Category: Work

SPF, DKIM, DMARC, and Apple mail

Recently our company migrated from an on-premises email solution to hosted Exchange. The change was surprisingly easy and everything worked as expected.

A couple of months later we moved our on-premises Barracuda to the cloud (ESS). Everything appeared to be working properly for the first few months, then some people started having issues. Mail forwarded to Apple owned domains (iCloud, mac.com) was being rejected as failing DMARC.

After some investigation, correcting of SPF records, and enabling of Sender Rewrite Scheme (SRS) in Barracuda, mail was still failing the DKIM check and thus DMARC. For that reason, Apple domains kept sending NDA notices for any forwarded email.

Contacting support, Barracuda blamed O365 and O365 blamed Barracuda. We were almost to the point of hiring a contractor when I found a little blurb in the Barracuda knowledgebase about how ‘link protection’ was turned on by default and would result in DKIM failure because, of course, the body had been changed. This means a different hash and DKIM failing as it should in this case. None of this showed in the headers because the links looked normal when viewing them.

So, we turned off link protection and TA-DA email passed DKIM and DMARC without issue. That was a lot of time and research I’ll never get back, but it did feel good to fist-pump the air in joy at finding the solution.

So, if you forward mail to Apple domains, be sure that link protection is turned off or it will bounce back forever.

Your snarkiness can suck it

I’m trying every day to be more positive. I’ll never be Mr. Sunshine, but I am actively trying to be more positive in my daily life. Sorry if it hasn’t been obvious – I’ll try harder.

Today I was working on a difficult domain fix for a user’s profile that decided to die. While trying a myriad of Microsoft suggested fixes, another employee walks by and mutters to the affected employee “Good luck getting it fixed.”

I’m quite surprised I am not now searching for a new job. Along with this profile I’m trying to not lose any data from I also have dozens of workstations to fix (update) at another location in short order, three ISP changes at other centers, a shipping printer that needs a minor reconfiguration, intermittent email connection issues, and of course personal life stuff like everyone. Pardon me if I don’t make everything available to you on your iPad, Mr. Salesperson. I’m sorry you don’t want to carry your company provided laptop that is newer than my desktop, but get over it. I’m working on making iPad-only a reality, but business processes and the imminent prom season kinda puts your wishes on the back burner.

Yup, this is me venting. Yup, future employers probably won’t like this post. Hell, if my current employer reads it I’m probably fired. I think it’s good to have a vent though and maybe this shows I effectively deal with stress in a positive way rather than blowing up at people…? I don’t know, but now I’ve vented.

Why, herro, SIUC

So, I’m now a student at SIUC. I’m attempting to gain a bachelor of science in Information Systems. To be honest, I’m thinking this is a lofty goal. My time constraints are pretty tight, and so I’m afraid that my coursework may suffer as a result.

60 hours/week driving and working.

56 hours/week sleeping (I wish).

20 hours/week dedicated to family.

That’s 136 hours per week already tied up. Now if I add in the recommended time for coursework @ 48 hours/week, I’m up to 184 hours out of 168 used up. I’m already negative and I haven’t included anything for just relaxing. I suppose if I reduce sleep to 6 hours/night then I should be able to make it. Still, I’m thinking this may have been a severe lapse in judgment on my part. Time will tell.

There are no jobs in America, and it is your fault

Go read this Time article. Yes, I know, I’m horrible for asking you to read.

Go read #3. Read it again. Once more now.

Why is our country hosed? Because the companies (executives) are here collecting fat paychecks. We peons are scraping to get by and buying crap at Wal-Mart, Target, Sears, etc. that is made in China. Hence middle-class jobs are gone. The execs get richer, and we have no middle-class anymore.

But that’s okay, you go save $1.25 on your toothbrushes while the Chinese buy your country with your money.

Germany has the right idea by supporting companies that produce/invest in-country. THAT is what we need here and now. Continental in Mount Vernon is German-owned. Guess what – if they can get a part from Germany instead of buying it up the street, they do it. THAT is how you keep an economy going.

PC work? Not for you.

The following story is true to my best recollection, and happened a couple of years ago.

I  shy away from working on personal computers for one major reason – people who are sue-happy. A PC is a machine, it breaks mechanically as well as by software. Had a woman who asked me to look at a PC, I did, and after I had her reboot, it would not come up. I left, after doing nothing to the PC other than plugging in a USB thumb drive (software tools I commonly use are on the thumb drive).

She told me I had broken it and needed to pay to have it replaced after her ‘friend’ she gets weed from said it was non-repairable. We had a few missed phone calls back and forth, but I offered to pay 1/2 of the repair cost at a neutral shop to be nice. I should point out that she suggested I buy her a ~$1,500 laptop to replace the 5+ year old desktop her weed-buddy said I broke.

Then she contacted the MVPD who told her(according to her message) that I had likely downloaded personal information from her PC using my thumb drive (thanks for that, MVPD), and was a criminal planning to exploit that information. Finally she left me a message that said she had ‘better not find me out anywhere’ and that I should ‘come back by her house because her dogs have something for me’.

Long story short, I’m shying away from doing PC work for anyone other than immediate family. Until I am incorporated and have a much better liability policy, my family cannot afford the risk even though I love helping people.

I won’t mention her company for fear of being sued, but her family runs a local pest control company named ACME, beware.