I gave the #Stalwart email server another try. I found a few bugs (quickly dispatched by the team), worked around an issue with my crappy ISP filtering inbound port 25, and got it working.

• In addition to #IMAP4, Stalwart also supports #JMAP, a much-improved spec for clients. Holy cow is that fast!
• I set up an #ElasticSearch index for full text search. Really simple.
• Instead of using RocksDB for storing email, I moved it to a directory backed by an NFS mount. Simple, and now I have effectively unlimited email storage.
• Most stuff you need to do can be accomplished through the web UI. Get a TLS certificate from LetsEncrypt? Just a few clicks. Use DNS for ACME domain authentication? A few more clicks is all you need. Put an extra name on the certificate because your ISP sucks and you need to use an external relay? No problem.
• It gives you all the DNS changes you need to make to set it up, including DMARC, SPF and DKIM, MTA-STS, autoconfig, etc.
• Relaying your outbound email is just a minor tweak.
• Milter support is built-in, so you can bring your rspamd implementation right along.
• Incoming and outgoing TLS & DMARC reports are handled automatically.

I’m sure I’ll find some things that it doesn’t yet do that I’d like, but for now my opinion has changed and I’m really impressed.

GitHub - typesense/typesense: Open Source alternative to Algolia + Pinecone and an Easier-to-Use alternative to ElasticSearch ⚡ 🔍 ✨ Fast, typo tolerant, in-memory fuzzy Search Engine for building delightful search experiences | #typesense #algolia #pinecode #elasticsearch #fuzzy #text #search

#Elasticsearch 8 and syslog-ng https://www.syslog-ng.com/community/b/blog/posts/elasticsearch-8-and-syslog-ng

No, do not touch #Elasticsearch ... I have insiders telling me about #nsa connections -- a subject of future #techrights coverage https://www.rosehosting.com/blog/how-to-set-up-elasticsearch-cluster-on-rosehosting-cloud/

#microsoftTim on #Elasticsearch https://www.theregister.com/2021/08/09/elasticsearch_python_client_change/ and you know they don't give a damn when they use #proprietarysoftware of thugs from #Microsoft to manage their code, basically choosing a #monopoly of #racism http://techrights.org/2021/07/29/github-is-racism/

#Elasticsearch 7.14 and #Opensearch 1.0 Are Available and Work Fine With Syslog-ng https://peter.czanik.hu/other/syslog-elasticsearch-7-14-and-opensearch-1-0-are-available-and-work-fine-with-syslog-ng/

Meow

#ElasticSearch, one of the database engines targeted by the #MeowDbAttack, has long had ZARRO authentication and security features in its free version.

(Security was added in only release 6.8, in May 2019, the database itself was released in 2010 https://www.elastic.co/guide/en/elasticsearch/reference/6.8/release-notes-6.8.0.html)

Instructions on securing the databse which remains unsecured by default are dated Februarry 2020:
https://www.elastic.co/blog/how-to-prevent-elasticsearch-server-breach-securing-elasticsearch

ElasticSearch is "trusted, used, and loved by" #Bayer, #Adobe, #Lenovo, #WalMart, and #Kroeger (https://www.elastic.co/elasticsearch/) and is the featured search utility on #AmazonAWS (https://aws.amazon.com/elasticsearch-service/)

The (strongly justified IMO) attack has removed nearly 4,000 unsecured databases since July 22:

One of the first publicly known examples of a Meow attack is an Elasticsearch database belonging to a VPN provider that claimed not to keep any logs.

https://arstechnica.com/information-technology/2020/07/more-than-1000-databases-have-been-nuked-by-mystery-meow-attack/

I'd really like to hear from #ElasticNV or founder/CEO #ShayBanon. For now, crickets:

https://twitter.com/kimchy

https://twitter.com/elastic

HN: https://news.ycombinator.com/item?id=23957510

SO: https://stackoverflow.com/questions/63067062/elastic-search-indexes-gets-deleted-frequently

Vendor, service, client, and deployment bullshit like this is a major cause of my frustrations (and worse) with the IT industry.

Other targets include #MongoDB #Cassandra #CouchDB #Redis #Hadoop #Jenkins, and unsecured network-attached storage devices (NAS).

Hats off to Meow's authors.

#sysadmin #dbadmin #netadmin #devops #infosec #schadenfreude