (F2.73; B3.07; Q3.07)
 Date: Mon, 1 Oct 2007 15:07:48 UT
 Subject: (ISC)2: Confirmation of change to CISSP CPE Record
 X-AVAS-Signature: Version 1.73
 X-AVAS-EmailID: 20070901-110749-7603
 Status: RO
 X-UID: 26809
 Content-Length: 761
 X-Length: 3068
=== This is a system generated message from (ISC)2 ===

Dear T. Hughes:

This email message is blah…blah…blah.

    As you can see, the headers provide a detailed record of mail routing. You can use the time stamps at each hop to determine where any latency in delivery may be. Another trick is to use the header information to verify a spoofed email. If an email appears to come from somebody you know but looks suspicious, view the headers to determine the IP address of the original sending server. Perform a “whois” lookup on that IP address; if it comes back as registered to a Chinese or Eastern European domain (for example) you can be certain it is a spoof.

    Lastly, I want to comment about email security. Today's users tend to send anything (including very sensitive or personal information) via email without any thoughts of security or confidentiality. Email is not secure! As mentioned earlier, SMTP, POP3, and IMAP are all clear text protocols. This is akin to sending your snail mail on postcards instead of inside an envelope, safe from prying eyes. There are a few basic precautions you can take to secure your email. One would be to use POP3S and IMAPS to retrieve mail. Secondly, you should configure your mail server to support TLS (Transport Layer Security). TLS will allow encrypted SMTP communication with any recipient's server that also supports TLS. It should be noted that you must configure TLS to be optional, if the receiving server does not support TSL the communication will fall back to plain text.
Thirdly, I would suggest the use of an email encryption application (such as Zix mail) to ensure sensitive information is transmitted securely. Finally, user training is a must. Your users need to have a basic understanding of how email works. They need to know that it is neither secure (in it's default configuration) nor guaranteed to be delivered to the intended recipient.

    I hope you have found the information and tips in this article interesting and informative. Feel free to contact me if you if you have additional input or would like further information about the techniques I have presented.

Todd Hughes is a Network Security Analyst and long time Linux fan in the Upstate New York area. Send your Questions, comments or feedback to:

Copyright  Todd Hughes  2007. Printed by permission.



How to Determine If Your Activity Is a Business Or a Hobby For Tax Purposes?

If you have a valid business, you report your income on Schedule C.  If you have a hobby, you report your activities on Schedule A, with limitations. 

How to Determine If Your Activity Is a Business Or a Hobby For Tax Purposes?
By Cassandra Ingraham

IRS usually allows 5 years of business activity before they question if your activity is a business or a hobby. You must show a profit during at least three of the last five years, including the current year. There are exceptions to the basic rules.

If your business activity does not show a profit then, it is considered; not for profit and the losses from your activity may not be used to offset your income.

In order to make this determination if your activity is a hobby or a business, ask yourself the following questions:

1. Is the time and effort you put into the activity indicate your intention to make a profit?

2. Do depend upon the income from the activity?

3. If there are losses, are they due to circumstances beyond your control or did they occur in the start-up phase of the business?

4. Have you changed methods of operation to improve profitability?

5. Are you qualified to run/operate the activity, or do you have advisors who have the knowledge needed to carry on the activity as a successful business?

6. Have you made a profit in similar activities in the past?

7. Does your activity make a profit in some years?

8. Can expect to make a profit in the future from the appreciation of assets used in your activity?

If you answer "yes" to the above questions, then you more then likely have a valid business and not a hobby. If you are not sure, you should contact your tax professional. Each of these points have additional legal jargon attached to them, for legal tax codes, go to: and read Publication 535, Business Expenses.

If you have a valid business, you report your income on Schedule C. If you have a hobby, you report your activities on Schedule A, with limitations.

There are companies out there selling home business as a legal tax deduction. Before you make such an investment, remember question number five. Are you qualified to run/operate the activity or do you have advisors who have the knowledge needed to carry on the activity as a successful business?

Again, IRS presumes that an activity is carried on for profit if it makes a profit during at least three of the last five tax years, including the current year.

Cassandra Ingraham is a Tax Accountant and Instructor for Basic Tax Classes in the San Francisco Bay Area. During the balance of the year she can be found at providing Formal Introductions to Lenders for Accounts Receivable Funding (Factoring) and Purchase Order Funding.

Article Source:

Partnership Agreements

A partnership agreement is a relationship between individuals or organizations. Parties involved should be in close cooperation and share responsibilities. A partnership agreement isn't necessarily a legal contractual relationship but a relationship where you come in union to accomplish common goals and purposes that will benefit both parties. 

 Partnership Agreements
By Nick Fagan

A partnership agreement is a relationship between individuals or organizations. Parties involved should be in close cooperation and share responsibilities. A partnership agreement isn't necessarily a legal contractual relationship but a relationship where you come in union to accomplish common goals and purposes that will benefit both parties. A partnership agreement is basically one where you both try striving to meet success.

These partnerships could include federal/state/local government, educational institutions, trade associations, or other organizations. A partnership is defined as a "working relationship" which means mutual participation and joint interest.

Partnership agreements are a good way to achieve goals that would otherwise be to far out of your reach. When people and/or organizations come together you can share responsibility and therefore focus harder on things you feel need the most attention. Partnerships can be effective ways to re-stabilize unorganized businesses, expand, go global, go national, increase customer base, increase sales through referrals, provide even more services your customers may desire, and much more.

