smb

joined 10 months ago
[–] smb@lemmy.ml -3 points 1 week ago

Your experiences are anecdotal.

by pulishing them they become measurable, which also removes the "anecdotal" flag with numbers, also maybe ask archaeologists how much of an evidence a complain written in papyrus actually is a "while" after it was written.

also the studies that found out "why" public services don't serve in the first place have become quite old* meanwhile, which is the very opposite of anecdotal, but nothing was done so far to change the known state of not serving services for decades, so why should they have changed without changing actions affecting them?

*) i read parts of them >20 years ago and the studies observations and conclusions i read fitted 100% of what i personally experienced/witnessed from within a family "working" in such services.

[–] smb@lemmy.ml 1 points 2 weeks ago (1 children)

but maybe only for emails from outside, not for emails from within protonmail? haven't read any specs of protonmail yet...

[–] smb@lemmy.ml 1 points 2 weeks ago

well for e2ee you obviously have to let one e encrypt the data for the other e. (good luck with newsletters then) for usual services kindly asking them to support either s/mime or gpg for outgoing emails, that would at least make them know the wish, but good luck there too.

i think the already mentioned solution with encrypting incoming messages on your side just before mda to your inbox should be the closest possible to what op wants. one would need to check if the message is already encrypted and skip encryption for those.

if you only want the admin of that email (imap) server to not be able to read all emails, maybe placing a separate encrypting server (smtp+encrypt+forward) inbetween outside world and your email imap server could be a solution.

one should have a look into the logfiles too as some mailers might log message subjects and of course sender/recipients along with ip adresses of incoming/outgoing servers which the op might not want to be readable as well (i dont know protonmail that much)

also gpg IMHO allows for sign-then-encrypt hiding the signature within the encrypted data which could be wanted. also one might want to look exactly what parts of the messages contents and its headers are encrypted or plaintext on the server before feeling safe from the threat one wants to be protected from.

[–] smb@lemmy.ml 6 points 2 weeks ago (7 children)

but then the admin can still read the mail while it arrives ;-)

[–] smb@lemmy.ml 2 points 1 month ago

you're welcome.

what i'ld suggest... a general rule that i like to always follow is to use a test system for everything new. but that does not need to be a full separate system every time.

lets say you have your mailbox and want to try getting new mails from it using fetchmail. first you can use uidl mechanisms to only fefch every mail once and besides that leave them all on the server, but i like it a bit more secure: create a second email adress/account at your mail providers service only for testing. thus you can do whatever you like to to test the mechanisms only without even touching your real inbox (maybe even fill it up with large emails and look how the system reacts, i once had an email account with a cheap provider that deadlocked the inboxes when full..). then when everything is as you want it, switch the account and password (or create another config file for fetchmail) and your're done. every change (not only fetchmail things) could go tested this way before going live with the changes. filtering could be done with procmail for example, but when the mda that is called by procmail somehow exits with success when the email really isn't delivered, then the email might get lost forever depending on the settings of course. so fiddling with new stuff always carries the risk of not fiddling correctly ;-)

have fun !

[–] smb@lemmy.ml 4 points 1 month ago (3 children)

Its possible to tell your mta (like postfix) to use another mta for all mails, or only some domains etc, so using a third party to play the internet facing service then getting the mails by fetchmail, storing them in a dovecot server is easy. on the sending part you could use your standard email client (i.e. thunderbird on pc or k9-mail on smartphone) to send it to your postfix instance that also sits on the server hosting your dovecot service. the mta there takes the mail and delivers it by rules which could just be using the mta of your freemailer using username/password of your account for all outgoing emails. i am doing this but the "external" mail system are my servers as well, i just don't want emails to stay too long on VMs in the datacenter where i have no access to the physical disks in case something goes wrong.

a raspberry pi is sufficient for such a aetup (i am using a pi4 currently but for emails only i'ld say a 3 or older would do too), adding a disk via usb makes storage huge and cheap then, i use two usb ssd's in a raid1 for storage.. that server could be only accessible through vpn if you whish, depending on your skills and needs (i mainly use ssl client certificates that are supported by k9mail and thunderbird so it fits seamless to be connected through a haproxy that authenticates these before proxying the plain connection to the pi) clients like thunderbird can offline-store all emails (configure download-or-not per imap folder) making searches easy and quick while my k9 client can search locally or on the server if needed.

maybe adjust maximum mail size of your own mta to exactly match (or slightly less) that of the freemailer you use to prevent surprises of big but later then unsent emails.

its possible to have a nextcloud instance on that same pi that acts as an email web mailer just in case of (i really dont need it, but i've set this up anyway). nextcloud is also great for syncing/backup files pictures, contacts notes todo lists and calendar of your phone (where i use davx5 opentasks and foldersync for). there are other webmailers available but installing /using nextcloud is not a too bad idea either ;-)

i suggest also setting up some automatic offsite backup with snapshots of that pi then to cover emails and the setup and its configs ;-)

