--- Log opened Thu Oct 04 00:00:02 2018
01:25 -!- K`Tetch_ [~no@47.39.211.239] has joined #se2600
01:29 -!- K`Tetch [~no@unaffiliated/ktetch] has quit [Ping timeout: 252 seconds]
02:43 -!- Warcop [~josh@mobile-166-173-250-218.mycingular.net] has quit [Ping timeout: 252 seconds]
02:45 -!- Warcop [~josh@mobile-166-173-250-218.mycingular.net] has joined #se2600
03:06 -!- Warcop [~josh@mobile-166-173-250-218.mycingular.net] has quit [Read error: Connection reset by peer]
03:13 -!- Warcop [~josh@mobile-166-173-250-192.mycingular.net] has joined #se2600
04:40 -!- NotLarry [~NotLarry@c-68-53-121-109.hsd1.tn.comcast.net] has quit [Ping timeout: 252 seconds]
04:41 -!- NotLarry [~NotLarry@c-68-53-121-109.hsd1.tn.comcast.net] has joined #se2600
04:41 -!- mode/#se2600 [+o NotLarry] by ChanServ
07:12 <@_NSAKEY> shapr: I want an "rm -rf" keycap for my enter key.
07:59 < aestetix> hah
07:59 < aestetix> rm -rf --no-preserve-root
07:59 <@brimstone> more of a spacebar keycap
08:23 <@Mirage> Evilpig: Scheduled delivery:
08:23 <@Mirage> Thursday 10/04/2018 by end of day
08:23 <@Mirage> In transit
08:23 <@Mirage> On FedEx vehicle for delivery
08:23 <@Mirage> MESQUITE, TX
08:46 <@Evilpig> same here
09:20 -!- strages [uid11297@gateway/web/irccloud.com/x-pqekwvqjevyuodbi] has joined #se2600
09:27 -!- Dolemite [~scott@h69-131-146-18.cncrtn.dsl.dynamic.tds.net] has quit [Quit: patch reboot]
09:33 -!- Dolemite [~scott@h69-131-146-18.cncrtn.dsl.dynamic.tds.net] has joined #se2600
09:33 -!- mode/#se2600 [+o Dolemite] by ChanServ
09:34 <@Dolemite> HOLY FORKING SHIRTBALLS, I have a whole new hatred for DHS
09:44 <@Corydon76_> So how many people are busy today requisitioning new machines for their existing Supermicro motherboards?
09:44 <@Dolemite> None, because they're all out of funding!   LOL
09:50 <@Corydon76_> It's October, right in the first part of the federal fiscal year.
09:51 <@Dolemite> Yes it is, but it's too late for budget adjustments.   Most research programs are in maintenance mode funding.
09:52 <@Dolemite> But my renewed hatred for DHS has nothing to do with Ch..ch..ch..CHINA.   It has to do with BOD18-01.
09:53 <@Dolemite> https://cyber.dhs.gov/bod/18-01/
09:53 <@Corydon76_> What's wrong with that?
09:54 <@Dolemite> OH LET ME TELL AY
09:54 <@Dolemite> YA
09:54 <@Corydon76_> 1. a. iv. ?
09:55 <@Dolemite> 1 - Some of the idiots running mail servers in certain .gov areas actually made the statement, "Well you only have to publish DMARC.   You don't have to enforce it."   AS IF that was the problem.
09:55 <@Corydon76_> LOL
09:55 <@Dolemite> 2 - Two years ago we had a "Cloud First" initiative.   Do you have any clue how many fucking cloud services are sending email as *@*.gov addresses?
09:56 <@Dolemite> 3 - Do you have any idea how many cloud services don't support DKIM?
09:56 <@Dolemite> 3a - It's A LOT.
09:57 <@Dolemite> 4 - As soon as we turned on enforcement, we noticed several legitimate .gov sources that were blindly having their emails rejected because of #1.
09:57 <@Corydon76_> Yeah, that's pretty normal
09:57 <@Dolemite> So yeah, it's long overdue
09:57 <@Corydon76_> I dealt with that some time ago.  All of our servers have to forward through a designated gateway on the network
09:58 <@Dolemite> The problem is that they did a piss poor job of evaluating the impact and the time to mitigate.
09:58 <@Corydon76_> Again, normal.
09:59 <@Corydon76_> Everybody ignores warnings until they become errors, because they have other fires to fight.
10:00 <@Corydon76_> Can you at least designate a smart host for the dumb cloud services?
10:00 <@Corydon76_> Or does that fall afoul of the directive?
10:01 <@Corydon76_> My current project is dealing with some new Prop 65 regulations
10:01 <@Dolemite> So I've set up subdomains for certain cloud services that can be DMARC compliant and we're forcing people to use them
10:02 <@Dolemite> Because NFW are we delegating authority to MailChimp to send as *@ornl.gov
10:02 <@Corydon76_> Right
10:03 <@Dolemite> So I'm just having to write up procedures on how to do domain verification, what address you have to use, etc...   and then train the Helpdesk on how to answer the calls and what escalates to a ticket, etc.
