1. OCAU Merchandise now available! Check out our 20th Anniversary Mugs, Classic Logo Shirts and much more! Discussion here.
    Dismiss Notice

Consolidated Business & Enterprise Computing Rant Thread

Discussion in 'Business & Enterprise Computing' started by elvis, Jul 1, 2008.

  1. Dre_

    Dre_ Member

    Joined:
    May 25, 2014
    Messages:
    824
    Got another lot of Jira Core licenses approved :D

    Happy days
     
  2. Punk

    Punk Member

    Joined:
    Mar 15, 2002
    Messages:
    1,058
    Location:
    Walking on Sunshine
    That is not a rant :p


    So working at a site the other day and I noticed that the DB server was a little slugish. So checking how the Guest is configured, OK it has 16GB of RAM. Check another Guest, OK 16GB of RAM as well. Checked all the Servers and they all have 16GB of RAM. Urgh, so I shut some down and reconfigured the the memory so the DB server has some more room to play with.
    So I then check CPU setup for them all, they all have 2 x 8 cores :tongue:. I double check the Host and it only has 2 x 8 Core in it.

    Logged off, went home. :p


    BTW NBN is Shit.
     
  3. Dre_

    Dre_ Member

    Joined:
    May 25, 2014
    Messages:
    824
    It's too soon for me to think about the business case, recruiting a sponsor and influencers in the business and the flaming hoops of molten lava I've jumped through to get this across the line.

    Does that count?
     
  4. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    13,975
    FTFY

    *Pats Magical Wall Box that provides high speed pornography.
     
  5. Gunna

    Gunna Member

    Joined:
    Dec 25, 2001
    Messages:
    7,671
    Location:
    Brisbane
    Can you not get a TID service? They would have fibre to an exchange or node nearby. We got free installation from node to mdf with a 36 month contract.

    If you are willing to pay or negotiate it's possible to get a service.
     
  6. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    17,970
    Location:
    Canberra
    Guys.
    Guys.
    Guys.

    its twenty-fucking-sixteen. you know what this means?
    Greylisting email is still a thing
    Code:
    X-Greylist: delayed 319 seconds by postgrey-1.34 at ms3.greenlightit.com.au; Thu, 06 Oct 2016 10:42:22 AEDT
    "So I thought rather than put a real spam filter in place, i'd be a stupid **** and annoy the shit out of email senders and recipients everywhere and make it harder for my client to do business with people"
     
  7. OP
    OP
    elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    41,446
    Location:
    Brisbane
    If your mailserver does everything it's supposed to do, greylisting at the other end shouldn't harm things. Greylisting knocks out 80% of SPAM for 0% CPU load.

    If you're not following the RFC however, it's painful. Pro tip: follow the RFC.

    Back when I gave a shit about email, I used greylisting. It worked wonders except where the remote end misconfigured their mail servers. Now as someone who outsources their mail to a large vendor, I still have zero problems with people who use greylisting because my large vendor follows the SMTP RFCs.

    Also, managing mail sucks, and I'm glad I don't have to any more. Outsource that shit.
     
  8. HyRax1

    HyRax1 ¡Viva la Resolutión!

    Joined:
    Jun 28, 2001
    Messages:
    7,918
    Location:
    At a desk
    Greylisting is still one of the most effective ways to stop spam outside of SPF records, which many people still don't implement.

    If a given sending mail server is setup according to the RFC's, it will attempt resend a few minutes later anyway and the receiving server will eventually whitelist the senders address for next time. Spammers, for the most part, don't re-send, hence get blocked.

    EDIT: Elvis beat me to the punch. :)
     
  9. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    17,970
    Location:
    Canberra
    they are replying back with

    Code:
    10.50.5.40 #<10.50.5.40 #5.1.1 smtp; 550 5.1.1 User unknown> #SMTP#
    so no.

    Again. Just fucking stop it with rollyourown bullshit that doesn't work and consumes hours and pay someone who has a clue.
     
  10. OP
    OP
    elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    41,446
    Location:
    Brisbane
    Well that's not greylisting then. That's a different problem.

    Fuck mail all together. Outsource that shit, and do something more interesting. We outsource our corporate toilet cleaning for the same reasons. :)
     
  11. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    17,970
    Location:
    Canberra
    Make GAPPS/O365 not an administrative nightmare then...

    I *get* that you don't have to do it - truly do. But someone does.

    Exchange users are creates per policy pretty much automatically - this is not the case with 365, and certainly not with GAPPS.

    Fuck you can't even have Email Address Policies on 365.
     
  12. OP
    OP
    elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    41,446
    Location:
    Brisbane
    Have you spoken to either vendor about this?

    I'm on video chat with my Google account manager every month now. They're pretty open to hearing suggestions about what we need.
     
