Guild icon
Safir Alliance
Read Me First / mailroom
For discussion related to the Safir Alliance email system. Inquire here if you want an `@safiria.net` email address!
Avatar
Vāstra II 01-Oct-18 10:08 PM
Here are the details for adding Safir Alliance email to your client of choice. Incoming Mail (IMAP) Server: noc.digibase.ca ♢ Port: 993 or 995 (IMAP) Encryption: SSL/TLS Username: your email address ♢ Password: your password Outgoing Mail (SMTP) Server: noc.digibase.ca ♢ Port: 587 Encryption: STARTTLS Requires authentication Username: your email address ♢ Password: your password Additionally, webmail is available at https://mail.safiria.net, and passwords can be changed by visiting https://host.digibase.ca. (edited)
Avatar
Kradorex Xeron 17-May-20 06:46 AM
For everyone who has an account with the mail service: A new feature is available in testing on our mail platform for our mail users: A Paste-By-Mail service. Basically you can email a plaintext formatted email to paste@mpaste.digibase.ca and the system replies back an open access URL with the pasted content.
Avatar
Kradorex Xeron 01-Jun-20 09:59 PM
All mail users - At this time Digibase is taking a stronger policy on incoming spam email to our system. Up to this point, we used to just mark incoming SPF failures as "junk" as to allow users an opportunity to review the mail, but at this point we are now hard rejecting this mail incoming to help reduce the amount of spam we are storing.
We may take similar action against DKIM failures too at a near point.
Avatar
Vāstra II 01-Jun-20 11:30 PM
@You've Got Mail Could you please explain what SPF failures and DKIM failures are?
Avatar
Kradorex Xeron 01-Jun-20 11:41 PM
Basically, SPF is Sender Policy Framework, and DKIM is Domain Keys Identified Mail. Both tools for validating whether incoming mail is coming from a mail server authorised by a domain owner by different means.
SPF validates by IP, DKIM uses cryptography to sign outgoing mail that is used to validate that the mail originated from a server with an authorised private key.
What we are doing is taking a harder approach to validating incoming mail from other servers complies with these industry standard methods.
Avatar
Vāstra II 15-Oct-20 01:13 PM
@everyone If you want a spiffy @safiria.net email address (and we all know you do), please ping the @You've Got Mail role!
Connection and password change details are at the top of this channel, and pinned for your convenience. This channel may be kept clear as necessary.
Avatar
Vāstra II 15-Oct-20 01:43 PM
@Kradorex Xeron Do I need DKIM credentials in order to send mail from the server? If so, could you please email them to me?
Also, when attempting to send a test mail from Wiki.js, I get this error: connect ETIMEDOUT 72.38.129.202:587. SMTP is configured as described above, with the possible exception of STARTTLS, as Wiki.js only offers a toggle switch for TLS.
Avatar
Kradorex Xeron 17-Oct-20 02:11 PM
Hi, apologies for the delay in response. Do you know if the network path from your server running wiki.js is clear? Some server providers require that mail go through their smarthosts.
As for DKIM, mail is automatically signed if you are an authenticated user sending mail through our server. (edited)
Avatar
Vāstra II 17-Oct-20 03:54 PM
@Kradorex Xeron I have no idea other than it's originating from wiki.safiria.net, which is on the same Linode instance as safiria.net
Avatar
Kradorex Xeron 17-Oct-20 09:03 PM
If you're around at the moment, I can do a test on this end to check if your connections are reaching here.
I've set up the diagnostic.
So if you could trigger an attempt, I should be able to see if the traffic is reaching here or not.
In an effort to fight spam, new Linode accounts created after Tuesday, 5 November, 2019 have mailing ports (25, 465, and 587) restricted by default (see our blog post [here](https://www.linode....
Ah, this may have something to do with the problem.
Linode appears to block port 587 by default for anti-spam purposes.
Avatar
Vāstra II 18-Oct-20 02:40 AM
@Kradorex Xeron shit
Avatar
Vāstra II 21-Oct-20 04:37 AM
@Kradorex Xeron Do you think it's possible for us to cobble together a way for someone to automatically get an account with the Safir Alliance email system when they sign up for an account with the YunoHost (single-sign-on website) system, or vice versa? YunoHost presumes to set up email accounts as part of account creation and I can't figure out how to turn it off.
Avatar
Kradorex Xeron 22-Oct-20 06:53 PM
What exactly is "YunoHost" and how are its accounts provisioned?
Avatar
Vāstra II 22-Oct-20 08:18 PM
A single sign on platform that also makes it easy to install web apps
Accounts are provisioned manually by the admin
@Kradorex Xeron
Avatar
Kradorex Xeron 22-Oct-20 08:32 PM
Hm, though, are there "hooks" on the SSO platform to trigger actions? e.g. from a pseudocode perspective:
onaccount_create { connect_to_third_party; }
The documentation on the platform doesn't seem to be really conclusive aside from ongoing emphasis of "keeping it simple" and "don't change too much under the hood". (edited)
Avatar
Vāstra II 22-Oct-20 08:45 PM
I have no idea frown_safir
I probably ought to set up a Google Form for account creation or something at this point
Avatar
Kradorex Xeron 22-Oct-20 09:07 PM
Hm.. I'll put some thought into possible solutions on this.
Avatar
Vāstra II 22-Oct-20 09:08 PM
Thanks headpats_safir
Avatar
KaliFyre 26-Oct-20 08:47 PM
I'll be honest
I stopped using YunoHost myself over DigitalOcean as it felt... way too restrictive and kind of abandoned? Like, I feel I'd be better served going through the awesome-selfhosted list on GitHub and having a look for something I can host locally.
