nitrolife

But in reality, this will only allow you to receive incoming mail. In order for outgoing mail to work, it is necessary that the mail server and all the strapping go through the VPS to the Internet. This requires a rather complicated configuration of iptables, and I recommend that you simply either fill up the mailer on a VPS (there will be a maximum of gigabytes of mail. it’s not that heavy), or buy a static address at home.

If you still decide to go the hard way, here’s an approximate plan for what you need to do in the spirit of iptables, because setting it up in firewalld is a real torment.:

*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A OUTPUT -m owner --uid-owner 924 -j MARK --set-mark 0x300
COMMIT

where 924 is the postfix user ID, you may have a different number. check it out

ip route add default via 10.8.12.4 dev wg0 table 100

adding the default route via the VPS address to the routing table 100. replace 10.8.12.4 with the address of your VPS and wg0 with the name of the interface for communication between the VPS and home. Then

ip rule add from all fwmark 0x300 lookup 100

We are sending all packets with the label 0x300 to the routing table 100. In other words, the postfix user will have his own custom routing table via VPS.

This creates several problems due to the fact that with this configuration, it may not be possible to connect to postfix via your server’s interfaces. But in basic case all will work. Bypassing this problem will create even more complex routing rules and will generally be overkill. But if you’re interested, write to me and I’ll sign it.

Well… as I already wrote, my home server is literally on the Internet because I rent a static public IP address from the provider.

But if you have a VPS, then you just need to do port forwarding to your server with a VPS, and then add the following entries to the mx DNS server:

you.domain.              21600   IN      MX      10 you.first.vps.
you.domain.              21600   IN      MX      20 you.second.vps.

Where 10 and 20 are the server priority Or if the VPS is part of your domain then:

you.domain.              21600   IN      MX      10 first.vps.you.domain. 
you.domain.              21600   IN      MX      20 second.vps.you.domain. 

first.vps.you.domain.             21600   IN      A       1.1.1.1
second.vps.you.domain.        21600   IN      A       2.2.2.2

And if you also have IPv6, you can do

first.vps.you.domain.             21600   IN      AAAA       fd00::1
second.vps.you.domain.        21600   IN      AAAA       fd00::2

Where 1.1.1.1, 2.2.2.2, fd00::1 and fd00::2 are the addresses of your VPS

You also need to enter the address in the SPF:

you.domain.              21600   IN      TXT     "v=spf1 +mx -all"

What does it mean

v=spf1 is the SPF version.

+mx – it is allowed to send mail from the IP addresses specified in the MX records of the domain.

-all – prohibits sending from any other servers (hard refusal).

Also, in order for the signature to work on the mail server, you need to make several TXT entries (for a detailed explanation, see my links about DKIM):

keyname.__domainkey.you.domain. TXT "v=DKIM1; ...%DKIM params%"

and

you.domain.             86400   IN      TXT     "v=DMARC1...%dmarc params%"

And you need ask you VPS provider set PTR for you VPS IP address with first.vps.you.domain. Or some providers access that config in web panel.

Thanks, I’ll give it a try sometime.

On my home server. My ISP gives me a static address and makes PTR records for only about $1.5 per month.

I have been using my own email for many years (to this day). Everything is working great. The main thing is to have a static IP and be able to specify your domain in the PTR record of the ip address.

In general, you will need: postfix (https://wiki.archlinux.org/title/Postfix) OpenDMARC (https://wiki.archlinux.org/title/OpenDMARC) OpenDKIM (https://wiki.archlinux.org/title/OpenDKIM) Dovecot (https://wiki.archlinux.org/title/Dovecot) Some interface to choose from (soGO, roundcube) Maybe graylists, ClamAV, SpamAssassin, or something else to protect your mailbox from spam and viruses. And if you want filtering functionality, then you also need Sieve.

To be honest, I would probably play a game with such a plot with more pleasure than a game where all Pokemon look like puppies.

By the way, surprisingly, cartoons are also fictional, but for some reason, child abuse in cartoons is 18+ marked or prohibited. ¯\(ツ)/¯

Well, I have nothing against the players. It’s just that it’s really hard for me to play this series.

