Hackintosh – running Apple OS/X inside VirtualBox (on Ubuntu or Windows)

I’ve done a LOT of web and software development in my career, one of the biggest problems I’v e had is doing proper testing on various platforms. VirtualBox can be run on most platforms, and allows for you to virtualize various operating systems. Apple’s OS X can be problematic to install, here’s some functioning instructions and settings that I’ve successfully used for my virtual Hackintosh test environment.

WARNING: As this uses an image of the software, it is advisable to also have a valid licenced copy as to use this without a licence would be “stealing”.

NOTE: this is a version of Snow Leopard, unfortunately you will NOT be able to update or add “fixes” to this test copy as it will usually break. I recommend making a copy of the VM if you wish to try!

My VirtualBox settings:

Mac OS X
Mac OS X Snow Leopard (64-bit)
1 core
Disable EFI
6MB+ video


  1. English, continue
  2. Utilities… disk Utilities… Select drive, Erase, name, erase… close
  3. continue
  4. Select disk… continue
  5. Customize (see instructions for: updates, kernels & bootloaders)
  6. NOTE: i only did 10.6.1 (an earlier 10.6.2 failed)

  7. Install
  8. Resolution fix – (I could not save file, but here are the instructions…

    Finder > OSX Drive (On desktop) > Extras > com.apple.Boot.plist (open with TextEdit – use the field to find)

<key>Graphics Mode</key>


Cache Busting URL’s with querystring params?

There is a LOT of noise and discussion about this online, most often attributed to the following source,

While it was relevant back when this was written in 2008, but the main reason cited was proxy server behavior, particularly Squid Proxy. FWIW, Squid had this capability before, but it was not the default setting. They changed their default policy with caching dynamic URLs with their 2.7 release, stable since 31 May 2008.


Outline: The obsolete default configuration of squid prevents the caching of dynamic content (pages with ? in the URI), like so:

hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY

NOTE: That policy setting was created at a time when dynamic pages rarely contained proper Cache-Controls, that has now changed. From the release of Squid 2.7 and 3.1 the squid developers are advocating a change to this caching policy. These changes will also work in 3.0 and 2.6 releases despite not being officially changed for their squid.conf.default.

The changed policy is to remove the QUERY ACL and paired cache line. To be replaced by the refresh_patterns below:

refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

Squid Release history, for reference.

Version First STABLE release Date Latest Release Latest Release Date

3.5   Jan 2015
3.4	09 Dec 2013	3.4.12 	 18 Feb 2015 
3.3	09 Feb 2013	3.3.13 	 28 Aug 2014 
3.2	14 Aug 2012	3.2.13 	 13 Jul 2013 
3.1	29 Mar 2010	3.1.23 	 09 Jan 2013 
3.0	13 Dec 2007	STABLE26 28 Aug 2011 
2.7	31 May 2008	STABLE9 16 Mar 2010 
2.6		01 Jul 2006 	STABLE23 17 Sep 2009 
2.5		25 Sep 2002 	STABLE14 20 May 2006 
2.4		20 Mar 2001 	STABLE7 02 Jul 2002 

NOTE: if you would like to verify how widespread QueryString versioning is, please look at the source of microsoft.com or just about any WordPress powered website.


Domain-based Message Authentication, Reporting & Conformance (DMARC) Email

DMARC was published in 2012 to build upon the SPF and DKIM email conventions for authorizing senders. It allows specification of policies and provides for reporting of actions performed under those policies.


DNS Entry Resembles:

_dmarc.example.com TXT v=DMARC1; p=none; rua=mailto:[email protected]; ruf=mailto:[email protected]; fo=0; adkim=r; aspf=r; pct=100; rf=afrf; ri=86400; sp=none

Simple verification…. send an email to this address and you will receive a response with your SPF, DKIM and DMARC compliance status:
mailto:[email protected]


DomainKeys Identified Mail (DKIM) Email

DomainKeys (originally from Yahoo!) and Cisco, and later as an industry collaboration, is a means for and organization to claim responsibility for sending a message, in a way that can be validated by a recipient. As a result, emails are “signed” by the outgoing SMTP server and can be verified against a DNS record. Depending upon the receiver, unsigned emails MAY be treated or marked as SPAM as they could be forgeries.

The below instructions assume Ubuntu (Debian) and Postfix, but could likely be modified for other platforms.

  • Install OpenDKIM:
    sudo apt-get install opendkim opendkim-tools
  • Setup initial configuration:

    sudo vi /etc/opendkim.conf

    Domain example.com
    KeyFile /etc/postfix/dkim.key
    Selector dkim
    SOCKET inet:[email protected]
    PidFile /var/run/opendkim/opendkim.pid
    #Canonicalization relaxed/relaxed
    ExternalIgnoreList file:/etc/opendkim/TrustedHostList
    InternalHosts file:/etc/opendkim/TrustedHostList
    LogWhy yes
  • Add trusted hosts… (and folder path, if needed)

    sudo mkdir /etc/opendkim

    sudo vi /etc/opendkim/TrustedHostList


    # External Hosts that OpenDKIM will Trust (add any appropriate values)
  • sudo vi /etc/default/opendkim

    SOCKET="inet:[email protected]"
  • sudo vi /etc/postfix/main.cf

    # DKIM
    # --------------------------------------
    milter_default_action = accept
    milter_protocol = 2
    smtpd_milters = inet:
    non_smtpd_milters = inet:
  • Take a look around the following file, you may need it later:
    sudo vi /etc/postfix/master.cf
  • Generate your keys:

    opendkim-genkey -t -s dkim -d example.com

    NOTE: this creates dkim.private & dkim.txt, you “might” want to make backups of them 🙂

  • Change permissions on the file:

    sudo chown opendkim:opendkim dkim.private
  • Copy to the postfix folder:

    sudo cp dkim.private /etc/postfix/dkim.key
  • NOTE: I initially had a problem with dkim refusing connections, this MIGHT be needed.

    sudo adduser postfix opendkim
  • Start things back up together:

    sudo service opendkim start
    sudo service postfix restart
  • sudo vi dkim.txt
    (copy contents, remove t=y; as it indicates test mode)
    dkim._domainkey IN TXT ( "v=DKIM1; k=rsa; p=xxxxxxxxx" ) ;

  • Add DNS for DomainKey:

    _domainkey.example.com TXT o=~
  • Add DNS for DKIM:

    dkim._domainkey.example.com TXT v=DKIM1; k=rsa; p=xxxxxxxxx
  • NOTE: you will likely need to wait a few hours for your DNS entries to propagate.

  • Simple verification…. send an email to this address and you will receive a response with your SPF, DKIM and DMARC compliance status:
    mailto:[email protected]