Tenet Healthcare and the iPhone

Well, I finally broke down and started using Tenet’s Exchange Server. First, IS created an Exchange account for me then I tried adding it to my iPhone. After I got the settings right, from someone who’s using it with their iPhone everything works fine.
Here are the settings that aren’t obvious.

Server mail.etenet.com
Domain tenethealth

Then make sure SSL is on and you should be good to go with your email address, username and password.
Now, if I could just get this working on my Mac desktop. There are clearly some differences in the manner in which iOS 4 and the OS X 10.6.4, and particularly Mail.app, iCal and AddressBook, interact with the Exchange server. I’m still trying to find the secret incantation to make it work on the desktop. When I do a follow-up will be forthcoming.
BTW, the above settings should work just fine for your iPad too.
Make sure your username is not your full email address.

Setting up Snow Leopard iCal Server

After scouring through the official documentation, and finding that lacking, Google has found the answers.
Make sure Wiki Server is set to and that Use SSL is checked.
Here’s how I was finally able to get my groups into iCal SL/Lion client (no SSL)

server.com/principals/__uids__/wiki-groupName/ (no http://)

To get this group calendar into iOS add the following as a CalDAV calendar.

server.com/principals/wikis/groupname/ (no http://)

Dovecot Permissions

Well, I finally bit the bullet and installed OS X Snow Leopard Server. Most of what I absolutely **need** to get working is mail services. One of the peculiarities of Dovecot is that each users mail folder is owned by that user. I think in Cyrus they were all owned by *mail* or *_cyrus*.
Anyway, I found that a couple of my files didn’t have the correct permissions and I found out by trying to open in webmail. It gave me errors I’d never seen before. Where I found better errors was in mailaccess.log where I saw a _dovecot_ service with a _failed: Permission denied_ error.
I managed to find where the files lived and as I have quite a few mail users I didn’t want to go through individually so I figured out a script to do it.
> `sudo ls -lA /var/spool/imap/dovecot/mail | grep -v total | awk {‘printf $3″: /var/spool/imap/dovecot/mail/”$9″n”‘} | xargs -n2 -p sudo chown -R`
The script will ask if you want to proceed with the _chown_ command for each user.
If you find your logs reporting permissions issues with a specific account or your webmail users have errors opening mailboxes, then the following script when provided with the offending GeneratedUID will reset the permissions similar to the above. Simply replace the GUID in the script with the one listed in your logs.
> ` dscl /LDAPv3/ -list /Users GeneratedUID | grep GUID | awk {‘printf $1″: /var/spool/imap/dovecot/mail/”$2″n”‘} | xargs -n2 -p sudo chown -R`

Server-Side Email Filtering With Sieve

Another post for the peripheral brain.
When I first set up my own server lo these years ago, I never really thought about email message filtering. After all, I had rules in Mail.app that would send my incoming message to wherever I wanted them. Besides, I was much more concerned with eliminating spam.
Well, that was then and spam seems under control. I was prompted to look at server-side message filtering mostly to help out my mother, who seems determined to have every single store, travel and other consumer site that will happily take your email address and send you messages daily — or more often, have a more controllable experience on her iPhone. When we originally set up her iPhone she told me she didn’t want to use it for email. Silly me, I listened and set her up with a POP account. Well now she wants email. What’s a good son to do. 😉
I changed her POP account to IMAP, copied over all her messages to her new IMAP folders and thought I’d need to solve her impending problem of 100 or so messages every other day choking her inbox.
After a bit of Googling I found Sieve. I’d actually heard of it before but never really thought about it. The Apple Discussion Forum had a nice start and pointed me on to sources I used to set it up.
Here are the salient points. From the terminal…

  1. Add the following lines to /etc/services
    sudo pico /etc/services

    Insert the following lines.

    callbook 2000/udp # callbook
    callbook 2000/tcp # callbook
    + sieve 2000/udp # sieve mail filtering
    + sieve 2000/tcp # sieve mail filtering

    You can check to see if it’s running by running

    netstat -an | grep 2000

    with results

    tcp4 0 0 *.2000 *.* LISTEN
    tcp6 0 0 *.2000 *.* LISTEN
  2. Create /usr/sieve
    sudo mkdir /usr/sieve
    sudo chown _cyrus:mail /usr/sieve
  3. Restart mail services
    sudo serveradmin stop mail
    [ some stuff ]
    sudo serveradmin start mail
    [ some stuff ]
  4. Since I’m using OS X Server and SquirrelMail is already running, next was installing and configuring avelsieve.

I really did try installing the latest development version — 1.9.9 alpha. That should have been a clue. After spending way too much time with it I installed the stable version – avelsieve 1.0.1. Once copied into /usr/share/squirrelmail/plugins run sudo perl /etc/squirrelmail/config/conf.pl and activate the plugin.
Then it’s back to the terminal. These instructions are from AFP548.

    cd /usr/share/squirrelmail/plugins/avelsieve
    sudo cp config-sample.php config.php

Now set the correct authentication matching SquirrelMail.
Edit /etc/squirrelmail/plugins/avelsieve/config.php and change:

$preferred_mech = "PLAIN";


$preferred_mech = "CRAM-MD5";

You should be running SquirrelMail with CRAM-MD5 authentication anyway.
Finally, edit the /etc/squirrelmail/plugins/avelsieve/lib/sieve-php.lib.php file.
Find the line:

fputs($this->fp, "PUTSCRIPT "$scriptname" {$len+}rn");

and change it to :

fputs($this->fp, "PUTSCRIPT "$scriptname"".' {'."$len+".'}'."rn");

This fixes an error in the script allowing you to save your changes to the filters. Now go login to webmail and click on the Filter link to start creating your Sieve filters.

Poof it's Gone

OK, I’m only really posting this cause I need it and I just want to put it somewhere to remember it. 😉
To make a file or folder invisible issue the following from the CLI.
SetFile -a V path/to/fileOrFolder
To make it visible again…
SetFile -a v path/to/fileOrFolder
That’s it. This can be especially useful on shared drives to keep others out of specific folders, etc. BTW, the file or folder still shows up in `ls`, it’s just not visible in Finder.

Don’t Send iCal Replies

I came across a great hint in Mac OS X Hints today. It seems that there’s an easy way to interrupt the process of sending an email reply when accepting iCal invites. As I tend to play around with iCal invites a lot (adding and deleting the same event ad nauseum) — I love this.
I wrote up a modified script like in the example and bundled it with a shell script, to install and uninstall the modification. You have to run this shell script using sudo from the CLI (Command Line Interface aka Terminal.app).
The zip file contains the shell script, the modified Mail.scpt AppleScript, and the original Mail.scpt AppleScript.
To install run sudo /path/to/iCal_Reply_Send.sh install
To uninstall run sudo /path/to/iCal_Reply_Send.sh revert
To check usage and status, run /path/to/iCal_Reply_Send.sh
If you don’t like messing with the CLI then there’s a great little shareware app, iCal Reply Checker that does it all, and more.
It seems that neither method interferes with the code signing of iCal as the script in question is not code signed.
It appears that if you’re using an Exchange account in Mail.app that this script is being bypassed and this hint won’t work for you. 🙁