@stigatle@yarn.stigatle.no @xuu@txt.sour.is @lyse@lyse.isobeef.org “Not cool”? I was receiving many broken (HTTP 400 error) requests per second from an IP address I didn’t recognize, right after having my VPS crash because the hard drive filled up with bogus data. None of this had happened on this VPS before, so it was a new problem that I didn’t understand and I took immediate action to get it under control. Of course I reported the IP address to its abuse email. That’s a 100% normal, natural, and “cool” thing to do in such a situation. At the time I had no idea it was @xuu@txt.sour.is .

The moment I realized it was @xuu@txt.sour.is and definitely a false alarm, I emailed the ISP and told them this was a false positive and to not ban or block the IP in question because it was not abusive traffic. They haven’t yet responded but I do hope they’ve stopped taking action, and if there’s anything else I can do to certify to them that this is not abuse then I will do that.

I run numerous services on that VPS that I rely on, and I spent most of my day today cleaning up the mess all this has caused. I get that this caused @xuu@txt.sour.is a lot of stress and I’m sincerely sorry about that and am doing what I can to rectify the situation. But calling me “not cool” isn’t necessary. This was an unfortunate situation that we’re trying to make right and there’s no need for criticizing anyone.

he emailed my ISP about causing logging abuse. This is the only real ISP in my area, its gonna basically send me back to dialup.

Hey so.. i just got an email from my ISP saying they will terminate my service. Did i break something @abucci@anthony.buc.ci ?

The vast majority of this traffic was coming from a single IP address. I blocked that IP on my VPS, and I sent an abuse report to the abuse email of the service provider. That ought to slow it down, but the vulnerability persists and I’m still getting traffic from other IPs that seem to be doing the same thing.

There are also a bunch of log messages scrolling by. I’ve never seen this much activity in the log:

Jul 25 01:37:39 buc.ci yarnd[829]: [yarnd] 2024/07/25 01:37:39 (149.71.56.69) "GET /external?nick=lovetocode999&uri=https://pagez.co.uk/services/your-own-100-fully-owned-online-vi>
Jul 25 01:37:39 buc.ci yarnd[829]: [yarnd] 2024/07/25 01:37:39 (162.211.155.2) "GET /twt/112135496802692324 HTTP/1.1" 400 12 826.65µs
Jul 25 01:37:40 buc.ci yarnd[829]: [yarnd] 2024/07/25 01:37:40 (51.222.253.14) "GET /conv/muttriq HTTP/1.1" 200 36881 20.448309ms
Jul 25 01:37:40 buc.ci yarnd[829]: [yarnd] 2024/07/25 01:37:40 (162.211.155.2) "GET /twt/112730114943543514 HTTP/1.1" 400 12 663.493µs
Jul 25 01:37:40 buc.ci yarnd[829]: [yarnd] 2024/07/25 01:37:40 (27.75.213.253) "GET /external?nick=lovetocode999&uri=http%3A%2F%2Falfarah.jo%2FHome%2FChangeCulture%3FlangCode%3Den>
Jul 25 01:37:40 buc.ci yarnd[829]: time="2024-07-25T01:37:40Z" level=error msg="http://bynet.com.br/log_envio.asp?cod=335&email=%21%2AEMAIL%2A%21&url=https%3A%2F%2Fwww.almanacar.c>
Jul 25 01:37:40 buc.ci yarnd[829]: [yarnd] 2024/07/25 01:37:40 (162.211.155.2) "GET /twt/111674756400660911 HTTP/1.1" 400 12 545.106µs
Jul 25 01:37:40 buc.ci yarnd[829]: time="2024-07-25T01:37:40Z" level=warning msg="feed FetchFeedRequest: @<lovetocode999 http://alfarah.jo/Home/ChangeCulture?langCode=en&returnUrl>
Jul 25 01:37:41 buc.ci yarnd[829]: [yarnd] 2024/07/25 01:37:41 (162.211.155.2) "GET /twt/112507964696096567 HTTP/1.1" 400 12 838.946µs

Something really weird is going on?

I havnt seen any emails about the outage at work. I know i have the mac crowdstrike client though. My buddy that works at a hospital says they wernt affected.

Interesting. Thanks! And thank you for replying. :) Indeed, I don’t check for mention with twtxt. To me, twtxt is to share, not to talk: there is my email commented at the top of my #twtxt.txt for this purpose. Trying to create discussions with twtxt is nonsens : there are much better tools to do so (email, xmpp, …) @aelaraji@aelaraji.com @im-in.space@im-in.space

@prologic@twtxt.net I tried to but couldn’t. Also, I was prompted to resend the email elsewhere… Will do in a minute. 👍

@aelaraji@aelaraji.com I think you tried to email me with an encrypted GPG email? 📧 Unfortunately the inbox you sent to (managed by Google Workspaces / GMail) isn’t equipped with any GPG or my keys so I had to decrypt by hand, which sux. Are you on Signal?

