Archive for April 29th, 2011

Day two with Ubuntu Unity: Mixed impressions

It’s day two with Ubuntu Natty, and while I’m impressed, I’m also somewhat annoyed. The sum of changes that came down in 11.04 have me asking “Why?” Here’s a list of some of the pros and cons I’ve seen so far in Ubuntu Natty with Unity:


  • The Unity Launcher has ‘keep in launcher’, which can be good for apps that you want 1-click access to.
  • It seems that Unity has a great deal of respect for screen space: moving all the menu bars to a single location, making the notification area smaller, and auto-hiding the Unity launcher all help you get the last bit out of your screen real estate.
  • Holding the Windows key shows keyboard shortcuts for the items in the launcher, allowing hot-key access to them.


  • Navigation can be cumbersome. Things are not where you expect them to be, and in some cases, are simply not there anymore.
  • The context-sensitive menu bar puts menus out-of-reach on larger monitors, and potentially on multi-monitor setups.
  • Navigation seems less intuitive than Gnome 2.
  • Any 1-click ‘view desktop’ / minimize all windows functionality is gone.
  • Adding too many items to the launcher can cause it to scroll.
  • There’s no way, that I can see right now, to edit the “shortcuts” that appear in the ‘dash’.
  • Some programs do not iconify to the launcher correctly.

I’m also seeing a handful of mixed bugs in Synaptic Package Manager, Empathy, and the Unity launcher itself.

The release of Ubuntu with Unity and Firefox 4 (which causes regressions in several websites) leads me to the opinion that this is perhaps the most drastic change with the most negative user-facing experience that I’ve seen to-date with Ubuntu. I’m confident that the Ubuntu developers will work quickly to resolve these issues, but I think a lot of these issues should have been fixed prior to release.

As an alternative, the GNOME interface is still available. If you want to use the GNOME interface, you have to make a settings change at the log in screen. After selecting your user name, and before entering your password, change “Ubuntu” to “Ubuntu Classic” using the session changer at the bottom of the screen.

Also, Windows users just got Firefox 4.0.1 which includes a lot of security fixes. While some of them are Windows-specific, Firefox 4.0.1 is still not yet available for Ubuntu Natty. This is something I think should be made available as quickly as possible. UPDATE: To Ubuntu’s credit, Firefox 4.0.1 came down today via update manager. :)

These are a few of the issues and annoyances I’m having with the Unity interface. Do you have any to share?

, , ,

Leave a comment

Quick list of useful SPF DNS records

Sender Policy Framework (SPF) is a DNS record that’s used to authenticate who is allowed to send mail appearing to come from a specific domain. It is used to help prevent email spamming and spoofing, and works by making available a list of what domains, mailservers, and IP addresses are authorized to send mail from a domain, and what to do with mail that does not match those rules.

SPF is a DNS text record, and is added to your DNS records for the domain that matches the part after the @ sign in the email address. For example, for, the SPF TXT record should be added to the domain.

I’m not going to cover every possible SPF setup, simply the ones I use most often and the rationale behind them. You can check the documentation links below my examples if you want to build more elaborate or specific SPF records.

In the below examples, substitute with your web server’s IP address in dotted-quad format without a space. E.g. IP: You can also specify a CIDR range such as IP:

Allow from the domains IP, it’s listed mailservers, and a specific IP. Soft-fail all others (Messages that return a SOFTFAIL are accepted but tagged). The recommended configuration for most dedicated/VPS web server environments. Used when you send/receive mail at your domain, and software on your domain may send mail out as you, but no other mail server or mail exchanger will send mail as you. Users of shared hosting environments will probably want to ask their web hosting provider for the recommended SPF record to use.

v=spf1 a mx ip4: ~all

Include Google’s SPF records, if you use Google Apps as your domains mail. Add, similar in rationale to the above, but used if you use Google Apps for email, and your software on your web server may also send mail as you.

v=spf1 a mx ip4: ~all

Fail all mail. Used only if you send no mail. Example: a parked domain or a domain that is not used in email at all.

v=spf1 -all

In all the examples above except for the last, I denote soft-fail (~all) instead of fail (-all). This is because you may inadvertently make a mistake or misconfiguration, and soft-failing will not prevent mail from being delivered, it will simply flag it in the email headers. You can also specify neutral (?all) as an alternative.

Here’s an example email header from Gmail which includes the SPF record’s lookup result. I’ve edited the email address and IP, of course.

Received-SPF: pass ( domain of designates IP as permitted sender) client-ip=IP;
Authentication-Results:; spf=pass ( domain of designates IP as permitted sender)

By this example, you can see the SPF record matched and was passed.

SPF records are a good tool for many reasons. They give mail servers the ability to authenticate your email to your domain, which helps keep it out of recipient’s spam folders, and they help prevent others from spoofing your domain in email, which could cause serious trouble.

Also, SPF records do not decide whether or not to accept mail for delivery — they only serve as an authentication mechanism for who is allowed to send mail appearing to come from that domain.

Further reading:

Questions, comments, or feedback about the above SPF records or how they’ve been explained? Please share your thoughts in the comments below! Thank you.

, , ,

Leave a comment