As part of my migration to the cloud, I terminated the Comcast Business internet service and switched to Xfinity internet.
When I initially signed up for the Xfinity service, I got their cable modem / router / wifi appliance. My plan was to get my own cable modem eventually because Xfinity charges $13 / month to lease the appliance.
I was at Best Buy and saw that cable modems weren’t expensive, so I decided to purchase a mid-level model (Netgear CM600) so I could save the lease fee. The CM600 would pay for itself in about 8 months.
It took a while to get setup … and there were a few false starts, but eventually I got it working connected directly to my MacBook.
I ran into a problem when I switched the CM600 over to my ASUS RT-5300 wifi router.
I kept getting the message “Your ISP’s DHCP does not function properly” on the ASUS network map page.
Spammers quite often ‘spoof’, or fake, the from address of an email.
As a result of this, many unsuspecting domain owners are being ‘blamed’ for spam that appears to come from their domain.
Fortunately, there is a relatively easy way to protect your domain from this: Publish DMARC policies.
If you are publishing SPF records and signing your email with DKIM, you can publish DMARC policies that tell receiving mail servers what do with emails that don’t align with the SPF and DKIM information.
SPF policies are DNS records that indicate what mail servers your mail is sent from.
DKIM is a way to add digital signatures to your email so that receiving mail servers can verify it was sent from an authorized source and that it wasn’t modified in transit.
Now what if you have a domain that you NEVER send email from?
Protecting those domains from being used in spam is even easier.
Although not directly supported, it’s quite possible to use the LetsEncryptcertbot client on Amazon Lightsail Linux.
First of all … what is LetsEncrypt?
Let’s Encrypt is a free service that offers basic SSL certificates any web site. The certificates are good for 90 days but can be renewed indefinitely. With the proper software, the installation & renewal of the certificates can be fully automated.
There are a few things to be aware of and workarounds that need to be done.
Well, truth be told, it was pretty close … but you never know when inspiration will strike.
So a little while ago I had a hardware failure on one my servers. This incident has given me the incentive to try and move some of the servers I host to other machines … where I don’t have to worry about the hardware end of things.
To that end, I started looking at hosting providers. One of the providers I’m looking at is Amazon Lightsail.
Amazon Lightsail provides micro instances of their AWS compute service at very good prices.
A 512mb / 20gb Linux instance only costs $5 / month and the first month is free.
So I’ve been playing around with that and like it a lot.
I’ve currently got a handful of sites moved over to Lightsail.
Back in October of 2012 I devised a way of blocking abuse of my mailing list server by detecting mailbait abusers (mailbait.info offers a ‘service’ to fill your, or someone else, mailbox with unwanted mailing list subscriptions). In June of 2013 I refined the technique.
Regardless of the popups, people still try to use mailbait to involuntarily subscribe people to my lists (well, try at least, my lists require a closed loop confirmation system).
Today I received the following threat from a mailbait.info user ..
I’m inclined to ignore the ‘warning’ … but I find it somewhat satisfying that my approach has annoyed someone sufficiently.
As an added measure, I’ve updated my system security mechanism to block any IP that attempts to use the mailbait service more than once.