Guy called in because he wanted to get an IP white listed on a server. He wasn't authorized so i told him to send an email from an authorized email address.

He didn't like that very much and asked if another engineer was available (he talked to him more often so he thought that engineer would just do it. We need those kind of requests by email.)

Walked over to my colleague and explained what that client asked for.
'let him send an email!'

Told him i ready told the client that but that the client wanted to talk to him instead.

'sure, connect him through and then come back so you can hear him after i ask him to mail us!'

Connected him through. Client explained the situation.

Then he says with the sweetest voice and a 'get rekt' face: 'could you send me an email about that? 😊'

Let's just say that the client sounded everything but happy xD

Oh, man, I just realized I haven't ranted one of my best stories on here!

So, here goes!

A few years back the company I work for was contacted by an older client regarding a new project.

The guy was now pitching to build the website for the Parliament of another country (not gonna name it, NDAs and stuff), and was planning on outsourcing the development, as he had no team and he was only aiming on taking care of the client service/project management side of the project.

Out of principle (and also to preserve our mental integrity), we have purposely avoided working with government bodies of any kind, in any country, but he was a friend of our CEO and pleaded until we singed on board.

Now, the project itself was way bigger than we expected, as the wanted more of an internal CRM, centralized document archive, event management, internal planning, multiple interfaced, role based access restricted monster of an administration interface, complete with regular user website, also packed with all kind of features, dashboards and so on.

Long story short, a lot bigger than what we were expecting based on the initial brief.

The development period was hell. New features were coming in on a weekly basis. Already implemented functionality was constantly being changed or redefined. No requests we ever made about clarifications and/or materials or information were ever answered on time.

They also somehow bullied the guy that brought us the project into also including the data migration from the old website into the new one we were building and we somehow ended up having to extract meaningful, formatted, sanitized content parsing static HTML files and connecting them to download-able files (almost every page in the old website had files available to download) we needed to also include in a sane way.

Now, don't think the files were simple URL paths we can trace to a folder/file path, oh no!!! The links were some form of hash combination that had to be exploded and tested against some king of database relationship tables that only had hashed indexes relating to other tables, that also only had hashed indexes relating to some other tables that kept a database of the website pages HTML file naming. So what we had to do is identify the files based on a combination of hashed indexes and re-hashed HTML file names that in the end would give us a filename for a real file that we had to then search for inside a list of over 20 folders not related to one another.

So we did this. Created a script that processed the hell out of over 10000 HTML files, database entries and files and re-indexed and re-named all this shit into a meaningful database of sane data and well organized files.

So, with this we were nearing the finish line for the project, which by now exceeded the estimated time by over to times.

We test everything, retest it all again for good measure, pack everything up for deployment, simulate on a staging environment, give the final client access to the staging version, get them to accept that all requirements are met, finish writing the documentation for the codebase, write detailed deployment procedure, include some automation and testing tools also for good measure, recommend production setup, hardware specs, software versions, server side optimization like caching, load balancing and all that we could think would ever be useful, all with more documentation and instructions.

As the project was built on PHP/MySQL (as requested), we recommended a Linux environment for production. Oh, I forgot to tell you that over the development period they kept asking us to also include steps for Windows procedures along with our regular documentation. Was a bit strange, but we added it in there just so we can finish and close the damn project.

So, we send them all the above and go get drunk as fuck in celebration of getting rid of them once and for all...

Next day: hung over, I get to the office, open my laptop and see on new email. I only had the one new mail, so I open it to see what it's about.

Lo and behold! The fuckers over in the other country that called themselves "IT guys", and were the ones making all the changes and additions to our requirements, were not capable enough to follow step by step instructions in order to deploy the project on their servers!!!

[Continues in the comments]

So a friend of Mine asked me to check their Mail server because some emails got lost. Or had a funny signature.

Mails were sent from outlook so ok let's do this.

I go create a dummy account, and send/receive a few emails. All were coming in except one and some had a link appended. The link was randomly generated and was always some kind of referral.

Ok this this let's check the Mail Server.

Nothing.

Let's check the mail header. Nothing.

Face -> wall

Fml I want to cry.

Now I want to search for a pattern and write a script which sends a bunch of mails on my laptop.
Fuck this : no WLAN and no LAN Ports available. Fine let's hotspot the phone and send a few fucking mails.

Guess what? Fucking cockmagic, no funny mails appear!

At that moment I went out and was like chainsmoking 5 cigarettes.

BAM!

It hit me! A feeling like a unicorn vomiting rainbows all over my face.

I go check their firewall. Shit redirected all email ports from within the network to another server.

Yay nobody got credentials because nobody new it existed. Damn boy.

Hook on to the hostmachine power down the vm, start and hack yourself a root account before shit boots. Luckily I just forgot the credentials to a testvm some time ago so I know that shit. Lesson learned: fucking learn from your mistakes, might be useful sometimes!

Ok fucker what in the world are you doing.

Do some terminal magic and see that it listens on the email ports.

Holy cockriders of the galaxy.

Turns out their former it guy made a script which caught all mails from the server and injected all kind of bullshit and then sent them to real Webserver. And the reason why some mails weren't received was said guy was too dumb to implement Unicode and some mails just broke his script.

That fucker even implented an API to pull all those bullshit refs.

I know your name "Matthias" and I know where you live and what you've done... And to fuck you back for that misery I took your accounts and since you used the same fucking password for everything I took your mail, Facebook and steam account too.

Git gut shithead! You better get a lawyer

And here comes the last part of my story so far.
After deploying the domain, configuring PCs, configuring the server, configuring the switch, installing software, checking that the correct settings have been applied, configuring MS Outlook (don't ask) and giving each and every user a d e t a i l e d tutorial on using the PC like a modern human and not as a Homo Erectus, I had to lock my door, put down my phone and disconnect the ship's announcement system's speaker in my room. The reasons?
- No one could use USB storage media, or any storage media. As per security policy I emailed and told them about.
- No one could use the ship's computers to connect to the internet. Again, as per policy.
- No one had any games on their Windows 10 Pro machines. As per policy.
- Everyone had to use a 10-character password, valid for 3 months, with certain restrictions. As per policy.
For reasons mentioned above, I had to (almost) blackmail the CO to draft an order enforcing those policies in writing (I know it's standard procedure for you, but for the military where I am it was a truly alien experience). Also, because I never trusted the users to actually backup their data locally, I had UrBackup clone their entire home folder, and a scheduled task execute a script storing them to the old online drive. Soon it became apparent why: (for every sysadmin this is routine, but this was my first experience)
- People kept deleting their files, whining to me to restore them
- People kept getting locked out because they kept entering their password WRONG for FIVE times IN a ROW because THEY had FORGOTTEN the CAPS lock KEY on. Had to enter three or four times during weekend for that.
- People kept whining about the no-USB policy, despite offering e-mail and shared folders.
The final straw was the updates. The CO insisted that I set the updates to manual because some PCs must not restart on their own. The problem is, some users barely ever checked. One particular user, when I asked him to check and do the updates, claimed he did that yesterday. Meanwhile, on the WSUS console: PC inactive for over 90 days.
I blocked the ship's phone when I got reassigned.
Phiew, finally I got all those off my chest! Thanks, guys. All of the rants so far remind me of one quote from Dave Barry:

I suddenly remembered this after being gone from my previous company for nearly a year.

So, I worked there as a tech supporter and Linux engineer.
What would often happen was clients calling with an issue regarding software of some sorts and about half the time, instead of LOOKING AT THE GODDAMN ERROR MESSAGE they'd just click it away fast and complain shit wasn't working.

I specifically remember this one case:

*big client mails complained that one of their clients' email isn't working. Screenshots weren't possible apparently so after emailing back and forth for way too long, we decide to do a screen sharing session (which we never do).*
(for the record, already emailing for hours, client very frustrated, me as well because the behavior of the software sounds impossible)

Me: alright, close everything, then open it again so I can see what happens.
Client: *opens mail client, error appears, client clicks error away faster than an arch user being able to mention they use arch*
Me: uhm.... I assume you already know what that message said and that it has nothing to do with the issue?
Client: it has nothing to do with the issue.
Me: okay... But have you at least looked the message?
Client: no but it has nothing to do with the issue.
Me: but, how'd you know if you won't look at it?
Client: it has nothing to do with the issue, okay?
Me: okay.... so, what's happening here?
Client: the user isn't receiving email anymore at this point!
Me: alright, have you checked the settings and everything?
Client: of course, all good
Me: okay but can we at least restart the software again to at least check the error message?
Client: FINE. *restarts client (pun intended, of course)*
Error message: username or password incorrect, can't connect to the server.
Client:..........
Client:............
Client:...............
Client:..................
Client:.....................
Client:..................
Client:...............
Client:............
Client:.........
Client: 😐
Client: 😶
Client: 😅
Client: 😬
Client:..... Right, I changed the password...
Client: *sets correct password*
*poof, error message gone*
Client:..... Thanks 💀
Me: you're welcome 😄

💀

Someone's outlook wasn't connecting to a mail server.

Fair enough, colleague started debugging in the morning!

It worked fine on any client on linux/mac.

After a while the swearing started to come, for some reason outlook thought that the url used for incoming/outcoming email was offline, worked on any other system.

We all left him alone for the rest of the day.

At the end I walked to his desk aan went:
Me: hey man is it working already? *very sweet smile*
Him: *gives a death stare* fucking die 😡

😆😅

The day I send myself about 76k mails
> be me
> be working on a rest api
> implement an error handler that would send me a mail with exception details
> use same error handler in mail send error handler
> Summoned the recursion devil by accident
> Test error handler
> Forgot port forwarding to SMTP server
> keep the debug session open
> throw new UnexpectedInterruptionException()
> get back to work
> Add the missing port forwarding rule to putty
> The error handler starts doing it's thing
> The handler chain starts to pop
> handler after handler executes
> PCFreeze.png
> WhatTheFuckIsGoingOn.gif
> VS finally accepts stop debugging
> PhoneVibrationSpam.mp3
> Peek into webmail
> WowFinallySomeFanMail
> Look into it
> Realizing what I have done
> Delete mailbox
> Remove recursion
> Wow that's how randy must have felt in southpark
> Feel weird
> Shutdown, go outside
> What's up anon?
> Nothing, really

Excuse the profuse amount of profanity below.

Fuck this fucking fucked up motherfucker of a fucking director. Money does not make you a fucking decent person, and you come in here and tell me that you pay my fucking measly salary so I must be fucking grateful.

Starts off with a boardroom meeting this morning. Wireless connection on my laptop takes two minutes to connect, I get told that I am wasting company time and that the salary of everyone in the meeting is quite a lot ("with me being the highest"- cuntface director) so stop wasting time. Fuck you man, it's a fucking wireless connection. I am building your motherfucking company applications and doing web design and for what, so I can earn fuckall and be told that I am fucking wasting time. I am presenting your fucking site you wanted, so give me a fucking minute extra to start up the fucking wireless connection.

The fucking mails are taking long to send, great, let's come down and fucking scream at the dev who regrettably said he would try and assist IT (by calling the provider). I literally just got told that I am the following. 1) Fucking stupid 2) He is going to close the dept down because I apparently fuck up (yet again cuntface, your fucking mailserver is NOT MY FUCKING PROBLEM) 3) He is going to contact an external company to come and check my work. 4) I am fucking useless. 5) I telling him lies (yeah fuckface, I worked as a sys admin, I know what a motherfucking DNS server is and what it does. you don't - so don't fucking tell me that I am lying when I tell you there is a DNS fucking issue, because you don't know what the fuck you are talking about - to top that off motherfucker, I FUCKING BUILT YOUR FUCKING SERVER AND YOUR FUCKING NETWORK. I FUCKING KNOW HOW IT WORKS AND WHAT THE FUCK I AM TALKING ABOUT).

