That was early access. The full release is soon (q2 2024) according to their Steam page
That was early access. The full release is soon (q2 2024) according to their Steam page
If there’s an option on the AP to not permit link local routing within a vlan/ssid, that will force all traffic up to the firewall. Then you can block intrazone traffic at the firewall level for that vlan.
I’ve seen this in Meraki hardware where it’s referred to as “client isolation”. Ubiquiti might be able to do this too.
This is what I use for clips that I need to upload to friends. The Windows Xbox DVR saves the last 3 mins of gameplay, but I only need 15-30s of it.
Short answer, likely yes. It’s not definitive, you could still slip by after sending enough mail, but you are also very likely to get whacked because that VPS IP doesn’t have an email sending reputation.
Longer answer, email gateways like Google, Microsoft, and Proofpoint don’t really care who owns what IP. Well, they might, but they’re more concerned about the sending habits of an IP. While you might send good mail from that IP, there’s no reputation for it, so you could be whacked for having a neutral reputation (the ol’ credit score dilemma but for email).
In order to have a good reputation, you have to send a large volume of messages very gradually over several weeks to “warm” your IP as a reputable sender. I went over this slightly more in detail in another reply, but this article is pretty concise on how an enterprise accomplishes this with a dedicated IP at a provider like SendGrid: https://docs.sendgrid.com/ui/sending-email/warming-up-an-ip-address
It’s about sample size. Mail gateways won’t designate an IP as a reputable sending IP until it assesses a large volume of mail sent over a long period of time. You can’t send the quantity it wants all at once or even in a short window because then you’ll be designated as a spammer. So you start small with a few a day and gradually ramp up sending over multiple weeks or months to eventually send several thousands of messages in that period.
Spammers and malicious actors too often spin up new IPs for sending mail, so gateway patterns already implicitly mandate that email should come from IPs it’s already judged reputable.
You as an individual can’t reasonably warm your own IP. This is why services like Amazon SES or Sendgrid exist because they have huge IP pools that are ready to go. Plus, those services are very concerned with reputation and have bounce/complaint metrics defined to warn customers that abuse or poorly configure their sending habits.
This next example is what I’m most familiar with, but I’m sure there are other services like this. If you’re a big enterprise and want your own dedicated sending IP because you’re concerned about using a shared pool, you could use something like Amazon Pinpoint which allocate IPs for your org to use in SES, but they have to be warmed before you switch your production workloads over to it full-time. It automates some of the gradual-ness of warming so you use a mix of SES plus your Pinpoint IPs to keep mail flowing for your product.
It looks like Sendgrid also does dedicated IP warming guard rails too. This article is pretty decent for understanding how it works - https://docs.sendgrid.com/ui/sending-email/warming-up-an-ip-address The per-day warming limits give you an idea of what scale this kind of process is used for.
Definitely listen to this. IP Warming is a very real problem and you have to send thousands of messages at a very gradual rate for most email gateways to 1) mark you as a proper email sender, and 2) classify you as a reputable one that isn’t sending spam. Using a public/private cloud IP isn’t enough, it should be a service already used for mail sending.
If you self host sending email and ignore using a service for outbound, make sure it isn’t at home. ISPs often block SMTP traffic to keep people from spamming others from their home. A lot of IP blocklists also auto block home IPs so you may not ever get your messages delivered.
Make sure to set up SPF/DKIM/DMARC. At the very least SPF, DKIM if the platform supports it, and ideally all three or SPF+DMARC. It’s not that hard to configure if you do it as you go instead of years down the line after you have a dozen services sending mail as your domain.
CrossCode!! One of my top favorites of all time. It’s such a good charming game with awesome gameplay. I wish there was more 😭
We added a tilt sensor to our door that shows the state of the door for the most part. The threshold we have it at doesn’t detect if it’s partly open, but that’s okay for us because we never leave it cracked
Our solution that we set up years ago was to connect a Shelly to circuits on a normal, dumb door opener. The Shelly triggers open/closed itself and since the signal comes from the opener, there’s no crypto nonsense to figure out. It always works, no matter what MyQ/Chamberlain/LiftMaster do. Bonus, it also works if you have a very old opener.
We also supplemented this with a tilt sensor so we know the state of the garage door. The door can still be cracked and not registered as opened, but that’s a compromise we’re okay with since we never leave it intentionally cracked.
Yeah you’d need an L7 application layer filtering firewall to catch DoH since it would detect the SSL packet signature on port 53. Unfortunately that balloons the cost of the device past a reasonable level for a home aficionado.
A workaround for now would be to block known public servers that use DoH like Google DNS, since a lot of devices are adding features to enable DoH by default at the OS level
Oh, I actually like my gsp 500 too :( it’s lasted me for years, has a nice long cable, and gives decent audio quality after I got a pci-e audio card to boost levels. I’ve always preferred a combo headset over separate headphones and mics because it’s less to juggle, but so many out there are cheap garbage. Guess I’ll have to find a new solution whenever these die on me
I will buy the game for everyone I know if they make a campaign creator like nwn1. I got so much mileage out of that game browsing the nwnvault.
My only complaint is that coming from a networking background, Ubiquity’s OS is awful and makes me want to gouge my eyeballs out. Navigating the interface to find settings makes no sense, it’s not very granular in how you can configure certain filtering settings, dual wan setups are difficult to manually change over, and good luck looking at logs to troubleshoot any traffic flow issues (hint: you can’t).
For someone who just needs a firewall and a VPN endpoint, it’s great. If you need anything more than that, get opnsense/pfsense. Pairing one of those with Ubiquity APs (which are actually pretty terrific) is a really solid setup.
I neeeeeeed it. This looks a lot like CrossCode but refined. It has all the puzzles and scenery and build trees and I want to play it now