On 8/16/20 10:50 PM, Caveman Al Toraboran wrote:
hi.
Hi
context:
1. tinfoil hat is on.
Okay.
2. i feel disrespected when someone does things to my stuff without
getting my approval.
Sure.
3. vps admin is not trusty and their sys admin may read my emails,
and laugh at me!
Do you have any (anecdotal) evidence that this has actually happened?
Hanlon's razor comes to mind:
Never attribute to malice that which is adequately explained by
stupidity.
My experience supports Hanlon's razor.
This doesn't mean that there aren't malicious admins out there. Many in
our industry have fun with the B.O.F.H. and P.F.Y. But I think that's
more what we want to do -- if there were no repercussions -- and not
what we actually do. *MANY* people talk a big game. I've seen few
follow through on the boasting.
4. whole thing is not worth much money. so not welling to pay more
than the price of a cheap vps.
That is your choice. I personally find that my email / DNS / website is
worth ~$240 a year. I could probably do it for ~$120 a year if I wanted
to drop redundancy.
I could theoretically do it for $60 a year if I wanted to lower
functionality.
moving to dedicated hardware for me is not worth it.
Fair enough and to each their own.
I used to have dedicated hardware in my house, and then migrated to VPS
based solutions as part of a cross country move without a static IP on
the destination end.
my goal is to make it annoying enough that cheap-vps's admins find
it a bad idea for them to allocate their time to mingle with my stuff.
I'd like to hear any (anecdotal) evidence of this happening that you have.
If there is anything, I'd suspect that it's bulk Deep Packet Inspection
monitoring things. I doubt that actual malicious involvement is common.
thoughts on how to maximally satisfy these requirements?
Well, seeing as how you're talking about email, the biggest elephant in
the room is SMTP's default of unencrypted communications path. It's
realtively easy to add support for encryption, but more systems than I'm
comfortable with don't avail themselves of the optional encryption for
some reason. Sure, it's possible to configure many receiving SMTP
servesr to require it from specific sending systems and / or sending
domains. But this is effort you have to expend to enact these restrictions.
Actual encrypted email; S/MIME, PGP, etc. help in this regard.
--
Grant. . . .
unix || die