My main issue being the obvious stuck with a fucking dynamic ip (edited)
I hope I can change that when I move out of my nan's but ye
Avatar
Kradorex Xeron 26-Oct-20 09:40 PM
Yeah, YunoHost from my review of the platform seemed to be geared toward extremely, extremely simple setups that accept all defaults while offering no scalability...
Plus, from a security standpoint, it seems to hold back significantly on updating software because its developer team has to make each subsequent version of software compatible with their management system.
Avatar
KaliFyre 27-Oct-20 02:26 AM
Indeed (edited)
Better for a quick and hasty self-hosted thing, but at that point you may as well hook up an AwesomeBox
Avatar
Vāstra II 27-Oct-20 02:56 AM
Hrm
I would like to have some form of single sign-on, though
Avatar
Kradorex Xeron 27-Oct-20 12:07 PM
In my experience with building enterprise systems, generally the challenge with SSO is defining where the single point of truth (E.g. user database) is going to live and how to securely ensure other systems coordinate with that point of truth. Convenience would say to just open the user database and let all systems needed directly connect and authenticate, but that leads to data breaches.
Instead, there are appoaches like SAML, but SAML requires use of a browser to log into an identity provider (be it in house or hosted, where that point of truth is located), which arrives at a challenge if a useragent (like a mail client) doesn't cleanly support SAML workflows. (edited)
Avatar
Kradorex Xeron 15-Nov-20 03:43 AM
ALL USERS AND CLIENTS - Environment Canada has published a weather warning for the area of the Digibase Network Operations Center (DB-NOC) facility in regards to a wind storm for today, November 15. We are advised that wind speeds may gust to 90+ KM/h or ~60+ MPH during this storm. We do not anticipate an outage condition, but impacts to operations are possible during this dangerous storm. Efforts will be made as soon as it is safe to ensure the restoration of services ASAP if this is the case. Thank you.
shocked_safir 1
Avatar
Kradorex Xeron 16-Nov-20 12:44 AM
UPDATE FOR ALL USERS AND CLIENTS - Update to the message transmitted 15 November, ~03:33 EST/08:33 UTC: Environment Canada has cancelled the wind storm warning for the area of our Digibase Network Operations Center ("DB-NOC") facility. No outage incident or power issues were detected for our facility. Wind speeds remain relatively high at this time, but are diminishing. Maximum wind speed detected during this storm was 102 KM/h or 63.4 MPH. Various damage and outages was reported throughout the city region but nothing that presents issue or concern to our operations at this time. Thank you. (edited)
Avatar
Kradorex Xeron 15-Dec-20 06:54 PM
NOTICE - Please be advised, Google is experiencing significant operational issues with Gmail right now. If you are attempting to send mail to Gmail users, you may get a "550" error code in response which means your mail sent will be lost. This is not an issue on our end, but rather Google's end.
Avatar
Vāstra II 22-Dec-20 06:11 AM
@You've Got Mail
@You've Got Mail every five seconds X_X
Looks like the cert expired
Avatar
Vāstra II 22-Dec-20 10:04 PM
@You've Got Mail o.o?
Avatar
Kradorex Xeron 22-Dec-20 10:40 PM
...I'm not sure why you're receiving that. The certificate was renewed and replaced earlier... Please stand by... (edited)
I've hard reset your connection to the server. Please try again.
Avatar
Vāstra II 22-Dec-20 10:45 PM
Alright
It's working again now! happy_safir Thank you heart_safir
Avatar
Kradorex Xeron 22-Dec-20 11:37 PM
Good, good.
Your'e welcome
Avatar
Kradorex Xeron 01-Jan-21 12:19 AM
Hello everyone, as executive director of Digibase from our Remote Command Center alongside our Network Operations Center in eastern standard time: Happy New Year from myself and us at Digibase Operations. May this upcoming year be great for us all and yours.
🎉 1
Avatar
Vāstra II 23-Apr-21 12:22 AM
@You've Got Mail
Avatar
Kradorex Xeron 23-Apr-21 12:25 AM
Please stand by. Our upstream provider is at the moment conducting maintenance. While the maintenance window is officially up to 0600 EDT, it's expected to be much narrower an outage. Our network however continues to be operational internally at this time.
thumbs_up_safir 1
Will advise when connectivity is restored.
According to the SMTP standard, sender mail servers should buffer messages into their queues during this time, they should complete delivery shortly after restoration. (edited)
Avatar
Kradorex Xeron 23-Apr-21 01:31 AM
@Vāstra II - It appears as if upstream connectivity is back. Ticket is still open on the provider's side so things may drop again, but for the past 20 minutes things appear stable. (edited)
Avatar
Vāstra II 23-Apr-21 01:33 AM
Am able to log in. Thanks! headpats_safir
Avatar
Kradorex Xeron 23-Apr-21 01:37 AM
You're welcome
Avatar
Kradorex Xeron 09-May-21 11:30 PM
NOTICE: There is currently a power outage situation in the commercial utility power grid in proximity to our main Digibase Network Operations Center (DB-NOC) facility due to an underground fire. We have not lost utility power and continue to be operational with no degradation, but be advised that there is a prospective that there may be circumstances out of our control. We continue to monitor the situation at our central DB-NOC facility which has not changed at this time. Utility has advised that commercial utility power will normalize at 0300 (3 AM) EDT. Current time is 2330 (11:30 PM) EDT.
Avatar
Vāstra II 24-May-21 06:27 AM
@everyone Due to a change of DNS provider, Safir Alliance email may be inaccessible for up to 24 hours. Thank you for your understanding. (edited)
Exported 69 message(s)