On top of that, I got pushed out of the way of my own PC, my code got some fucked up gibberish in it (because he was trying to minimise my editor and he typed some in it, and now I have to fucking roll-back. He told me I am wasting company time and he will take my shit away from me if I download something again. It is an open network. I downloaded JAVA and fucking updated Sublime. Jesus man. What the fucking fuck.

"why is your gmail open?!?!" because I was testing your emails from an external network. "DON'T FEED ME BULLSHIT" (even though the top mail states "test"). It's the whole fucking "my money determines my dick size" mentality.

That being said, I got told that I need to work overtime, without pay, to resolve IT's issue, even if I have to on the weekend.

That being said,my new Dell that I had just bought (my own) got thrown on the floor and he fucked out of my office. Stupid motherfucker. I fucking earn nothing but cannot leave. I will find another job, and when I do - you can go and fuck yourself and your fucking degrading opinions. I am not fucking stupid, so fuck you.Fuck your company and fuck you. Cunt.

Laravel is the worst framework ever.

Everything has to be made convenient and easy. That sounds amazing, because developers want to save time, worry less about boilerplate code, right? No more constructors, no more dependency injection, fuck all the tedious OOP shit... RIGHT?

It does one thing well: Make PHP syntax uniform and concise through easily integrated libraries such as Collection and Carbon. But those are actually not really part of the framework... just commonly integrated and associated with Laravel.

The framework itself is completely derailed: You can define code in a callback in the routes file. You can define a controller in the routes file. You can define middleware as a parameter to the route, as a fluent method to the route, you can stack them up in a service provider. Validators can be made in controllers, Request objects, service providers, etc. You can send mail inline, through Mailable objects, through Notification objects, etc.

Everything is macroable, injectable, and definable in a million different places. Ultimate freedom!

Guess what happens when you give 50 developers of various seniority a swiss army knife?

One hammers in a screw with a nail file, the other clips the head from the screw using scissors, and you end up with an unworkable mess and blunt tools.

And don't get me started about Eloquent, the Active Record ORM. It's cute for the simple blog/article/author/comment queries, but starts choking when you want more selective and performant queries or more complex aggregates, and provides such an opaque apple-esque interface which lets people think everything is OK, when in reality it's forcing the SQL server to slowly commit suicide.

I used PHPMailer to send emails to a client's website user. SMTP host is smtp.gmail.com.

web was hosted on Bluehost. I found out that mailer was not working. I enabled verbose output and to my surprise I found out that Bluehost was intercepting my mail and responding with

220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail

when i was explicitly using smtp.gmail.com. Not only they were intercepting but also They were trying my credentials against its own smtp server and then showing me that authentication failed.

When i contacted chat they asked me to tell last 4 characters of Bluehost account password to verify ownership.

Dude do they have passwords in plaintext.🤔

A co-worker at the city-government just chose the wrong mailing list and send an e-mail to EVERY SINGLE emlpoyee (about 20'000 people, including our police-department, hospitals, councils etc.).
Within A MINUTE hundrets of people responded to the mail by using the "reply all" button, pointing out that this mail obviously wasn't meant for them.
After another minute the same douchebags sent another mail (of course using the "reply all" button AGAIN), asking to be removed from the mailing list and stop spamming them.

Even two hours after blocking the mailing list immediately, our mail servers still are processing all those damn mails.

RIP exchange servers
RIP inbox
RIP faith in humanity

Edit: typos

I absolutely love the email protocols.

IMAP:
x1 LOGIN user@domain password
x2 LIST "" "*"
x3 SELECT Inbox
x4 LOGOUT

Because a state machine is clearly too hard to implement in server software, clients must instead do the state machine thing and therefore it must be in the IMAP protocol.

SMTP:
I should be careful with this one since there's already more than enough spam on the interwebs, and it's a good thing that the "developers" of these email bombers don't know jack shit about the protocol. But suffice it to say that much like on a real letter, you have an envelope and a letter inside. You know these envelopes with a transparent window so you can print the address information on the letter? Or the "regular" envelopes where you write it on the envelope itself?
Yeah not with SMTP. Both your envelope and your letter have them, and they can be different. That's why you can have an email in your inbox that seemingly came from yourself. The mail server only checks for the envelope headers, and as long as everything checks out domain-wise and such, it will be accepted. Then the mail client checks the headers in the letter itself, the data field as far as the mail server is concerned (and it doesn't look at it). Can be something else, can be nothing at all. Emails can even be sent in the future or the past.

Postfix' main.cf:
You have this property "mynetworks" in /etc/postfix/main.cf where you'd imagine you put your own networks in, right? I dunno, to let Postfix discover what your networks are.. like it says on the tin? Haha, nope. This is a property that defines which networks are allowed no authentication at all to the mail server, and that is exactly what makes an open relay an open relay. If any one of the addresses in your networks (such as a gateway, every network has one) is also where your SMTP traffic flows into the mail server from, congrats the whole internet can now send through your mail server without authentication. And all because it was part of "your networks".

Yeah when it comes to naming things, the protocol designers sure have room for improvement... And fuck email.

Oh, bonus one - STARTTLS:
So SMTP has this thing called STARTTLS where you can.. unlike mynetworks, actually starts a TLS connection like it says on the tin. The problem is that almost every mail server uses self-signed certificates so they're basically meaningless. You don't have a chain of trust. Also not everyone supports it *cough* government *cough*, so if you want to send email to those servers, your TLS policy must be opportunistic, not enforced. And as an icing on the cake, if anything is wrong with the TLS connection (such as an MITM attack), the protocol will actively downgrade to plain. I dunno.. isn't that exactly what the MITM attacker wants? Yeah, great design right there. Are the designers of the email protocols fucking retarded?

From my work -as an IT consultant in one of the big 4- I can now show you my masterpiece

INSIGHTS FROM THE DAILY LIFE OF A FUNCTIONAL ANALIST IN A BIG 4 -I'M NOT A FUNCTIONAL ANALYST BUT THAT'S WHAT THEY DO-

- 10:30, enter the office. By contract you should be there at 9:00 but nobody gives a shit
- First task of the day: prepare the power point for the client. DURATION: 15 minutes to actually make the powerpoint, 45 minutes to search all the possible synonyms of RESILIENCE BIG DATA AGILE INTELLIGENT AUTOMATION MACHINE LEARNING SHIT PISS CUM, 1 hour to actually present the document.
- 12:30: Sniff the powder left by the chalks on the blackboards. Duration: 30 minutes, that's a lot of chalk you need to snort.

13:00, LUNCH TIME. You get back to work not one minute sooner than 15.00

- 15:00, conference with the HR. You need to carefully analyze the quantity and quality of the farts emitted in the office for 2 hours at least
- 17:00 conference call, a project you were assigned to half a day ago has a server down.
The client sent two managers, three senior Java developers, the CEO, 5 employees -they know logs and mails from the last 5 months line by line-, 4 lawyers and a beheading teacher from ISIS.
On your side there are 3 external ucraininans for the maintenance, successors of the 3 (already dead) developers who put the process in place 4 years ago according to God knows which specifications. They don't understand a word of what is being said.
Then there's the assistant of the assistant of a manager from another project that has nothing to do with this one, a feces officer, a sys admin who is going to watch porn for the whole conference call and won't listen a word, two interns to make up a number and look like you're prepared. Current objective: survive. Duration: 2 hours and a half.
- 19:30, snort some more chalk for half an hour, preparing for the mail in which you explain the associate partner how because of the aforementioned conference call we're going to lose a maintenance contract worth 20 grands per month (and a law proceeding worth a number of dollars you can't even read) and you have no idea how could this happen
- 20:00, timesheet! Compile the weekly report, write what you did and how long did it take for each task. You are allowed to compile 8 hours per day, you worked at least 11 but nobody gives a shit. Duration: 30 minutes
- 20:30, update your consultant! Training course, "tasting cum and presenting its organoleptic properties to a client". Bearing with your job: none at all. Duration: 90 minutes, then there's half an hour of evaluating test where you'll copy the answers from a sheet given to you by a colleague who left 6 months ago.
- 22:30, CHANCE CARD! You have a new mail from the HR: you asked for a refund for a 3$ sandwich, but the receipt isn't there and they realized it with a 9 months delay. You need to find that wicked piece of paper. DURATION: 30 minutes. The receipt most likely doesn't even exist anymore and will be taken directly from your next salary.
- 23:00 you receive a message on Teams. It's the intern. It's very late but you're online and have to answer. There's an exception on a process which have been running for 6 years with no problems and nobody ever touches. The intern doesn't know what to do, but you wrote the specifications for the thing, 6 years ago, and everything MUST run tonight. You are not a technician and have no fucking clue about anyhing at all. 30 minutes to make sure it's something on our side and not on the client side, and in all that the intern is as useful as a confetto to wipe your ass. Once you're sure it's something on our side you need to search for the senior dev who received the maintenance of the project, call him and solve the problem.
It turns out a file in a shared folder nobody ever touches was unreachable 'cause one of your libraries left it open during the last run and Excel shown a warning modal while opening it; your project didn't like this last thing one bit. It takes 90 minutes to find the root of the problem, you solve it by rebooting one of your machines. It's 01:00.

You shower, watch yourself on the mirror and search for the line where your forehead ends and your hair starts. It got a little bit back from yesterday; the change can't be seen with the naked eye but you know it's there.

You cry yourself to sleep. Tomorrow is another day, but it's going to be exactly like today.

Long rant ahead.. so feel free to refill your cup of coffee and have a seat 🙂

It's completely useless. At least in the school I went to, the teachers were worse than useless. It's a bit of an old story that I've told quite a few times already, but I had a dispute with said teachers at some point after which I wasn't able nor willing to fully do the classes anymore.

So, just to set the stage.. le me, die-hard Linux user, and reasonably initiated in networking and security already, to the point that I really only needed half an ear to follow along with the classes, while most of the time I was just working on my own servers to pass the time instead. I noticed that the Moodle website that the school was using to do a big chunk of the course material with, wasn't TLS-secured. So whenever the class begins and everyone logs in to the Moodle website..? Yeah.. it wouldn't be hard for anyone in that class to steal everyone else's credentials, including the teacher's (as they were using the same network).

So I brought it up a few times in the first year, teacher was like "yeah yeah we'll do it at some point". Shortly before summer break I took the security teacher aside after class and mentioned it another time - please please take the opportunity to do it during summer break.

Coming back in September.. nothing happened. Maybe I needed to bring in more evidence that this is a serious issue, so I asked the security teacher: can I make a proper PoC using my machines in my home network to steal the credentials of my own Moodle account and mail a screencast to you as a private disclosure? She said "yeah sure, that's fine".
Pro tip: make the people involved sign a written contract for this!!! It'll cover your ass when they decide to be dicks.. which spoiler alert, these teachers decided they wanted to be.

So I made the PoC, mailed it to them, yada yada yada... Soon after, next class, and I noticed that my VPN server was blocked. Now I used my personal VPN server at the time mostly to access a file server at home to securely fetch documents I needed in class, without having to carry an external hard drive with me all the time. However it was also used for gateway redirection (i.e. the main purpose of commercial VPN's, le new IP for "le onenumity"). I mean for example, if some douche in that class would've decided to ARP poison the network and steal credentials, my VPN connection would've prevented that.. it was a decent workaround. But now it's for some reason causing Moodle to throw some type of 403.

Asked the teacher for routers and switches I had a class from at the time.. why is my VPN server blocked? He replied with the statement that "yeah we blocked it because you can bypass the firewall with that and watch porn in class".
Alright, fair enough. I can indeed bypass the firewall with that. But watch porn.. in class? I mean I'm a bit of an exhibitionist too, but in a fucking class!? And why right after that PoC, while I've been using that VPN connection for over a year?

