Shdwdrgn

I've spent the past day working on my newest Poweredge R620 acquisition, and trying to nail down what things I can do without checking. Google has shown me that everyone seems to be having similar issues regardless of brand or model. Gone are the days when a rack server could be fully booted in 90 seconds. A big part of my frustration has been when the USB memory sticks are inserted to get firmware updated before I put this machine in production, easily driving times up to 15-20 minutes just to get to the point where I find out if I have the right combination of BIOS/EUFI boot parameters for each individual drive image.

I currently have this machine down to 6:15 before it starts booting the OS, and a good deal of that time is spent sitting here watching it at the beginning, where it says it's testing memory but in fact hasn't actually started that process yet. It's a mystery what exactly it's even doing.

At this point I've turned off the lifecycle controller scanning for new hardware, no boot processes on the internal SATA or PCI ports, or from the NICs, memory testing disabled... and I've run out of leads. I don't really see anything else available to turn off sensors and such. I mean it's going to be a fixed server running a bunch of VMs so there's no need for additional cards although some day I may increase the RAM, so I don't really need it to scan for future changes at every boot.

Anyway, this all got me thinking... it might be fun to compare notes and see what others have done to improve their boot times, especially if you're also balancing your power usage (since I've read that allowing full CPU power during POST can have a small effect on the time). I'm sure different brands will have different specific techniques, but maybe there's some common areas we can all take advantage of? And sure, ideally our machines would never need to reboot, but many people run machines at home only while being used and deal with this issue daily, or want to get back online as quickly as possible after a power outage, so anything helps...

I have a self-hosted matrix-synapse server up and running on a Debian linux server, but before I open it up I want to at least get a captcha service in place to reduce spamming. The only module I've seen to handle this function appears to require setting up a Google recaptcha though, however I would prefer to keep all of this entirely self-contained for the privacy of my users. Can anyone recommend a module that allows for a local captcha option? For that matter, can anyone also recommend a captcha system that is pretty straightforward to set up (which is compatible with matrix-synapse) and uses basic preinstalled code bases like perl or python?

And while I'm here, I would also like to provide the option of registering with an email address, but I'm having trouble finding any clear how-to pages on this. Seems like that function might be built directly in to matrix-synapse but I'm just not finding anything helpful. Any suggestions?

I'm fairly new to matrix in general, but I have an initial setup running with the homeserver, Element web page, and an IRC bridge, so if I can just nail down the validation part of registrations I'll have what I think is a good starting point to launch from.

I run my own email server, and a friend received a compromised laptop from work which resulted in a spam attack from Russia yesterday. Turtle settings saved the days with thousands of emails still in the queue when I saw the problem, however it made me realize that everyone with accounts on my server are local, do not travel, and have no requirement to send emails from outside the country.

I found how to use the smtpd_discard_ehlo_keyword_address_maps setting in postfix to block a CIDR list of IPs, then found a maintained list of IPs by country codes on github. Cool so far, and a script to keep my local list updated was easy enough.

Now the question is, what countries should I be blocking? There are plenty of lists of the top hacking sources, but it's hard to block #2 (the US) when that's where I am located. But otherwise, does anyone have a list of countries they outright block from logging on to their servers? From the above google searches I have 17 countries blocked so far, and in the first 30 minutes already stopped login attempts from three of those countries, so it appears to be working.

Of course I could write a script to parse my logs to see who has already made attempts, but that's what services like fail2ban are for, and I'm just wondering if there are any countries in particular I should directly block? My list so far includes the following: ae bg br cn de hk id in ir iq il kp ng ru sa th vn

The question itself may not be that interesting, but I thought at the very least some folks might be interested in my experience and think about doing something similar themselves. I can post more details of what I did if there is any interest.

I have Openfire set up with the monitoring service plugin which we have been using with Pidgin on the desktop. One of the things I've noticed is that when I sign in to another computer on the same account, I do not get a history of recent messages (which I thought the monitoring plugin was supposed to provide).

The other thing that doesn't seem to be working right is when I am logged in to two computers simultaneously (using the same account). I expect to see chat messages showing up on BOTH devices so I can go between machines, which again is something I thought the monitoring plug was supposed to provide.

The settings I believe are related are under "Offline messages" which I have set to always store, and retain for up to 30 days. Should I bee looking for anything else?

I have been using Pidgin with XMPP on Google for years, so I know both the XMPP protocol and the Pidgin client are capable of handling this functionality. I've been digging around trying to find a solution, and see a lot of things claiming Pidgin is the culprit here, but those messages are a decade old. I can't seem to find any information on the subject for Openfire newer than about 2016.

I'm hoping there's a setting I need to change or another plugin I need to add to get both of these features working on my server? I really love the software otherwise but this seems like a really basic function that should just work, and I am hoping someone can point me to whatever I'm missing.