Best posts made by Mike Davis

The client has their email hosted by Intermedia. Intermedia stopped accepting unauthenticated email on port 25. They had a fax server running HylaFax running on Gentoo. At first they were getting an error about not being able to connect. I checked with Intermedia and they changed servers, so I changed the target host from to point to east.EXCH083.serverdata.net instead of smtp15.msoutlookonline.net.

The new host requires authenication, so I followed this guide:
https://ubuntu-tutorials.com/2008/11/11/relaying-postfix-smtp-via-smtpgmailcom/

now in the maillog, I'm getting:

Dec 6 19:37:36 fax postfix/qmgr[5395]: A2CF5434A38: from=<fax@<domain>.com>, size=4466, nrcpt=1 (queue active)
Dec 6 19:37:37 fax postfix/smtp[8215]: A2CF5434A38: to=<user@<domain>.com>, orig_to=<FaxMaster>, relay=mail[xx.xx.52.35]:25,
delay=13170, delays=13169/0.01/0.25/0.1, dsn=4.7.1, status=deferred (host mail[xx.xx.52.35] said: 454 4.7.1 <user@<domain>.com>:
Relay access denied (in reply to RCPT TO command))

So that tells me that it's trying to connect on port 25, not 587 like I put in the file /etc/postfix/main.cf

Where do I go from here?

so follow this:
http://ageekandhisblog.com/how-to-fix-postfixsmtp-certificate-verification-failed-untrusted-issuer/

Ran:

update-ca-certificates 

and that updated the dates on all the files under /etc/ssl/certs

Then:

cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem | sudo tee -a /etc/postfix/cacert.pem
sudo /etc/init.d/postfix reload

I have to have them send a test fax through. Given that it's 2016 it might be a while before we can find someone with a fax service....

Odd thing with outlook is that you can email to users outside the domain, but a simple test email to yourself fails. so:
to: [email protected] from: [email protected] works, but
to: [email protected] from: [email protected] does not work
to: [email protected] AND [email protected] from: [email protected] - message gets sent outside, but not to me

I have a client that is thinking about a new phone system. They have therapists that would like a panic button on their phone that would ring a few phones in the front office if they push it. That's not an exact requirement, but the idea is that they are in their office with the door closed, and a client is starting to make them feel uncomfortable, so they press a button on their phone and someone from the front office can run to their office.

Does anyone have any clients with similar needs? Can you make any suggestions on how to handle something like that?

In this case, if the PBX had a similar feature implemented the way Nortel does it (with the beep) I think that would still be an option to consider.

At the end of the day, I'm going to be sitting across from a few people that run the office and I'd like to give them a few options for a system that we can do with our phone system that their current system can't do.

I would argue that it's possible that the MSP know more about business than internal IT. Think about it - the owner of the MSP knows tech and knows how to run a business because they are running one. The MSP also has the advantage of knowing what other companies are using and what's working and what's not. The internal guy has to work really hard to find that information out, but at the end of the day since the internal guy doesn't run a business, they may not know what the MSP owner does.

Another issue is that when people specialize, costs go down. The internal guy can never specialize because they have to be the jack of all trades. Just think of the time you invested learning about something like deploying a RDP server. The MSP has that same time investment once, but then can deploy it a number of times. That knowledge and experience saves time and money.

I have no need for IDE anymore. On my bench I have The StarTech USB 3.0 to 2.5/3.5in SATA Hard Drive Duplicator Docking Station - HDD / SSD

https://www.amazon.com/StarTech-com-3-5in-Duplicator-Docking-Station/dp/B00G6TG5YE/

It's great for pulling a drive out of a machine that may or may not boot to try to copy stuff off. I also use it a lot to copy HDD to SSD, or just cloning drives without having to use any software.

What's the concern? Man in the middle? If you're doing anything secure, there should be a secure tunnel anyways. Even if you are on "secure" wifi, someone else on the "secure wifi" can still see your traffic.

SSL is secure or it isn't. If it's not secure don't use it anywhere. Don't shop online, bank, etc. Along that note, what banking site is not using SSL? It would be crazy not to.

Unless the AP has device isolation on, checking the box for promiscuous mode in WireShark is pretty easy.

What difference does it make how many people are connected. Do you walk in to Starbucks and size up the geek level of people sitting there?

@FiyaFly said in Home Lab, Multiple Servers on Repurposed Hardware- Feasible?:

Sweet. The hardware I'm using is literally my old PC from 2011.

Make sure it has virtualization support and the NIC is supported. I've had to try to inject NIC drivers in to ESXi to get the NIC working in a desktop when I did something similar to what you're doing some years ago.

I now have a HP Proliant DL360 and DL160 sitting under my desk. The 360 has 32GB of RAM. I think I paid $125 for it and then picked up some 300GB SAS drives on ebay for $25 each. There are a couple of downsides, it's noisy and it's power hungry. I picked up a Belkin watt meter, and it would cost me $200 a year to keep it powered on. With that said, I generally do a build that lasts a few days to a week and shut it off when I'm not working on it.

I think you can get eval versions of VMware that will let you test versions without the restrictions of the free version. The problem is, you can't do much with that little RAM. I think the vSphere appliance takes up 4GB itself. You might not need the vSphere appliance to do what you're going to do.

You could test a bit with HyperV and Veeam. That would probably be the easiest thing to do with the hardware you have although it wouldn't take long to try to load ESXi on it and see if everything works.

If you are going to deploy the file by a computer group, you'll need to use the computer configuration side of GP. That trips up a lot of people.

My (3) Dell Equallogics are now one big backup target. I'm running a HP MSA with tiered storage now. When I put it in we were running VMware Horizon (View). That environment is gone and so is my need for crazy IOPS.

Next time around, it should be easy to convert to direct attached or a Scale system.

Found the magic checkbox. Under SIP settings, had to check the box for Enable consistent NAT. I did have to reboot the phone for the change to take effect.

When we checked the box for "Enable SIP Transformations" we got the one way audio thing. On the remote side. the phone would ring and ring and eventually go to voicemail. On the local side, the phone would ring, and he would answer, but couldn't hear anything.

@JaredBusch Where did you find that page?

It looks like someone will be sitting through a Meraki demo to see if it's free for the first 100. That client only has 20 company owned mobile devices, so that would work.

@IRJ said in old MSP wants to know what they did wrong:

As much as I want to see the issues, he probably shouldn't share a report even if information is redacted. Because if the company name somehow gets out, they can be hacked in about 10 seconds lol.

The ironic thing is that the owner was so concerned about security that he doesn't have any wifi in the place. -Good thing too, the guy probably would have secured it with WEP, if anything.

"new and improved" is an American cultural value. Products like "Coke Classic" being perceived as being good by most American consumers is the exception to the norm.

@Dashrender said in old MSP wants to know what they did wrong:

@scottalanmiller said in old MSP wants to know what they did wrong:

@travisdh1 finally someone who actually knows what a pizza box is in IT!

OK this begs for an explanation.

It was a nickname for the shape of it. I think SGI had a box nicknamed the toaster around that same time.