|
https://tools.ietf.org/html/rfc1149
|
#
?
Mar 27, 2016 18:04
|
|
|
|
| # ? Jun 4, 2024 11:26 |
|
|
So I'm continuing to roll out DMARC on our domain to try and get a bit of a handle on the amount our addresses are being spoofed when sending to recipients outside of our domain, and it's working really well so far. It definitely exposes the 3rd party services that have an awful grasp on how to send email reliably, though. The current one I'm dealing with is our helpdesk software that sends from the provider's domain, signs the message with a record on the provider's domain, and sets the envelope from address to our domain. DMARC quarantines it because in this situation they really need to send from their own address and just set the reply-to as us, or give us an SFP/DKIM record to add to the domain. Currently their support is telling me to add their SPF record to our domain, while continuing to send email using their own address in the envelope. Don't think that's going to help guys.
|
|
#
?
Mar 27, 2016 19:48
|
|
|
keseph posted:Fax it! Cover sheet that says "do not peek"
|
|
#
?
Mar 28, 2016 16:15
|
|
|
Support got back to me to let me know that email delivery that doesn't poo poo all over established best practises is a premium feature that requires the second-top tier. LOL OK thanks for that.
|
|
#
?
Mar 28, 2016 19:43
|
|
|
Thanks Ants posted:Support got back to me to let me know that email delivery that doesn't poo poo all over established best practises is a premium feature that requires the second-top tier. LOL OK thanks for that. hahahaha BPAAS: Best Practice on a subscription basis only.
|
|
#
?
Mar 28, 2016 20:25
|
|
|
I kind of feel the same about SaaS providers charging a fortune for SSO integration.
|
|
#
?
Mar 28, 2016 20:49
|
|
|
porkface posted:Cover sheet that says "do not peek" Followed by a giant QR code
|
|
#
?
Mar 28, 2016 21:18
|
|
|
Thanks Ants posted:I kind of feel the same about SaaS providers charging a fortune for SSO integration. It's disk space in my world. SaaS providers' disk platters must be made of solid platinum or something.
|
|
#
?
Mar 28, 2016 21:27
|
|
|
Super Slash posted:Followed by a giant QR code Encrypt the fax with a one time pad. Exchanging the pad is an exercise left to the reader.
|
|
#
?
Mar 28, 2016 21:47
|
|
|
KillHour posted:Encrypt the fax with a one time pad. Exchanging the pad is an exercise left to the reader. Encrypt it using Magic Eye; No one will figure it out.
|
|
#
?
Mar 28, 2016 21:50
|
|
|
Thanks Ants posted:I kind of feel the same about SaaS providers charging a fortune for SSO integration. That's how they differentiate between corporations with $$$$ to waste and some guys working out of their home offices counting every penny. It's like how airlines identify business travelers by trips that don't span weekends. It's not that those features cost more, but the people who want them will pay more.
|
|
#
?
Mar 28, 2016 22:22
|
|
|
Thanks Ants posted:I kind of feel the same about SaaS providers charging a fortune for SSO integration. The gently caress? Who the hell charges for this?
|
|
#
?
Mar 29, 2016 02:01
|
|
|
Tab8715 posted:The gently caress? Who the hell charges for this? A LOT of people. And they're all fuckwads for it. The first one that comes to mind is DocuSign, which will charge you no-poo poo $2500 non-negotiable to set up standard SAML SSO. They claim it's because (essentially) their architecture is old and lovely and they need an engineer on their side to be overseeing it. Who knows. All I can tell you is A) they simply wouldn't budge on this, and B) it turned out that the way their API works it won't accept SSO logins. Why is this important? Because we were trying to integrate Egnyte with DocuSign using the plugin on the Egnyte side, and all the logins from Egnyte were failing because they were using the user's credentials (since Egnyte was using SSO, for which they don't charge because they're not assholes at least in that realm). So Egnyte, and I give them full loving credit for doing this because they really didn't have to, rewrote their plugin to use one login (which was a user added to DocuSign in the client's DocuSign account itself, essentially a service account, so that it wasn't using SSO creds) to access the DocuSign account no matter which user was doing it, and then use "sign on behalf of" functionality inside DocuSign to sign it as the user requesting the signature. If you think that's totally hosed, so do I, and we had the PRIVILEGE of paying $2500 for it (and getting 30 minutes of a frazzled SSO engineer's time - my time with the dude seriously was like a doctor visit - "Hello what's the problem? SSO? I flicked the switch try now, good? Great seeya"). What boggles me about this is that I and my client, a midsize construction company, were apparently the first people to try this integration and have it fail? I don't know if it's that basically no one tries to use SSO whenever possible (probably this, no one seems to understand how loving useful or important it is) or that specifically all of Egnyte's clients were, no, never mind I don't even know why I'm trying to think of a second reason, it's definitely the first one. But yeah, a lot of people still charge for SSO and it's goddamn loving retarded.
|
|
#
?
Mar 29, 2016 02:27
|
|
|
KillHour posted:When I worked at a bank, if someone needed to send us encrypted info we would set up a transfer with the service of our choosing and IT oversight. It had to be set up 3 weeks in advance. We have 2 different services for getting confidential information sent to us, one of which requires some setup, and other requires sending an email to the customer after hitting a button in Outlook once. When I was still in charge of our mail gateway that did our spam filtering and initial virus protection, we'd still be rejecting dozens of emails a day with people's SSNs. My favorite was someone trying to send in their tax documents, and were so resistant to the email portal, they sent their SSN in 3 different emails.
|
|
#
?
Mar 29, 2016 02:54
|
|
|
Oh, they could send encrypted emails. Just not receive them.
|
|
#
?
Mar 29, 2016 03:21
|
|
|
Things pissing me off: Someone just paged a critical incident break glass world is ending mailer that hits about 35 peoples phones(C and V level included) because of a UI bug in Australia where they have to dial the country code in front of the number but otherwise the service works. Great job new support engineer and manager training them. This should be a fun RCA. I already saw one "what the gently caress?" e-mail in my inbox as I was logging back out of our internal chat service.
|
|
#
?
Mar 29, 2016 03:21
|
|
|
We had a big meeting today with our department with the head of our IT group. In it, we were going to go over how he can help us keep our heads above water, things we needed, what projects were coming down the pipe and so on. What instead happened was 15 minutes of him telling us he's on our side and is there to help, 10 going over what he's looking for in our new manager, and 35 minutes going over this neat online too to help us manage our time and track our work. He did the big pitch and received just silence, until one of our voip admins asked how exactly this helps us. She said our problem is how people can just assign work to us regardless of how busy we are, and just expect we'll get it done. This site doesn't help, as those people don't use it, and would ignore it anyway. He was silent for a bit, and then just repeated that this program will help us. The most enjoyable part of the meeting was saying that our department has the largest # of projects at the implementation stage of all other departments, but has the smallest staff. Now, a reasonable person would go "So we are looking into hiring more people to help you complete work faster.." but we got "Its amazing how you guys keep that up, good job!" Also, I really wish we had a linux person around, I'm able to fumble way around it, but I don't want to gently caress with our DNS servers and hope for the best. Although I guess we have 2 of them for a reason.
|
|
#
?
Mar 29, 2016 03:41
|
|
|
Visibility on your projects is important. The tool might help there. You're going to have to make people aware that the new project they want done is at the bottom of the list of existing stuff. I had that same problem: anyone can rock up with work and I just have to do it. I voiced concern to my manager. Then I quit.
|
|
#
?
Mar 29, 2016 05:15
|
|
|
Things pissing me off:
Not pissing me off:
|
|
#
?
Mar 29, 2016 07:33
|
|
|
Not pissing me off: writing a script to generate and upload a 1tb random number file so I can test. Pissing me off: discovering it doesn't gracefully recover from a cert glitch 80% in after about 4 hours.
|
|
#
?
Mar 29, 2016 07:45
|
|
|
Paladine_PSoT posted:Not pissing me off: writing a script to generate and upload a 1tb random number file so I can test. OK, I have to bite. What the heck are you doing with 1TB of random numbers?
|
|
#
?
Mar 29, 2016 07:52
|
|
|
Alighieri posted:I just don't allow zip files, if you need a file that needs to be zipped up, dropbox/use any of the 124325125 free file host services for that poo poo. I don't trust my users to not open random zip files. Most other file/non-image types are blocked as well. Then again we have just 15 people in the office.
|
|
#
?
Mar 29, 2016 08:00
|
|
|
Oneiros posted:OK, I have to bite. What the heck are you doing with 1TB of random numbers? Throughput, maybe.
|
|
#
?
Mar 29, 2016 10:08
|
|
|
Something that doesn't piss me off: We have the following sign posted in our NOC meeting room down here. I really like working with professionals. quote:The Three Axioms for Leading Post Mortems:
|
|
#
?
Mar 29, 2016 14:50
|
|
|
nitrogen posted:Something that doesn't piss me off: That's actually really nice.
|
|
#
?
Mar 29, 2016 15:05
|
|
|
nitrogen posted:Something that doesn't piss me off: If you ever find a company where all 3 of the above are true at the same time you have won the lottery and you should never again  Yes, I am cynical.
|
|
#
?
