Hashemian Blog
Web, Finance, Technology, Running

Migrating To Cloud, Digital Ocean, Cloudflare

by @ 4:14 pm
Filed under: computers,email,internet,technology,web — Tags: , , , ,

When I started this site decades ago, I followed the usual path at that time to launch sites, shared hosting. There were many vendors to choose from but nothing like the quantity and diversity of what’s available today. I registered the domain, settled on a small vendor for $5/month, got my cPanel and terminal login and off I went.

My server didn’t have much processing juice, storage, and bandwidth compared to today’s levels but plenty enough to host my website and email and other services within the same account. Things were running smoothly but as you’d guess, the account eventually started to push the envelope with the hosting limitations and over the next few years I migrated from vendor to vendor in the perpetual quest for more resources and better prices.

Still all this time I was a slave to the hosting companies and their rules. If my services were abused by outsiders my account was suspended. If my site was spamvertized, my account was suspended. They’d change prices, modify account agreements, deprecate services, migrate servers, upgrade products, get merged or acquired and I had to go with the flow.

So a few years ago I finally decided to give self-hosting a try. I signed up for Comcast Business with static IP addresses, got a decent used computer and migrated all the services to a corner of my home. I was paying more for business Internet at home but I was saving on hosting costs.

Self-hosting Server at Home

This arrangement worked fine for many years but there were downsides too and with the passage of time those downsides became more prominent. To cite a few,

  • Being in a residential zone, power outages are inevitable and my puny UPS couldn’t handle long blackouts, such as those arising from intense storms.
  • Computers and equipment crash or power may be cut because of workers or a tripped breaker. If there’s no one at home to power up the equipment, services would remain offline.
  • The ambient temperature must be kept at a reasonable level. That means running the A/C on hot days even if no one is at home.
  • Hardware failures would mean outages until parts could be replaced and of course a good backup strategy is a must.
  • Software updates are necessary to support the latest or minimum required protocols or to patch vulnerabilities. For example making sure that TLS1.2 or IPv6 are supported or patch for Shellshock or Heartbleed bugs.
  • Monitoring and battling abusers and hackers become a daily stressful job.
  • With the static IP, it becomes impossible to be even slightly anonymous while surfing, unless one pays for a separate internet service.

In short, self-hosting became way too onerous and the cloud had finally reached a robust point where migrating back to providers could be a prudent move once again.

The first service to be migrated was email. I have covered the email migration to Google Workspaces in a previous post and have not looked back. The stress relief was almost immediate.

A few months later it was time to migrate the web services. For hosting I chose Digital Ocean. I had used Digital Ocean before for my day job and was impressed with their facilities and prices. Unlike the bigger players in the cloud space such as AWS or Azure that can inundate users with options, Digital Ocean has simple and straight forward options and pricing to choose from. I quickly set up a droplet (their parlance for a virtual server), transferred the files over, tested the web services, fixed the errors and incompatibilities and finally put the server into production. (My referral link, Get $100 credit with Digital Ocean.)

Shutting down the home server for the last time was a bitter sweet moment but there was no turning back and there was a tremendous feeling of relief.

The final piece of this project came with the addition of Cloudflare. Essentially Cloudflare is a web acceleration and SSL/TLS termination service and they have a lot of free services for the small operators. A few noteworthy advantages of Cloudflare are,

  • IPv6 reach. If a website is only available on IPv4, suddenly it’ll be accessible to all IPv6 clients as well.
  • Powerful and flexible firewalling and security capabilities, including DDoS handling.
  • Latest TLS and HTTP protocols.
  • Powerful web caching and acceleration features with automatic CDN.
  • Reliable and fast DNS hosting.
  • Web analytics.

A few months have now passed since I moved my server to the cloud and perhaps the only regret is not doing it sooner. I am saving money by using less power at home, terminating the static IP’s, and downgrading to lower internet speed. But more importantly I am saving my sanity by drastically reducing the stress of maintaining my own server.

Also, with the static IP’s gone, I can now replace the Comcast assigned cable modem with my own modem and hopefully save even more money every month. But that’s another project and maybe another post.