  13. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    17,970
    Location:
    Canberra
    We're fairly in-bed with O365 - and the stack goes with it (Office mostly) so we don't have a lot of choice there (clients need Office Apps to talk to $LOB).

    Last time i tried to escalate something with O365 (a mail import fault) - we lost 55 hours of billable time into it because IMAP views.

    But fundamentally MS doesn't seem to give a fuck because Cloud-First, Everyonegetfucked-Now. Get onboard with DirSync, i mean AzureAD Connect, I mean the NEW AzureAD connect... Oh now its shit? And you still need to have an Exchange Server to extend AD to have Mail-based Attributes editable outside of adsiedit? And you still need to maintain it to n-1 update level? and you still need to migrate new accounts from Exchange to 365 for them to work "right"? And if you do it in the wrong order, sucks to be you for the 2 hours to rectify it?

    The only possible way to make it "better" is to use AD FS - we're up to version 4 now. And even then you really need to have;

    AD on prem
    AD FS on prem

    Geographically and Connectivity redundant alternative
    AD
    AD FS

    All linked up to 365.

    And even then you still don't get SSO - because Outlook doesn't accept SAML.

    I've only briefly read the spec on AD LDAP <-> GAPPS - which didn't look too bad, save the fact that password sync is only one way (AD -> GAPPS).

    I played with their CLI tool for mail journalling/recovery a bit (probably 5 years ago now) which was ok.

    If I worked in an environment with customers who could dump MS Office from a requirement point of view (this isn't even bridging the whole user education one) - I'd have more to say on GAPPS specifically.
     
    Last edited: Oct 6, 2016
  14. bugayev

    bugayev Whammy!

    Joined:
    May 15, 2003
    Messages:
    4,093
    Location:
    Melbourne
    My multiple thousand user organisation has been on 365 for well over twelve months after running hybrid, and before that, Exchange 2010.

    We use AD users and computers to manage the one mail-related property we need to change (ProxyAddresses) and have not had exchange on site since about a month after we migrated.

    When we create a new account, we do it in AD, then after the next whatever-sync it is available to be licensed and set up. The process takes less than 5 minutes of human being time and has gone wrong only once (a user who left and came back, and had to have the mail properties cleared from AD).

    Office 365 isn't the most amazing tool in the world but in my experience it's been straightforward to manage, easy to maintain, and most importantly has not required my helpdesk team to have any client-side tools installed to do their job (ADUC doesn't count, that's used for lots of things).
     
  15. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    13,975
    its 0% CPU load, but its not 0% ticket load.

    Ticket: #9000!
    From: CEO
    Subject: Fucking E-mail
    Body: I was talking to $OtherCEO and he forwarded me an e-mail while we were on the phone, why the fuck didn't I get it until 5 minutes after we finished the call.

    This, combined with (legitimate) third parties mailing you who don't use RFC compliant MTA's has led to Greylisting being a non-starter for the businesses I've been involved with.

    Don't you have beers to drink and a car race to watch?
     
  16. cvidler

    cvidler Member

    Joined:
    Jun 29, 2001
    Messages:
    13,534
    Location:
    Canberra
    "got stuck in the intertubes, email isn't a guaranteed service. /close"
     
  17. NSanity

    NSanity Member

    Joined:
    Mar 11, 2002
    Messages:
    17,970
    Location:
    Canberra
    So ECP (web delivered) / PS is an "installed client tool"?

    CxO "Your job isn't a guaranteed service"
     
    Last edited: Oct 6, 2016
  18. GumbyNoTalent

    GumbyNoTalent Member

    Joined:
    Jan 8, 2003
    Messages:
    8,756
    Location:
    Briz Vegas
    Does it come out of the IT budget as well?
     
  19. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    13,975
    Continuing to pay you is not a guaranteed service /fired

    More realistically,

    CEO: I was on a conference call with all my other CEO mates, deciding where we should go for hookers and blow. and $OtherCEO sent us all an e-mail with a link to a great place for Hookers and Blow, all the Other CEO's got it straight away, are (y)our systems worse than all these other companies.


    My main hate of Grey Listing (and IP Blacklisting to a lesser extent, as its not "Everyone"), is you can never really be sure of its effectivness. I don't know if all those who don't come back and deliver mail are spammers, or just companies with shit mail systems... until someone comes along and cries about it, at which point, we can't release the mail if I wanted to, because it was never received.
     
    Last edited: Oct 6, 2016
  20. OP
    OP
    elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    41,446
    Location:
    Brisbane
    I say again: greylisting works if people configure servers properly. The only time it fails is when you don't follow standards.

    Being the Internet and all, standards are pretty important. There's a million other standards you conform to in order to be a sensible Internet citizen. Why should email be any different?
     

Share This Page

Advertisement: