My blog is powered by Roller, a java based blog platform, and it works reasonably well for me. However I want to move my blog to be hosted off my home connection, which rather means paying for hosting that can run a Java app, and if I wish to use to use multiple servers for redundancy, I will have to set up replication of the database somehow. These are complications I do not need, and add to the maintenance overhead of my blog somewhat. So what do I need?
I have always been sceptical of the new generic top level domains, I saw them as ICANN shamelessly cashing in on something it had the power to control. Because of this I have until now avoided them. However my current domain name is quite long, and I have for a long time wanted something shorter, but the good ones that may be applicable to me have all been taken.
But the time has come to admit that the new generic top level domains are here to stay, so I have swallowed my pride, and found that most of the good names are gone already anyway. But one was available that was suitable, so I have registered stewart.zone. I'm going to use it to set up a website that isn't hosted on my home connection. For this I'm going to use the hosted virtual servers I already have for my mail servers, but that is going to need me to set up a backup process for them, as they will no longer just be mail servers, so rather than trust my ability to reconfigure a new server from scratch I'm going to trust in my ability to back up the configurations in a sensible way, and save myself the trouble of having to manually rebuild their configurations if they go wrong.
Also this will give me an opportunity to build a website that isn't quite so ugly, and also isn't lumbered with some of the "features" of my current site that I haven't had the heart to do away with, but are a bit rubbish. Once this is done successfully I'll look at migrating my current site over to the new hosts, and the new design, and then I won't need to open up firewall rules on my router any more.
So in a previous blog post I set up postfix and dovecot by sort of following an online guide. Well the author of that guide has updated it for debian stretch. This doesn't help me much, as I already built my mail servers on debian stretch by adapting his previous guide. But some of the changes do interest me. I have been meaning to set up DKIM and DMARC, and the new guide includes instructions on doing so. The new guide also includes instructions for setting up clamav, which wouldn't hurt. However the instructions for clamav depend on using a new anti-spam tool, and I am actually getting on with spamassassin, on top of this the new anti-spam tool is not in the debian default repositories, which puts me off somewhat. They do provide an APT repository for stretch though which eases this concern a little. The new tool also supports some features I may be interested in, including greylisting shared across hosts by using redis (a piece of software I may be a little familiar with) a possibility that intrigues me. I am going to read this new guide, and decide if there is anything I wish to take from it, if so I shall almost certainly write a new blog post on the matter, if not I probably won't.
So a couple of weeks ago I read this article and wanted to comment on it, but was taken ill preventing me commenting at that time. Since then I have had plenty of time to think, and the subject of that article has been on my mind more than I expected it to be. The post I was going to make at the time was how I felt it was the wrong solution to the problem it purports to solve, but upon reflection I have come to the conclusion that it is worse than that, it is not only the wrong solution, but it is also a demonstration of everything wrong with the IT industry today.
So lets start off by saying I am a white, heterosexual, middle class, male. I have seen lots of comments on the internet about Social Justice Warriors (SJWs for short), and I gather that, based upon what I have seen, I should be worried for my very existence, as these SJWs are apparently out to rid the world of my kind, that is to say white middle class cis gendered (yes I know that "cis gendered" is a label for non trans gendered people, and some see it as an insult, but I am what I am, and I have no better label to use) heterosexual able bodied men. But I have very few examples I can point to of any of these SJWs that really concern me, or indeed that I disagree with in any significant way.
Before we go any further I should probably explain what triggered this particular rant. Recently a person at Google has been sacked for breach of Google's internal policies, a situation that has come to light because the breach was an article they authored about how diversity polices may be harmful, and then circulated within Google, and which promptly leaked. Now I have seen a version of this article, and I shall discuss my thoughts on it later, but what worries me now is the "debate" about the actions taken by Google, and I have already seen some very negative comments. There appear to be two basic sides to this debate, those who say the article was damaging, and wrong, and so Google did the right thing, and those that say Google has damaged itself by shutting down dissenting internal opinions (something the article points out is a risk of Google's current internal culture) and has also trampled this person's free speech rights. My concern is that these are the voices that are going to be screaming about SJWs in the not to distant future. So I thought I'd have a rant about the stupidity of this position from the viewpoint of a SJWs typical "victim".
I knew I relied heavily on the access that I get by carrying around a smart phone, I read my emails, send and receive text messages, look things up on the internet, etc. It is a very useful tool, but I didn't realise how much of an impact it has on my life until it died. So I immediately ordered a replacement, but that took two whole days to arrive. The fix for my old phone was outside my ability level, and I couldn't find anyone who could fix it in a hurry, so I elected to spend two days without it, or any other phone. And it has been two of the least stressful days I have had in a very long time. Disconnected from the world, I didn't need to worry about things I could do nothing about, or keep abreast of the latest goings on on twitter. I almost regret getting a new phone, the old one is off for repair, and will be back in two to four weeks. I can hardly imagine spending that much time without a smartphone. Before the old one broke it was because I thought I would become overly stressed, and fail to cope, but having spent two days with only having the internet when tethered to a desk I can't imagine how relaxed I may get without a smartphone. Maybe in future I shall turn the phone off for periods of time. Maybe too much connectivity is a bad thing?
