Re: [tlug] [OT] email client tips?

[Travis Cardwell <travis.cardwell@example.com>]

On 2014年04月25日 10:49, Kalin KOZHUHAROV wrote:
> Hmm... that sounds like setting a timebomb (or few)...
> Almost every week I have to deal with incident response on a client
> Web server involving PHP. Probably 1/3 of the cases is an attempt to
> do what you describe - I call it full local packaging.
> The problem is that once deployed such setups are hard to upgrade and
> as such tend to gather vulnerabilities (i.e. already present
> vulnerabilities are published and exploited).

That is a very good point.

One random idea that I had but have yet to fully explore, is to create a 
"gateway application" for authentication.  Using Nginx as a reverse-proxy, 
my web server is implemented in Haskell, in which I can implement it.  The 
idea is to provide a secure interface for authentication.  Only when a 
user authenticates successfully are they given access to internal services 
that are not fully trusted (PHP/Ruby apps) by adjusting firewall rules. 
It is sort of like a web-interface alternative to port-knocking.

What do you think of such an idea?

> I also refuse to install PHP and Ruby on my servers, for slightly
> different reason (the opposite?): I want to have central view of the
> installed software. I am using Gentoo with default portage package
> manager and I often use Perl for various tasks. Also most of Gentoo
> depends on Python, so that is (unfortunately) hard-bundled. Having to
> deal with another (few) package/module management systems (in addition
> to portage and g-cpan) is just too much frustration.

I do not use a number of development utilities for this very reason: the 
Ruby package manager is a significant dependency!  I have even resorted to 
installing Node.js in order to avoid it!

/me ducks

> I have tried several times to get off-the-beaten-path and stop using
> gmail (and as hacker/geek/alpinist I do LOVE off-course). I am used to
> Thunderbird from the time it was Netscape and even have some
> contributions to it. These days I sue it for work with my bigger
> client (independent consultant). I dislike the editor wrapping, here
> are some related bugs that I commented/filed:
> https://bugzilla.mozilla.org/show_bug.cgi?id=109350
> https://bugzilla.mozilla.org/show_bug.cgi?id=84320
> https://bugzilla.mozilla.org/show_bug.cgi?id=114707
> https://bugzilla.mozilla.org/show_bug.cgi?id=168420
> https://bugzilla.mozilla.org/show_bug.cgi?id=169691
> https://bugzilla.mozilla.org/show_bug.cgi?id=186732
> ...
> probably there are more, but no result so far and every time I tried
> to look at the code I gave up after an hour being unable to understand
> where to look for....

Thank you for sharing that!

> So I use gmail for most other things. And now that I got Nexus 7 2013
> (WiFi) and last month another LTE, I am even more bound to gmail
> because of the gmail app.

I am in the same situation with my family email.  My wife is willing to 
change if/when I find a decent alternative.  I often hear of alternative 
Android email apps, but I have yet to try them and worry about the likely 
lack of a good Japanese localization.  I also need to find a replacement 
calendar, as we use the GMail calendar constantly.

Cheers,

Travis