Internet Bandaid   [RSS Feed]

Archive for July, 2010

WordPress MU – iframe, embed, object, param tags

without comments

WPMU was stripping out the iframe, embed, object and param tags out of the WYSIWYG editor after I pressed save.  To avoid this problem, edit the file <wpmu directory>/wp-includes/kses.php file.  You’ll see an array of acceptable tags.  Add to that array the missing html tags you desire.

Written by John Lai

July 30th, 2010 at 5:57 pm

Posted in Uncategorized

Tagged with , , , , ,

Consulting Budget – Estimate Overruns – Fixed Price Game

without comments

I was reading this article

ERP Cost: Getting Real

A lot of what is said applies to freelance web software development.  Key points are:

1. There is a direct correlation between the cost of consulting services and the ability of the client to take more project responsibility. This goes beyond just cost; it is also about increasing the probability of success.

2. Many clients naively believe fixed price agreements (as opposed to hourly billing) are “risk free”. The false premise is “if we can just get the consultants to own all the project risk, it becomes their problem not ours”. Unfortunately for the client, dumb people do not run consulting firms. Therefore, the devil is in the fine print. If it is not, chances are the consultants are desperate for business and there are probably reasons why. Let the buyer beware.

3. No project has ever failed because of over budgeting during the project justification phase. In fact, clients should be conservative with the ROI.  On the other hand, plenty of goods projects have “failed”  as a result of unrealistic cost estimates right out of the gate (not because of execution).

Written by John Lai

July 17th, 2010 at 10:11 pm

Guts to start a business

with 2 comments

I explained to a friend why I find it easy to takes risks in life and business.   Here it is:

This reminds me of a story you told me about entrepreneurs being fearless risk takers.  Here’s why I fit the bill.

Growing up in chinatown in a low income family, constantly in debt to friends and landlords, we’ve all learnt to not be afraid of surviving with little or no money (only exiled to Mississauga 4 years ago when my parents couldn’t work in a restaurant anymore, so we needed a place to live).  It’s easy to take risks when your back is against the wall with nothing to lose.  My parents never had the privilege of education because of Japanese occupation, WW2 and the cultural revolution.  My dad especially lost everything during that time.  He tells me stories of pan handling on the streets and being chased away by japanese soldiers.

So as an entrepreneur, I think if there are people like my parents pan handling on the streets in war torn countries, having the guts to start a business in a first world nation is child’s play.  I’ve got nothing to lose and everything to gain, so I might as well take a shot at proving to people with enough hard work and luck, you can actually claw your way out of poverty (after 2 or 3 generations).

Written by John Lai

July 15th, 2010 at 2:12 pm

Posted in Uncategorized

Tagged with , ,

Client Levels – How to get high-end clients

without comments

A question that many freelancers asks is, “how do I move away from low budget clients to high end clients?”  This is a difficult question to answer, but it’s generally along the lines of being good at what you do, being a nice person to work with, being patient and marketing yourself well.  The last point, marketing yourself well, can be a difficult thing for programmers to do.  It normally includes targeting the right audience.

The purpose of this post is to introduce the concept of “client levels” which should help freelance programmers target the right audience.  Here we go

I generally assign a “level” to a client to indicate his profitability for my business.   They are:

Level 0 to 10 – These clients are friends or family members who have no appreciation and/or no understanding of what it is you do.  As such, you volunteer your time to help them.   These client projects are good if you need to assemble a portfolio from scratch.

Level 10 to 20 – These clients are friends or small businesses with a small budget who have no appreciation and/or no understanding of what it is you do.  They pay you anywhere between nothing and less than minimum wage for your work. These client projects are good if you need to assemble a portfolio from scratch and if you need a couple of dollars for Tooney Tuesdays at KFC to ward off starvation.

Level 20 to 30 – These clients are small to medium size “established” businesses that do not appreciate the value of your work.  So although they are capable of paying for your work at market value, it is hard to convince them to actually do so because they compare you to high school students or some IT guys in India.  With enough haggling, these client projects can sustain your business.  Hooray!  You have enough money for a Quarter Pounder Meal at McDonalds!

Level 30 to 40 – These clients are small to medium size established businesses that appreciate the value of your work.  They do not hesitate to pay you the market value for your work because they consider you a valuable resource.  They know that they need your help to “take their business to the next level”, but they lack a clear strategy on how to do it and they are mired by disorganization.  These clients are great if, additional to your advertised primary skill sets, you are able to clarify their business strategies and help them execute it.

Level 40 and up – I haven’t gotten these clients yet, so they are all one amorphous blob.  But I presume they all have clear business strategies, great organization, significant cashflows and a history of great execution.

IMPORTANT NOTE: You can expect clients in each level to refer other clients within the same vicinity level.  So for example,  a level 10 client may refer clients between level 5 and level 15.   So if you’re starting with clients at level 0, it may take you 3 years of 24/7 work to obtain level 40 clients.