Alternative message me on Salty IM (https://salty.im) at prologic@mills.io

@prologic@twtxt.net I was replaying to your twt and thing got too long and messy, so I emailed you. I hope you don’t mind.

you need to send an email @quark@ferengi.one if you want an account. I know that it might not be very profitable. Maybe Odo can disclose it if I give him a new bucket.

you need to send an email @quark@ferengi.one if you want an account. I know that might be very profitable. Maybe Odo can disclose it if I give him a new bucket.

@bender@twtxt.net ha! He goes his “poem”:

A string of letters, a forgotten name,
An email crafted, a message to claim.
We hit send with a click, a hopeful sigh,
But a bounce-back arrives, a tear in our eye.

“Delivery failed,” the message reads cold,
The address it seems, is a story untold.
A ghost in the system, a memory’s trace,
Lost in the void of cyberspace.

:-D

My email is such a cluster of noise. The only time i actually use it is to find out I have to do my security training or something. All communication is slack now days.

Google Chrome Gains AI Features Including a Writing Helper
Google is adding new AI features to Chrome, including tools to organize browser tabs, customize themes, and assist users with writing online content such as reviews and forum posts.

The writing helper is similar to an AI-powered feature already offered in Google’s experimental search experience, SGE, which helps users draft emails in various tones and lengths. W … ⌘ Read more

Email obfuscation, What works in 2023 https://spencermortensen.com/articles/email-obfuscation/

Plex Users Fear New Feature Will Leak Porn Habits To Their Friends and Family
Many Plex users were alarmed when they got a “week in review” email last week that showed them what they and their friends had watched on the popular media server software. From a report: Some users are saying that their friends’ softcore porn habits are being revealed to them with the feature, while others are horrified … ⌘ Read more

@lyse@lyse.isobeef.org I’m also on the e-mail wagon here. On http://darch.dk/timeline/conv/oe3howa I have added a “Comment via email” botten if uses are not logged in. This feature could be extend to other places in the various UIs. Like we already got the “Does not follow your” / “Follow you” on the profile page in yarnd, so this detection could be used to sugget the user to email that person, when mentioning them.

@adi@twtxt.net I think it is, and one benefit they have is that you can add third-party repositories to the F-Droid app as you discover them. So, for instance, if you know of a developer who pushes builds to an F-Droid compatible repository, you can add that to your F-Droid app and start tracking updates like you would for any other app in there. Can’t do that with Google Play!

F-Droid tends to focus on open source applications that can be built in a reproducible way, which limits the inventory (though of course tends to mean the apps are safer and don’t spy on you). There are non-free apps in there as well but they come with warnings so you’re informed about what you might be sacrificing by using them.

That said if you have a favorite app you get through Google Play, there’s a decent chance it won’t be in F-Droid. Many “big corporate” apps aren’t, and vendor-specific apps tend not to be either. But for most of the major functions you might want, like email clients, calendar apps, weather apps, etc etc, there are very good substitutes now in F-Droid. You’re definitely making a trade-off though.

What I did was go through the apps I had installed on my last phone, found as many substitutes in F-Droid as I could, started using those instead to see how they worked, and bit by bit replaced as much as I could from Google Play with a comparable app from F-Droid. I still have a few apps (mostly vendor-specific things that don’t have substitutes) that come from Google Play but I’m aiming to be rid of those before I need to replace this phone.

In setting up my own company and it’s internal tools and services and supporting infrastructure, the ony thing I haven’t figured out how to solve “really well” is Email, Calendar and Contacts 😢 All the options that exist “suck”. They suck either in terms of “operational complexity and overheads” or “a poor user experience”.

I just received this email and I have some questions:

This email is from a trusted sοurce.

You received this abucci@bucci.onl because you have been disconnected from sending and receiving emails.

To continue using this email address we urge you to re-confirm if your account is still active on bucci.onl to officially unlock it to our default settings.

Re-confirm account (a link; removed)

※ This process is very important to help us protect your internet and fight malicious activities.

