TLS in SMTP is wonky. How do you configure encryption when self-signed certificates are perfectly acceptable? The bar is super low here. TLS 1.0? Fine. :flan_yikes: :flan_on_fire: #sysadmin
"While self-signed certificates make a web browser screech warnings, SMTP has no human component and servers will merrily ignore warnings if told to do so. We promptly told them to do so." - #ryoms
"History has repeatedly demonstrated that badly written shell scripts that process arbitrary email inflict suffering, so we won’t cover that configuration." #ryoms
Errands this morning: pick up meds, grab a couple bagels to gnaw on during tomorrow's hospital visit. (Routine stuff, it'll be fine.) Might grab a nice lunch while I'm out.
Rspamd has so many symbols that I can't define them in the book. Instead, I need to teach the reader how to find and manage the symbols that they need, how to decide which symbols they can ignore, and how to set local values for symbols important to their environment. Which is MUCH harder to write than a description of the symbols and why each is important, but it will be much less tedious to read.
#SNMPMastery was just over 60,000 words. #RYOMS is now over 68,000 and at least another 10k to go. :flan_tired: Biggest Mastery book yet, because I have no grasp of project scope.
"Dovecot considers connections from the local host secure. If you test the STARTTLS requirement from the host running Dovecot you’ll find it accepts plain text credentials. It refuses unencrypted credentials from other hosts, however." #ryoms
I just spent two hours learning this detail. Two hours of screaming "WHY IS THIS ACCEPTING PLAINTEXT VIA NETCAT FROM THE LOCAL HOST???!?"
(I am not interested in "running your own email is impossible," "email is a lost cause," or other comments from folks who are not running their own email.)
What hosting provider do you use? Bare metal or VM? #ryoms#sysadmin
"If I have to explain config options like $dbhost, $dbname, $dbuser, and $dbpass to you, you should NOT be running your own mail server. Give this book to someone competent."
"By nature, sysadmins want their systems to conform to the highest possible standards. Our web servers are secure (whatever that means). Our passwords include mixed-case letters, numbers, symbols, and the Imperial March." #ryoms
"One of the joys of long-lived open standards is that anyone can implement them. That’s also one of the problems. Programs might be intermittently abandoned, resurrected, reincarnated, forked or reimplemented without a name change, taken over by a company intent on privatizing the standard, or thrown out an airlock. Sometimes, they’re even carefully maintained by people who care.
And somewhere on the Internet, every variant of every one of these programs is deployed in production."
You'd think that the redis documentation would declare how often they dump the database to disk by default, but apparently not.
Apparently I'm spending the rest of the day reading source code to get a definitive answer. The option is called "save" so that's gonna be SUPER USEFUL to grep on. :flan_heckk:
No--wait--they document this! IN THE CONFIGURATION FILE, NOT IN THE DOCUMENTATION. :flan_rage: :flan_executioner: #sysadmin#ryoms
'While I’m a huge fan of small tools that do one thing well, I am not a fan of “small tools that do things well but must be brutalized into interoperating with one another.”' - #ryoms
Today I decided to gamble and part with a small amount of $$$ towards the creation of @mwl 's "Run Your Own Mail Server".
This is shaping up to become the definitive guide, so if you're serious about running your own mail server (who wouldn't???), then this is the time to invest!
"These tests do not stop spam from well-behaved mail servers. When a spammer tricks a legitimate mail server into sending spam, that mail server is very polite and follows all the proper SMTP protocols as it dumps sewage into your users’ inboxes."
#ryoms just broke 40,000 words, the target length of a Mastery book. It's picking up speed, yay! It's about half done, boo!
Some folks love it. Some loathe it. The important thing is, it's part of the protocol. An unanticipated use of the protocol, yes, but legal in the rules.
Email is not synchronous. It can take hours or days to deliver. That's its nature, deal with it.
'I'm not objecting. If I had to choose between “annoy Postfix” and “annoy Dovecot,” I would become an intergalactic smuggler and borrow money from an sketchy mob boss.' #ryoms
What I AM objecting to is being forced to dig out my copy of "SQL for Dummies" to write this book. :flan_sick:
And having to dig into subtle package-building problems.
Anyway, 400 words on this book today. It's something, I guess?