10:03 <@Dolemite> And we have to flip to p=REJECT in less than 2 weeks.   LOL
10:04 <@Corydon76_> It's too bad that services like MailChimp can't send with specific subdomains.  If they could, you could delegate only to those exclusive subdomains of mailchimp, that nobody else can use, and be safe with the delegation
10:04 <@Dolemite> Well it does, but you still have to verify that you control that subdomain
10:04 <@Dolemite> So that's what I did
10:05 <@Dolemite> I've got their SPF/DKIM records in for mailer.ornl.gov and now I have to herd all the sheep over to using the correct process
10:05 <@Corydon76_> Shouldn't be too hard with a reject rule in place.  They don't comply, their emails don't go anywhere.
10:06 <@Dolemite> Yeah, the technical part isn't the problem.   It's the people part.
10:06 <@Corydon76_> Always.
10:06 <@Dolemite> I don't know if you've noticed this before, or not, but some people don't read all of the notices you send them.   Even when you mark them as important.
10:07 <@Corydon76_> Maybe you alternate days where reject is enforced.  When they see emails aren't sent, they tend to get upset and that's the fire they need to solve
10:08 <@Corydon76_> If emails on Tuesdays and Wednesdays don't go out, maybe they spend the time on Wednesday to fix the problem
10:09 <@Corydon76_> I'm sure they're blowing up your phone, though
10:13 <@Dolemite> Well I'm not even on the messaging team.   I'm just the only one who had a clue about SPF/DKIM/DMARC before the directive was issued, so I'm the technical lead.   The website stuff was easy.
10:15 -!- K`Tetch [~no@unaffiliated/ktetch] has joined #se2600
10:19 -!- K`Tetch_ [~no@47.39.211.239] has quit [Ping timeout: 252 seconds]
12:09 -!- K`Tetch_ [~no@47.39.211.239] has joined #se2600
12:12 -!- K`Tetch [~no@unaffiliated/ktetch] has quit [Ping timeout: 252 seconds]
12:29 -!- NotLarry_ [~NotLarry@c-68-53-121-109.hsd1.tn.comcast.net] has joined #se2600
12:29 -!- NotLarry_ [~NotLarry@c-68-53-121-109.hsd1.tn.comcast.net] has quit [Client Quit]
12:54 <@Mirage> Evilpig: I hate FedEx...
12:54 <@Mirage> Scheduled delivery:
12:54 <@Mirage> Friday 10/05/2018 by end of day
12:54 <@Mirage> In transit
12:54 <@Mirage> On FedEx vehicle for delivery
12:54 <@Mirage> MESQUITE, TX
12:56 -!- K`Tetch [~no@unaffiliated/ktetch] has joined #se2600
12:58 -!- K`Tetch_ [~no@47.39.211.239] has quit [Ping timeout: 272 seconds]
13:17 -!- K`Tetch_ [~no@47.39.211.239] has joined #se2600
13:20 -!- K`Tetch [~no@unaffiliated/ktetch] has quit [Ping timeout: 252 seconds]
13:29 -!- K`Tetch [~no@unaffiliated/ktetch] has joined #se2600
13:33 -!- K`Tetch_ [~no@47.39.211.239] has quit [Ping timeout: 268 seconds]
13:46 -!- K`Tetch_ [~no@47.39.211.239] has joined #se2600
13:50 -!- K`Tetch [~no@unaffiliated/ktetch] has quit [Ping timeout: 252 seconds]
16:00 -!- Dolemite [~scott@h69-131-146-18.cncrtn.dsl.dynamic.tds.net] has quit [Ping timeout: 252 seconds]
16:31 -!- Dolemite [~scott@h69-131-146-18.cncrtn.dsl.dynamic.tds.net] has joined #se2600
16:31 -!- mode/#se2600 [+o Dolemite] by ChanServ
16:48 <@Evilpig> Mirage: I have it set up but it doens't like something on my network
16:49 <@Evilpig> I can see it's connected to 10.0.0.198 but the app can't see it. :-/
16:58 <@Evilpig> and as I complain it starts working.  :P.  the app on my phone needs some help
16:58 <@Evilpig> https://photos.app.goo.gl/zMZAwEKkeeDFLSVQ8
17:26 -!- K`Tetch [~no@unaffiliated/ktetch] has joined #se2600
17:29 -!- K`Tetch_ [~no@47.39.211.239] has quit [Ping timeout: 252 seconds]
17:39 -!- K`Tetch_ [~no@47.39.211.239] has joined #se2600
17:42 -!- K`Tetch [~no@unaffiliated/ktetch] has quit [Ping timeout: 246 seconds]
17:43 -!- K`Tetch [~no@unaffiliated/ktetch] has joined #se2600
17:44 -!- K`Tetch_ [~no@47.39.211.239] has quit [Ping timeout: 268 seconds]
18:00 -!- K`Tetch [~no@unaffiliated/ktetch] has quit [Ping timeout: 260 seconds]
20:15 -!- strages [uid11297@gateway/web/irccloud.com/x-pqekwvqjevyuodbi] has quit [Quit: Connection closed for inactivity]
23:11 -!- K`Tetch [~no@unaffiliated/ktetch] has joined #se2600
23:19 <@Mirage> Evilpig: restricted zones interface needs some help.. for android anyway.
23:52 -!- Netsplit *.net <-> *.split quits: @NotLarry, Warcop
23:57 -!- Netsplit over, joins: @NotLarry, Warcop
23:59 -!- Dagmar [dagmar@unaffiliated/dagmar] has quit [Ping timeout: 252 seconds]
--- Log closed Fri Oct 05 00:00:03 2018