From Sendmail To G Suite Gmail

by @ 1:04 pm
Filed under: email,google — Tags: , ,

In a previous post I covered updating my self-hosted Sendmail program to the newest version with some additions such as TLS 1.2 and DKIM. The version 8.15.2 at the time of my update was nearly five years old.

Interestingly, less than two months after my update Sendmail released a new version 8.16.1 . Now it must have been a coincidence that after 5 years of hibernation Sendmail decided to release a new version only a few weeks after I had gone to the trouble of updating my install but I wasn’t about to go through the pain of building, testing and deploying the new version and all its supporting components again.

Sendmail is a rock solid MTA and I could have happily stayed with the 8.15.2 version, but as I had mentioned in that blog post there were bigger concerns about continuing to self-host an email server. I was simply burned out from combating spammers and hackers and since all my emails (including uncaught spam) were forwarded to Gmail, my server’s reputation with Google wasn’t exactly stellar.

The time had come to end self-hosting and migrate to cloud hosting and G Suite was the perfect platform. G Suite by Google is one of several cloud products that companies can migrate their online presence to, including email service for their entire organization.

In my case that decision was even easier since I already had an unused free legacy G Suite account that had been languishing for many years. The legacy account has many limitations compared to the paid versions but it was good enough to proceed with the migration.

I configured hashemian.com as an alias domain for the G Suite account and created two users to handle the 55 or so email addresses. Each user can have a maximum of 30 email aliases which is why two users were needed. After adding all the aliases to the users, I logged into Gmail with each user account and configured them to forward all incoming emails to my regular Gmail account and then to delete those emails.

The final step was to the configure the DNS MX records and emails bound for hashemian.com started to flow to the G Suite users and subsequently to my regular Gmail inbox.

Since my Sendmail install was no longer used to receive email, I blocked it from all outside traffic to stop all spam attempts from external hosts. Scanning the maillog file proved that all spam activity directed at my server had come to a halt which also had a nice side effect of significantly lowering the stress on my server.

Sendmail isn’t completely gone from my server. It’s still used to send out all internal and web page generated messages. At this point I can fully disable it and use a lightweight outbound SMTP program such as ssmtp, msmtp, or nullmailer to submit emails via Gmail’s SMTP relay service. Perhaps some day that may happen, but for now Sendmail is working fine sending outbound messages without much stress on the server, so there’s little reason for me to fully terminate it.

After over 10 years with Sendmail, it was time to hand the email service reigns over to the cloud and so far the only regret is not doing it sooner. My server isn’t the only one benefiting. I also have a lot less stress since the migration.

* G Suite is now known as Google Workspace.

Does It Make Sense To Self-Host Mail Server?

by @ 9:51 pm
Filed under: email,internet — Tags: ,

I have operated hashemian.com for over 2 decades now, earlier on hosted servers and eventually on my own server. During that time the domain has also been email capable, accepting and delivering emails sent to/from addresses such as [email protected] This was also originally hosted but was eventually ported to my own server. The product of choice for hosting my own mail server (MTA) has been Sendmail. At one time Sendmail was the king of the hill. It's still in use today, albeit vastly eclipsed by other products such as Exim and Postfix, as can clearly be seen here.

Years ago I would use email clients such as Squirrelmail to read emails but eventually for the sake of convenience I configured Sendmail to forward all @hashemian.com emails to my Gmail account. With Gmail I also gained great spam detection but there are also potential adverse effects in forwarding emails. One drawback is Gmail could and in fact does block access from my server, especially if a few too many emails are forwarded. Gmail does not recognize that the forwarded emails are from various original senders and instead assume all the emails originate from my server and takes punitive measures against what it perceives to be an abusive server. This periodic blacklisting has been happening for years now and I’m sure it doesn’t bode well for my server’s reputation.

