WEBVTT 00:00.000 --> 00:22.680 So, my name is Michiel, I wrote mox, I'm modern Shakira all in one meal server. 00:22.680 --> 00:26.000 The goal with mox is to make it really easy to run your meal server so that you'll 00:26.000 --> 00:27.500 actually do it. 00:27.500 --> 00:31.900 So, that you're keep in control of your data and you'll help keep email decentralized. 00:31.900 --> 00:36.500 So, I've got a question who's running your meal server today and so I can always be good. 00:36.500 --> 00:39.300 It's more than half, it's like the three quarters I think. 00:39.300 --> 00:43.500 So, the rest please give it a try soon and mox is an excellent option, I think. 00:43.500 --> 00:50.500 So, today's talk will be out simplifying meal server setup and management later on a bit more. 00:50.500 --> 00:53.500 Now, because if it takes too much time, people are not doing it. 00:53.500 --> 00:57.500 So, agenda for today, quick introduction to mox, what it is. 00:57.500 --> 01:02.500 And then some pitfalls that people do still run into when they try to set up a meal server. 01:02.500 --> 01:05.500 And stuff that we maybe can take away, make it easier. 01:05.500 --> 01:10.500 And then some plans for the coming year for me to make changes to mox to make it easier to install. 01:10.500 --> 01:16.500 So, I normally don't really like talking about stuff that I still am going to do, but I'm going to do it anyway. 01:17.500 --> 01:27.500 The talk then going to do well a little bit in a section about automatic DNS updates, because this is one of the ways to potentially make it easier to run your meal server. 01:27.500 --> 01:29.500 Quick introduction to mox. 01:29.500 --> 01:32.500 So, it really wants to be an all in one thing. 01:32.500 --> 01:35.500 So, you don't need anything else to run a meal server just mox. 01:35.500 --> 01:45.500 So, it doesn't be STF decim, demark, the reporting on TLS and demark, day in MTSTS, all that stuff to send and receive messages. 01:45.500 --> 01:52.500 Of course, you want to read your messages, so we've got, I'm at four in a bunch of extensions, and then a web meal, because it is convenient oftentimes. 01:52.500 --> 01:59.500 But you're not there yet, you need a junk field training that TLS certificates with acne, auto configuration, internationalized email addresses. 01:59.500 --> 02:04.500 There's an admin panel for adding and removing domains, accounts and addresses. 02:04.500 --> 02:11.500 There's even an API for sending physics or email and getting webpooks back for delivery stuff. 02:11.500 --> 02:13.500 And there's a web server included. 02:13.500 --> 02:19.500 And all of this stuff, it's a complete meal server that, you know, you can run all of your email in. 02:19.500 --> 02:25.500 It's written in Go with some funt and stuff in TypeScript and it's MIT license. 02:25.500 --> 02:28.500 And, you know, the idea is you'll get your system. 02:28.500 --> 02:29.500 You download the binary. 02:29.500 --> 02:34.500 It's a Go binary static, you know, complete the standalone, and you run the quick start. 02:34.500 --> 02:38.500 So, you give it your domain or an address at your domain, and it will generate the configuration file. 02:38.500 --> 02:39.500 It will do a bunch of checks. 02:39.500 --> 02:44.500 It's the environment, okay, and if not, it will tell you what's wrong and how you can figure. 02:44.500 --> 02:47.500 It will paint all the DNS records that you have to add. 02:47.500 --> 02:50.500 And if you do that, then you should start it and you're good to go. 02:50.500 --> 02:52.500 You've got a functioning system. 02:52.500 --> 02:55.500 So, that's all great and very easy, of course. 02:55.500 --> 02:59.500 But, you know, somehow stuff goes wrong. 02:59.500 --> 03:01.500 And why do things go wrong? 03:01.500 --> 03:06.500 Well, I mean, this is a, yeah, this is another long time. 03:06.500 --> 03:08.500 It's, I'm going to list some things. 03:08.500 --> 03:12.500 It's not as bad as maybe this image makes it look. 03:12.500 --> 03:15.500 But, some of the things I see people doing, or they get a machine. 03:15.500 --> 03:21.500 And then the host name, the fully qualified host name, that should resolve to the public IP. 03:21.500 --> 03:24.500 Actually, on their machine, we resolve to a loopback IP. 03:24.500 --> 03:29.500 So, it's kind of silly, because then if you try to deliver to your own domains, that starts failing. 03:29.500 --> 03:32.500 Because, you know, it tries to deliver to the loopback IP. 03:32.500 --> 03:35.500 And that thing is listening there, because most of the boxes listening on the public IP. 03:35.500 --> 03:38.500 Quick start with check for that, and we warn that, oh, this is going on. 03:38.500 --> 03:40.500 You have to fix it this in this way. 03:40.500 --> 03:42.500 So, that's one thing to do. 03:42.500 --> 03:45.500 Outgoing SMTPs, often blocked on new machines. 