Since I administer bucci.onl myself, I’m a little confused. I don’t recall disconnecting myself from sending and receiving emails. I don’t even know how you disconnect someone from that. I also have never created the email address this email appears to be coming from, but maybe I should trust it anyway since they told me it’s a trusted source? Most puzzlingly, I’ve been sending and receiving emails just fine all morning, so I do not appear to be disconnected from anything? I want to help protect the internet and fight malicious activities, but what should I do??? 🤔🤔🤔🤔🤔

@carsten@yarn.zn80.net

I have to write so many emails to so many idiots who have no idea what they are doing

So it sounds to me like the pressure is to reduce how much time you waste on idiots, which to my mind is a very good reason to use a text generator! I guess in that case you don’t mind too much whether the company making the AI owns your prompt text?

I’d really like to see tools like this that you can run on your desktop or phone, so they don’t send your hard work off to someone else and give a company a chance to take it from you.

it uses the queries you define for add/del/set/keys. which corrispond to something like INSERT INTO <table> (key, value) VALUES ($key, $value), DELETE ..., or UPDATE ...

the commands are issued by using the maddycli but not the running maddy daemon.

see https://maddy.email/reference/table/sql_query/

the best way to locate in source is anything that implements the MutableTable interface… https://github.com/foxcpp/maddy/blob/master/framework/module/table.go#L38

I think Email has been broken on my Pod since some time now since @lyse@lyse.isobeef.org made this commit the default behaviour of the flags/env had changed requiring SMTP_PORT to be set (used to default toi 25) ooops 😅

@eaplmx@twtxt.net CSS Battle has a passwordless login, I don’t know the implementation but it basically send you and email where you click a link and you’re in.

Just’ve been playing with my email server a little bit today, I’ve set up a honeypot address and got rid of admin@ passwd entry because i already turned it into a forwarding address anyway

I maintain keys for my email addresses.. but like most in this thread i almost never receive encrypted emails.. other than the BTC exchange i use that sends automated mail encrypted.

Does anyone of you use PGP encrypted mail, or any kind or email encryption? Why? Why not?

#randomQuestionsForAThursday

@movq@www.uninformativ.de keys.openpgp.org is a descent key server. They only publish a key the at has a valid email.

@lyse@lyse.isobeef.org
Bottomline, twtxt is a poor’s man email system. 🤣

Is it me, or Gmail’s web interface is going down the drain? Using Safari—my default browser—often takes two, or three clicks to open an email. If it weren’t because its search is amazing, I would never visit its web interface.

The features that macOS Monterey will bring, albeit minor, will made for a better “quality of living”. I am looking forward to Notes, and the iCloud+ integration (Private Relay, Hide My Email). It also bring macOS cohesively close to iOS. My work 2015 iMac and M1 Mini will get it, so looking forward to it!

@prologic@twtxt.net I know, because fork makes it 100% sure to know who is replying to whom. Just like email’s in-reply-to does (plus the message-id).

@prologic@twtxt.net What if the reply does what fork does, for any replies to the top post, but not the top post itself? You know, like email does. Other than to reply to the top post (for which I use reply), I don’t use reply but fork, to reply to posts underneath because it is the logical thing to do.

@movq@www.uninformativ.de But it makes sense, right? I spend way too much time trying to figure out who replied to whom. I treat twts replies as emails, pretty much.

I wonder how can I set, on Mutt, a shorter subject (elipsed) on the status bar, while reading a email (or a twt).

Based on spam logs, I am (again) considering banning a bunch of TLDs at the server level. Has anyone ever gotten legitimate email from a .work, .casa, or .today domain, for example?

So tired of mobile phone vendor lock in and bad usability for the sake of keeping people in their services. Try printing a file from your email inbox to a Bluetooth printer from your Android phone.

Ah, no; and there we have a good example of finger’s poor discoverability! It matches my email address, though: echo a.9srv.net | sed ’s/./@/’

reject modernity, embrace email

email-based gossip protocol :ac_mischief:

I wonder if email would be a reasonable way to enable interaction on twtxt… something like publishing an email address for replies in the preamble of your feed, then like twtxt the rest is up to you, but I could imagine a simple moderation queue that could be checked periodically allowing the admin to move approved comments into some public space… I keep thinking I’ll add activitypub comments to my site but it seems more complex than I care for. Ironically because of available tooling email actually feels simpler for this… of course, there is spam…

@prologic@twtxt.net Web Key Directory: a way to self host your public key. instead of using a central system like pgp.mit.net or OpenPGP.org you have your key on a server you own.

it takes an email@address.com hashes the part before the @ and turns it into [openpgpkey.]address.com/.well-known/openpgpkey[/address.com]/<hash>

@prologic@twtxt.net huh.. true.. the email is md5/sha256 before storing.. if twtxt acted as provider you would store that hash and point the SRV record to the pod. .. to act as a client it would need to store the hash and the server that hosts the image.

I wrote a perl script over the weeked that parses my todo.txt end emails the tasks that are due this week.