[–] smb@lemmy.ml 2 points 1 month ago

isn't "making others believe their product would be worth a multiple of too expensive by numerous lies" one of the very few reasons why billionaires even exist? and whoever can manipulate you to believe such, could possibly also use these skills to manipulate you to believe someone else would be a demon. maybe thats why that is. 🤷

[–] smb@lemmy.ml -1 points 1 month ago

We’re like a hairs breadth away from corpo feudalism

i think this is rather a permanent and created perception of beeing "at the edge" as it assumes not to be there yet while it allows feudalists to do all their crap, parts of it even publicly. at least our parent generation had the same perception of beeing at that same edge while things have worsened a lot in the decades of the feudalists fouling further. that is IMHO ;-)

[–] smb@lemmy.ml 1 points 1 month ago (1 children)

you sound like you want to fight anti-civilisation with a non-civilised aproach, but thats not gonna do it. as you wrote "infested", i strongly believe that becoming evil when fighting evil only helps evil. what comes next after you hung some of who you thought should acompany those oak trees for a while? you choosed to believe that would solve the problem for now, didn't you? what would really happen (in case you dind't just wanted to deathwish them only to experience that parasites are immune to deathwishing)? even when youre not going to jail for some reasons, you then have achieved what? wouldn't there be another one to fill that position* who "thanks" you for helping him into it? but how would that "thank you" look like? well as you would have removed the previous one from his position and you were the "friend" of the new villain helping him into his new position, that beeing a friend immediately turns into a threat to him as soon as he 'has' that position and you're not welcome any more but an enemy to take down unless you start to work with your new skills for that villain to do other dirty work for him and become another evil instead of helping against evil.

*(where "position" is anything someone can hide behind by law)

those hiding behind laws will always be there until those laws are adjusted, the persons might change, but the possibility of hiding behind laws would still be there and attract villains, the bigger the villain, the more attractive those laws are to him.

try to control your anger first and become really good at it or you might end up beeing controlled by some villain using your anger for his own purposes (do you watch tv btw? do you get manipulated by it?)

maybe step back and become a scientist instead who analyses the parasites how they do what and how they could be really be fought one day without beeing just evil but not achieving anything. and a scientist that helps others becoming parasite analysing scientists themselves.

if you find another civilized aproach that works or at least should, plz tell me.

[–] smb@lemmy.ml -2 points 1 month ago (2 children)

maybe thats where he has that lie-and fraud-habit from ;-) but i believe that this post is not more than just some more election campain lies 🤷 just look at the "the democrats" part. if voter fraud would be that easy, voting should be delayed until fixed. following that argumentation there already is no democracy but only feudalism in the us (or isn't it already?) and all the voting stuff is just theater to calm the masses while beeing abused like cattle. and if its not that easy, this seems to be yet-another-musk-lie in a row of how many?

but... even if it wasn't that easy to fake votes, is it democracy then only because of the votes are done and counted correctly? what about the candidates and where they come from, who or what decides which candidates can be voted? who or whatever does or impacts this filtering is an attack vector where democracy can be directly attacked. and limiting the candidates to who one could manipulate or who shares the same fraud wishes from the beginning is a very powerful attack vector.

now what do you think who would want to attack democracy in the first place? or how would that be done while leaving the vote-counting system intact? and who would maybe want to point to nonexisting voting problems just to distract from much bigger fraud? that is if those voting problems do not exist of course.

so many questions, so many lies and nobody seems voteable? what a coincidence!

[–] smb@lemmy.ml 1 points 1 month ago (3 children)

yes, maybe they just lived in a too poor country and should have seen the signs and move to a civilized one way ahead instead.

[–] smb@lemmy.ml 17 points 1 month ago (1 children)

last christmas 😁

 

The big picture: Israeli officials said their increasing attacks against Hezbollah are not intended to lead to war but are an attempt to reach "de-escalation through escalation."

wtf

 

https://therecord.media/ford-patent-application-in-vehicle-listening-advertising

Looks like Ford just voted to NOT be my choice of car vendor in future.

However getting this patent could be used by Ford to prevent such systems from beeing used by all vendors, but thats veery unlikely i guess.

 

looks like:

  • They claimed to be a trustworthy public CA (that can handle security incidents)
  • They made commitments to be included as trustworthy in common Browsers and OS'es
  • They now willfully break those commitments to rely on 2B2F only...
  • They do not even answer valid questions for month in a process that they should have already completed within 5 days as was defined in the commitments they agreed upon.

Maybe Honest Achmed's Used Cars and Certificates should show up again once more !?

view more: next ›