03:45.500 --> 03:48.500 I want to do a little bit of expectation management for users. 03:48.500 --> 03:50.500 Like, oh, you have to fix this first and then come back. 03:50.500 --> 03:52.500 And that's that's what's et cetera. 03:52.500 --> 03:55.500 People want to add that decant DNS records for RSA. 03:55.500 --> 03:56.500 These are really long. 03:56.500 --> 04:00.500 And you have to split them up in strings of 255 bytes. 04:00.500 --> 04:03.500 But some DNS web operator interfaces don't understand that. 04:03.500 --> 04:05.500 They will give you a really lousy error messages. 04:05.500 --> 04:07.500 And people all they create something that's invalid. 04:07.500 --> 04:08.500 And then it doesn't work. 04:08.500 --> 04:10.500 So, we check for that after you set up. 04:10.500 --> 04:11.500 Okay. 04:11.500 --> 04:12.500 Did you actually correctly set this? 04:12.500 --> 04:14.500 And if not, you get to fix it. 04:14.500 --> 04:18.500 Then there's network, ever translation issues. 04:18.500 --> 04:19.500 Somehow people set stuff up. 04:19.500 --> 04:21.500 So, incoming connections appear to be coming from a local IP. 04:21.500 --> 04:23.500 And that breaks all the SPF. 04:23.500 --> 04:26.500 So, I don't have a good way to check for that yet. 04:26.500 --> 04:29.500 But I want to add something I got for that. 04:29.500 --> 04:35.500 Then as a reverse DNS for that is only setable on some machines for the IP4 address. 04:35.500 --> 04:36.500 Not the IP6. 04:36.500 --> 04:40.500 So, when we deliver outgoing messages, we normally pick one. 04:40.500 --> 04:45.500 But if we pick the IP6 one, then stuff breaks for that outgoing delivery. 04:45.500 --> 04:49.500 So, we make it possible of course to set rules for that now. 04:49.500 --> 04:54.500 I should automate some more changes to make it easier for users to find those settings. 04:54.500 --> 04:56.500 Because now these are records. 04:56.500 --> 04:58.500 Or issues I get reported. 04:58.500 --> 04:59.500 How can I do this? 04:59.500 --> 05:00.500 How can I solve this? 05:00.500 --> 05:02.500 So, I want to make this stuff easier for them. 05:02.500 --> 05:03.500 Then there's a whole bunch more. 05:03.500 --> 05:04.500 Now, DNS tech and resolvers. 05:04.500 --> 05:07.500 I don't know why we still have this by default in Linux machines. 05:07.500 --> 05:11.500 You get your non-therfying play. 05:11.500 --> 05:14.500 And then, of course, I tell people to install unbound. 05:14.500 --> 05:18.500 And most of the time it works, but somehow people also can mess that up. 05:18.500 --> 05:21.500 But be check for that and we warn that this is no working yet. 05:21.500 --> 05:22.500 You have to fix it. 05:22.500 --> 05:24.500 Now, DNS check on the domain. 05:24.500 --> 05:26.500 So, please, if you register a new domain. 05:26.500 --> 05:29.500 Check if your DNS operator already does DNS tech. 05:29.500 --> 05:31.500 If not, go somewhere else. 05:31.500 --> 05:33.500 How should domain that? 05:33.500 --> 05:36.500 Because if you want to migrate your domain to a new DNS operator, 05:36.500 --> 05:39.500 we're setting up email that's too big things that you have to do. 05:39.500 --> 05:43.500 Then, admins want to send what sort of mocks and mocks as everything, 05:43.500 --> 05:47.500 including web server, but they want to run engine X or some other web server in front of that. 05:47.500 --> 05:48.500 Now, that is possible. 05:48.500 --> 05:51.500 But with email, if that's auto configuration and points and MTS, 05:51.500 --> 05:55.500 and points that need to do the main, that need a web server. 05:55.500 --> 06:00.500 So, you can do all this, but then you have to set up engine X forwarding or some other web server forwarding. 06:00.500 --> 06:04.500 And somehow, that also doesn't always work out well for people. 06:04.500 --> 06:06.500 So, also, stuff that can go wrong. 06:06.500 --> 06:08.500 Then, IPs can be on DNS mode, please. 06:08.500 --> 06:11.500 We check for that and we warn about it, expectation management. 06:11.500 --> 06:13.500 And I shoot, but we don't do that. 06:13.500 --> 06:15.500 That's more of a newly registered domain. 06:15.500 --> 06:18.500 Because if you get a new domain, you try to deliver something. 06:18.500 --> 06:21.500 There's a good chance that the receiving party has a bunch of checks. 06:21.500 --> 06:25.500 And one of these red flags for an incoming message is, like, is this from a newly registered domain. 06:25.500 --> 06:26.500 Because that's what's spammers do with this. 06:26.500 --> 06:29.500 The registered new domain, and it starts spamming. 06:29.500 --> 06:34.500 Now, again, I want to do some more expectation management of users. 06:34.500 --> 06:39.500 Watch out, this can work, but you may run into some problems at first. 06:39.500 --> 06:43.500 Then, some plans for making this easier. 06:43.500 --> 06:45.500 So, currently, we have this mocks quick start. 06:45.500 --> 06:49.500 It does a bunch of checks, and it prints what's wrong, and it tells you how to fix it. 06:49.500 --> 06:52.500 But then, there's no easy way to run the checks again. 06:52.500 --> 06:55.500 So, people think they fix it, but somehow they're not working yet. 06:55.500 --> 06:56.500 They continue with the setup. 06:56.500 --> 07:00.500 They try delivering, and they're getting to weird error messages that they don't understand. 07:00.500 --> 07:04.500 So, I want to do a bit more hand-holding with a step-by-step guidance setup. 07:04.500 --> 07:10.500 Just to, like, if you go to some cloud-based application, 07:10.500 --> 07:12.500 you get taken into this flow. 07:13.500 --> 07:16.500 Step one, step two, we want to get all the green check marks. 07:16.500 --> 07:20.500 I want to add some things that you can recheck, that it's currently working, 07:20.500 --> 07:23.500 like, after you fix stuff, so that after all these steps, 07:23.500 --> 07:28.500 you are pretty much guaranteed to not see any issues anymore. 07:28.500 --> 07:33.500 I have some ideas for deliverability things, because deliverability is a big issue. 07:33.500 --> 07:37.500 If you want to run your own mail server, then you have to get the other side to accept your email, 07:37.500 --> 07:40.500 and sometimes they are giving you a hard time, 07:40.500 --> 07:43.500 and sometimes they give you, sometimes they give you helpful error messages, 07:43.500 --> 07:45.500 but sometimes they don't. 07:45.500 --> 07:48.500 Or they get you some kind of cryptic code. 07:48.500 --> 07:52.500 There are a few parties that are doing course in quite a bit of pain, 07:52.500 --> 07:56.500 and I think we can maybe detect when deliverance 07:56.500 --> 07:59.500 feel that the delivery attempts with two-dose hosts, 07:59.500 --> 08:03.500 and then we can tell the admin, like, this is a known thing. 08:03.500 --> 08:06.500 This is how you work around it, or this is what you can do. 08:06.500 --> 08:09.500 So just again, to help the users set up the system, 08:09.500 --> 08:12.500 and that they don't get the feeling that this is also very complicated, 08:12.500 --> 08:14.500 and that they can do it themselves. 08:14.500 --> 08:18.500 So this is why I don't have anyone's doing this, or it is a good idea, 08:18.500 --> 08:21.500 but I think it can maybe in theory work. 08:21.500 --> 08:23.500 So if you know of any of these patterns, or bad parties, 08:23.500 --> 08:26.500 and talk to me, and then you can make a list of those, 08:26.500 --> 08:29.500 and I can build it into mocks, and then the postmaster can get a messaging, 08:29.500 --> 08:32.500 this is going on, fix it like this. 08:32.500 --> 08:35.500 Then I also want to do one click upgrade, just to make it even a little bit easier. 08:35.500 --> 08:39.500 Now, if you want to update mocks, you download the binary, and you restart it, 08:39.500 --> 08:41.500 so it's not that complicated. 08:41.500 --> 08:44.500 But sometimes I tell the users you have to run this commands, 08:44.500 --> 08:47.500 because you want to reparsh or the messages, the message parser has changed. 08:47.500 --> 08:49.500 This is annoying, of course. 08:49.500 --> 08:51.500 I forget too many of those emails. 08:51.500 --> 08:54.500 I don't want to upgrade again, but if you just make it all automatic, 08:54.500 --> 08:58.500 just download the binary, make it back up first, you know, restart it 08:58.500 --> 09:01.500 without any downtime, that would be a nice addition. 09:02.500 --> 09:05.500 And then automatically you run those, you know, reparsh, and whatnot scripts, 09:05.500 --> 09:11.500 that again, lowers the burden on an admin to run their own mail server. 09:11.500 --> 09:16.500 Then I think I can also help with a few chores that are, you know, 09:16.500 --> 09:19.500 you could say, out of the scope for the mail server, because you can say, 09:19.500 --> 09:24.500 you are a system administrator, you run this software, and some stuff 09:24.500 --> 09:28.500 are the mail system, problem, but other stuff, you know, is your problem. 09:28.500 --> 09:31.500 But I think we can still help with that, for example, backups. 09:31.500 --> 09:36.500 So Mox currently has a way to make, well, there's a mox backup command, 09:36.500 --> 09:40.500 and it makes it backup of, it is a consistent snapshot of all the message files 09:40.500 --> 09:43.500 and all the database files that are needed, it puts them in a local directory. 09:43.500 --> 09:46.500 But then it tells the admin, there it is. 09:46.500 --> 09:49.500 Now you make sure it goes to some off-site place to make to keep it safe. 09:49.500 --> 09:53.500 And of course, you can tell the admin, but I can also help you, 09:53.500 --> 09:57.500 know, do what you're probably going to do anyway, which is write it to SAP 09:57.500 --> 09:59.500 or S3 in some remote location. 