Today it was revealed that the dutch government doesn't even fucking use SPF records for their email. Someone found out by sending an email in the dutch's govt name and it actually fucking worked.

I hope they fire the people responsible for NOT implementing the most BASIC FUCKING EMAIL SECURITY/VALIDITY MEASURES IN FUCKING HISTORY.

Incompetent cocksucking motherfucking fucks.

Made this for work after encountering 500+ line functions in the legacy code.

Anything I (am able to) build myself.
Also, things that are reasonably standardized. So you probably won't see me using a commercial NAS (needing a web browser to navigate and up-/download my files, say what?) nor would I use something like Mega, despite being encrypted. I don't like lock-in into certain clients to speak some proprietary "secure protocol". Same reason why I don't use ProtonMail or that other one.. Tutanota. As a service, use the standards that already exist, implement those well and then come offer it to me.

But yeah. Self-hosted DNS, email (modified iRedMail), Samba file server, a blog where I have unlimited editing capabilities (God I miss that feature here on devRant), ... Don't trust the machines nor the services you don't truly own, or at least make an informed decision about them. That is not to say that any compute task should be kept local such as search engines or AI or whatever that's best suited for centralized use.. but ideally, I do most of my computing locally, in a standardized way, and in a way that I completely control. Most commercial cloud services unfortunately do not offer that.

Edit: Except mail servers. Fuck mail servers. Nastiest things I've ever built, to the point where I'd argue that it was wrong to ever make email in the first place. Such a broken clusterfuck of protocols, add-ons (SPF, DKIM, DMARC etc), reputation to maintain... Fuck mail servers. Bloody soulsuckers those are. If you don't do system administration for a living, by all means do use the likes of ProtonMail and Tutanota, their security features are nonstandard but at least they (claim to) actually respect your privacy.

SPF, DKIM and DMARC successfully implementet. It is fun to have a more spoofproof email than many major companies

Soo, one of the biggest banks here in northern europe has messed up their SPF - guess what emails is going down the drain today

When a university-wide mailing list system restricts posting to a list based solely on the From address... I was able to telnet port 25 from an outside server (so obviously no SPF either), pretend I'm admin@, and send a message to all students and staff...

Stupid Google fucks.

I finally discovered why I have such a low DMARC pass rate. If your DMARC policy is set to "none," and you send something to a Google Group, the stupid fucks intentionally rewrite the return path of your messages. This breaks DMARC alignment, SPF and DKIM in one go. They only do the correct thing if your policy is set to "quarantine" or "reject."

Google must get a hardon from playing bad net citizen.

After working with a coworker on some odd issues, I finally decided to check on the actual ticket he needed assistance with.

From now on, we will optimize our HTML for aesthetic appeal in Chrome's dev tools. display:none is verboten.

Sometimes I wonder if I've had a stroke or if I've died and am in purgatory.

Can someone explain why the IT dept thinks that sending form mail from their website via smtp connection using a specific email account credentials (iffice365) for their domain and the ip address of the website included in the domain spf should be classed as an important security issue and we should find an alternative method of sending the form mail?

Its fucked how you can put spf and dkim in place and your legitimate emails are still blocked but yet you can receive viagra emails daily

If you want to improve your life, but your mental health and energy levels are too low to exercise, start with hygiene.

Take showers every day, continuously lowering the water temperature. Use dental floss and tongue scraper. Brush your teeth twice a day. Wash your face every morning and every evening. Use evidence-based skincare products: adapalene, panthenol, SPF 50+ sunscreen. Keep your toes and nails tidy. Shave routinely.

According to Nadya Tolokonnikova, a prominent Russian dissident who was imprisoned, denying basic hygiene is a _very_ efficient way of breaking someone into submission that is often applied to dissidents in Russian prisons. So, doing a reverse of that should improve mental health.

I fucking hate when I mess up my spf

WHY!
Email was invented a gazillion years ago and it's still a shiit experience to setup on linux. Just give me ONE complete package!!
nooo i need to get postfix, dovecot, spamassassain mailscanner, antivirus, opendmarc, opendkim, dovecot-managesieve dovecot-sieve, roundcube, database, webserver and then i still have to configure everything and setup certs, spf, dnssec, dkimkeys on the domains, domains, mailboxes, deny weak certs etc.

I know the whole do one thing and do that one thing well but how about you just be a mailserver and do that ONE thing well without me needing to putting all of the puzzle pieces together myself! I don't want to waste time setting all this shit up. and don't even get me started on symantec and live.com and their blocking!

Holy shit, how come that so many IT-firms are totally missing SPF-record?!

Aaarrgghh! Stupidity of some webdevelopers! Ordering new battery on e-shop and got in my mail devilery report from one freemail service. Checking what kind of spam it is and those lazy bastards are taking my full order and sending it with my e-mail addresses in From to their freemail account. Which correctly rejects it based on SPF as the freemail suprisingly does its job well. Who the hell thought this would be a good idea? Grrrr!