Not too long after that, I prematurely left that class out of sheer frustration (I remember browsing devRant with the intent to write about it while the teacher was watching 😂), and left while looking that teacher dead in the eyes.. and never have I been that cold to someone while calling them a fucking idiot.

Shortly after I've also received an email from them in which they stated that they wanted compensation for "the disruption of good service". They actually thought that I had hacked into their servers. Security teachers, ostensibly technical people, if I may add. Never seen anyone more incompetent than those 3 motherfuckers that plotted against me to save their own asses for making such a shitty infrastructure. Regarding that mail, I not so friendly replied to them that they could settle it in court if they wanted to.. but that I already knew who would win that case. Haven't heard of them since.

So yeah. That's why I regard those expensive shitty pieces of paper as such. The only thing they prove is that someone somewhere with some unknown degree of competence confirms that you know something. I think there's far too many unknowns in there.

Nowadays I'm putting my bets on a certification from the Linux Professional Institute - a renowned and well-regarded certification body in sysadmin. Last February at FOSDEM I did half of the LPIC-1 certification exam, next year I'll do the other half. With the amount of reputation the LPI has behind it, I believe that's a far better route to go with than some random school somewhere.

Paranoid Developers - It's a long one
Backstory: I was a freelance web developer when I managed to land a place on a cyber security program with who I consider to be the world leaders in the field (details deliberately withheld; who's paranoid now?). Other than the basic security practices of web dev, my experience with Cyber was limited to the OU introduction course, so I was wholly unprepared for the level of, occasionally hysterical, paranoia that my fellow cohort seemed to perpetually live in. The following is a collection of stories from several of these people, because if I only wrote about one they would accuse me of providing too much data allowing an attacker to aggregate and steal their identity. They do use devrant so if you're reading this, know that I love you and that something is wrong with you.

That time when...

He wrote a social media network with end-to-end encryption before it was cool.

He wrote custom 64kb encryption for his academic HDD.

He removed the 3 HDD from his desktop and stored them in a safe, whenever he left the house.

He set up a pfsense virtualbox with a firewall policy to block the port the student monitoring software used (effectively rendering it useless and definitely in breach of the IT policy).

He used only hashes of passwords as passwords (which isn't actually good).

He kept a drill on the desk ready to destroy his HDD at a moments notice.

He started developing a device to drill through his HDD when he pushed a button. May or may not have finished it.

He set up a new email account for each individual online service.

He hosted a website from his own home server so he didn't have to host the files elsewhere (which is just awful for home network security).

He unplugged the home router and began scanning his devices and manually searching through the process list when his music stopped playing on the laptop several times (turns out he had a wobbly spacebar and the shaking washing machine provided enough jittering for a button press).

He brought his own privacy screen to work (remember, this is a security place, with like background checks and all sorts).

He gave his C programming coursework (a simple messaging program) 2048 bit encryption, which was not required.

He wrote a custom encryption for his other C programming coursework as well as writing out the enigma encryption because there was no library, again not required.

He bought a burner phone to visit the capital city.

He bought a burner phone whenever he left his hometown come to think of it.

He bought a smartphone online, wiped it and installed new firmware (it was Chinese; I'm not saying anything about the Chinese, you're the one thinking it).

He bought a smartphone and installed Kali Linux NetHunter so he could test WiFi networks he connected to before using them on his personal device.

(You might be noticing it's all he's. Maybe it is, maybe it isn't).

He ate a sim card.

He brought a balaclava to pentesting training (it was pretty meme).

He printed out his source code as a manual read-only method.

He made a rule on his academic email to block incoming mail from the academic body (to be fair this is a good spam policy).

He withdraws money from a different cashpoint everytime to avoid patterns in his behaviour (the irony).

He reported someone for hacking the centre's network when they built their own website for practice using XAMMP.

I'm going to stop there. I could tell you so many more stories about these guys, some about them being paranoid and some about the stupid antics Cyber Security and Information Assurance students get up to. Well done for making it this far. Hope you enjoyed it.

N e v e r, fucking e v e r chmod/ chown permissions recursive on the linux /etc folder❗

I did yesterday (, because I am fucking dumb and know little about linux systems) and got the result today. My whole mailserver wasn't working.
After fucking tons of googling and searching and log-digging I found that postfix and opendkim require specific permissions on their respective folders and files.

After changing a fucking amount of permissions on those fucking files the fucking mailserver worked and I can send and receive mails, now. 😤😤😤

What a torture. Lesson learned. Never will repeat this mistake.

>> this === rant
<< true

At beginning of this year, I only knew HTML, JS, and CSS so I just applied for offers like "Jr Apprentice Dev in Front-End"
In a interview call, the woman told me that they will send me a test asking about my JS and HTML5 knowledge.
When I look in my inbox, the mail subject says "Back-end Test".

Then I call the woman:

Me: "Hello, I have received the test mail, but maybe it's wrong. I applied for a Front-End position and the test is about backend! "

She: "Do you have skills in JS and HTML5?"

Me: "Yes!, and CSS3"

She: "Well, the test is about that. JS, jQuery, and HTML5"

Me: "..."

Me: "Sorry, that languages are Front-End. In the subject say 'Back-End' and Back-End is PHP, SQL, MySQL, Java, .Net... I don't know nothing about that. I only know HTML, JS, CSS."

She: "It's the same"

Me: "I sorry but it's not the same. Fron-End is client-side, what users sees. Animation, colors, FXs, buttons, forms... And Back-End is server-side, what users doesn't see."

She: "Well, JS, HTML, and CSS is backend for us. We call it that way too"

Me: "Sorry but that is wrong. I invite you to read some basic info. Now I am confused"

Of course that I am not confused. That idi0t was wrong.
Perhaps recruiters should take some info about areas where they are recruiting... (:T)

That feeling when your client connection is more stable than the connection of a fucking game server... Incompetent pieces of shit!!! BEING ABLE TO PUT A COUPLE OF SPRITES DOESN'T MAKE YOU A FUCKING SYSADMIN!!!

Oh and I sent those very incompetent fucks a mail earlier, because my mailers are blocking their servers as per my mailers' security policy. A rant from the old box - their mail servers self-identify a fucking .local!!! Those incompetent shitheads didn't even properly change the values from test into those from prod!! So I sent them an email telling them exactly how they should fix it, as I am running the same MTA on my mailers (Postfix), at some point had to fix my mailers against the exact same issue as well, and clearly noticed in-game that they have deliverability problems (they explicitly mention to unblock their domain). Guess why?! Because their server's shitty configuration triggers fucking security mechanisms that are built against rogue mailers that attempt to spoof themselves as an internal mailer, with that fucking .local! And they STILL DIDN'T CHANGE IT!!!! Your fucking domain has no issues whatsoever, it's your goddamn fucking mail servers that YOU ASOBIMO FUCKERS SHOULD JUST FIX ALREADY!!! MOTHERFUCKERS!!!!!

That's actually something that happened fairly recently.. just that I didn't have the energy left at the time to write it down. That, or I got my ass too drunk to properly write anything.. not sure actually.

So on paper I'm unemployed, but I do spend some time still on pretty much voluntary work for HackingVision, along with a handful of other people.

At the time, we were just doing the usual chit-chat in the admin channel, me still sick in my bed (actually that means that I wasn't drunk but really tired for once.. amazing!) and catching up to what happened, but unable to do any useful work in this sick state. So, tablet, typing on glass, right. I didn't have any keyboard attached at the time.

One of the staff members (a wanketeer from India) apparently had an assignment in a few hours for which he needed to write a server application in Java. Now, performance issues aside, I figured.. well I've got quite a bit of experience with servers, as well as some with client-server protocols. So I got thinking.. mail servers, way too overengineered. Web servers.. well that could work, I've done some basic netcat webservers that just sent an HTTP 200 OK and the file, those worked fine.. although super basic of course. And then there's IRC, which I've actually talked to an InspIRCd server through telnet before (which by the way is pretty much the only thing that telnet is still useful for, something that was never its purpose, lol) and realized that that protocol is actually quite easy to develop around. That's why I like it so much over modern chat protocols like XMPP, MQTT and whatnot. So I recommended that he'd write a little IRC server in Java. Or even just a chatbot like I attempted to at the time, considering that that's - with a stretch of course - a sort-of server too.

His fucking response however, so goddamn fucking infuriating. "If the protocol is so easy, then please write me down how to implement it in Java."

Essentially do his fucking work for him. I don't know Java, but as a fucking HackingVision admin, YOU SHOULD FUCKING KNOW THAT HACKERS CAN'T STAND LAZY CUNTS THAT CAN'T EVEN BE ASSED TO GOOGLE SHIT!!! If I wanted to deal with cunts like that, I'd have opened the page inbox with all its Fb h4xx0ring questions, not the fucking admin chat!

And type it on a goddamn fucking piece of glass, while fucking sick?! Get your ass fucked by a bobs and vegana horny fuck from the untouchable caste, because that's where you fucking belong for expecting THAT from me, you fucking bhenchod.

But at least I didn't get my ass enraged like that to say that to him in the admin chat. Although that probably wouldn't have been a bad thing, to get his feet right back on the ground again.

Fucking Gmail !!!! I hate you so much !!!

My mail server is fucking perfect, I have all the records in my DNS and even have a 10/10 score on mail-tester.com.
But this fucking Gmail keeps putting me the spam folder ! Why do you hate my so much ?

So my ISP just called me again that I'm sending plenty of spam. This time, I have all flows logged, so I know for sure that it wasn't my TV (only vulnerable device with internet access) and as my switch was offline there is nothing in front of my router anymore. And I learned that all the spam was going directly to their smtp server which I never used and didn't even know they have some. All in all everything points to their cable modem. Will tell them that in response to the mail they promised to send me. Really looking forward to new at least a little bit competent ISP (alternative should be available soon).

Feeling productive at a Sunday evening. Let's install a DNS server and a fucking mail server on two forgotten VPS's I am still paying for.

SO A-FUCKING-PPEARANTLY, THEIR WEB MANAGEMENT PANEL IS FUCKED UP SO I CANNOT REINSTALL MY MOTHERFUCKER VPS's. HOW FUCKING FUCKING FUCKING FUCKING DIFFICULT CAN IT BE.

I've accomplished something I thought I'd never do.
I convinced my boss to switch from SVN to Git. (before SVN we've even been using CVS if someone remembers)
Only requirement: it needs to stay in house and I'm the one setting up the server, writing documentation and teach everyone how to use it.

What? Why should I setup the server? Don't we have someone whose job it is to... OK ok... I'll do it.

So after some painstaking arguments with the guy whose job it should have been to do that, I've managed to install a virtual machine running Gitlab.

Long story short: I've just found out about the joys of mail configuration to send E-Mails to established mail providers. Every... single... one of them has a different problem with the way the mails are sent.
Fml

I think I'm going to ask that guy again to use our mail servers SMTP. There should be a possibility to use my gitlabs domain for that somehow.
Really looking forward to Monday. Ugh...

So, a few weeks ago I asked you guys what would you do if you were to quit your current job. I attempted a start-up with an old "friend" of mine.

He was very enthusiastic and hardworking at the beginning. However he received a job offer from somewhere and told me that he would work there just until we found the company officially and then quit and work full time on the project.

Well... I put around 300 hours into the project and developed the system, did most of my part according to the plan but the guy didn't deliver anything.

Turned out he had another secret partner whom he first introduced me as his mentor. I had my suspicions and suddenly shut down API servers, project management domain and mail server. Suddenly the quiet guy called me asking if I was alright and everything was fine.