09:59.500 --> 10:03.500 So I can, you know, why not, why not ask some for some credentials, 10:03.500 --> 10:05.500 and write it away once a day. 10:05.500 --> 10:09.500 Just, you know, another chore that you don't have to do when you set up a new machine. 10:09.500 --> 10:13.500 Encryption of data addressed, so currently, all the files, all the message files, 10:13.500 --> 10:17.500 are unencrypted on disk, and also the, for example, TLS private keys, 10:17.500 --> 10:21.500 are unencrypted on disk, so I feel bad about it. 10:21.500 --> 10:25.500 And I want to at least encrypt all those things. 10:25.500 --> 10:29.500 You know, we need to figure out where to store the key and how to get to the machine, 10:29.500 --> 10:31.500 but at least it should not be on a block store, it's unencrypted, I think. 10:31.500 --> 10:35.500 So it should be the default, so I want to do that for files that should be too hard. 10:35.500 --> 10:39.500 And for database files, it will be complicated because the database layer doesn't allow me to, 10:39.500 --> 10:43.500 you know, get in there anyway, so there will be a longer term thing. 10:43.500 --> 10:47.500 So, another thing is alerting. 10:48.500 --> 10:53.500 If you set up a mox, now you've got, it exports prometi's metrics, 10:53.500 --> 10:57.500 but if you're a new admin, for example, that doesn't yet have a prometi's or an alert manager, 10:57.500 --> 10:59.500 you have to go off and install that. 10:59.500 --> 11:01.500 It's a whole new stack, it's a whole new problem. 11:01.500 --> 11:05.500 Well, mox already checks all these numbers, so mox can also just, you know, 11:05.500 --> 11:09.500 by default, send you emails maybe even something is wrong. 11:09.500 --> 11:13.500 And of course, you're still at the choice to set up prometi's and bottom of the scraping, 11:13.500 --> 11:16.500 but it's, once you don't necessarily have to do in the beginning. 11:16.500 --> 11:20.500 So, another chore, a roofed, and then creating DNS records. 11:20.500 --> 11:22.500 That's this one thing we maybe can also automate. 11:22.500 --> 11:27.500 If you set up a new domain, every domain needs about 15 DNS records. 11:27.500 --> 11:30.500 If you want to have the fully configured set up, it's a bit annoying. 11:30.500 --> 11:34.500 Especially if you have one of those DNS web operator web interfaces, 11:34.500 --> 11:38.500 where you have to copy paste first, the record name, then select a type, 11:38.500 --> 11:42.500 and then scoppy paste value, and then do that 15 times, it's a bit annoying. 11:42.500 --> 11:47.500 So, that's part of the why, but that's only, for the domain set up. 11:47.500 --> 11:51.500 Later on, you may want to make changes to your configuration. 11:51.500 --> 11:54.500 And it would be nice if you do that with one click. 11:54.500 --> 11:59.500 For example, you know, with acne to get de-lasticificates, 11:59.500 --> 12:01.500 I would configure a lot of some clips, and that would be, 12:01.500 --> 12:05.500 but default, but would be nice if you could just show a button, 12:05.500 --> 12:09.500 that enables account binding in the CAA record. 12:09.500 --> 12:14.500 So, only your machine can get certificates for your domain. 12:14.500 --> 12:20.500 So, I can of course ask people to go to the DNS web operator and change some DNS settings, 12:20.500 --> 12:23.500 but it would be nice if it's just one click. 12:23.500 --> 12:31.500 More important for me is to make these automatic DNS changes as a continual operational thing. 12:31.500 --> 12:37.500 So, you can already, I can already ask people to make some changes 12:37.500 --> 12:41.500 if they're necessary, and go into examples of why this would be necessary in a moment. 12:41.500 --> 12:46.500 But if you want to do that, you have to be really careful with your DNS propagation. 12:46.500 --> 12:50.500 And oftentimes, you have to make a DNS change, and a wait for a bit, 12:50.500 --> 12:53.500 and make a configuration change, and a wait for a bit more, and you have to do it in the right order. 12:53.500 --> 12:55.500 You know, don't forget about it. 12:55.500 --> 12:58.500 And practice, this is annoying so people don't do it. 12:58.500 --> 13:02.500 Or, in practice, people make mistakes, and it certainly breaks their email. 13:02.500 --> 13:05.500 And of course, this is one of the reasons that people don't do it, 13:05.500 --> 13:07.500 because they don't want to break their email. 13:07.500 --> 13:10.500 But the computers can do this automatically, pretty good. 13:10.500 --> 13:13.500 They're pretty good at timing, and doing stuff at the right time. 13:13.500 --> 13:20.500 So, for one example of why you would need this, is with Dane, for your key rotations. 