Looking for ideas here...

OK, customer runs a manufacturing business. A local web developer solicits them, convinces them to let him move their website onto his system.

He then promptly disappears. No phone calls, no e-mail, no anything for 3 months by the time they called me looking to fix things.

Since we have no access to FTP or anything except the OpenCart admin, we agree to a basic rebuild of the website and a redeployment onto a SiteGround account that they control. Dev process goes smoothly, customer is happy.

Come time to launch and...naturally, the previous dev pointed the nameservers to his account, which will not allow the business to make changes because they aren't the account owner.

"We can work around this," I figure, since all we *really* need to do is change the A records, and we can leave the e-mail set up as it is (hopefully).

Well, that hopefully is kind of true—turns out instead of being set up in GoDaddy (where the domain is registered) it's set up in Gmail—and the customer doesn't know which account is the Google admin account associated with the domain. For all we know it could be the previous developer—again.

I've been able to dig up the A, MX, and TXT records, and I'm seeing references to dreamhost.com (where the nameservers are at) in the SPF data in the TXT records. Am I going to have to update these records, or will it be safe to just leave them as they are and simply update the A record as originally planned?

So got first invoice for Internet in my new flat. Via e-mail with winmail.dat attached. WTF? Send them reply that their mailing system is broken. They replied that *I* probably have wrongly setup *Outlook* and sent me instructions how to configure my Outlook. Thank you, my mutt us fine and your instructions wouldn't work. Sent them another reply that I'm happy that they know the answer and that they should apply it to their setup as my mail setup is correct. Got e-mail with pdf. No wonder those guys don't suppprt IPv6 nor DNSSEC if they have troubles using plain e-mail. Maybe I should check whether they have DKIM or SPF and do some little evil...

Programming. Where listening to music and ignoring collegues means you're hard at work.

Set up customer's e-mail addresses in Plesk. Worked fine in testing, all goes well for about a week.

Then their e-mail stops delivering. Stuff arrives, but outgoing messages either bounce or fail silently altogether. I contact 1&1 support, and they help set up SPF and DMARC on the domain, and then we wait and see once the DNS changes propagate.

Well, something about these changes caused my business e-mail (on a separate server) to exhibit the same problem now, when it had been working for 3 years without issue prior to that.

Check back with 1&1 2 days later to see why the first one isn't working; we verified all of the records across everything, tweaked a couple other things (like setting the full hostname in Plesk to mail.servername.com), and waited 2 more days.

Still having the same problem on both accounts. did a bit of looking up the issue for Plesk and found that in order for SPF/DMARC to work, they have to be activated on the Plesk-wide mail settings, and then again individually at the domain level.

Made these changes on my business e-mail's server and domain and it fixed the problem!

Made the same changes on the server with the customer's domain and...still seeing the same issue.

Have checked all settings between them and they're identical. All the appropriate DNS records are in place. I'm kind of at a loss for waht else to check at this point.

Now I have enough of this shit I fucking go grab a chainsaw and cut you into the tiniest pieces possible then pour gasoline on your fucking servers and lit them on fire. How the fuck should I remain calm if there is at least two fucking email I can't send because your fucking piece of shit server gets blacklisted EVERY FUCKING WEEK.

Oh how cool you made ipv6 available to shared plans so outlook servers won't blacklist mails. But guess what, it STILL DOESN'T WORK!!! Not to mention that you automatically modify my existing SPF record and set the shared storage ipv6 address to the main domain which should be pointing to the vps (still working though but have no idea why). I am so fucking fed up with people for today, and it's only just morning.

OK, I've got a couple customers I provide e-mail hosting for, but recently it's been...more trouble than it's worth, to put it simply. I'm looking to offload that part of what I do onto another service.

Does anyone have any recommendations for e-mail hosting services? Bonus points if they have good customer support.

Some developers incopetence can be limitless. I found e-shop which uses creative but totally silly way of integrating with e-mails. See my last rant (they send e-mail with my 'From' to themselves). As I sent them delivery report (I have SPF enabled) and wrote them what is wrong, they apologized when I came to pick up the goods and were glad that I forwarded the report (otherwise my order would be quite delayed). But hey, everything is fine, they are working on new e-shop. I said great, hopefully it wouldn't be this messed up. And I was told that yeah, the new one will block .net and .com addresses right away. WHAT THE ACTUAL FUCK? How can somebody use their incompetence as a reason to screw up even more! So next time, I'll probably use my local e-mail with SPF enabled to tech them to blick all e-mails and do stuff properly.

Want to send an email? Sure thing, how about you configure first a DKIM, DMARC, SPF and some reverse DNS. Otherwise your mail can go fuck itself, because it won't even make it to the spam folder. Even if you do all these time consuming fuckwit tasks I might just mark your mail as spam. Because fuck you, that's why.

Sending mail to Gmail in a nutshell.