Avatar_of_Self

As a tip for next time, if you really want to host your email but you don’t want to put up with dealing with emails being sent to spam boxes, you can just use an SMTP relay/proxy provider. Your email isn’t hosted there but they do send it on and will be the ‘source’ mail server and is going to be much, much, much cheaper than paying someone to host your email for a bunch of users.

You’d change the system prompt, just like now. If you mean in the session, I’m sure it’ll ignore your session’s prompt’s instructions as normal but if not, I guess you’d just start a new session prompt.

I’ve never had to ask MS to unblock me and it sure as hell doesn’t take 6 weeks or even 3 days for them to automatically see if everything is right again.

I even set up a non traditional domain with a “non-generic” tld a couple of years ago and I think it was around 16 hours or so before my test emails were hitting outlook inboxes.

Additionally, I think Google still wants SPF setup though it is pretty useless now. And if your RUA was set up right, as I recall, you get an automated email from MS telling you why your mail went to spam (or was rejected), which is the point of it to begin with.

MS will send your mail straight to spam if you do not set up your domain keys and DMARC in DNS correctly and do not have a reject or quarantine RUA or the email(s) in your RUA bounce.

Sometimes you may get temporarily sent to spam if your IP is in a /28 of a known spammer IP.

That’s about it.

“There are good people on both sides” when the date brings up Charlottesville.

Yes, but has it taken both OS’ out at the same time? It hasn’t but it could happen, however, the chances are even less. There’s obvious risk mitigation in mixing vendors in infrastructure for both hardware and software in the enterprise.

If some critical services were lost in your enterprise last time until RH updated their kernel then you could have benefitted from running that service from Windows as well. Now the reverse is true. You could have another DC via Samba on Linux in your forest if you wanted to, in order to have an AD still for example. Same goes for file share servers, intermediary certificate servers (hopefully your Root CA is not always on the network) and pretty much most critical services.

Most enterprises run a lot of services off of a hypervisor and have overhead to scale (or they are already in a sinking ship), so you can just spin up VMs to do that. It isn’t as if it is unreasonably labor intensive compared to other similar risk mitigation implementations. Any sane CCB (obviously there are edge cases but we are talking in general here) will even let you get away without a vendor support contract for those, since they are just for emergency redundancy and not anywhere near critical unless the critical services have already shit the bed.

I get the sentiment but defense in depth is a methodology to live by in IT and auto updating via the Internet is not a good risk to take in general. For example, should Crowdstrike just disappear one day, your entire infrastructure shouldn’t be at enormous risk nor should critical services. Even if it’s your anti-virus, a virus or ransomware shouldn’t be able to easily propagate through the enterprise. If it did, then it is doubtful something like Crowdstrike is going to be able to update and suddenly reverse course. If it can then you’re just lucky that the ransomware that made it through didn’t do anything in defense of itself (disconnecting from the network, blocking CIDRs like Crowdsource’s update servers, blocking processes, whatever) and frankly you can still update those clients anyway from your own AV update server which is a product you’d be using if you aren’t allowing updates from the Internet in order to roll them out in dev first, phasing and/or schedules from your own infrastructure.

Crowdstrike is just another lesson in that.

What I usually do is set next boot to BIOS so I have time to get into the console and do whatever.

Also instead of using a browser, I prefer to connect vmware Workstation to vCenter so all the consoles insta open in their own tabs in the workspace.

Similar thing happened to the idiot CEO of Lifelock that used to advertise his actual social security number everywhere.

I’m not against using Google, stack exhange, man pages, apropos, tldr, etc. but if you’re trying to advertise competence with a skillset but you can’t do the basics and frankly it is still essentially a mystery to you then youre just being dishonest. Sure use all tools available to you though because that’s a good thing to do.

Just because someone breathed air in the same space occasionally over the years where a tool exists does not mean that they can honestly say that those are years of experience with it on a resume or whatever.