Then, nothing happened. He went radio silence until I called him last night and he picked up the phone drunk and mumbled something like "I'm aware of you being a victim" then went to "you're passive aggresive" or something like that and I said nothing, just hung up.

I think you can figure out what went down on the other side and I'd like to hear your scenarios.

PS: now I have another start-up idea: I'm gonna pick up a flamethrower and burn the world while laughing histerically. Anyone who'd like to join is welcome.

I was just testing the Postfix server on one of my mailers, for the hell of it.. EHLO, STARTTLS, all good. Then comes the mail submission part.

MAIL FROM test@nixmagic.com
Connection closed by foreign host.

Right after I say mail from, it just closes the connection! Is it just me or does this feel like the server says to me "fuck off"? :')

My first job was actually nontechnical - I was 18 years old and sold premium office furniture for a small store in Munich.
I did code in my free time though (PHP/JS mostly, had a litte browsergame back then - those were the days), so when my boss approached me and asked me whether I liked to take over a coding project, I agreed to the idea.

Little did I know at the time: I was supposed to work with a web agency the boss had contracted to build their online shop. Only that he had no plan or anything, he basically told them "build me an online shop like abc(a major competitor of ours at the time)"

He employed another sales lady who was supposed to manage the shop (that didn't exist yet). In the end, I think 80% of her job was to keep me from killing my boss.

As you can imagine, with this huuuuge amout of planning and these exact visions of what was supposed to be, things went south fast and far. So far that I could visit my fellow flightless birds down in the Penguin's republic of Antarctica and still need to go further.

Well... When my boss started suing the web agency, I was... ahem, asked to take over. Dumb as I was, I did - I was a PHP kid and thought that Magento, being written in PHP, would be easy to master. If you know Magento, you know that was maybe the wrongest thing I ever said.

Fast forward 3 very exhausting months, the thing was online. Not all of it worked yet, but it was online and fairly secure.

I did next to everything myself, administrating the CentOS box the shop was running on, its (own) e-mail server, the web server, all the coding required for the shop (can you spell 12 hour day for 8 hour pay?)

3 further months later, my life basically was a wreck, I dragged myself to work, the only thing I looked forward being the motorcycle ride home. The system worked though.

Mind you, I was still, at the time, working with three major customers, doing deskside support and some admin (Win Server 2008R2 at the time) - because, to quote my boss, "We could not afford a full time developer and we don't need one".

I think i stopped coding in my free time, the one hobby I used to love more than anything on the world, somewhere Decemerish 2012. I dropped out of the open source projects I was in, quit working on my browser game and let everything slide.

I didn't even care to renew the domains and servers for it, I just let it die without notice.

The little free time I had, I spent playing video games and getting drunk/high.

December 2013, 1.5 years on the job, I reached my breaking point and just left, called in sick at least a week per month because I just could not see this fucking place anymore.

I looked for another job outside of ALL of what I did before. No more Magento, no more sales, no more PHP. I didn't have to look for long, despite what I thought of my skills.

In February 2014, I told my boss that I quit. It was still seven months until my new job started, but I wanted him to know early so we could migrate and find a replacement.

The search for said replacement started in June 2014. I had considerably less work in the months before, looks like he got the hint.

In August 2014, my replacement arrived and I got him started.

I found a job, which I am still in, and still happy about after almost half a decade, at a local, medium sized ISP as a software dev and IT security guy. Got a proper training with a certificate and everything now.

My replacement lasted two months, he was external and never really did his job - the site, which until I had quit, had a total of 3 days downtime for 3 YEARS (they were the hoster's fault, not mine), was down for an entire month and he could not even tell why.

HIS followup was kicked after taking two weeks to familiarize himself with the project. Well, I think that two weeks is not even barely enough to familiarize yourself with nearly three years of work, but my boss gave him two days.

In 2016, the shop was replaced with another one. Different shop system, different OS, different CI. I don't know why and I can't say I give a damn.

Almost all the people that worked at the company back with me have left for greener pastures, taking their customers (and revenue) with them.

As for my boss' comments, instructions and lines: THAT might not be safe for work. Or kids. Or humans in general. And there wouldn't be much left if you put it through a language filter...

Moral of the story: No, it's not a bad thing to leave a place if you're mistreated there. Don't mistake loyalty with stupidity!

And, to quote one of my favourite Bands: "Nothing matters when the pain is all but gone" (Tragedy + Time by Rise Against).

It's finally happened. I've used my mail servers for about a year to give out different email addresses on my domain to things I sign up for online, and only used my "actual" email address that received all this email for the whole domain but the single one that I used outbound for private communications.

This worked well for a long time as I could see when spam comes in, where it came from by looking at the email address I designated it. Each company's email would be sent not only from an email address that they choose, but also to an email address that I choose. It allowed me to easily determine where there were problems. For example, on Freenode IRC my vhost happened to make my username@host there a valid email address. It eventually got blacklisted due to too much incoming spam as crawlers started detecting it. Another one was "nickname"@my.domain as I posted it a few times here. Got crawled as well. But it allowed me to easily blacklist each.

I'd never thought my actual outbound email address, my real one, to get crawled though. That would require the mail server of a company I explicitly communicated with to get hacked. But today that happened. I wonder whose it is, but I can't tell.

Time to make my outgoing email bound to a designated email address as well. I want to know which companies this happens to, even if they don't disclose it.

I just tried to sign up to Instagram. I made a big mistake.

First up with Facebook related stuff is data. Data, data and more data. Initially when you sign up (with a new account, not login with Facebook) you're asked your real name, email address and phone number. And finally the username you'd like to have on the service. I gave them a phone number that I actually own, that is in my iPhone, my daily driver right now (and yes I have 3 Androids which all run custom ROMs, hold your keyboards). The email address is a usual for me, instagram at my domain. I am a postmaster after all, and my mail server is a catch-all one. For a setup like that, this is perfectly reasonable. And here it's no different, devrant at my domain. On Facebook even, I use fb at my domain. I'm sure you're starting to see a pattern here. And on Facebook the username, real name and email domain are actually the same.

So I signed up, with - as far as I'm aware - perfectly valid data. I submitted the data and was told that someone at Instagram will review the data within 24 hours. That's already pretty dystopian to me. It is now how you block bots. It is not how Facebook does it either, at least since last time I checked. But whatever. You'd imagine that regardless of the result, they'd let you know. Cool, you're in, or sorry, you're rejected and here's why. Nope.

Fast-forward to today when I recalled that I wanted to sign up to Instagram to see my girlfriend's pictures. So I opened Chromium again that I already use only for the rancid Facebook shit.. and it was rejected. Apparently the mere act of signing up is a Terms of Service violation. I have read them. I do not know which section I have violated with the heinous act of signing up. But I do have a hunch.

Many times now have I been told by ignorant organizations that I would be "stealing" their intellectual property, or business assets or whatever, just because I sent them an email from their name on my domain. It is fucking retarded. That is MY domain, not yours. Learn how email works before you go educate a postmaster. Always funny to tell them how that works. But I think that in this case, that is what happened.

So I appealed it, using a random link to something on Instagram's help section from a third-party blog. You know it's good when the third-party random blog is better. But I found the form and filled it in. Same shit all over again for info, prefilling be damned I guess. Minor convenience though, whatever.

I get sent an email in German, because apparently browsing through a VPS in Germany acting as a VPN means you're German. Whatever... After translating it, I found that it asks me to upload a picture of myself, holding a paper in my hands, on which I would have a confirmation code, my username, and my email address.. all hand-written. It must not be too dark, it must be clear, it must be in JPEG.. look, I just wanted to fucking sign up.

I sent them an email back asking them to fix all of this. While I was writing it and this rant, I thought to myself that they can shove that piece of paper up their ass. In fact I would gladly do it for them.

Long story short, do not use Instagram. And one final thing I have gripes with every time. You are not being told all the data you'll have to present from the get-go. You're not being told the process. Initially I thought it'd just be email, phone, username, and real name. Once signed up (instantly, not within 24 hours!) I would start setting up my account and adding a profile picture. The right way to ask for a picture of me! And just do it at my own pace, as I please.

And for God's sake, tackle abuse when it actually happens. You'll find out who's a bot and who isn't by their usage patterns soon enough. Do not do any of this at sign-up. Or hell, use a CAPTCHA or whatever, I don't fucking care. There's so many millions of ways to skin this cat.

Facebook and especially Instagram. Both of them are fucking retarded.

Often I hear that one should block spam email based on content match rather than IP match. Sometimes even that blocking Chinese ranges in particular is prejudiced and racist. Allow me to debunk that after I've been looking at traffic on port 25 with tcpdump for several weeks now, and got rid of most of my incoming spam too.

There are these spamhausen that communicate with my mail server as much as every minute.
- biz-smtp.com
- mailing-expert.com
- smtp-shop.com

All of them are Chinese. They make up - rough guess - around 90% of the traffic that hits my edge nodes, if not more.

The network ranges I've blocked are apparently as follows:
- 193.106.175.0/24 (Russia)
- 49.64.0.0/11 (China)
- 181.39.88.172 (Ecuador)
- 188.130.160.216 (Russia)
- 106.75.144.0/20 (China)
- 183.227.0.0/16 (China)
- 106.75.32.0/19 (China)
.. apparently I blocked that one twice, heh
- 116.16.0.0/12 (China)
- 123.58.160.0/19 (China)

It's not all China but holy hell, a lot of spam sure comes from there, given how Golden Shield supposedly blocks internet access to the Chinese citizens. A friend of mine who lives in China (how he got past the firewall is beyond me, and he won't tell me either) told me that while incoming information is "regulated", they don't give half a shit about outgoing traffic to foreign countries. Hence all those shitty filter bag suppliers and whatnot. The Chinese government doesn't care.

So what is the alternative like, that would block based on content? Well there are a few solutions out there, namely SpamAssassin, ClamAV and Amavis among others. The problem is that they're all very memory intensive (especially compared to e.g. Postfix and Dovecot themselves) and that they must scan every email, and keep up with evasion techniques (such as putting the content in an image, or using characters from different character sets t̾h̾a̾t̾ ̾l̾o̾o̾k̾ ̾s̾i̾m̾i̾l̾a̾r̾).

But the thing is, all of that traffic comes from a certain few offending IP ranges, and an iptables rule that covers a whole range is very cheap. China (or any country for that matter) has too many IP ranges to block all of them. But the certain few offending IP ranges? I'll take a cheap IP-based filter over expensive content-based filters any day. And I don't want to be shamed for that.

A database of a German client for testing was sent to our software company. To make sure that the program works well with real data. Testers are funny people, they immediately found a certain Schwarzkopf in the database and fired, making a comment “for dyed hair”. Further - more. Some Albert Speer was suspended from work on the night shift, pointing out in a comment: "suspected of a relationship with Hitler."

Work progressed, genocide grew. The whole department was dismissed with the comment: “To the gazenvagen” (naturally in German). The apogee was the demotion of the director to the supply manager, the establishment of the Obersturmbanführer position and the adoption of Max von Stirlitz (as you might have guessed) on it. An element of reality in the game of testers was made by a dull dude who wanted to check how the mail server works.

As a result, the above comments were sent to all of the above characters, as well as their managers, through the database to their real e-mail addresses.

Boss: please deleted These vServers since we dont need them anymore

Done.

Me: Starts working today. Got a Mail from my boss.
"Can we Talk about Server xyz123, there may be some important data on it"

Sometimes I wonder if they think that I Just sitting around with a finger in my nose and wait for days before I start doing stuff.

Just dont ask me to delete stuff if you are unsure.

Set up a mail server for our office using one of those all-in-one mail server installations. It would keep denying connections every few days, so me, being the inexperienced shit I was, setup a cron job to restart the server at midnight everyday. It worked and still, to this day, it still works.

