“And I took that personally”

Please provide your details and enjoy your new unlimited anonymity :

• name
• birth date
• email
• address
• social security number
• name of dog
• annual revenue

[ ] I accept to receive marketing popups through jack2head
[ ] I accept the privacy policy

Thanks for your message on the guestbook ! I hope you have some fun, good luck !!

A huge thank you for all of this !

The techno-mage and the unix_surrealism universe are the most entertaining and refreshing form of art I’ve seen regarding Unix and technology in general.

This is unlike anything else before, and definitely the #1 reason why I’m now sticking to Lemmy and the fediverse.

And man you know how much I love your style too ;)

Keep it up, you’re amazing ❤️

Weight your words my friend! GNU’s a behemoth !

GCC alone is almost as big as Linux. Add core/binutils, the Hurd, … And you easily outclass the kernel itself !

~ $ du -sh linux-6.4.12/ gcc-13.2.0/                    1.5G    linux-6.4.12/                                   1.1G    gcc-13.2.0/

Oh, and Emacs.

I’d like to avoid that as I don’t consider my home network reliable enough for such a critical task.

A VPN is easy to setup (and I have it setup by the way), but no VPN is even easier. SSH by itself is sufficiently secure if you keep it up to date with a sane configuration. Bots poking at my ssh port is not something that bother me at all, and not part of any attack vector I want to be secure against.

Out of all the services I expose to the clear web, SSH is probably the one I trust the most.

Yeah I know, I just don’t really care about that traffic to bother changing it :) Also, I’m talking about a server hosted on Hetzner, so I feel like it’s scanned a lot.

I get what you say, and you’re definitely not wrong to do it. But as I see it, you only saved ~80Kib of ingress and a few lines of logs in the end. From my monitoring I get ~5000 failed auth per day, which account for less than 1Mbps average bandwidth for the day.

It’s not like it’s consuming my 1Gbps bandwidth or threatening me as I enforce ssh key login. I like to keep things simple, and ssh on port 22 over internet makes it easy to access my boxes from anywhere.

Congratulations! A mail server is quite demanding in terms of initial setup, but it’s also very rewarding !

Here are a few pointers I can give you:

• Using a good domain is important, some provider block entire TLDs for cheap domains (eg. .tk or .pw). I learnt it the hard way…
• Set your MX records to A records, not CNAME
• Ensure your PTR records match your A records for the mail server
• Learn about SPF and DKIM
• Set them up, and verify with mxtoolbox
• Use the ip4:<ipv4> and/or ip6:<ipv6> selectors for SPF
• Setup a spamfilter (I like spamassassin)
• Leave it all running for a few weeks/months
• Publish a DMARC policy on your DNS, and verify with mxtoolbox

This should limit a lot your likeliness to end up in spam folders (which is usually the hardest part about running your mail server)