13:20.500 --> 13:26.500 So, Dane is a way to do decentralized telesterification, 13:26.500 --> 13:31.500 so you don't need that single CA centralized party to verify your TLS connections, 13:31.500 --> 13:38.500 but you put the public fingerprints of the public keys of your TLS keys in DNS. 13:38.500 --> 13:41.500 Now, sometimes you want to rotate those things. 13:41.500 --> 13:46.500 If you want to rotate it, you want to use a new private key. 13:46.500 --> 13:50.500 You have to first make sure that the new public keys fingerprints are in DNS, 13:50.500 --> 13:51.500 as well as the old ones. 13:51.500 --> 13:56.500 Then wait for the DNS propagation, so that everyone will have the new keys. 13:56.500 --> 14:03.500 So, the old record with only the single old key is faced out in the new record that everyone sees, 14:03.500 --> 14:06.500 as both keys, and then you can start using your new key, 14:06.500 --> 14:09.500 and then you can remove the old public key from the DNS. 14:09.500 --> 14:12.500 So, those are two steps you have to do in the right order. 14:12.500 --> 14:18.500 This is pretty strictly if you get this wrong, your meal breaks, your deliverability breaks. 14:18.500 --> 14:20.500 So, in practice, this is not happening. 14:20.500 --> 14:26.500 And this is what, with MOOCs, you get Dane, but there's no key rotation, private key rotation. 14:26.500 --> 14:28.500 And I feel bad about it, so I want to fix it, 14:28.500 --> 14:32.500 but I don't want to ask admins to make many old DNS record changes. 14:32.500 --> 14:34.500 Another one is D-kin key rotation. 14:34.500 --> 14:41.500 So, you can, for D-kin, for signing that the emails coming from your domain, 14:41.500 --> 14:46.500 you can play the new key, you can publish it in DNS, the public key, 14:46.500 --> 14:50.500 you can publish it in DNS, but you have to wait for the publication of DNS, 14:50.500 --> 14:53.500 because they have a negative lookup results in caches. 14:53.500 --> 14:57.500 So, if you start using that key immediately, stuff will break. 14:57.500 --> 15:00.500 You have to first generate it, publish it, wait for the publication, then start using it. 15:00.500 --> 15:04.500 And then you think, I can remove the old key, but you cannot do that yet, 15:04.500 --> 15:07.500 because you have to wait for all the email that it's still out there in transit, 15:07.500 --> 15:12.500 because they still want to be able to verify that that message is not correctly signed. 15:12.500 --> 15:15.500 You have to wait maybe a week or two week before you remove the old key. 15:15.500 --> 15:19.500 So, if you forget and you have this old bunch of configurations stuff laying around. 15:19.500 --> 15:22.500 But of course, we can do it automatically. 15:22.500 --> 15:26.500 Same goes for NTA-STS policies, when you set up a new system, 15:26.500 --> 15:31.500 you essentially want to start with show short lifetimes of these policies, 15:31.500 --> 15:33.500 and then when it's stable, ramp them up. 15:33.500 --> 15:38.500 You immediately ramp up to the secure, recommend it, a default of, 15:38.500 --> 15:43.500 I think, cachability in weeks, because if you make a mistake in the beginning, 15:43.500 --> 15:45.500 you will suffer the consequences for a while. 15:45.500 --> 15:50.500 So, you want to stay short, but you want to increase the lifetimes automatically after a while. 15:50.500 --> 15:54.500 At least, I want to do it automatically, because if you ask people to do it manually, 15:54.500 --> 15:56.500 it's a lot of work, and they don't want to do it. 15:56.500 --> 16:00.500 So, now this is the why I think it's useful, and now the how. 16:00.500 --> 16:01.500 And there's good news. 16:01.500 --> 16:03.500 We've got this thing called DNS update. 16:03.500 --> 16:07.500 You can see from the RC number that is very old, so it should be stable. 16:07.500 --> 16:10.500 You can all do it, that's great. 16:11.500 --> 16:16.500 I just need a little bit more, because DNS update is a very simple thing for asking a DNS server to do, 16:16.500 --> 16:20.500 and a record or remove a record, but they also want to read all the current records. 16:20.500 --> 16:25.500 Because I want to know about the DNS propagation, I don't need to calculate what's the state of DNS. 16:25.500 --> 16:31.500 So, there's a thing for that as well, and it's called zone transfers, AXFR. 16:31.500 --> 16:37.500 So, there exists, we can use it, also want to be notified, a synchronously of changes to the zone, 16:37.500 --> 16:41.500 that's DNS notify, so it's pretty good, did it go. 16:41.500 --> 16:45.500 But now of course not, that's bad news. 16:45.500 --> 16:49.500 Many people have their DNS hosted at some cloud provider, 16:49.500 --> 16:55.500 and they don't offer this DNS update zone transfer and notify protocols. 