Often times partnerships are used when resources are limited, partnerships are a way of maximizing your resources to achieve goals and strengthen existing relationships through consumer protection, etc.

Also, companies in need of skilled, talented workers will often times partner with a company/organization that has the talented, skilled, experienced employees you need to train workers and keep your business on the right track.

The requirements to file and sign a partnership agreement form usually are:

– You both must be at least 18 years old.
– Both partners must be present when filing the partnership agreement
– A legal picture I.D. card is required from each partner.
– If you had a previous partnership you must file a notice for ending the partnership with the County Clerk or Notary Public before you can file a new partnership agreement.
– Usually there’s a filing fee of 10-50 dollars often times and they usually accept all forms of payment.

This article was brought to you by Legal Forms Bank .Biz where you can download your state's Partnership Agreement Form.

We also provide your state's specific Personal Bankruptcy form and Promissory Note Form.

Article Source:



Cisco CCNA Certification – Cisco VTP VLAN Trunking Protocol

 Cisco VTP: VLAN Trunking Protocol VLAN Trunking Protocol (VTP) is a Cisco Layer 2 messaging protocol that manages the addition, deletion, and renaming of VLANs on a network-wide basis.


Cisco CCNA Certification – Cisco VTP VLAN Trunking Protocol

By Bob Bello

(VTP) is a Cisco Layer 2 messaging protocol that manages the addition, deletion, and renaming of VLANs on a network-wide basis. Virtual Local AreaNetwork (VLAN) Trunk Protocol (VTP) reduces administration in a switched network. When you configure a new VLAN on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere. VTP is a Cisco-proprietary protocol that is available on most of the Cisco Catalyst Family products. VTP ensures that all switches in the VTP domain are aware of all VLANs. There are occasions, however, when VTP can create unnecessary traffic. All unknown unicasts and broadcasts in a VLAN are flooded over the entire VLAN. All switches in the network receive all broadcasts, even in situations where few users are connected in that VLAN. VTP pruning is a feature used to eliminate (or prune) this unnecessary traffic. By default, all Cisco Catalyst switches are configured to be VTP servers. This is suitable for small-scale networks where the size of the VLAN information is small and easily stored in all switches (in NVRAM). In a large network, a judgment call must be made at some point when the NVRAM storage needed is wasted, because it is duplicated on every switch. At this point, the network administrator should choose a few well-equipped switches and keep them as VTP servers. Everything else participating in VTP can be turned into a client. The number of VTP servers should be chosen so as to provide the degree of redundancy desired in the network.

Modes of OperationServer

In VTP server mode, you can create, modify, and delete VLANs and specify other configuration parameters (such as VTP version and VTP pruning) for the entire VTP domain. VTP servers advertise their VLAN configuration to other switches in the same VTP domain and synchronize their VLAN configuration with other switches based on advertisements received over trunk links. VTP server is the default mode.


VTP transparent switches do not participate in VTP. A VTP transparent switch does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements. However, in VTP version 2, transparent switches do forward VTP advertisements that they receive out their trunk ports.


VTP clients behave the same way as VTP servers, but you cannot create, change, or delete VLANs on a VTP client.

Advertisements Summary Advertisements

When the switch receives a summary advertisement packet, it compares the VTP domainname to its own VTP domain name. If the name is different, the switch simply ignores the packet. If the name is the same, the switch then compares the configuration revision to its own revision. If its own configuration revision is higher or equal, the packet is ignored. If it is lower, an advertisement request is sent.

Subset Advertisements

When you add, delete, or change a VLAN in a switch, the server switch where the changes were made increments the configuration revision and issues a summary advertisement, followed by one or several subset advertisements. A subset advertisement contains a list of VLAN information. If there are several VLANS, more than one subset advertisement may be required in order to advertise them all.

Advertisement Requests

A switch needs a VTP advertisement request in the following situations:

The switch has been reset. The VTP domain name has been changed. The switch has received a VTP summary advertisement with a higher configuration revision than its own. Upon receipt of an advertisement request, a VTP device sends a summary advertisement, followed by one or more subset advertisements.

Configuration To configure an IOS based switch to be a VTP server, issue the following commands: SwitchA# vlan database

SwitchA(vlan)# vtp domain CiscoKits

SwitchA(vlan)# vtp server

SwitchA(vlan)# exit

These commands configure the switch to be a VTP server in the VTP domain CiscoKits. The changes are saved and the revision number is incremented when the exit command is issued. To configure a VTP client, run the following commands:

SwitchB# vlan database

SwitchB(vlan)# vtp domain CiscoKits

SwitchB(vlan)# vtp client

SwitchB(vlan)# exit

To disable VTP, set the vtp mode to transparent as such:

SwitchC# vlan database

SwitchC(vlan)# vtp transparent

SwitchC(vlan)# exit

To monitor the VTP operation and status, use either:

SwitchA# show vtp status

SwitchA# show vtp counters.

Bob Bello, is the owner of At his site you will find over 200 various articles dedicated to Cisco CCNA and CCNP study help, free CCNA and CCNP study exams, step by step labs along with CCNA and CCNP home lab kits.

Article Source:—Cisco-VTP-VLAN-Trunking-Protocol&id=739778