Aren't the system admin supposed to figure out how to install something on their server when a developer has requested something from them?

They seem to have no idea when I request them to install php gd extension. They also cannot give me a ssh access to their server. So I have to troubleshoot/help by sending one command and ask for the output from them and give another command to run through mail.

I don't even know what to rant or whom to rant at anymore.

// I'm blue.

When your university drops the support for IMAP on their mail-server, leaving Exchange as only possible option, because apparently the thought that somebody MIGHT be using Linux in a fucking IT major is completely out of this world...

Why the fuck did Oracle change their policies on the official JDK and made the website nigh impossible to use?!

It was shit from the 90s before, and now its still shit just modern.

Why do I have to register do get the JDK, you know Im going to use the fucking 10min mail. I just wanted to setup a freaking build server and I had to go over your retarded website that for some reason *refreshes* and erases the username field everytime I put in the wrong password. Why?

Why is oracle just outright bad at making websites?! Its always a maze to navigate and now it also takes seconds to even load...

This shit is why everyone uses openJDK and adopt. 3 billion devices running java?! Not with your jre/jdk they are not, because It's a pain to get... Don't me even get started on the mess it does on windows server. Why wasn't my JAVA_HOME set automatically?! I lost almost 2 hours because I trusted your piece of shit software to so the one job it has, even reinstalled it completely...

Get your shit together Oracle, this was unacceptable 10 years ago, let alone now

Not much of a rant, but my Mail server is under attack by an IP in Ukraine. Fun stuff.

#FuckPHPInTheAss

>Start working on PHP after ages.
>Found that mail() is deprecated through server support
>they suggest to use PEAR Mail
>Suggest to use deprecated PEAR code
>Fix deprecated code and magically runs on localhost
>ohmygodyess.php
>try to run on server
>fuckMyLife.exe
>Try using PHPMailer
>WTF is this How the fuck this works?
>Spends hours to understand with example code
>WorksFinOnLocal.exe
>NopeIWon'tRunOnServe.lulz
>about to use YiiMailer.

#Sleepless

Here comes the story how I became a DevRanter.
When I was young, I built an expensive gamer-machnine, so I had to crack games. I Got used to computers, so I startet an apprenticeship in IT. I finished with good grades. I left everything and everyone behind and moved in a city, found a parttime job as a PHP developer and started studying CS. After 5 years doing work as developer, studying CS, creeping around as soldier, I finally finished and graduated. After a few months working fulltime (same job), as my life began to settle down and I got bored.
A flatmate (also CS) laughed his ass off about something, then he introduced me to DevRant. It became part of my life to read DevRant, to overcome boredom. But there are not enough new Rants.. I'm f'cked. OK, I resigned my Job, and my flat and signed up for the BS in natural scinces at university in an even bigger city. I will again leave everything behind to begin a new life. Now I'm planing to freelance to pay the bills and challenge me again. Wish me luck :)

So I am beginning this new life with writing this story, how i became a dev. I klick Post, and bang! "please verify your email before ranting.. blah" I got no mail, no span, nothing. Resend.. wait.. nothing. I WAS BORED AGAIN!! FUCK YOU MAIL-SERVER, WHY CAN'T YOU SEND AN EMAIL WITHIN SECONDS OR MINUTES, WE ARE IN 21ST CENTURY AND THE INTERNET CONSISTS MAINLY OF OPTIC FIBER CABLES!!
And this is, dear DevRant community, how i become a Ranter, just then when I wanted to Post my first story.

I’m fairly new to maintaining my own webservers. For the past week the servers (two of them) kept crashing constantly.

After some investigation I figured it was due to someone running a script trying to get ssh access.

I learned about fail2ban, DOS and DDOS attacks and had quite a fight configuring it all since I had 20 seconds on average between the server shutdowns and had to use those 20 second windows to configure fail2ban bit by bit.

Finally after a few hours it was up and running on both servers and recognized 380 individual IPs spamming random e-mail / password combos.

I fet relieved seeing that it all stopped right after fail2ban installation and thought I was safe now and went to sleep.

I wake up this morning to another e-mail stating that pinging my server failed once again.

I go back to the logs, worried that the attack became more sophisticated or whatever only to see that the 06:25 cronjob is causing another fucking crash. I can’t figure out why.

Fuck this shit. I’m setting another cronjob to restart this son of a bitch at 06:30.

I’m done.

The ones who use it, what do you like or value about Linux? Why do you use it?

Before I answer, let me say that I am a noob compared to the rest of this community. I run Ubuntu because Arch was too complicated when I tried and bash scripts equal to frustrations for me. That's my knowledge level.

- I don't feel "observed" when using a Linux distro compared to Windows and macOS.
- Feel more connected to the open source thought and the free spirit.
- Feel like I can do anything I want. Learning new programming languages easily, trying out web servers, try and setup own website or mail server etc.
- Everything is accessible. Read something cool about docker? ALT+T to open a terminal and start up a docker container to try out.
- No Internet browsing for software, like googling "Firefox download english".
- Sometimes forces me to learn about the workings of a computer, like networks, servers, routing, firewalls, bootup sequence etc.
- So many great command line tools. Want to find out quickly who owns a website? Want to query a specific DNS server? All possible within 5 seconds!

All in all using Linux feels like watching a documentary while using Windows is more like watching a dumb comedy show where I can turn my brain off, but get more stupid after a while.

Guys what I want to know is how do you secure your code so that they pay you after you deliver the code to them?
So recently I was in this internship that I secured with an over-the-phone interview and the guy who was contacting me was the CEO of the company (I'm going to refer to him as "the fucking cunt" from now on). He asked me to do some OCR and translations and I managed to write a few scripts that automate the entire process. The fucking cunt made me login remotely to his desktop which was connected to the server (who the fuck does that) and I had to operate on the server from his system. I helped him with the installation and taught him how to use the scripts by altering the parameters and stuff, and you know what the fucking cunt did from the next day onward? Dropped contact. Like completely. I kept bombing emails upon emails and tried calling him day after day, the fucking cunt either picked up and cut the call immediately on recognising its me or didn't pick up at all. And the reason he wasn't able to pay me was, and I quote, "I am in US right now, will pay you when I get back to India." I was like "The fuck was PayPal invented for?" Being the naive fool that I was, I believed him (it was my first time) and waited patiently till the date he mentioned and then lodged a complain in the portal itself where he had posted the job initially. They raised a concern with the employer and you know what the fucking cunt replied? "He has not been able to achieve enough accuracy on the translations". Doesn't even know good translation systems don't exist till date ( BTW I used a client for the google translate API). It has been weeks now and still the bitch has not yet resolved the issue.And the worst part of it was I got a signed contract and gave him a copy of my ID for verification purposes.
I'm thinking of making a mail bomb and nagging him every single day for the rest of his life. What do you guys think?

Got my first Linux magazine with real worth tips for noobs with advanced stuff (like mounting a web mail server using Nmap, create personalized distros ssh, terminology and stuff , you don't see that in most noob magazines).
First point... Comes with a CD with 4 distros (OK... I perfer to download the latest for my VMs) and 200 euros worth of.. Linux software?
And I ripped this beautiful cover before even reading it... Killing a wasp. So, worth the 10 euros even before opening it

Colleague from other department : Hey man I don't think my laptop can access to my company mail do you think you can fix it?

Me, newly working as an application programmer : Nah sorry man, perhaps you could ask that technician by the server room. He will know more hardware than I do.

Colleague : But aren't you also an IT specialist?

Me : Did you just assume my occupation?

Hey there 👋

I am more or less throwing any burden (WhatsApp, Facebook, Google etc.) out of my life. Of course I will continue using the Google account for YouTube and some games that need it.

That's what it looks like right now:

Raspberry Pi 3B+
✅ webserver
- forum - complete (atm just for me)
- blog - no ideas and just installed october cms and nothing done yet
- nextcloud - complete and filled with my porn... eeh... data

✅ mailserver
(missing spamassassin, clam or sth. like this but it's working 😂)

✅ matrix-synapse
(as an additional alternative to messengers)

______________

Raspberry Pi 2
✅ catches dust
(any ideas?)

Of course, many more configurations and the like are necessary before everything is ready... but what then or what else is there?

At the moment I still use WhatsApp. Just wanna take time before sending everyone a message about changing the messenger and that it should be important for thinking about the own privacy, which alternatives there are bla...

Edit: For passwords I'm using Myki - didn't hear anything bad about it yet and it's very easy to use (Firefox add-on, Android app).
I love my passwords with 200 characters 😂
Maybe someone's knowing more about them?

Hope I didn't forget a thing... thanks in advance aaaaaaand... I'm gone. ☺

What kinda blockhead moron at my ISP decided that I require a new modem & router that is managed by THEM! I'm not really baffled by the privacy concerns but more about that I am unable to manage my home network. I literally cant open ports, manage ip adresses and do other shit I NEED FOR WORKING AT HOME.
I cant print!
I cant read mail!
I cant access my network drives!
My website is down!
Colleagues are asking why the Minecraft server is offline!
And using the new brick they gave me as a modem only, is not possible as there is no setting to be found to turn the router off!
And if I call their imbecile's of support they tell my that if they change a setting, that my phone will disconnect. (The phone line is also connected to the modem!) And right after the support guy said that and wanted to start explaing me further steps, his settings apply and I get kicked off the line. Bruh! You knew this would happen so why didnt you work around it?!?!?!!
Thing is, this new modem isnt even necessary as it doesnt use a different standard like fiber for example.
If I cant figure out how to get my stuff to work again, I swear to god I will turn on full Karen mode and ramble into their next store looking to get some manager fired!
(Ill post an update soon!)

The moment when you've spent way too much time working on your mail server and your dumbass friend instinctively slaps a @gmail.com at the end of your custom domain...

Me: The IP Address on your public mail server cluster has been blacklisted.

Supporter: What is the IP? You can get it from whatismyip.com

Me: *has left the chat*

Shit, again a long rant...

It all started 9 months ago.
We had a meeting with our group staff (5 people). Back the we discussed, if we should only work online or still send files around with mail.

Sure I suggested to run everything on a root server, would be the best performance/cost choice.

The president and the accounted refused, they said it's still working, why change. Payment will only be trough banktransfer and everybody keeps files local.

Back then I told them, that they will have sooner or later a problem. Files will be missing and bills not payd.

Last week we had a new meeting:
- Some of the group missed files.
- Some bills were unpaid

So now I have time until march to find and finish a groupware/collaboration tool.

I need to run member administration and payment online, this should be finished in October 2018. It should also do accounting.
Im really planing to use WooCommerce for this, I'm really crazy, I know! But I dont have time for that shit!

I work fulltime beside this and almost have no time to code something like that.

Well this week I demanded a memberlist, so I can plan a CRM database.

I received a word file as memberlist.
I asked them if this is a joke, right?!
They said no, thats the list. All the Data was mixed and some user details missing.

I HAD 3 HOURS TO GET IT DOWN IN EXCEL. WHY ARE YOU DOING THIS??? I REALLY WANNA PUNCH YOU ALL IN YOUR FACE!

When I sended it, I didn't receive a response or thanks.

The joke, I'm doing this stuff for free. I volontered, to make something big...

Im really going to shit Lego Bricks next...

Just found a nice hosting provider that actually have some customers in the taxi and transport segment.

The provider offer emailsservices, webhosting, dns services. So far so good.

The only problem that I can find here is that everything is hosted on one single IP.
The DNS-servers, the mail server and webserver is one fucking server.

Mail provider: "You are over your storage quota"
Me: "K, guess I'll clean up the junk I have on there then?"
Mail provider: "We also block IMAP connections for accounts over the storage quota"

>.>

CAN I HAVE YOUR ATTENTION:

Thanks. This is a notice from Yahoo Mail to warm up your IP’s.