16:55.500 --> 16:58.500 So, now the nice plan goes out of the window. 16:58.500 --> 17:02.500 They do have, on the other hand, custom APIs. 17:02.500 --> 17:06.500 Every DNS operator is making up their own API. 17:06.500 --> 17:11.500 They're not very complicated, sometimes they're simple, there's JSON HTTP with an authentication token, 17:11.500 --> 17:14.500 so that's pretty easy, but there's still a whole bunch of them. 17:14.500 --> 17:19.500 But there's also a bigger SDK, so you have to, like a big cloud provider has many things, 17:19.500 --> 17:21.500 and they have a big SDK that you can use. 17:21.500 --> 17:25.500 So, I want to link all that stuff in the moops binary. 17:25.500 --> 17:28.500 It's too much churn, too much code. 17:28.500 --> 17:33.500 By the way, if you have your own binds or not, or something you do have access to these. 17:33.500 --> 17:37.500 So, I think I've very limited set of people. 17:37.500 --> 17:43.500 So, I want to have this solution work for people, and not only for myself, but also for other people. 17:43.500 --> 17:46.500 So, I think we need a better solution of this. 17:46.500 --> 17:52.500 So, by the way, if you are one of the cloud providers, you know, consider doing something standard. 17:52.500 --> 17:58.500 Having all these custom APIs with silly, it doesn't skill. 17:58.500 --> 18:03.500 So, Christmas, I can't be the first one to have this problem, right? 18:03.500 --> 18:06.500 Someone else has solved this for me. 18:06.500 --> 18:07.500 So, what did I do? 18:07.500 --> 18:10.500 Well, the most common solution is, of course, to say, no, we're not doing this. 18:10.500 --> 18:11.500 You know, we're not helping you. 18:11.500 --> 18:12.500 It's your problem. 18:12.500 --> 18:13.500 Yeah. 18:13.500 --> 18:16.500 So, yeah, yeah, yeah, maybe. 18:16.500 --> 18:17.500 Yeah. 18:17.500 --> 18:19.500 So, that's all the solution. 18:19.500 --> 18:22.500 Now, let's encrypt and acne. 18:22.500 --> 18:26.500 We've got this acne challenge thing where you can use DNAs to verify or you know, 18:26.500 --> 18:28.500 you know, identify it, but otherwise, so you can get us a certificate. 18:28.500 --> 18:32.500 You can make it a C name to something that is more dynamic. 18:32.500 --> 18:37.500 So, just that thing, you know, you can make the put the challenge in the dynamic thing. 18:37.500 --> 18:42.500 So, that's good work, but for E-note, one work is if so many records that you have to change, 18:42.500 --> 18:45.500 and it doesn't work for some records of one work. 18:45.500 --> 18:47.500 So, I don't think that's an option. 18:47.500 --> 18:51.500 Other software has just implemented all these APIs, custom aggregates. 18:51.500 --> 18:52.500 Okay? 18:52.500 --> 18:54.500 I don't like, I don't like doing that. 18:54.500 --> 18:56.500 And there's something called domain connected. 18:56.500 --> 18:59.500 It's a few years old, it may be standardized. 18:59.500 --> 19:02.500 Long story short, I don't think it fits this bill. 19:02.500 --> 19:07.500 But, you know, it is aimed to solve a somewhat similar problem. 19:07.500 --> 19:12.500 But still, so the plan for me is to only implement the standard protocols. 19:12.500 --> 19:13.500 Yeah? 19:13.500 --> 19:15.500 That makes more sense to me. 19:15.500 --> 19:16.500 Yeah. 19:16.500 --> 19:19.500 So, in most then, when this is implemented, you know, 19:19.500 --> 19:22.500 when you add a domain, I ask for the name server and the credentials, 19:22.500 --> 19:24.500 and then we're good to go. 19:24.500 --> 19:30.500 And if you are as one of those custom clouds, API providers, 19:30.500 --> 19:32.500 I see a question already. 19:32.500 --> 19:33.500 Oh. 19:33.500 --> 19:41.500 If I familiar with Octadines, I know it is a project to automatically synchronize changes, 19:41.500 --> 19:43.500 I think, to cloud operators. 19:43.500 --> 19:44.500 Yeah. 19:44.500 --> 19:46.500 I've heard about it, yes. 19:46.500 --> 19:47.500 Yeah. 19:47.500 --> 19:51.500 So, my solution to this now is to ask people to install this separate tool 19:51.500 --> 19:55.500 that I wrote called Dines Clay, Clay for Clouds Gateway. 19:55.500 --> 19:57.500 And it worked like this. 19:57.500 --> 20:01.500 Dines Clay is, you know, receiving the Dines update and zone transfers 20:01.500 --> 20:03.500 and sending the Dines notify messages. 20:03.500 --> 20:06.500 So, it only has to speak with Dines Clay. 20:06.500 --> 20:09.500 And then, in Dines Clay, you will configure your provider. 20:09.500 --> 20:13.500 You know, one of the 60 currently, and your credentials, 20:13.500 --> 20:15.500 and it will translate between those. 