new user to myti99.com - links for Login and Create New User are not active for me

[nitrohepcat]

I'm getting started with my TIPI and would like to create a login to myti99.com

When I open the site on my modern computer, the links for Login and Create New User are not active.

Is this functionality still available? I'm using windows 11 and chrome browser. Same result with Firefox. Same result with Chromium on the Raspberry Pi.

See screenshot below

 

[Stuart]

That is @ElectricLab's site. Looks like it is not detecting the browser properly. He's not visiting AtariAge often at the moment.

[Gary from OPA]

4 minutes ago, Stuart said:

That is @ElectricLab's site. Looks like it is not detecting the browser properly. He's not visiting AtariAge often at the moment.

Most likely some things are blocked by today's versions of browsers since his scripts are running as http and that basically a nono now, you might have to try an older browser from 2022 before https was being enforced for scripts.

 

Funny thing if you do try accessing it via https://www.myti99.com you get a nice weird hexadecimal green matrix like screen instead.

[+arcadeshopper]

You have to sign in through the browser on your TI. Download the browser from Stewart's website

[Stuart]

4 hours ago, arcadeshopper said:

You have to sign in through the browser on your TI. Download the browser from Stewart's website

Yes you had to sign in on the TI browser, but didn't you have to use a PC browser to get your username and password set up to start with?

I'll see if I can contact Corey.

 

[+arcadeshopper]

11 hours ago, Stuart said:

Yes you had to sign in on the TI browser, but didn't you have to use a PC browser to get your username and password set up to start with?

I'll see if I can contact Corey.

 

pretty sure he changed it to be sign up on the ti.. 

 

I can get him on discord if needed

 

[ElectricLab]

I recently migrated myti99.com to a new server and had to make a ton of changes to the code. I didn't fully test new account registration - I'll take a peek.

As for http v. https, I do see I have a misconfiguration if you try to use https. I'll go ahead and get a free cert from LetsEncrypt for that site too.

[ElectricLab]

Ok, account registration now works. I had a few more tweaks to make it work. Since the TI browser can't afford to waste precious bytes to properly handle 301 Redirects, we decided to support just 'myti99.com', without the www, since itt simplified the back-end code a lot.

I just added certs to both sites (with and without www) and then had to modify the Apache server config to not force a forward in pages served on non-secure port 80. The automated certbot tool did that and was causing Stuart's browser to just display the redirect directive on the screen. Anyway, it's all working now, and I just tested account creation. I'll be testing out the rest of the stuff tonight.

Thanks for letting me know about the problem and let me know if anything else is broken.

Edited March 16 by ElectricLab
clarity

[+9640News]

Can you check to see if the email portion of the website is actually sending and receiving email?  I had issues in the past with the Geneve MDOS conversion of Stuart's browser.

[ElectricLab]

On 3/16/2024 at 7:46 AM, 9640News said:

Can you check to see if the email portion of the website is actually sending and receiving email?  I had issues in the past with the Geneve MDOS conversion of Stuart's browser.

I will look, but it will take me some time/effort to get a proper mail server up and running on the new host. It's easy to set up, but the hard part is complying with all the craziness, such as SPF, DKIM, and DMARC. I have run email servers on Linux since the late 1900s, way back before spammers ruined the scene. Every time I get all the details of running a compatible SMTP sorted out, something is changed or added It's really tough to get all of this working these days, but I'm going to give it a try.

[Gary from OPA]

8 hours ago, ElectricLab said:

I will look, but it will take me some time/effort to get a proper mail server up and running on the new host. It's easy to set up, but the hard part is complying with all the craziness, such as SPF, DKIM, and DMARC. I have run email servers on Linux since the late 1900s, way back before spammers ruined the scene. Every time I get all the details of running a compatible SMTP sorted out, something is changed or added It's really tough to get all of this working these days, but I'm going to give it a try.

I know the feeling, I recently gave up on my Linux box to get emails working right and just setup a redirect of domain email to my Gmail.

[+OLD CS1]

On 3/20/2024 at 2:05 PM, ElectricLab said:

It's easy to set up, but the hard part is complying with all the craziness, such as SPF, DKIM, and DMARC.