Preferably by toaster but only microwave as a last resort.

Background:
Long story short a mail server was used by botnets to send out a few thousand emails over the past few days. We contacted a few email providers in hopes that they remove our IP from their blacklists.

BRUV,
WTF,
SO I JUST FOUND OUT THIS:
Hostinger changed its mailservers from mx1.hostinger.com, to IMAP.hostinger.com and SMTP.HOSTINGER.COM

This means that all of the emails that I sent out for the last 2 weeks on my phone(the only place where I send out emails) has been going to fadoodle knows where?

Now that I changed on my phone the incoming and sending servers and I send out a email it appears as spam, but It dosent do that when I send it out of the web platform.

So like bruv, more digging to do...

HOSTINGER U BICH ASS FUCKING CUNTS, DO YOU KNOW HOW MANY EMAILS I NEEDED TO FORWARD BCZ OF THIS???😂

And I though people were Beeing rude or something

You know what, let me jump in on the "I hate PHP" bandwagon.

A couple months ago I upgraded my mail servers unattended. Roundcube got fucked for a couple of months, and I figured.. fuck it, I can still use Dovecot for authenticating with desktop mail clients like K-9.
Recently I unfucked it, turns out that it was an issue with the sock file in php-fpm. That's also when I noticed that PHP apparently hardcodes in its current version in the bloody socket file. Because why the fuck wouldn't you? It makes upgrades so much fucking easier!!! Said no fucking sysadmin ever!!!

And today I upgraded one of my mail servers to Ubuntu Server 18.04, finally, after a lot of hesitation. Bad decision, because now PHP got fucked YET AGAIN.
Again an issue with socket files? I have no fucking idea. systemctl shows no failed services (because you know PHP, why would you fail your service with an error message instead of throwing a meaningless 502 Bad Gateway, right?!!) and looking at the config files, well the socket file got its new php-fpm 7.2 file (still got the fucking version number hardcoded in) and thus I changed that socket file location in /etc/php/7.0...

devRant may just have been my rubber duck.

WHY THE FUCK DO YOU STINKING FUCKING PILE OF SHIT CALLED FUCKING PHP KEEP THE FUCKING 7.0 DIRECTORY OUT THERE WHEN YOU'VE UPGRADED, WITHOUT EVEN HAVING THE FUCKING BALLS TO RENAME THE MOTHERFUCKING DIRECTORY TO 7.2, IF YOU'RE GOING TO HARDCODE IN YOUR VERSION NUMBERS ANYWAY?!!!!!

Bloody fucking pile of fucking junk!!!!

Anything I (am able to) build myself.
Also, things that are reasonably standardized. So you probably won't see me using a commercial NAS (needing a web browser to navigate and up-/download my files, say what?) nor would I use something like Mega, despite being encrypted. I don't like lock-in into certain clients to speak some proprietary "secure protocol". Same reason why I don't use ProtonMail or that other one.. Tutanota. As a service, use the standards that already exist, implement those well and then come offer it to me.

But yeah. Self-hosted DNS, email (modified iRedMail), Samba file server, a blog where I have unlimited editing capabilities (God I miss that feature here on devRant), ... Don't trust the machines nor the services you don't truly own, or at least make an informed decision about them. That is not to say that any compute task should be kept local such as search engines or AI or whatever that's best suited for centralized use.. but ideally, I do most of my computing locally, in a standardized way, and in a way that I completely control. Most commercial cloud services unfortunately do not offer that.

Edit: Except mail servers. Fuck mail servers. Nastiest things I've ever built, to the point where I'd argue that it was wrong to ever make email in the first place. Such a broken clusterfuck of protocols, add-ons (SPF, DKIM, DMARC etc), reputation to maintain... Fuck mail servers. Bloody soulsuckers those are. If you don't do system administration for a living, by all means do use the likes of ProtonMail and Tutanota, their security features are nonstandard but at least they (claim to) actually respect your privacy.

There is just one thing that's been haunting me.

One.

Thing.

That I have yet to succeed at doing.

One thing.

That I have yet to understand it's mazehole.

ONE THING.

That I failed me as a developer.

How in the FUCK do I create my own mail server with my own domain name? HOW? JUST FUCKING HOWWWWW

WHAT THE FUCK IS THE SECRET!

WHAT AM I MISSING!!!!!

(no don't tell me about any of those office 365/GoDaddy/Windows bullshit, just guide me with something normal)

Open source mail server?
I'm using Mailu but was thinking if there are other good options?
Also it is better if it has a docker image

TL;DR my first vps got hacked, the attacker flooded my server log when I successfully discovered and removed him so I couldn't use my server anymore because the log was taking up all the space on the server.

The first Linux VPN I ever had (when I was a noob and had just started with vServers and Linux in general, obviously) got hacked within 2 moths since I got it.
As I didn't knew much about securing a Linux server, I made all these "rookie" mistakes: having ssh on port 22, allowing root access via ssh, no key auth...

So, the server got hacked without me even noticing. Some time later, I received a mail from my hoster who said "hello, someone (probably you) is running portscans from your server" of which I had no idea... So I looked in the logs, and BAM, "successful root login" from an IP address which wasn't me.

After I found out the server got hacked, I reinstalled the whole server, changed the port and activated key auth and installed fail2ban.
Some days later, when I finally configured everything the way I wanted, I observed I couldn't do anything with that server anymore. Found out there was absolutely no space on the server. Made a scan to find files to delete and found a logfile. The ssh logfile. I took up a freaking 95 GB of space (of a total of 100gb on the server). Turned out the guy who broke into my server got upset I discovered him and bruteforced the shit out of my server flooding the logs with failed login attempts...

I guess I learnt how to properly secure a server from this attack 💪

!dev

Im working with morrons...

So someone had bright idea of having clone setup of our servers in other hosting company (in previous company we have rendundant setup). Whatever, maybe they want to be resistant to thermonuclear war or whatever, like the project wasn't underfunded already... Whatever, fuq it.

And with that, I have like really, really really fucking ABSOLUTELY BULLSHIT STUPID questions thrown at me.

So, this particular instance of bullshit started with trivial, literally "how much storage capacity we will need" I anwsered at least 4TB, preferably on redundant disk array, I've added small table what uses what and how much etc.

Than I got mail back...
"Thats not enough information:
1. What we need to say to company ABC
2. What we need to say to company XYZ
3. (this one actually had sense) Backups conception
4. **WILL WE PAY FOR SERVERS**
5. other important things (literally)"

So let's break it down.
Im backend guy. What the fuck do I know what you gonna say to XYZ or ABC. I dont give a shit, for me it's clicking setup new server and Im done for, you are overcomplicating as shit and require special care from hosting company that you will pay extra.
Next one, the killer one. What the fucking fuck. my anwser was literally "yes, we need to pay for servers, servers arent free."

Now tell me. How the fuck it is possible that someone can be such an idiot to ask questions like that. and I dont mean #3. maybe even #1 and 2 is like looking someone to throw responsibility on. But why the fuck I have to anwser mail that literally asked me if servers are free.

No, fuck off idiot, I have actual work. Take your bullshit and spread it somewhere else.

E:

and before anyone asks. No, Im not working in kindergarden but I often feel like I am indeed working within kindergarden full of 30+ mentally handicapped toddlers.

Subject: a rant for devRant

Hello,

Not entirely sure why or when exactly it happened, but after I joined mailing lists I have a pet peeve for people who don't use a proper subject line, or don't use email when I literally made a mail server for that purpose (some organizations really prefer calling apparently). Is it really that hard to summarize a message in one sentence? Hell half the time even the message itself is just a few sentences.

Also the greeting and salutation at the beginning and end of email messages. I find them so redundant. Has anyone ever gotten any meaningful information out of "Hello", "Greetings", "Dear", or something like that? Or "Best regards" or whatever. I get that it's just being polite but it's so meaningless! I really don't like using them anymore. Just a message block and who it came from, that's all it needs to me. Instead pour some effort into the damn subject, the title of whatever drivel you're putting out there! Or replying to an email *only* when the subject matter is still related! Or actually replying to the damn email if it's still that subject matter...

I probably sound like an old man, but seriously.. email isn't a hard concept once you "get it". Anyone can write a halfway decent letter, why isn't that the case for email?

Best regards,
Condor

telco sysadmin: hey maybe we should secure our SMTP server with SSL and password verification so our clients can e-mail safely!
senior exec be like: nah just filter incoming connections for our own IP-range, that'll do.

result: I can impersonate any client of the telco and send e-mail in their name (from any home network connected to that provider), but I can't send e-mail over cellular network.

Running your own mail server is a lost art

Me: Yay everything is tested and everything works!

Manager: Changes password of the e-mail server

Me: :(

> Develop puppet deployment module for hip new mail server
> set vm so taht it simulates cheap ass requirements of 1 core, 1 gig ram
> finally get to the webserver part, need to generate own dhparam.pem

Meanwhile my beard is becoming more and more grey

Going back home for the holidays means becoming tech support for pretty much the whole family, unluckly.

As soon as I enter my grandparent's home, my grandpa says "Could you print some emails?". I open his laptop, and I start sweating as soon as I see the Windows XP logo popping up. He (obviously) doesn't remember his password, and the only way to access his (mostly defunct) web mail service is Outlook 2003. For some reason, the web mail provider's POP3 server dies, and i spend half an hour trying to explain it. I ended up leaving with him saying "Why are you even going to a computer engineering university."

Ah, family.

It all started with an undelivereable e-mail.

New manager (soon-to-be boss) walks into admin guy's office and complains about an e-mail he sent to a customer being rejected by the recipient's mail server. I can hear parts of the conversation from my office across the floor.

Recipient uses the spamcop.net blacklist and our mail was rejected since it came from an IP address known to be sending mails to their spamtrap.

Admin guy wants to verify the claim by trying to find out our static public IPv4 address, to compare it to the blacklisted one from the notification.
For half an hour boss and him are trying to find the correct login credentials for the telco's customer-self-care web interface.
Eventually they call telco's support to get new credentials, it turned out during the VoIP migration about six months ago we got new credentials that were apparently not noted anywhere.

Eventually admin guy can log in, and wonders why he can't see any static IP address listed there, calls support again. Turns out we were not even using a static IP address anymore since the VoIP change. Now it's not like we would be hosting any services that need to be publicly accessible, nor would all users send their e-mail via a local server (at least my machine is already configured to talk directly to the telco's smtp, but this was supposedly different in the good ol' days, so I'm not sure whether it still applies to some users).

In any case, the e-mail issue seems completely forgotten by now: Admin guy wants his static ip address back, negotiates with telco support.
The change will require new PPPoE credentials for the VDSL line, he apparently received them over the phone(?) and should update them in the CPE after they had disabled the login for the dynamic address. Obviously something went wrong, admin guy meanwhile having to use his private phone to call support, claims the credentials would be reverted immediately when he changed them in the CPE Web UI.

Now I'm not exactly sure why, there's two scenarios I could imagine:
- Maybe telco would use TR-069/CWMP to remotely provision the credentials which are not updated in their system, thus overwriting CPE to the old ones and don't allow for manual changes, or
- Maybe just a browser issue. The CPE's login page is not even rendered correctly in my browser, but then again I'm the only one at the company using Firefox Private Mode with Ghostery, so it can't be reproduced on another machine. At least viewing the login/status page works with IE11 though, no idea how badly-written the config stuff itself might be.

Many hours pass, I enjoy not being annoyed by incoming phone calls for the rest of the day. Boss is slightly less happy, no internet and no incoming calls.

Next morning, windows would ask me to classify this new network as public/work/private - apparently someone tried factory-resetting the CPE. Or did they even get a replacement!? Still no internet though.
Hours later, everything finally back to normal, no idea what exactly happened - but we have our old static IPv4 address back, still wondering what we need it for.

