We can put a reverse proxy in front of discourse that re-directs to a maintenance page when the site is down. This is probably easier said than done, I don’t know yet.
The cert should auto-renew later this week. I was thinking I’d hang around until then just to make sure that goes off without a hitch since it’s the most (but still not very) complicated part of our setup. