Moving around in Lisbon

So, here you are in beautiful Lisbon! Now there are so many places to visit, sights to be seen, monuments, restaurants, bars… how to get around to all these places?

First rule, very important to be an happy tourist, AVOID taxis like the plague. They exist in two color schemes: green/black or beige color, but they have only one goal, to rip off tourists and non locals.

A good alternative is Uber, the cars are new, the drivers polite, and most important you will know beforehand the price range of your trip so you will NOT be ripped-off.

Use this link to get €5 off your first ride

But unless you are wealthy, or lazy, or american, you don’t need/want to go by car to everywhere. So I invite you to also use the Lisbon subway network, it’s cheaper, eco friendly, and one of the best ways to move around in Lisbon specially at the rush hour (but sometimes a bit crowded though).

It’s called Metropolitano de Lisboa, or simply “Metro” and they do have an english version of the website, where you can find the network diagram (yes there is a station at the airport), ticketing and price information, and so on. The trains start running at 06:00am and stop at 01:00am. The stations are clean, safe, and the trains well maintained.

About the ticketing and pricing, it can be a bit tricky (even for locals) as you can mix subway, bus and trains, several time frames, and rechargeable tickets… my advice is to always keep the ticket during and after the journey as quite probably you can recharge it for other trips.

Cycling in Lisbon. The bad news is that we have lots of hills, not so good roads, nor cycling culture. The good news is that for most of the year the weather is perfect, there are more and more bicycle paths and more people cycle. It can be a perfect mean of transportation for short distances, or for a leisure ride by the river.

In some places of the city, you will find the city municipality shared bicycle stations, called Gira. They do have e-bicycles that assist you in the climbs, and the equipment is quite new. But the stations are not in touristic spots, and please beware this is almost a government funded scam, you see the daily pass, and think, cool for 10 euros one gets a bicycle for a whole day, right? WRONG, it gives you the possibility of using the service in that day. In practice it means for 10 euros you can do multiple trips of 45 minutes maximum time. If you make a 46 minute trip they charge plus 2 euros. And after 90 minute they charge more 2 euros for each 45 minute additional time. For example:

Let’s say you get a bicycle in the middle of town, go downtown (there are no stations to return the bicycle and stop your trip), then by the river (also no stations by the river), then go by the river to Belém for the monuments (again no stations there), take some pictures eat the pastries, and get back to the middle town and finally park/deliver the bicycle at a station.

It can easily take 5 hours, the total cost will be 10 euros for the “daily pass”, plus 12 euros for the extra time, for a total of 22 euros.

So if you enjoy ciclyng, maybe better off to rent a bike in a rental agency, or trough the bike peer to peer Spinlister.

A very cool alternative to cycling is the eCooltra electric scooter sharing service. You install an App (there is always an App…), take a picture of your drivers license, pick a nearby scooter, and go.

The cost is 0.24 cents per minute, but you can get the first 30 minutes for free with this code: jbvsg

The scooters are 100% electric and 0% emissions, and so easy to ride (low center of gravity, no vibrations), in my opinion a bit under-powered but it will take you where you want to go, in my book it beats any public transportation by a mile. The best thing is that you don’t need to find a specific station to park, just leave it (at least reasonably parked) when you finish your trip and carry on with your life.

With all the cheap and convenient means of transportations, don’t forget to walk, it’s the best way to fully enjoy the streets, the city stairways and charming alleys, so bring your best walking shoes.

And just one more thing, this is Lisbon, it’s not Bangkok nor Mumbai, don’t make yourself look like a dumb fool, and just don’t go around in a Tuk-tuk. It’s stupid, nobody likes them (maybe except for the Tuk-tuk owner, maybe), they bother people, they bother other vehicles on the roads, they can be quite expensive “for a tour” that would be much nicer to walk… Please just don’t do it.

39

Steady the timeline advances.

Moved to beautiful Lisbon, met awesome people, great music everywhere (Ajuda, Viana do Castelo, Cristo Rei, and of course Armazém 16). Jumped out of an airplane, did a bit of surfing, and beach relaxing. Keeping up a young spirit, and feeling human again.

The business front is holding on great, and with a bit luck and hard work there is only one direction, a bigger boat 🙂

Sure some problems and bad situations presented, one that is a big mean dragon that must be confronted (again), brace and just hope for the best. Anyway, it’s time to step up the strikethrough pace of the bucket list items.

The most important lesson this year is life is good, time is precious.

Go go go.

Getting the feet wet with DKIM

DKIM stands for DomainKeys Identified Mail, it’s an anti-phishing / anti-spoofing system for email that relies on private/public key system to authenticate the origin of the email. Kind of SPF records but on steroids. You can find a pretty concise explanation of the DKIM system here.