Oh, and the blacklisted IP address was just the telco's mail server, of course. They end up on the spamcop list every once in a while.

tl;dr: if you're running a business in Germany that needs e-mail, just don't send it via the big magenta monopoly - you would end up sharing the same mail servers with tons of small businesses that might not employ the most qualified people for securing their stuff, so they will naturally be pwned and abused for spam every once in a while, having your mailservers blacklisted.

I'm waiting for the day when the next e-mail will be blocked and manager / boss eventually wonder how the 24-hours-outage did not even fix aynything in the end...

hsctf (high school capture the flag)

Sounds fun
Looks fun

first hurdle: you gotta have a mail server that accepts RFC uncompliant emails
second hurdle: even when you have it the acceptation link won't work
third hurdle: its FUCKING IN PYTHON
FUCKING HELL

If this how you wanna educate your youth, the for gods sake, die

I'm planning on stopping my mail server but I don't know to which service I should move, I have a custom domain that I need to link, for example Google cloud apps where I can forward emails, but of course I don't want to use Google.

Any recommendations?

just bought a dedicated server, coming in the mail this Friday. gonna use it for a 24/7 Minecraft server and maybe some web apps to experiment with stuff. I'm also going to have it connected to my TV as a media center occasionally. best Linux distro for dedicated server? bonus points for easy to install and configure

Mail from Microsoft: sign in to see payment details.
User clicks on the link (once).

Microsoft:

Sign in to continue to Microsoft

Something went wrong and we can't sign you in right now. Please try again later.

The Microsoft account login server has detected too many repeated authentication attempts. Please wait a moment and try again.

For all the hate that Java gets, this *not rant* is to appreciate the Spring Boot/Cloud & Netty for without them I would not be half as productive as I am at my job.

Just to highlight a few of these life savers:
- Spring security: many features but I will just mention robust authorization out of the box
- Netflix Feign & Hystrix: easy circuit breaking & fallback pattern.
- Spring Data: consistent data access patterns & out of the box functionality regardless of the data source: eg relational & document dbs, redis etc with managed offerings integrations as well. The abstraction here is something to marvel at.
- Spring Boot Actuator: Out of the box health checks that check all integrations: Db, Redis, Mail,Disk, RabbitMQ etc which are crucial for Kubernetes readiness/liveness health checks.
- Spring Cloud Stream: Another abstraction for the messaging layer that decouples application logic from the binder ie could be kafka, rabbitmq etc
- SpringFox Swagger - Fantastic swagger documentation integration that allows always up to date API docs via annotations that can be converted to a swagger.yml if need be.
- Last but not least - Netty: Implementing secure non-blocking network applications is not trivial. This framework has made it easier for us to implement a protocol server on top of UDP using Java & all the support that comes with Spring.

For these & many more am grateful for Java & the big big community of devs that love & support it.

Yay, Dubba didnt die.
Okay, hello'ed back, lets fucking rant.

Im fucking SICK and TIRED and ANNOYED by all freaking cloud fanboys. Yeah, sure. You get scalability. You waste less resources. Sure. But it depends on use case. There is suprising ammount of services that can be run on VPS or dedicated servers that will be a lot cheaper if you just DONT run it on cloud. And dont you dare to missinterpret me. I fully recognize that there are valid uses for cloud services. But for fuck sakes, its not anwser for ALL of your needs, and it costs insane ammount of money if you use it where you should use dedicated.

WHY we, as humanity came to this place where self-claimed "proffesionals" will anwser you "cloud" before you even ask your question.

No, fuck off, take calculator and think for around 60 seconds. And than decide if you need cloud or not.

And no, this mail server will be fucking few times more expensive on cloud, and I know it becouse I have fucking calculator and I was running it past 1.5 year and actually run sometimes htop, so stop bullshitting me.

Sorry if some cloud die-hard felt offended but it is exacly how I see and feel it.
Peace.

I have multiple contenders ;)

Contender one:

A program used to sort emails.

We was in the process of moving from lotus notes to exchange and needed a way route emails to the right server internally.

Solution, a qmail to receive all emails, a script running by cron every minute to read the emails, check the recipient name to a list and resending to the right server. The script was written in php :P since that was the only way we at the time had to read an email into an object, it was run just like any other shell script :D

Contender two:

A multi threaded mail sender that fetch email addresses and content from a database and posted them through qmail using background execution and pipes to get the result back and then update the database, written in bash script.

Contender three:

A c program used in a similar way as in one but this time using dial up and uucp to fetch email and then drop these either into lotus notes or into a bbs for our customers to give them an email address. This was around 1993, so not to many isp’s offered email and not to many had internet anyway, dial up bbs was much more common.

When I was in 11th class, my school got a new setup for the school PCs. Instead of just resetting them every time they are shut down (to a state in which it contained a virus, great) and having shared files on a network drive (where everyone could delete anything), they used iServ. Apparently many schools started using that around that time, I heard many bad things about it, not only from my school.
Since school is sh*t and I had nothing better to do in computer class (they never taught us anything new anyway), I experimented with it. My main target was the storage limit. Logins on the school PCs were made with domain accounts, which also logged you in with the iServ account, then the user folder was synchronised with the iServ server. The storage limit there was given as 200MB or something of that order. To have some dummy files, I downloaded every program from portableapps.com, that was an easy way to get a lot of data without much manual effort. Then I copied that folder, which was located on the desktop, and pasted it onto the desktop. Then I took all of that and duplicated it again. And again and again and again... I watched the amount increate, 170MB, 180, 190, 200, I got a mail saying that my storage is full, 210, 220, 230, ... It just kept filling up with absolutely zero consequences.
At some point I started using the web interface to copy the files, which had even more interesting side effects: Apparently, while the server was copying huge amounts of files to itself, nobody in the entire iServ system could log in, neither on the web interface, nor on the PCs. But I didn't notice that at first, I thought just my account was busy and of course I didn't expect it to be this badly programmed that a single copy operation could lock the entire system. I was told later, but at that point the headmaster had already called in someone from the actual police, because they thought I had hacked into whatever. He basically said "don't do again pls" and left again. In the meantime, a teacher had told me to delete the files until a certain date, but he locked my account way earlier so that I couldn't even do it.
Btw, I now own a Minecraft account of which I can never change the security questions or reset the password, because the mail address doesn't exist anymore and I have no more contact to the person who gave it to me. I got that account as a price because I made the best program in a project week about Java, which greatly showed how much the computer classes helped the students learn programming: Of the ~20 students, only one other person actually had a program at the end of the challenge and it was something like hello world. I had translated a TI Basic program for approximating fractions from decimal numbers to Java.
The big irony about sending the police to me as the 1337_h4x0r: A classmate actually tried to hack into the server. He even managed to make it send a mail from someone else's account, as far as I know. And he found a way to put a file into any account, which he shortly considered to use to put a shutdown command into autostart. But of course, I must be the great hacker.

Been working on a new project for the last couple of weeks. New client with a big name, probably lots of money for the company I work for, plus a nice bonus for myself.

But our technical referent....... Goddammit. PhD in computer science, and he probably. approved our project outline. 3 days in development, the basic features of the applications are there for him to see (yay. Agile.), and guess what? We need to change the user roles hierarchy we had agreed on. Oh, and that shouldn't be treated as extra development, it's obviously a bug! Also, these features he never talked about and never have been in the project? That's also a bug! That thing I couldn't start working on before yesterday because I was still waiting the specs from him? It should've been ready a week ago, it's a bug that it's not there! Also, he notes how he could've developes it within 40 minutes and offered to sens us the code to implement directly in our application, or he may even do so himself.... Ah, I forgot to say, he has no idea on what language we are developing the app. He said he didn't care many times so far.

But the best part? Yesterday he signales an outstanding bug: some data has been changed without anyone interacting. It was a bug! And it was costing them moneeeeey (on a dev server)! Ok, let's dig in, it may really be a bug this time, I did update the code and... Wait, what? Someone actually did update a new file? ...Oh my Anubis. HE did replace the file a few minutes before and tried to make it look like a bug! ..May as well double check. So, 15 minutes later I answer to his e-mail, saying that 4 files have been compromised by a user account with admin privileges (not mentioning I knee it was him)... And 3 minutes later he answered me. It was a message full of anger, saying (oh Lord) it was a bug! If a user can upload a new file, it's the application's fault for not blocking him (except, users ARE supposed to upload files, and admins have been requestes to be able to circumvent any kind of restriction)! Then he added how lucky I was, becausw "the issue resolved itself and the data was back, and we shouldn't waste any more yime.on thos". Let's check the logs again.... It'a true! HE UPLOADED THE ORIGINAL FILES BACK! He... He has no idea that logs do exist? A fucking PhD in computer science? He still believes no one knows it was him....... But... Why did he do that? It couldn't have been a mistake. Was he trying to troll me? Or... Or is he really that dense?

I was laughing my ass of there. But there's more! He actually phones my boss (who knew what had happened) to insult me! And to threaten not dwell on that issue anymore because "it's making them lose money". We were both speechless....

There's no way he's a PhD. Yet it's a legit piece of paper the one he has. Funny thing is, he actually manages to launch a couple of sort-of-nationally-popular webservices, and takes every opportunity to remember us how he built them from scratch and so he know what he's saying... But digging through google, you can easily find how he actually outsurced the development to Chinese companies while he "watched over their work" until he bought the code

Wait... Big ego, a decent amount of money... I'm starting to guess how he got his PhD. I also get why he's a "freelance consultant" and none of the place he worked for ever hired him again (couldn't even cover his own tracks)....

But I can't get his definition of "bug".
If it doesn't work as intended, it's a bug (ok)
If something he never communicated is not implemented, it's a bug (what.)
If development has been slowed because he failed to provide specs, it's a bug (uh?)
If he changes his own mind and wants to change a process, it's a bug it doesn't already work that way (ffs.)
If he doesn't understand or like something, it's a bug (i hopw he dies by sonic diarrhoea)

I'm just glad my boss isn't falling for him... If anything, we have enough info to accuse him of sabotage and delaying my work....

Ah, right. He also didn't get how to publish our application we needes access to the server he wantes us to deploy it on. Also, he doesn't understand why we have acces to the app's database and admin users created on the webapp don't. These are bugs (seriously his own words). Outstanding ones.

Just..... Ffs.

Also, sorry for the typos.

Never new setting up a mail server could be a huge pain 😭

Two days still no luck... Let's see how long it takes

ZNC shenanigans yesterday...

So, yesterday in the midst a massive heat wave I went ahead, booze in hand, to install myself an IRC bouncer called ZNC. All goes well, it gets its own little container, VPN connection, own user, yada yada yada.. a nice configuration system-wise.

But then comes ZNC. Installed it a few times actually, and failed a fair few times too. Apparently Chrome and Firefox block port 6697 for ZNC's web interface outright. Firefox allows you to override it manually, Chrome flat out refuses to do anything with it. Thank you for this amazing level of protection Google. I didn't notice a thing. Thank you so much for treating me like a goddamn user. You know Google, it felt a lot like those plastic nightmares in electronics, ultrasonic welding, gluing shit in (oh that reminds me of the Nexus 6P, but let's not go there).. Google, you are amazing. Best billion dollar company I've ever seen. Anyway.

So I installed ZNC, moved the client to bouncer connection to port 8080 eventually, and it somewhat worked. Though apparently ZNC in its infinite wisdom does both web interface and IRC itself on the same port. How they do it, no idea. But somehow they do.