Mar 29, 2016 16:25
|
|
|
I'm having one of those poo poo days where I realize that my career and skillset are not quite where I want them to be. By all rights I've advanced pretty quickly and should be content with the skills that I've learned, but the last two or three months have just been a worthless plateau where I haven't accomplished anything significant or learned much at all, and it makes me anxious. I don't work alongside people who know more than I do, which is sad, because I'm pretty far down on the totem pole as far as my skills and experience go. I just had to get someone from an outside department to help me with an issue and was impressed by how easily he diagnosed an issue and knew where to find log files exactly for it. Makes me realize how far I have to go and how much better off I'd be if I worked in a department with proper escalation/tiers/etc. I've taken way too long to get my CCNA, and it's not like I'm having any problems with the material, I'm just going several days in a row without even touching it. Add to that that most of my responsibilities at work have inched away from actual technical stuff and I have fewer opportunities to learn anything new on the job. I know I need to just finish CCNA (scheduled for the end of next month) and (while working on MCSA 2012, probably) but in the interim... bleh.Sorry for the e/n  . Just need to channel this into learning more.
|
|
#
?
Mar 29, 2016 17:10
|
|
|
You've been talking about doing the ccna for over a year.
|
|
#
?
Mar 29, 2016 17:21
|
|
|
Bigass Moth posted:You've been talking about doing the ccna for over a year. I know how he feels 
|
|
#
?
Mar 29, 2016 17:28
|
|
|
Sprechensiesexy posted:If you ever find a company where all 3 of the above are true at the same time you have won the lottery and you should never again That was my thought too, since I have seen post mortems that determine "under no circumstances should Bob access a production system ever again." But then I am thinking in a reasonable company Bob would have been gotten rid of before he did too much damage, while at the company where Bob worked, he stayed on for 4 more years after deciding that he knew best and made a bunch of changes that brought down major systems.
|
|
#
?
Mar 29, 2016 17:44
|
|
|
Not meant as a dis. Just go take it and get a better job. You're ready.
|
|
#
?
Mar 29, 2016 17:44
|
|
|
Bigass Moth posted:Not meant as a dis. Just go take it and get a better job. You're ready. I know. Lots of excuses but ultimately it's just me not taking the time, and that's part of why I'm beating myself up. I know that if I took 2 hours a day and just did it'd be done within 2-3 weeks, based on where I'm at now. I'm scheduled for April 29. I'm considering moving it up just because. Works slow enough that, f it, I'm just going to blatantly have my book open and study during work hours if there's nothing demanding my time.
|
|
#
?
Mar 29, 2016 17:51
|
|
|
Japanese Dating Sim posted:I know. Lots of excuses but ultimately it's just me not taking the time, and that's part of why I'm beating myself up. I know that if I took 2 hours a day and just did it'd be done within 2-3 weeks, based on where I'm at now. Studying for a work skill should be considered acceptable. Also consider Power Shell in a Month of Lunches as a great book for your desk.
|
|
#
?
Mar 29, 2016 17:52
|
|
|
Our users are just straight up retarded. Someone put their info into a spearphishing email that had blatant misspellings about their mail quota. I'm just blown away because this one was more obviously bad than the cryptolocker from last week.
|
|
#
?
Mar 29, 2016 17:54
|
|
|
SubjectVerbObject posted:That was my thought too, since I have seen post mortems that determine "under no circumstances should Bob access a production system ever again." But then I am thinking in a reasonable company Bob would have been gotten rid of before he did too much damage, while at the company where Bob worked, he stayed on for 4 more years after deciding that he knew best and made a bunch of changes that brought down major systems. Yeah, number 2 seems pretty much impossible to achieve. When companies grow they seem to lose the ability to filter out Bobs and they attract more Bobs at the same time.
|
|
#
?
Mar 29, 2016 18:19
|
|
|
Oneiros posted:OK, I have to bite. What the heck are you doing with 1TB of random numbers? Sorting them.
|
|
#
?
Mar 29, 2016 18:24
|
|
|
pixaal posted:Studying for a work skill should be considered acceptable. Also consider Power Shell in a Month of Lunches as a great book for your desk. The powershell book included the electronic version. Tough to squeeze everything in on one screen but much easier than having to have the book out.
|
|
#
?
Mar 29, 2016 18:55
|
|
|
Ynglaur posted:That's actually really nice.
|
|
#
?
Mar 29, 2016 20:30
|
|
|
symantec, you are what is pissing me off. Pretty sure I'm going to drink a bottle of vodka tonight, possibly the cheapest I can find to really punish myself.
|
|
#
?
Mar 29, 2016 20:30
|
|
|
|
| # ? Jun 4, 2024 11:26 |
|
|
MF_James posted:symantec, you are what is pissing me off. Backup or anti-virus?
|
|
#
?
Mar 29, 2016 20:34
|
|