We just take 3 meals a day for granted without asking where this movement really came out of. Hint: agriculture/produce won't do well if people only eat 1 meal a day.
Eating one/two meals a day is something that nobody talks about as much as this other food conscious movements like gluten, carbs, now keto. All of this seems driven at pushing demand towards certain sector.
I use a small datacentre in my country, actually not far from where I live. DKIM/SPF are independent of the provider. The easiest way to understand is to consider how receiving works. If I'm getting an email from hnemail.example, the first thing I do is consider the IP address. Oh, 257.257.257.1? Ok. So I then ask DNS "what is the SPF record for hnemail.example?" and it returns
v=spf1 mx -all
This tells me only to accept emails from 'MX' entries for that domain. So I query 'MX' against the DNS server and I get a list of A records, which I can get IPs from. If the IP is in the list, spf passes. Otherwise it fails, mark as spam.
For DKIM, when the email was sent it was signed with a key by the sending server. It is identified by a UUID in the incoming email. So the receiving server again queries DNS for TXT <UUID>._domainkey.hnemail.example and receives the public key as a response. Signature verification passes? Accept email. It fails? Mark as spam.
This doesn't have a lot to do with IP reputation. This is different. If you are a very large email provider, you might develop custom spam filters. IPs are allocated to 'autonomous systems' i.e. who actually uses them and hands them out to users, and depending on the business you might make some decisions about reputation. For example, if the IP address is part of a consumer ISP block that is handed out to users of broadband, chances are high that if they're sending email, it is probably a Windows PC compromised by malware.
Similarly, you might decide some ASNs are better than others. Some hosters are more liberal in what they will accept, such as VPN endpoints, tor nodes and such and as a consequence of this more spam comes from these ranges.
Rightly or wrongly, larger email providers try to add these extra filters to the process to protect their users from spam. This obviously sucks if you are genuinely trying to run an email server on your symmetric home fibre connection with a dedicated IP, but that's the world we live in.
I can't make any general statement on which providers might be best, and some people will have no issue whereas others will find themselves unable to send anything. I don't work for Outlook/Microsoft or Google and never have, so I don't know exactly what rules they use, and in all likeliness they shift constantly depending on spammer patterns. I can only say I've found running from a small DC to work pretty well.
DKIM selectors aren't UUIDs. You can of course use a UUID as a selector, but you don't have to. My selectors are named S-YYYYMM (when I rotate the keys), so my current public key is at S-202001._domainkey.example.com.
A lot of tools generate UUIDs for the selector, just to get something unique without having to ask the user for something relevant or defining some other heuristic. For instance: the built-in helper tool for Zimbra generates a UUID by default, unless you provide something specific. I think a lot of people assume it should be a UUID just because they see UUIDs used in common examples.
Few people think about key cycling for DKIM as it isn't a built-in requirement at all, so once a UUID is set they just keep it until some point in the future that may never happen when they need to revoke the key because the private half is compromised.
Find a clueful small provider, local to you if possible. On huge providers like Hetzner and DO, you are guaranteed to have spammers as neighbours some of the time, even if the provider rapidly shuts them down. On the other hand, a good-quality small provider may rarely if ever host spammers.
Counterpoint, our mail admins spend a lot of time trying to convince small-scale providers to shutdown the spam email coming from them. Lots of people who host at small scale providers don’t care about patches, so they send tons of spam.
Doesn't seem like a counterpoint to me. The provider you're describing isn't clueful. A clueful provider pays attention to what's happening on their network and knows how to make themselves an unattractive host for spammers.
he means the burner account that submitted this article is doing so to downplay KF's boot from Cloudflare by invoking the sentiments of an old article that really doesn't justify its decision.
phantom_of_cato had all of his replies flagged and removed in today's thread.
think a lot of saas/developer tools/open source in corporate clothing are manipulating opinions, flagging, censoring criticisms. you can buy HN votes/aged accounts like Reddit.
noticed this especially when a YC company is in the submission. its funny because all they are doing is selling to the same buyers (many who are also YC companies) creating a sorta ponzi scheme where you constantly have a supply of "IPO ready" to take advnatage of the bubble which is now bursting and you have increased astroturfing
HN used to be above this. I feel increasingly that many submissions are just purely marketing hidden under a FREE sign.
I never use terraform. I use web console first and then if something really needs to be automated I use bash script to string together aws cli. If anything gets more complex than that I do not automate it, instead I use CDK to essentially write infrastructure just like any code.
There is a lot of time wasted in learning a DSL and than wrestling with the limits of what it can do. For most infrastructure scaffolding you can get away with just CLI and anything longer should require something as natural as CDK.
I also will never use Azure or Google! Why should I waste time learning DSL and it's syntaxes when I am using the best Infrastructure as Code provided by AWS? The UI is familiar and I can always reach into CLI to quickly experiment and web console for learning what each parameter does.
Sure there is value in using Terraform but I think all it does is just another Kubernetes type of busywork. 20% gain for 80% investment. Not really a good way to spend your hours, sort of like writing tests before you write code from scratch.
We will disagree but I trust my experience than what I'm told to do exactly because I realize these standards are largely just dog whistling junior developers eager to please their managers to get them on a "free" solution that ultimately bubbles up to the C-suite with some McKinsey or Forrester branded market analysis pdf attached with setting up next steps.
Not only has big corporate interests invaded consumer interest, they've hijacked the open source movement, into just series of raising money and hoping for a large IPO payout or acquisition by other corporate whales. This is why these days avoid popular opinions/standards, especially when large number of people push for them on social media.
TLDR; HashiCorp is a good example of how to use open source offering as a trojan horse to boost the personal wealth of it's investors and founders and I am increasingly wary of "standards" or generating voluntary champions within companies to parrot and becomes salesman for a bit of glory and recognition. THIS NEEDS TO STOP. Very few end up surviving the test of time. Relational database and Java is stronger than ever. Javascript took a good decade to become recognized but it's still treated as a different class than boring technology. Boring and straight forward is resilient, novelty and complex is not.
Perhaps it doesn't apply to your situation, but that happens if you need to build 5 more copies of your current setup? The CDK stuff would be fine as long as your code is DRY, but all that clicking on the console... Also, can other people understand and extend your infrastructure? (Honest questions)
I literally said "The CDK stuff would be fine as long as your code is DRY, but all that clicking on the console..." So I was asking specifically about the console parts. If you had to redo it again or repeat it a number of times, wouldn't you prefer if it was code and not clicks?
not a very useful comment. if you got any rebuttal please fell free to share but the second half of what i wrote probably effects your future if you are in YC or a VC.
enjoy the ever costly capital as rates go to the moon!
I wonder if this will happen to frontend and backend developers with the exact same principle: Have the bulk of the lifting done by some stable diffusion for CRUD api/frontend and test/modify edge cases.
I think your last point on salaries: This will increase salaries for those with a lot of experience but you are correct, for vast majority of digital art degrees graduating will suffer from demand plummet.
I really fear for the young Z generation, it appears the bar to entry is increasing as these AI tools automate bulk of their requirement.
It's akin to how github copilot generates a ton of boilerplate work, something that used to be delegated to junior devs.
Yep, it's eating its way upward from junior to intermediate. And even if that doesn't take away the whole Senior role, it can certainly do a good chunk of the day to day work. We haven't even begun to see the market effects of github copilot or stable diffusion yet.
I have to wonder, if your government is so threatened by what's discussed or shown in entertainment/art content, you are the opposite of anti-fragility.
What good can they even accomplish if they get triggered by a disney character or a specific flag?
I'm glad that the CCP will disappear in our life time. Question is, how petty will the next Han Chinese led government be? They've always sucked badly at maintaining large bureaucracy.
Eating one/two meals a day is something that nobody talks about as much as this other food conscious movements like gluten, carbs, now keto. All of this seems driven at pushing demand towards certain sector.