And now comes the good part.. configuration of this complete and utter piece of shit, ZNC. So I added my Freenode username, password, yada yada yada.. turns out that ZNC in its infinite wisdom puts the password on the stdout. Reminded me a lot about my ISP sending me my password via postal mail. You know, it's one thing that your application knows the plaintext password, but it's something else entirely to openly share that you do. If anything it tells them that something is seriously wrong but fuck! You don't put passwords on the goddamn stdout!

But it doesn't end there. The default configuration it did for Freenode was a server password. Now, you can usually use 3 ways to authenticate, each with their advantages and disadvantages. These are server password, SASL and NickServ. SASL is widely regarded to be the best option and if it's supported by the IRC server, that's what everyone should use. Server password and NickServ are pretty much fallback.

So, plaintext password, default server password instead of SASL, what else.. oh, yeah. ZNC would be a server, right. Something that runs pretty much forever, 24/7. So you'd probably expect there to be a systemd unit for it... Except, nope, there isn't. The ZNC project recommends that you launch it from the crontab. Let that sink in for a moment.. the fucking crontab. For initializing services. My whole life as a sysadmin was a lie. Cron is now an init system.

Fortunately that's about all I recall to be wrong with this thing. But there's a few things that I really want to tell any greenhorn developers out there... Always look at best practices. Never take shortcuts. The right way is going to be the best way 99% of the time. That way you don't have to go back and fix it. Do your app modularly so that a fix can be done quickly and easily. Store passwords securely and if you can't, let the user know and offer alternatives. Don't put it on the stdout. Always assume that your users will go with default options when in doubt. I love tweaking but defaults should always be sane ones.

One more thing that's mostly a jab. The ZNC software is hosted on a .in domain, which would.. quite honestly.. explain a lot. Is India becoming the next Chinese manufacturers for software? Except that in India the internet access is not restricted despite their civilization perhaps not being fully ready for it yet. India, develop and develop properly. It will take a while but you'll get there. But please don't put atrocities like this into the world. Lastly, I know it's hard and I've been there with my own distribution project too. Accept feedback. It's rough, but it is valuable. Listen to the people that criticize your project.

I'm currently between jobs and have a few rants about my previous job (naturally). In retrospect, it's somewhat therapeutic to range about the sheer brainfuckery that has taken place. Enjoy!

First, let me set the scene: legacy B2B web app made with LEMP stack and sencha ext.js 3 + 4 (don't ask) and a lot of madness. Let's call that app "Alpha".

Alpha is a self made CMS build for typical ERP stuff. Yes, a self made CMS: entities are containers, containers have types and fields and values. Like so many legacy PHP apps, it does not have a dedicated FE: the HTML is rendered on the server and then spewed out to the browser.

Easy right? Coding like it's 1999! But there was a twist: Because everything is basically a container, the HTML-templates are saved in the DB. Along with the nessary JS and the CSS. And the translation variables. Why? Because fuck you! That's why. Who needs a git history anyways.

For some reason, Alpha was kinda slow.

There was also an editor, that allowed you to modify templates (web, mail, pdf) on the fly in prod. Because templates contain repeating data (header/footer), one template could contain additional templates. Much confusion. You could change templates via migration (slow, boring) or just ctrl-c/ctrl-v that sucker (fast, much excitement).

Did I mention Alpha was slow?

On with the rant: e-mails! How do they work? Noone knows. How to send mails asynchronous in PHP? Witchcraft is the only possible answer to that riddle. Here is your enterprise™ solution:
1. create mail
2. insert mail into DB
3. WAIT UP TO 59 SECONDS FOR A FUCKING CRON TO SEND MAIL

Why? "Because that way, we can resend mails in case the network is down :)"

Same procedure for the SOAP-API (db-queue + cron). You read that right: all requests to various other systems are processed once a minute.

Alpha slow.

Alpha was only one of several systems. Imagine a bunch of monolithic php apps, interconnected via SOAP, REST and GraphQL like a godamn intergalactic orgy. Image having to debug that cluster fuck.

Let's say there is a bad request. These things happen. No biggie. Remember the db-queue? Let's try to send the bad request a second time! And a third time! Still no luck? How odd. Let's create a specific file in a specific directory: a LOCK-file. Now, "the db-queue is on hold and no request gets processed :)"

Golly gee thanks Alpha.

Anyhow, did you know that MySQL has a join limit of 61 tables?

Hotmail and t-online (Germany) are the worst E-Mail providers. They have a weird setup with weird custom white and blacklists.
My mail server is configured perfectly. However, my server is inside an IP range microsoft and telekom decided to block.
Oh... come on

Argh fuck you Microsoft for blocking my precious mail server. I can't believe that you were the only one. Even google accepts my mails with every fucking test passed...

Oh and not to mention that in the no delivery report you are referring an error code which is not present on the linked troubleshoot page. Thank you once more, you piece of shit.

Should have listened to the articles about why I don't want an own mail server...

What a week at work...

As some of you might know, it‘s currently very hot in Germany with temperatures rising up to 35°C. That‘s when our AC at work decided to stop working. I‘m working in the third floor of a three story building so it‘s getting very hot in the office.

The day after we had a 45 min powercut and the AC still does not work.

Today when I got up and wanted to go to work, I got an E-Mail saying that we have another powercut which lasts at least three hours. We‘re supposed to work from home using VPN. But how the fuck should I be able to log into the VPN if the network is offline?! Oh and of course our GitLab server is hosted in house as well, so no access to any code at all.

Hopefully next week is gonna be a better one...

There are a few email addresses on my domain that I keep on receiving spam on, because I shared them on forums or whatever and crawlers picked it up.

I run Postfix for a mail server in a catch-all configuration. For whatever reason in this setup blacklisting email addresses doesn't work, and given Postfix' complexity I gave up after a few days. Instead I wrote a little bash script called "unspam" to log into the mail server, grep all the emails in the mail directory for those particular email addresses, and move whatever comes up to the .Junk directory.

On SSD it seems reasonably fast, and ZFS caching sure helps a lot too (although limited to 1GB memory max). It could've been a lot slower than it currently is. But I'm not exactly proud of myself for doing that. But hey it works!

Gah... Outlook just froze because it can't connect to the mail server.... While I was drafting a long email....

Hope it doesn't crash, hope it doesn't crash.... Please please please...

I installed sendgrid on my server today for the first time. Now I have several questions to you more experienced programmers.

1. Is there anything I should know about using sendgrid for server generated mails?

2. Can I still use my own configured Mail-Server (eg. for sending emails with Thunderbird?

3. How does sendgrid work?

4. Are there probably better alternatives? (I first wanted to use mailgun, but those fuckers want me to have a credit card for registration)

Need to change host for my sites, but no money for a good one. Trying to put everything in one cloud (5 USD) but... How the duck can I create a mail server with multiple domains?

A good fight with postfix, dovecot... The first account, just to the sake of make it work, is almost working (I reckon)

I wonder how fast the mail server pewdiepie uses will go down, if he turned on notifications for every like, comment etc.

tl:dr
i fucking hate that professor for whom i have to work on laboratory project right now.

reason#1
the project is using a stack full with java. JavaScript. react and some weird facebook api of which i have no clue about. not to mention the server side of this application which uses tomcat (ok its java after all) and sql.

well that wouldn't be not so bad if...

reason#2
we wouldn't have to fucking debug his mistakes he put into the fucking prepared code AND his fucking useless instructions how to set up the project for eclipse the first time. not to mention his fucking requirements which make no sense

oh yeah im a student. i can always go and ask him for help if i need any...

reason#3
i have another 70% mandatory course at the same time and that fucker refuses to upload hos sheets in moodle and answer even one fucking question via mail. not to mention no support if I am there unless i have eclipse setup. even through the projects should be build using gradle...

reason#4
oh. and have i mentioned that this course is only about design patterns? uts not like we could see several of them in a java only application. no we literally have to learn java itself. gradle. nodejs JavaScript Extended for react which i have no clue about at the moment... and yes i especially mentioned gradle and nodejs beccause we have to set shit up and not only use a script.

reason#5
and all that wont even give us a grade. no ita simply a pass or fail part of the module which the course is part of.

have i also mentioned that the whole shit should be done in 20 hours according to the schedule

Setting up a mail server is the worst experience I ever had. And whoever took part in the invention of these evil pieces shall get hit by doves, round cubes and get lost in /home/minzkraut/mbox FOREVER!!

HECK!

On Friday afternoon, i got an e-mail from the IT manager of the company I'm working for.

"Due to security issues we have been forced to stop the server you deployed"

Today, on Monday morning, i got a message from the director saying LITERALLY NOBODY CAN ACCESS THE SYSTEM

I wonder what it could be.

10 Signs You Picked the Wrong ISP !!

10. Their company logo: two tin cans and a length of string.
9. You check out their address, and it's a phone booth containing a Compaq portable and an acoustic coupler.
8. Their chief technical officer lives in a 10-foot-by-7-foot shack in the woods.
7. Their proud boast: "We've been on the Internet since it was CB radio."
6. Their promo materials use the words "information" and "superhighway" in the same sentence.
5. You order an SLIP/PPP connection, e-mail, and 2MB of server space for your personal Web site, and the voice on the other end of the phone asks, "Would you like fries with that?"
4. "As seen in Better Business Bureau special reports."
3. "Access speeds up to 9,600 bps in most areas."
2. They hawk both domain names and Rolexes on street corners.
1. They charge by the word.

!rant
import analogies

Customer: So I have two emails and I'd like to be able to use them.

Me: Okay, I see you have both Windows Live Mail and Thunderbird...

Customer: Yeah, Thunderbird was the old one we used, we now use the Windows Live Mail, but it's always having problems.

Me: Well, Windows Live Mail isn't supported anymore, so I would recommend moving back to Thunderbird.

Customer: But that would mean I would have to get another email, right?

Me: No... *thinks for a moment* OK, imagine you have a garden hose that is connected to the main line of your house. You with me?

Customer: I guess...

Me: So the connection from your house is your email - or at least the server out on the internet. Now on the other end you have a hose splitter, and it splits off into two other hoses. Still with me?

Customer: Yeah...

Me: So on the end of the other two hoses you have two spray nozzles; one for each hose. Now one nozzle is from company A and the other is from company B. Both nozzles share some spray types on the heads, but there are a few heads on A that B doesn't have and vice versa.

Customer: OK...

Me: Those spray heads are Windows Live Mail and Thunderbird. They receive your mail from the same place, like the water, but they have different features. Does that makes sense?

Customer: I suppose.

I absolutely hate it when companies use this or that medium for communications despite me asking them time and time again for another.

I have a mail server for more professional communications. The phone, only for stuff that won't matter if I inevitably end up forgetting about it (even more so now that Google made call recording more or less impossible, laws be damned). I will forget about a phone call no doubt. I've got better shit to do than to remember your manglement decisions, thank you very much. On mail, that's all nicely on my mail server for retrieval in several years even.

So I ask them to use the email address I gave them, a dedicated one for their company too (catch-all go brrr). Can't do that with phone numbers. Managing all those SIM cards aside, our government has now limited the amount of SIM cards one can have to 10. And texts and phone calls are not a long-term medium! And I can't share my phone number with just about anyone because people will inevitably spam the shit out of it, AND it's hard to replace! It's not a good medium! So with all due respect, companies - I couldn't care less what medium you prefer to use for your customers. You don't care about what your customer wants you to use - explicitly so! - and you lose a customer. It's as simple as that. Dealing with manglement is one thing, but dealing with manglement using the wrong media is something I'd really rather not do.

But hey I guess that virtue signalling is more "in" than actually listening to your goddamn customers nowadays? Let's replace another master/slave reference. You know, arguing that if we did that 2 years ago, George Floyd would've totally survived. Not by fixing the US police brutality, oh no no no. That's not the right way. Changing nomenclature and hashtags however, and not giving half a shit about your customers, yeah that's the way to go!