421 4.7.28 [XXX.XXX.XXX.XXX] Our system has detected an unusual rate of unsolicited mail originating from your IP address. To protect our users from spam, mail sent from your IP address has been temporarily rate limited. Please visit https://support.google.com/mail/?p=UnsolicitedRateLimitError to review our Bulk Email Senders Guidelines. - gsmtp

There are steps I can take to correct or at least mitigate this issue. One would be to identify and block spammers from my server and I do that from time to time when I find egregious activities. It helps, but it’s a manual chore and hardly efficient. Another would be utilizing products such as Fail2ban and SpamAssassin to combat spammers at network and application levels. But that would mean more work for me in terms of configuring, tweaking, updating and patching, and I’m too lazy for that. Also instead of pushing emails to it, I can have Gmail pull emails utilizing IMAP or POP. But that means maintaining another product such as Dovecot and opening ports on my server inviting additional exploit activity. No thanks, not at this time, even if those ports can be restricted to Gmail’s IP addresses only.

Recently I undertook the effort to build from source and update Sendmail to its latest available version 8.15.2 on my ancient but functional Fedora 14 server. As can be imagined it wasn’t a simple task, especially since I wanted to bring as many features of ESMTP aboard as possible, including support for STARTTLS on TLS 1.2. In some cases that meant hunting around for newer library source codes to build into Sendmail. The effort was an eventual success, specially after I installed and started the service and mail began to flow. Then to build on that momentum, I also added DKIM authentication to Sendmail by building and installing dkim-milter.

I must admit that even though the effort was successful it wasn’t really cause for celebration. The latest version of Sendmail, while stable and rock solid, is nevertheless 5 years old now, not as ancient as the kernel it’s running on but still pretty aged as software goes these days. Still doubtful I would have felt any better had I switched the MTA to the more modern Exim or Postfix.

Fact is times have changed and with cloud services maturing and prices falling, there’s little reason to maintain a server. Sure, there’s the educational aspect to it and some pride and autonomy, but it can be exhausting to keep up with all the updates and patches when you can spin up a fully loaded droplet on Digital Ocean for $5 or get cheap domain email service on G Suite or Office 365 (soon called Microsoft 365).

And with that in mind, I am slowly warming up to moving my domain’s email setup to my G Suite account. It’s an account I registered for years ago and thankfully Google has kept it free so far. It’ll be a bittersweet moment when I shut down Sendmail for the last time (although I may continue to use it for a bit longer for outbound messages) handing over the reigns to G Suite. I suppose one concern would be if on that same day Google will flip the existing free G Suite accounts to paid versions.

To be continued…

Yahoo Mail Down Again

by @ 10:09 am
Filed under: business,email,web — Tags:

It is hard to say anything positive about Yahoo since Marissa Mayer took over the helm.

Useful services (e.g. Pipes) have either been eliminated or are just languishing (e.g. Mail).  Today Yahoo Mail is down again. Alibaba's stake hasn't turned out to be the savior it was once deemed.

At this point the stakeholders are surely kicking themselves for not taking Microsoft's buyout offer back in 2008.

The future isn't looking too bright for this once thriving vanguard of the Web. Perhaps it is time for new leadership.

Outlook is Private - Really!

by @ 12:12 pm
Filed under: email,google,microsoft — Tags: ,

Logging into my Hotmail/Outlook account this morning I was greeted with this message touting the benefits of Outlook. They saved the best for last, claiming that "Outlook is private". Talk about false advertising.

outlook is private?

 

It was barely a week ago when news leaked that Microsoft had snooped on an employee's Hotmail account while investigating a hacking incident. And before that there were news of Hotmail snooping on inboxes on behalf of the NSA.

If you are going to make a false statement, at least wait for a period of time for the negative news to fade. Taking veiled pot-shots at Google for showing related advertising on Gmail is easy enough. But I'd much rather have a computer algorithm display related ads while reading emails, than have a forensic team at Microsoft read and analyze my emails or send them to some government agency to be collected and mined unconstitutionally. And then to have the gall to make the phony privacy-abiding statement in the face of their blatant disregard for privacy?

What Gmail Needs, Action Icons

by @ 3:56 pm
Filed under: email,google — Tags:

I have been a Gmail user since its debut and have never looked back since I migrated from Hotmail so many years ago. But I still use Hotmail (now known as Outlook) and Yahoo Mail on occasion for trivial emailing and one of the great features that they offer is one-click actions for delete or move. As the mouse pointer rolls over the individual messages, action icons appear to the left of the titles allowing one to delete or move the messages. This is immensely helpful and it's something Gmail doesn't have.