I needed to figure this out, as my SPAM (sorry let me just correct this), my outgoing SOLICITED bulk email sending box was getting lower deliverability rates. So it seems having this system helps, because as everybody knows all the lower grade spam senders can’t figure this out.

First thing is to create a private/public key pair. You can go all out with OPENSSL, but as I feel a bit lazy, and not in the mood for man pages and the macho man CLI black magic, just used the online tool that the good people of Worx (the PHPMailer people) provide here.

You must provide the filenames for the pair, just click next, and in the next step fill the domain (pretty self explanatory), the identity (just left blank), the selector, and a passphrase (I left that blank also). The selector is mandatory, as the DKIM system allows to have several keys per domain, it uses the selector to identify which key the email was signed with. Even if you are using just one key per domain you need to assign a value here (I used “default”, but it can be anything like “potato” or “balls”.

You will get a zip file with everything you need, and even some instructions to protect the key files with .htaccess directives, because as the good people of Worx know, PHPMailer is PHP, and all PHP programmers are dummies, so they will happily put the key files under the domain website root and probably with a couple of links from the website homepage.

I bet that somewhere in the support forums somebody asked: why I can’t access my key files, always getting those 403 Forbidden errors.

First thing is to publish your public key on DNS. I use DJB tinydns DNS server with VegaDNS management, the old PHP version when the author placed key files in the public website root. Now he is smart, the 2.0 version is in Python and he doesn’t do this anymore… anyway add a new TXT record for the domain, in the hostname put “selector._domainkey” (change the selector part to the string you defined before), and in the address field put in one line only:

v=DKIM1; k=rsa; p=publickey

(replace publickey with the public key that you get previously). If you are using other DNS server check out the specific documentation on creating TXT records.

Now, to sign the email messages you send. Obviously the natural choice is to have your MTA auto magically sign the outgoing emails. To me that means to mess with my power beast Qmail production installation, this means messing with the macho man stuff, patches, libraries and compilers. Not so good to make a quick fix for sending SPAM (sorry, SOLICITED bulk email). So I went the easy route and use the PHPMailer to sign the outgoing emails.

Just have to add a couple of lines:

$email = new PHPMailer();
$email->DKIM_domain = 'domain.com'; // the domain
$email->DKIM_private = '/path/to/private/key'; // please even using PHP keep the file above the webroot
$email->DKIM_selector = 'default'; // the selector you published in DNS

and proceed to testing. There are plenty of online services that provide us this service. I liked this one. But after doing some testing I quickly realized that something was not well in the DKIM land…

All the outgoing emails were sent with some bad header char. Even sending to my own system, the Amavisd was quarantining the emails with virus suspicions due to a bad header. Further looking into this, just realized that between the last header line and the DKIM signature there was a dreadful ^M (a carriage return, the DOS \n\r not compliant with the email spec). This is in a plain vanilla Qmail running on Debian, and with latest stable PHPMailer.

There was just one thing to do, bring out the old quick and fix hammer and change the class.phpmailer.php file. If you have the same problem in line 1305 change the CRLF to just LF:

/*
$this->MIMEHeader = rtrim($this->MIMEHeader, "\r\n ") . self::CRLF .
    str_replace("\r\n", "\n", $header_dkim) . self::CRLF;
*/

$this->MIMEHeader = rtrim($this->MIMEHeader, "\r\n ") . "\n" .
    str_replace("\r\n", "\n", $header_dkim) . self::CRLF;

And everything is running nice and well.

Raspberry PI sending emails

Using the PI as an headless server doing some stuff, it’s a good thing to have reports by email. The best and easy way is to run sSMTP a very simple program that sends outgoing email to a mailhub for delivery.

You can actually use your Gmail account or any other account (I’m using any other account).

Install it:

apt-get install ssmtp

Configure it at /etc/ssmtp/ssmtp.conf. The most relevant option:

mailhub=mail.domain.com (the SMTP agent host, the “outgoing server” in email clients like thunderbird)

If your outgoing server needs authentication for relaying (probably you do need, if you can send emails to your own domain emails, but can’t send to external emails), set the credentials with these two options:
AuthUser=youruser@domain.com
AuthPass=yourpassword

To test it, i executed the good old mail command but get a no-no response:
-bash: mail: command not found

As Raspbian is Debian based, the “user-friendliness” doesn’t provide these stone age commands to protect one from oneself… so I went kind of mental and install it anyway:

apt-get install mailutils


After this operation, 22,8 MB of additional disk space will be used.
Do you want to continue? [Y/n] y

OH BOY, THAT’S A FUCKING LOTS OF MB/PACKAGES/DEPENDENCIES TO GET A CLI COMMAND 

mail youremail@domain.com

in the interactive mode, just follow the instructions, write some non-sense to test it and then press CTRL-D to test it. And your email should automagically appear in youremail@domain.com inbox.

If something goes wrong, you can add DEBUG=YES to /etc/ssmtp/ssmtp.conf.