Test and deploy HAProxy Config

We faced a problem that we thought could use an automated strategy; our HAProxy configuration files were getting larger and more complicated and more prone to a small error resulting in the service not restarting appropriately. We currently use Buddy.Works to manage some of our code deployments and we’ve found a relatively simple way to accomplish this. We created a new repository, commited our base HAProxy configuration, setup our pipeline to grab the official haproxy docker instance and run the following: groupadd haproxy && useradd -g haproxy haproxy mkdir -p /etc/ssl/private/ cp dummy.pem /etc/ssl/private/dummy.pem cp haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg haproxy -c -f /usr/local/etc/haproxy/haproxy.cfg This will create and add the appropriate user/group that our HAProxy runs under, copies over a dummy certificate to […]

Stopping Exchange 2016 Same Domain Spam Spoofing

We recently converted over to using Exchange 2016 for our internal email hosting and we were immediately buried in spam. Initially we enabled the exchange built-in spam protection and it just wasn’t cutting it. We expanded out and got ourselves BitDefender Exchange Protection which promptly dropped our spam rate almost overnight. However, we were still getting emails from our own domain @infinitewebdesign.com. The best places we found to combat this involved removing the permission: ms-exch-smtp-accept-authoritative-domain-sender in the active directory for the receive connectors. This, thankfully, allowed BitDefender to at least classify them as spam, but we were still able to be spoofed. A simple telnet to our server like so: >telnet <server_ip_here> 25 >EHLO >MAIL FROM: test@<domain_here> >RCPT TO: someone@<domain_here> […]