If you are receiving data from tor, then you are most likely seeing these connections. They also change over time, so tor relay nodes change and can be located anywhere.

In addition, in the example you have port 9001, which means that relaying is most likely enabled in your client and you are a relay for other participants. Check the settings of the tor.

I hope the movies are not the same as the cartoons of the 90s. I once watched a couple of episodes where Ash sends Pikachu to fight in the arena and then cries when Pikachu gets hit hard. I just wanted to ask, “buddy, you literally sent Pokemon into the damn arena where he was supposed to FIGHT, what were you hoping for?” But in general, I understand you now. In fact, the plot is not important at all. People just collect Pokemon like things, like Magic the gathering cards. Now I’m not sure if this is as insensitive or logical as possible.

Pokemon. Behind the pleasant facade of the game series, there is a reality: people kidnap animals in the forest, lock them in pokeballs, and force them to fight in arenas, at least until they are damaged. I didn’t understand this game series when I was younger and I still don’t. Do people really like playing this game?

But without “l”. This connections created as client I think:

ss -tupn

It all depends on the greed of the campaign. I worked in a campaign where it was considered normal to keep a degraded raid without repair. Of course, data loss is a normal story in such companies. The raid guarantees data security only when one disk is being pulled (except for some raids), so it also needs to be monitored and replaced. On the other hand, with proper operation, you probably won’t lose any data.

P.S. RAID0 - raid that can’t be restored when degraded any disk in RAID. This is exactly worse choice for data save. STRIPE also writes blocks one at a time to the first disk and to the second, so that you would definitely lose exactly 50% of data blocks. Best choice raid10 for performance and raid5 if you need save money.

SteamOS can simply be ignored, because the demolition of the system on it will not lead to critical losses.

I’ve already read about Fedora and openSUSE, yes. Well, it’s strange to use FS in production, in which recovery from severe damage to FS is not always guaranteed.

I’ve re-read the man page on btrfs. Backups are indeed better on btrfs at the moment, and in fact, there’s only btrfs and the even more monstrous zfs without a reboot. So, as usual, there are two options. The inconvenience and stability of lvm or the convenience and risks of btrfs

well, a lot may have changed in 4 years. then okay. but I personally would not recommend it anyway. after all, it is enough not to guess with the controller or break the memory bar and after that to lose the entire partition. yes, these are not frequent cases, but I was not lucky.

Do you really want to recommend btrfs to beginners? The FS for which the usage scheme needs to be checked on the site.

As for me, I messed up my home directory 4 years ago and since then I haven’t touched this fs and I don’t advise anyone. I need my Linux work machine not for experimentation and recovery from backups. It’s much easier to store the free 20 gigs on a disk.

If you newbie linux user I really recommended create partition for /home and use LVM. That not so easy, but if you understand LVM Snapshots and partitioning that saved many hours for you. You can use partition manager for make /home snapshots and all system snapshots too if you have enough free space in LVM group. The downside of this feature is that you can’t take up the entire disk with partitions, otherwise there will be nowhere to take snapshots.

If you want change distro for example:

1. create /home snapshot
2. remove all ~/.* directories
3. Start from iso and format only root partition for new system.

If you want do momething risky:

1. Create / and /home shapshot.
2. Try that.
3. If all ok merge snapshots, If all go bad rollback to previous state.

Well, the market is really very small. There’s also the PinePhone Pro (which is discontinued) and Librem 5, Volla Phone, Mudita Kompakt. But, of couse, that whasn’t Ipone 16 pro max.

LiberuxOS contain jailed Android I think. Bit if not you can install Waydroid.

In any case, this is the other side of freedom. For some reason, people want corporations to provide them with convenient functions and applications for free and not take anything as a substitute. It doesn’t happen that way, communism hasn’t arrived. Either convenience under the wing of corporations, or freedom in all its wild splendor.

UPD: Freedom systems will never even become popular and convenient if everyone chooses the convenience of corporate systems.