20:15.500 --> 20:18.500 So, then, people say, I don't have my Dines update, 20:18.500 --> 20:20.500 then I can say, oh, you can still do it that way. 20:20.500 --> 20:23.500 It's not a great solution because people have to install separate tool, 20:23.500 --> 20:25.500 so I have to make it easy to install as well. 20:25.500 --> 20:29.500 But at least, I'm not complicating mocks too much with this, with this stuff. 20:29.500 --> 20:32.500 And maybe other open source projects that have this problem. 20:32.500 --> 20:35.500 Also, I have to link in all those providers and the configuration 20:35.500 --> 20:38.500 and all the nonsense that can just use this standard approach. 20:38.500 --> 20:40.500 So, that's my hope. 20:40.500 --> 20:43.500 And I think it will keep all the complexity and pain of these ghost bodies, 20:43.500 --> 20:46.500 Dines providers out of mocks. 20:47.500 --> 20:50.500 So, this is a screenshot of adding a new domain in your zone. 20:50.500 --> 20:55.500 You can select one of these 60 operators. 20:55.500 --> 20:59.500 And you provide it with whatever they need. 20:59.500 --> 21:01.500 This is input fields. 21:01.500 --> 21:06.500 So, I didn't implement all this stuff myself. 21:06.500 --> 21:09.500 I'm using the LipDines Project. 21:09.500 --> 21:14.500 LipDines is a project started by the Kelly Webster for Project, 21:14.500 --> 21:19.500 which are known for doing automatic T-lessative goods with that thing clicked. 21:19.500 --> 21:20.500 And they had this problem as well. 21:20.500 --> 21:25.500 And they made community provided libraries to talk to all these providers. 21:25.500 --> 21:26.500 So, I'm just using that. 21:26.500 --> 21:30.500 And I didn't implement any of these background things, 21:30.500 --> 21:32.500 but you can still benefit from it. 21:32.500 --> 21:39.500 So, concluding plans for this year to make it easier to run your mail server 21:39.500 --> 21:42.500 and set it up and maintain it. 21:42.500 --> 21:45.500 And finally, I want to thank all users of mocks. 21:45.500 --> 21:47.500 Are there any users of mocks today here? 21:47.500 --> 21:48.500 Yes. 21:48.500 --> 21:49.500 Yes. 21:49.500 --> 21:51.500 Thank you. 21:51.500 --> 21:54.500 So, thanks for providing feedback, code, and keep it coming. 21:54.500 --> 21:59.500 And to an L net and the NGI and the U for funding some work on mocks. 21:59.500 --> 22:01.500 So, that's it. 22:01.500 --> 22:02.500 Thank you for your attention. 22:02.500 --> 22:03.500 Thank you. 22:03.500 --> 22:04.500 Thank you. 22:04.500 --> 22:05.500 Thank you. 22:05.500 --> 22:06.500 Thank you. 22:06.500 --> 22:07.500 Thank you. 22:07.500 --> 22:08.500 Thank you. 22:08.500 --> 22:09.500 Thank you. 22:09.500 --> 22:13.500 Before we start questions, I'm very quick to make help to read a read a read piece. 22:13.500 --> 22:14.500 Yeah. 22:14.500 --> 22:15.500 Yeah. 22:15.500 --> 22:17.500 Not just for the audience, but also for the audio. 22:17.500 --> 22:18.500 Yeah. 22:18.500 --> 22:19.500 Audio because. 22:19.500 --> 22:20.500 I will try it. 22:20.500 --> 22:21.500 But remind me. 22:21.500 --> 22:22.500 If I forget. 22:22.500 --> 22:24.500 So, I saw already. 22:24.500 --> 22:25.500 One. 22:25.500 --> 22:26.500 Okay. 22:26.500 --> 22:31.500 So many people here already have their own mail server. 22:31.500 --> 22:42.500 How can mocks help people move from whatever they have now to mocks? 22:42.500 --> 22:43.500 Yeah. 22:43.500 --> 22:44.500 Yeah. 22:44.500 --> 22:45.500 Yeah. 22:45.500 --> 22:47.500 So, I'm sure there's professional services around that. 22:47.500 --> 22:50.500 So, your big part here can go to come to them. 22:50.500 --> 22:52.500 But now, that's a good question. 22:52.500 --> 22:55.500 I would like to help with that. 22:55.500 --> 22:59.500 And I think the normal. 23:00.500 --> 23:02.500 So, what I want to do. 23:02.500 --> 23:04.500 But this is maybe a little bit later the future. 23:04.500 --> 23:06.500 If you migrate to the main. 23:06.500 --> 23:08.500 If you want to move to the main to mocks. 23:08.500 --> 23:12.500 That there's also a sort of guided step by step thing that says, oh, I detect that you've 23:12.500 --> 23:14.500 currently are a disoperator. 23:14.500 --> 23:15.500 You want to be here. 23:15.500 --> 23:17.500 So, you need to make these the nest changes. 23:17.500 --> 23:18.500 And also to help you. 23:18.500 --> 23:20.500 I'm at sync your data. 23:20.500 --> 23:23.500 Because I think that's what people most need. 23:23.500 --> 23:26.500 I assume that much was going to be the main answer. 23:26.500 --> 23:27.500 Yeah. 23:27.500 --> 23:28.500 Yeah. 23:28.500 --> 23:32.500 I also want to really make it easy so that you could do all the steps in the right order. 23:32.500 --> 23:33.500 And not lose any email. 23:33.500 --> 23:35.500 I'm not break anything in the way. 23:35.500 --> 23:38.500 But I think it's definitely the main part. 23:38.500 --> 23:39.500 It's missing. 