Not at all.  SPF and DMARC are exceptionally easy (simple DNS records,) and the DKIM tools available these days versus milter_dkim, &c, make things easy.  That said, you are only required to have DKIM if you are a "mass mailer," which right now is considered 5,000 messages a day.  I have all three configured for all of my hosted domains, with zero issues.

 

All that said, I will say I think the promise of SPF, DMARC, and DKIM being panaceas for preventing spam, phishing, and hoaxes is absolute bullshit.  And I mean a deep, steaming, sinus-wrenching pile of it.  I cannot tell you how much malicious email I see come through my mail servers with valid SPF and DMARC records and DKIM signed.  The only protection any of this really offers, and that is if the recipient servers support any of it at all, is to prevent your domain getting "joe jobbed," or spoofed.

 

Of course... I did find gaping shortcomings in how these large houses handle SPF and DMARC just a couple of years ago, and in testing last year I found those holes to still be open.  I am hoping the March, 2024, crack-down has fixed at least the internal processing issues.  But, so far as I can tell, the "-all" SPF mechanism and "p=reject; aspf=s" DMARC policies are still handled much differently than expected.

[ElectricLab]

Quote

Not at all.  SPF and DMARC are exceptionally easy (simple DNS records,) and the DKIM tools available these days versus milter_dkim, &c, make things easy.  That said, you are only required to have DKIM if you are a "mass mailer," which right now is considered 5,000 messages a day.  I have all three configured for all of my hosted domains, with zero issues.

This is still waaay harder than it used to me. Tools like https://www.learndmarc.com/ make setting things up easier, but my point was that once you get it working, some more requirements will be added, sometimes a whole new layer, which tends  to breaks stuff  leading to delivery issues which are no fun. It becomes tiresome after a while. I totally agree that a committed spammer will just spend the effort to keep ahead of whatever cat/mouse challenge is put out there.

 

 

 

[+OLD CS1]

My unwanted and completely off-topic dissertation on mail servers and services follows.
 

Spoiler

12 minutes ago, ElectricLab said:

some more requirements will be added

On the up-side, there is not much more they can add right now   I get it -- I have been running mail servers for 25 years, so I am probably a little less sensitive to the issue of putting everything in place at once, or changes when they occur.  I admit, the whole Google/Yahoo/Apple DMARC And DKIM requirements took me by surprise, but I was able to get things in place within a few hours for the domains for which I am SOA/NS.

 

A few things to remember: make sure your IP has matching forward and reverse resolution; make sure you are on a static IP or use a smart host service (I smart-host for a number of businesses,) use a smart host if your fDNS/rDNS do not match; for DNS, just make sure your MX records or root domain A is valid, and you have good SPF and DMARC records; make sure your server is not an open relay (most now come configured not to be.)  Done.

 

21 minutes ago, ElectricLab said:

It becomes tiresome after a while.

Running a mail server is definitely not something for the squeamish.  Malicious emails are a massive nuisance and require something like SpamAssassin and ClamAV on your server, which also require some amount of maintenance.  Hacking is always a potential issue, too, as you expose the service to the Internet.  I glance over at my log tail and watch some of the interesting credentials they try to use, ways they try to glitch SSL, and so on.

 

If anyone decides to run a mail server, I do not recommend, unless you have the time and patience, to do it on your own.  That is, find a filtering provider which will do both ingress spam/virus filtering, as well as outbound smart-hosting.  Then, lock down your firewall to only allow connections from your provider's mail servers.  This is a configuration I have used with all of my customers running on-prem Microsoft Exchange for 20 years.  This way, my servers take the brunt of the attacks, and they get clean, natural, tasty email, the way God intended.

28 minutes ago, ElectricLab said:

I totally agree that a committed spammer will just spend the effort to keep ahead of whatever cat/mouse challenge is put out there.

We also have a bunch of mail houses engaging in pink contracts with spammers.  So long as they pay the extra money for the amount of mail they send, and only so much of the mail gets reported as spam (modern mail filters tend to reduce the amount of complaints services receive,) then spammers can run free.  SalesForce has been the worst offender, pretty much laughing in my face, calling it "unwanted outreach," but there are a slew of other services that simply do not give a shit.  (Looking at you, ConstantContact.)  When a service ignores my complaints, I set up a rule to send the offending spammers directly to the abuse@ or helpdesk contact email address.  Probably does nothing but make me feel better.

 

MailGun has actually been very good.  They are responsive to all of my abuse complaints.