So I started this blog just about 3 years ago now, and despite my intent to use it to encourage me to do something with electronics, and to show case my progress, I have done nothing much since I bought a Raspberry Pi and got it running. Indeed it is still sat in a box waiting for me to motivate myself to get back at it. I have used this blog to rant about politics far more than I have done any electronics. It doesn't help that I have hardly been out on my bike once since I started this blog, so the project I intended to build I have had no need for. So based upon my initial intentions I must count this blog as an abject failure. However, as I pointed out at the time I started this blog I have attempted to do so before, and those prior attempts always ended empty, and pathetic, killed off due to a lack of content. I have at least managed to create content sporadically for this blog. The difference this time around? I am no longer trying to post stuff that I think other people will find interesting, so I am no longer holding back when I just want a rant, or to post about an "oh shit" moment. Granted I don't have the broadest readership in the world, but that doesn't really matter, I have an outlet, and if people read it, and find it interesting, great, if not then at least I still said what I wanted to. So this time around I'm not going to delete this blog, just yet, I'll give it another few years, and see how it goes. Who knows, maybe I'll start cycling regularly again and actually do something about that cycle computer (probably not though).
So, I once again find myself in despair at what is being said by people on the side of the brexit debate that I occupy. It turns out that when a Lib-Dem MP stands in a by-election, on a campaign about objecting to brexit, in a constituency that largely voted remain, against an independent, who was pro-brexit and taking a single issue stance, that the Lib-Dem candidate also held, the Lib-Dem candidate might win. Now this is being touted as a major upset, as it was a Conservative strong hold before, and the independent candidate held that seat as a conservative, but in respect of his position (or more likely because they couldn't find a suitable replacement in time) the conservatives did not field a candidate against him. What annoys me isn't the crowing from those who are holding this as a major victory for remain (it isn't) but the response I am seeing along the lines of "you lost, so put up with the result and shut up" coming from the pro-brexit side of things. Yes the campaign to leave the EU won the referendum, but, by a rather small margin, and the leave side isn't a single group with one single goal, so to say "We won" rather misses a very important point, which is whatever "We" you may belong too may not be bigger than the "they" you want to shut up. And democracy has never been about "majority rule above all else" (we wouldn't have first past the post as our electoral system if it was) it is a compromise, we all have ideas and thoughts on where we want to go, and we must as a society move in the direction that is closest to the greatest number of people's desires. The most vocal that I am seeing in this debate from Brexit are calling for the extreme option for brexit, and the 48% of people who voted remain are rightly pissed off by this, telling them to "get over it" is neither helpful or much of a compromise. Personally I voted leave, I still believe that the EU is not what we need from a combined European Government, and I still cannot see the incentives to reform it to what I believe would work being there for those who run the show. I therefore still think we should Leave the EU, and from their maybe we can start to build a new European Government that is better suited to the needs of the European people, and is better equipped to represent their needs, and change with them as they change. So I am galled at the arguments that "Leave the EU" (which was what we were asked if we wanted) is being used to leave not only the EU, but the EEA (a common interest in trade being the best way to unite countries) the ECHR (which the UK was instrumental in forming, and is one of the best things about Europe in terms of doing what is right for the people in my opinion) and just about everything else Europe has to offer (some times I think the nutters crying "We won! respect us" want to stick a massive out-board motor on dover and sail us into the atlantic ocean). As someone who voted Leave I feel I have far more in common with those now shouting to remain than those trying to shut them up, so as a negotiating stance the Leave camp are only weakening their stance by not listening to the complaints of those who wish to remain. Also I fear we have got more important things to deal with in the UK than if we should remain a member of the EU or not, like getting rid of the tory government.
So the government have passed the Investigatory Powers Act, which is pretty terrible, but it turns out it is worse than I realised! So perhaps it is not a good time to work in IT in the UK?
So, I use PlusNet as my ISP. I have an email address with them where they send updates about my account. It's also been used in the past to sign up to various things that I haven't bothered to update to a new email address. PlusNet's email servers do not require authentication to send email from my home connection, which is fair enough really. But they also don't support SSL for authentication from my connection. So my username and password (which is unique to this account) has to be sent in plain text, now as this is to my ISP over my ISP connection (and I trust my own network) it's not the end of the world. However, I also have a shiny smart phone, and that allows me to connect to my own email server, over SSL (that until recently wasn't as secure as it should be) as it should be when connecting over the internet, from untrusted, or unknown networks. It also allows me to use multiple different email inboxes at once. So I could add my PlusNet email address. They even have a handy guide on setting up email on android phones. And that's where the problems start. That guide sets up email without SSL, or TLS, but it requires username and password authentication. So I'd only be able to use it on my home network. What happens if I forget to turn email sync off? My details would be put at risk!
So what should a good sysadmin do? Should I leave the ISP email only on my home PC? Should I take the risk and add the email to my phone anyway?
Well as a paranoid sysadmin I wasn't willing to take the risk. And that was that. But frankly that was annoying me, so I decided to set up an SSL terminator for my ISP email using my own SSL cert. So I can get my email, from my ISP confident in the knowledge that only my ISP can intercept the username and password pair that I use with my ISP. I use non-standard ports for the ISP connections, and listen using stunnel. This would be a problem if I was supporting users as it would add a level of complexity to the instructions I'd have to give them, but as I only have to support myself I can cope.