Action icons in Yahoo Mail

Action icons in Yahoo Mail

In Gmail one either has to right-click each message for a menu to pop up and then choose an action like delete or archive, or click the checkbox to the left of the message and then select an action on the top menu. Both of these methods are not as convenient as having single-click action icons appear as one rolls over a message.

I think it's time for Google to introduce action icons in Gmail, at least as a Labs feature.

Gmail Storage Jumps to 10G

by @ 10:37 am
Filed under: email,google — Tags:

Today I noticed my Gmail storage had jumped form 7.5G to 10G. Maybe it's Google's way of compensating for the new ugly design. I suspect in most cases users didn't even notice the change and for even more users like me, who try to keep their account clean, this is really not much of an event.

Still, one never knows when the extra storage may come in handy, so it's welcome news.

Gmail Forces New Look

by @ 11:28 am
Filed under: email,google — Tags:

The good times are over and the ugly Gmail era has dawned. Google finally made good on the threat of making the new look permanent. Over the weekend my Gmail style switched to the new ugliness and there was no longer an option available to revert to the old look as before.

I can whine and complain about the new style but in the end it's Google's service and I'm using it for free. If I don't like it, I can leave, but not going to do that for now, I still like Gmail better than Yahoo and Hotmail. This attitude is not unprecedented at Google. When they took away the FTP feature of Blogger which was my blogging platform then, I complained too. In that case I decided to migrate my blog to Wordpress on my own site and have been happy with that decision.

What also ticks me off is that there are no themes to make Gmail look like its past version. That would have been so easy for Google but alas, there are no retro or classic themes. It's like Google wanted to wipe away even the tiniest connection to Gmail's past. For now the best choice for me is the compact mode with the high-contrast theme. That's neither compact nor high-contrast, but eventually I'll get used to it. Meanwhile I'm sure Google is already working on an uglier next version of Gmail.

New Ugly Gmail Look

by @ 9:23 am
Filed under: email,google — Tags: ,

Yesterday I was greeted by an icon in Gmail to try their new look. I clicked, played with the new look for a while and ran right back to the old look. Alas, Google seems determined to push the new Gmail look on users, whether they like it or not, so the classic look may not last much longer.

I had two immediate negative reactions to the new design. The style is plain ugly and it also stinks of social networking. There are no clear cut delineations between the email area, the navigation, the ads, and the buttons. Elements seem to have been randomly placed on the page with very little contrast to differentiate the various areas.

Google will probably deny this but the new design is like Google+ crammed into Gmail. Everything has profile pictures in it and email threads look like wall posting timelines now. You can try the compact mode to squeeze everything together but that doesn’t help much. The elements never quite collapse like the classic version.

When will companies learn? You can't force people to like a product. This is the case of Gmail trying to push Google+ on the users and it doesn't work. The Gmail help forums are already rife with critical messages from disgruntled users. If Gmail wants to give its users new look and feel options, that's fine, but not allowing users to have the classic look is just heavy-handed.

Users can revolt and threaten to leave Gmail and hope Google pulls a BoA in the end. But if Google decides to push forward with the new look, it may be time to ditch Gmail for other services. This may be a golden opportunity for Facebook to beef up its pitiful email platform and steal users away.

Pasting images into Gmail

by @ 12:16 pm
Filed under: email,google — Tags: , ,

A great idea that was way overdue. I always liked the simplicity of copy/pasting images into outlook. Now Gmail lets users do the same. Granted that for now it's only supported in Chrome, but that's my default browser anyways.

No more the old cumbersome copying, saving, naming, inserting, selecting, and finally deleting images.

Pasting images into messages just got easier - Official Gmail Blog.

Older Posts »

Powered by


Read Financial Markets  |   Home  |   Blog  |   Web Tools  |   News  |   Articles  |   FAQ  |   About  |   Privacy  |   Contact
Donate Bitcoin: 1GfrF49zFWfn7qHtgFxgLMihgdnVzhE361
paypal.me/rhashemian
© 2001-2021 Robert Hashemian   Powered by Hashemian.com