The majority of spam filters here put spam in a folder named “spam” rather than rejecting it outright.

     However, there are two types of spam that I manually block when discovered, virii and phishing scams.  Virii are various computer viruses, especially ransomware.  When I find a server is infected, I block mail from that server until there is some indication this has been fixed. The same is true of phishing scams, where people try to social engineer to get your authentication information here or elsewhere.

     There are a few really bad players in this area, an outfit called Sendgrid is the absolute worst.  I have had more than 30 of their servers blocked for ongoing malicious content and I’ve never gotten a response from them beyond a form letter and I’ve never seen the abuse actually stop.  Unfortunately they are also used by major corporations to contact their customers.  Therefore, I try to be very selective about servers blocked and limit only to clearly infected servers, but, occasionally I get overly broad.  And these actions are manual which also make them less effective than they could be because often the scammer or spammer has already dumped his entire list when I notice and take action.

     Yesterday I made a significant change in the way this is handled.  I am no longer blocking servers and address space manually.  Rather, I have created a fail2ban jail that recognizes many of these things, also things like a lot of mails sent to non-existent addresses, mail forged as being from eskimo.com but is coming from external sources, etc, and I’m now using it to block these sites.

     After the first night of this being implemented, my spambox had about one third as much spam as it did previously.  I believe this is because it’s acting much faster than I would do manually, but an additional plus, there will be less legitimate mail blocked because this is ALWAYS done on a per server basis never entire address blocks as I often did for some bad players and because these blocks are automatically removed after two days but if the abuse is repeated from the same server then it will be blocked on a longer basis.

     Kernel upgrades completed by 12:30, various services that systemd failed to start properly all corrected by 12:46.  Everything is back in service at Eskimo.

     I am planning a kernel upgrade tonight Saturday May 13th starting at 11PM.

     This will affect all of Eskimo North’s services: web hosting, shell accounts, e-mail, virtual private servers, and our free Fediverse services https://friendica.eskimo.com/, https://hubzilla.eskimo.com/, https://nextcloud.eskimo.com/, and https://yacy.eskimo.com/.

     Provided all servers boot correctly no service with the exception of yacy should be down for more than about ten minutes.  Yacy takes up to 45 minutes to re-index it’s database upon startup.

     Also, I will be slow for a day or so to get payment receipts out.  Processing them requires cut-n-paste and the middle button (necessary for pasting) of my Logitech G 203 mouse has bitten the dust.  I must say I am deeply saddened as I’ve never had a Logitech anything die on me before, I thought they were invincible, even inputting cans of Diet Coke into the keyboard has only resulted in temporary non-functioning until it dried.  I really can’t complain though, it has served me loyally for many years and a new one is on order.

     I am going to take the web server database offline briefly later this evening to make a backup before trying an experiment with Nextcloud.  In the past I have gotten the external_authentication module to work for versions it was not designed simply by altering the definitions file associated with it.  I am going to see if I can get NextCloud HUB 4 to work this way.  By backing everything prior, I will have a way to return to NextCloud Hub 3 if it does not work.  I will do this after midnight so as not to interrupt much normal use.

     I’ve installed a new application for your use on the Ubuntu shell server if you access it visually via x2go, rdp, vnc, or via the website.  This new application is called LibreWolf and is under the Internet menu on Gnome or Mate Desktops.

     LibreWolf is an independent fork of Firefox with enhanced security and privacy.

Try expanding a terminal, preferably one that handles ansi colors, to full screen and then in ubuntu type, “cmatrix”.

     I found the Manjaro XFCE spin installer works, including with manual partitioning.  Sad Mate doesn’t but not surprised.  It will probably take 4-5 hours to get everything configured but should be working again later this evening.

     Manjaro may be down for a while, possibly until the next distro comes out.  The existing installation was hurt by installing gcc-13.1 which corrupted some of the library files.

     I restored from backups but the Manjaro update system won’t let you update a system that is too old, so that didn’t work.

     I tried to install from the old ISO, that didn’t work, for the same reason.

     I then downloaded the CURRENT Mate distro, and installed from that.  It would not work if I manually partitioned.  So I let Mate partition the way it wanted to.

     After installing I tried to login and it would not accept my password.  So I booted with the install disk again and tried to mount the root partition but it said file system was not recognized.

     I’m trying some different desktop spins now on the off chance that only the Mate spin is broken but if if it’s all of them then it will be down until a non-broken ISO becomes available.

     Manjaro failed to boot with the new kernel and I chased the issue to my recent installation of gcc-13.1 on this machine.  It changed some system libraries in a way that broke them.

     I am restoring from backup, then will bring the machine up to date, then will install the new kernel, all others are complete.

     We will be doing a kernel upgrade of all servers tonight starting at 11pm.  If all goes well it should conclude by 11:30, if not and we have to make a trip to the co-location facility, then 12:30.  No individual service with the exception of yacy should be down for more than about ten minutes.