google mail everywhere ‘sigh’ an european commision problem – lol

I like email servers but notice that everybody appears to rely on google. Sure they have a url like brainylondonzooapes.tld and also a gmail address rather than use brainylondonzooapes.tld.  Oh well.

Newspapers** also use google for email so it is not unthinkable that if you bring down google then email would be in a very sorry state.   It is kind of ironic that the European union thinks anybody with a gmail account is a sock puppet. for google   Its a shame they have not heard of the zebras (my blog*)

Cloud email has its dangers for instance australian traffic can be forced to be decrypted something our msm comrades don’t seem to mind about after all nobody spies on the journalists do they.

I know why i use google since if used my isp’s email if i leave it is a barrier to entry thus defeating competition strategy in economics ,  I am quite sure any criticism of the eu (my blog) would mean they could soon also call my email domain here in the zoo  and isp email a sock puppet too.

Apparently email must have a country code in (my blog) and how dare you use an non eu domain to email the european union.   I knew it i must be an employee of an american internet giant****

european parliament retard

I know why europe is not an internet powerhouse the politicians hate it. Yes there are isps but google is american.  I mean how dare the eu allow nokia to be sold to the american’s and force us to use android or that cult of religion phones.

Its rather odd also that no decent email service is designed  and operated in the eu too.

All mobile phone users must be sock puppets as well on that eu logic.  Mind you us plebs not in control must be idiots by not using an eu made phone and operating system***.

How dare you criticise the eu i mean you must be a idiot (not here)

but had become mindless zombies hypnotized by an insidious Google campaign

*which was suspended **newspaper firms hate google.  *** do not exist *** it must be true, it has to be true.

Retard ahoy at

yes this genius was seen in the mail logs

77 Domain not found   

domain.tld Oh well i am sure that works in retard land.  Looks like a virus thing if i showed you the from address which I munged.   No email made it into the zoo.

Clueless retards can make your day I grade them a+ for retardedness.

Moving tlds is fun

Setting up is easy*, moving is a challenge (my blog) if you use email, gradually i have reduced mail services over a week but things like dmarc can screw things up  including caa records

Since i am retiring domains a week to gradually decommission is feasible after al if you use some domains as backup mail exchangers theres a few things to remove

I also gifted the registrar with a large expiry time on the zone files before expiry since they do not want us any more**  so caching will probably might be problem for some if they visited the zone

**not copyright related

.pw registry really is run by retards

Oh god help us and everybody else who tries to contact them (my blog)

Diagnostic-Code: smtp; 550-5.7.1 Unauthenticated email from is
not accepted due to 550-5.7.1 domain’s DMARC policy. Please contact the
administrator of 550-5.7.1 x domain if this was a legitimate
mail. Please visit 550-5.7.1 …

They try and spoof email from yourself.  No joy there but wtf.

I reported a fraudster on .pw to them clearly these people are mentally retarded and should not be running even a website.


losing the plot with firefox and tls

I was doing some experimenting with mta-sts (my blog) which required a webserver and new hosts.  None of which worked in firefox until i had tls  per host.

After swearing a lot, i even considered a server reboot but a hard restart of the web server eventually got me a site that worked  as  expected even if firefox kept refusing to serve the site.

The thing about mta-sts is it serves one file and firefox can read it it does the user no real point in visiting such a site unless your experimenting like i was.

Once the first was done the other three zoo domains got mta-sts.


mta-sts protocol tlsa record issues – mia

Sisyphus is still a role model

In this (my blog) i set it and eventually  i renewed the certificates recently, since i do tlsa records (my blog) i realised that mta-sts.zoo domain had no tlsa record.

The mail servers and real website had them but not this new thing.  An interesting situation.

So i generated a hash, installed it, restarted and tried to verify it but the tests on the web did not isolate the host on the ip that also does zoo1 to to zoo4 mta-sts sites via hostname name resolution.

It picked up my correct record in the zone file so another bad test (my blog) it seems.   It seems the mta-sts protocol does not want a tlsa hash anyhow so not important apparently.

Oh well.

dns cookies is my next fun adventure

edns cookies are a thing and my next adventure – it will be a compile or a package if ready by February 2019.

I only need one server to make ready here in the zoo but i think it might be more technical.

The documentation i have read seems to be written by somebody who has the new version and explains how it works with an existing feature but says little expect for hints .

It is a way off and will have to take there word for all this.   Since dns is deemed an archaic thing by many i somehow doubt that i will be the only one with bad dns.

Having managed to get source packages and changed certain files

BIND 9.10.3-P4

built by make with ‘–prefix=/usr’ ‘–mandir=/usr/share/man’ ‘–libdir=/usr/lib/arm-linux-gnueabihf’ ‘–infodir=/usr/share/info’ ‘–sysconfdir=/etc/bind’ ‘–with-python=python3’ ‘–localstatedir=/’ ‘–enable-threads’ ‘–enable-largefile’ ‘–with-libtool’ ‘–enable-shared’ ‘–enable-static’ ‘–with-gost=no’ ‘–with-openssl=/usr’ ‘–with-gssapi=/usr’ ‘–with-gnu-ld’ ‘–with-geoip=/usr’ ‘–with-atf=no’ ‘–enable-ipv6’ ‘–enable-rrl’ ‘–enable-filter-aaaa’ ‘–enable-native-pkcs11’ ‘–with-pkcs11=/usr/lib/arm-linux-gnueabihf/softhsm/’ ‘–with-randomdev=/dev/urandom’ –enable-sit‘ ‘CFLAGS=-g -O2 -fdebug-prefix-map=/x/bind9-9.10.3.dfsg.P4=. -fstack-protector-strong -Wformat -Werror=format-security -fno-strict-aliasing -fno-delete-null-pointer-checks -DNO_VERSION_DATE -DDIG_SIGCHASE’ ‘LDFLAGS=-Wl,-z,relro -Wl,-z,now’ ‘CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2’

It still did not work with

/etc/bind/named.conf.options:3: unknown option ‘cookie…secret

so it looks as if bind 9.11 is the only option as the compile took forever on slow hardware.   Oh well another bug in the documentation as i cannot seem to do it that way.

So that package manipulation was a bust.  So i think i wait.