Written by John Lai

July 15th, 2010 at 4:04 am

Install Postfix on Ubuntu

without comments

Install Postfix

Postfix will be your mail server.  Install it by simply typing into shell:

sudo apt-get install postfix

Install TLS Encryption

You’d want to encrypt your outgoing mail.  Issue the following commands (this is an excerpt from ubuntu site):

touch smtpd.key
chmod 600 smtpd.key
openssl genrsa 1024 > smtpd.key
openssl req -new -key smtpd.key -x509 -days 3650 -out smtpd.crt # has prompts
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650 # has prompts
sudo mv smtpd.key /etc/ssl/private/
sudo mv smtpd.crt /etc/ssl/certs/
sudo mv cakey.pem /etc/ssl/private/
sudo mv cacert.pem /etc/ssl/certs/
sudo postconf -e 'smtp_tls_security_level = may'
sudo postconf -e 'smtpd_tls_security_level = may'
sudo postconf -e 'smtpd_tls_auth_only = no'
sudo postconf -e 'smtp_tls_note_starttls_offer = yes'
sudo postconf -e 'smtpd_tls_key_file = /etc/ssl/private/smtpd.key'
sudo postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt'
sudo postconf -e 'smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem'
sudo postconf -e 'smtpd_tls_loglevel = 1'
sudo postconf -e 'smtpd_tls_received_header = yes'
sudo postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
sudo postconf -e 'tls_random_source = dev:/dev/urandom'
sudo postconf -e 'myhostname =' # remember to change this to yours

In the last command, make sure you replace with your domain name.

If you have multiple domain names, add them to /etc/postfix/ under

mydestination =,,

Written by John Lai

July 15th, 2010 at 3:27 am

Posted in Uncategorized

Tagged with , , , ,

Install DKIM for Postfix

without comments

Before you begin, make sure you’ve installed Postfix as your smtp server as your first step.

This guide is based on Ubuntu guide and someone’s answer on Serverfault.

sudo aptitude install dkim-filter

Open up /etc/dkim-filter.conf and edit it so that it’s like below:

# Log to syslog
Syslog                  yes
# Required to use local socket with MTAs that access the socket as a non-
# privileged user (e.g. Postfix)
#UMask                  002
# dkim-milter (2.5.2.dfsg-1ubuntu1) hardy:
# Disable new umask option by default (not needed since Ubuntu default
# uses a TCP socket instead of a Unix socket).

# Attempt to become the specified userid before starting operations.
#UserID                 105 # 'id postfix' in your shell

# Sign for with key in /etc/mail/dkim.key using
# selector '2007' (e.g.
# Domain won't really matter because that will be specified in the KeyList file
#KeyFile                 /etc/mail/dkim.key # See bellow how to generate and set up the key
Selector                mail

# Common settings. See dkim-filter.conf(5) for more information.
AutoRestart             yes
Background              yes
Canonicalization        simple
DNSTimeout              5
Mode                    sv
SignatureAlgorithm      rsa-sha256
SubDomains              no
#UseASPDiscard          no
#Version                rfc4871
X-Header                no

#InternalHosts          /etc/mail/dkim-InternalHosts.txt
# The contents of /etc/mail/dkim-InternalHosts.txt should be
# You need InternalHosts if you are signing e-mails on a gateway mail server
# for each of the computers on your LAN.

# Other (less-standard) configuration options #
# If enabled, log verification stats here
Statistics              /var/log/dkim-filter/dkim-stats
# KeyList is a file containing tuples of key information. Requires
# KeyFile to be unset. Each line of the file should be of the format:
#    sender glob:signing domain:signing key file
# Blank lines and lines beginning with # are ignored. Selector will be
# derived from the key's filename.
KeyList                /etc/mail/mail
# If enabled, will generate verification failure reports for any messages
# that fail signature verification. These will be sent to the r= address
# in the policy record, if any.
#ReportInfo             yes
# If enabled, will issue a Sendmail QUARANTINE for any messages that fail
# signature verification, allowing them to be inspected later.
#Quarantine             yes
# If enabled, will check for required headers when processing messages.
# At a minimum, that means From: and Date: will be required. Messages not
# containing the required headers will not be signed or verified, but will
# be passed through
#RequiredHeaders        yes

Add the following lines to /etc/postfix/

milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891

Create the public and private keys with these lines

openssl genrsa -out private.key 1024
openssl rsa -in private.key -out public.key -pubout -outform PEM
cp private.key /etc/mail/mail

Add a TXT record to your DNS like so IN TXT "k=rsa; t=y; p=yourpubkey"

Where is the domain you want to authenticate against, and yourpubkey is the contents of public.key WITHOUT the

-----END PUBLIC KEY-----

Create a new file called /etc/mail/dkim_domains.key and put into it


Then restart dkimfilter and postfix with

> /etc/init.d/dkim-filter restart
> /etc/init.d/postfix restart

Now you’re done install postfix dkim

Other useful resources:

Written by John Lai

July 15th, 2010 at 3:25 am

Posted in Uncategorized

Tagged with , , , ,

CSS Hacks

without comments

Use the following syntax to target specific browsers when using CSS.

margin: 50px; /* targets all browsers */

#margin:50px; /* targets IE6 and IE7 */

_margin:50px; /* targets IE6 */

margin:50px\9; /*targets IE8 */

Replace margin with any other css attribute you desire.

Written by John Lai

July 8th, 2010 at 8:25 am

Posted in Uncategorized

Tagged with