23:39.500 --> 23:41.500 But that's already, I'm applying the mocks. 23:41.500 --> 23:42.500 So, we have. 23:42.500 --> 23:45.500 It just needs, just need a little bit more time to implement. 23:53.500 --> 23:55.500 If I'm aware of the DNS control project. 23:55.500 --> 23:56.500 And I'm not sure about it. 23:56.500 --> 24:00.500 It's a similar thing like the DNS that you can specify what your DNS settings need 24:00.500 --> 24:01.500 to be and that you can sync it to. 24:01.500 --> 24:02.500 Yes. 24:02.500 --> 24:05.500 But you think that JavaScript doesn't deserve or less. 24:05.500 --> 24:07.500 Do you use JavaScript as a? 24:07.500 --> 24:08.500 Yes. 24:08.500 --> 24:09.500 Okay. 24:09.500 --> 24:10.500 Yeah. 24:10.500 --> 24:14.500 I've looked at a few of those projects and I decided it's not going automatic enough for me. 24:14.500 --> 24:18.500 But maybe I should check some of those solutions again. 24:18.500 --> 24:21.500 It will be a lot of work to implement this. 24:22.500 --> 24:24.500 More of a question regarding the structure. 24:24.500 --> 24:27.500 Why did you decide to bundle everything together in the moment? 24:27.500 --> 24:31.500 Because first you have the S&PPI map and everything on the way of mail clear. 24:31.500 --> 24:34.500 It does actually chunking it out into separate projects. 24:34.500 --> 24:36.500 Why do you think that's better? 24:36.500 --> 24:40.500 And also why did you use already existing libraries for free? 24:40.500 --> 24:41.500 Why? 24:41.500 --> 24:42.500 Why? 24:42.500 --> 24:43.500 That's not the case. 24:43.500 --> 24:44.500 So you're most of your self. 24:44.500 --> 24:46.500 I'm curious about your choice. 24:46.500 --> 24:47.500 Yeah. 24:47.500 --> 24:49.500 So the question is why did I put that? 24:49.500 --> 24:52.500 Like all the protocols and so on in one binary in one application. 24:52.500 --> 24:57.500 And not keep it separate or reuse and reuse more of other existing applications. 24:57.500 --> 25:06.500 So what I don't like is when you have to mesh together a lot of components together working system. 25:06.500 --> 25:10.500 And so that's why this is one big system. 25:10.500 --> 25:13.500 Although I could still deliver one system in multiple components, maybe. 25:13.500 --> 25:17.500 Though I don't think I didn't see really much of the need for that. 25:17.500 --> 25:23.500 It's not much of an advantage in doing that because then your spits stuff that you try to put together why not put it together in the first place. 25:23.500 --> 25:29.500 There's also interactions between incoming S&P things and a mail store that normally in classic 25:29.500 --> 25:35.500 Milset apps you have the S&P thing and it can deliver to the mail store. 25:35.500 --> 25:37.500 But not no much more about that mail store. 25:37.500 --> 25:43.500 But it mocks the message classification of junk and on junk. 25:43.500 --> 25:50.500 They influence the S&P server and if they are going to reject, if the S&P server is going to reject the message in a certain way. 25:50.500 --> 25:55.500 So I think as advantage to having this all of this in one server that has access to all the S&P server. 25:55.500 --> 25:58.500 Yes, it's mostly like for personal use. 25:58.500 --> 26:04.500 Well, small use cases but I would say companies of 100 users could also easily use this. 26:04.500 --> 26:07.500 I mean accept that the webmills a bit Spartan maybe. 26:07.500 --> 26:12.500 So I don't think I think it currently appeals mostly to technical audience. 26:12.500 --> 26:17.500 But I think if I touch up the UI and it may make it look a bit more like people expected to. 26:17.500 --> 26:19.500 And it would work just as well. 26:19.500 --> 26:20.500 But this is not meant. 26:20.500 --> 26:28.500 It's not meant to be like a super scaling ISP that sense like 10,000 messages a second or something. 26:28.500 --> 26:29.500 There's not all the audience. 26:29.500 --> 26:34.500 I want people to run around Milset first and that's the, that's one goal. 26:34.500 --> 26:36.500 We have one for the back of it. 26:36.500 --> 26:38.500 As you already have the key to do in anything. 26:38.500 --> 26:45.500 When it's just that it's in a server also. 26:45.500 --> 26:48.500 Yeah, so the question is why don't it add just add a DNS server to mox instead. 26:48.500 --> 26:51.500 Yeah, it's very tempting. 26:51.500 --> 27:07.500 It's a bit more complicated than I want to take on at this moment. 27:07.500 --> 27:11.500 Because yeah, I'm not going to do a non-DNS server of course. 27:11.500 --> 27:15.500 Because I have my standard. 27:15.500 --> 27:18.500 But yeah, true. 27:18.500 --> 27:23.500 Yeah, it's a very appealing option. 27:23.500 --> 27:25.500 Everything might seem there. 27:25.500 --> 27:28.500 Yeah, it might seem there. 27:28.500 --> 27:30.500 Yeah. 27:37.500 --> 27:39.500 Thank you.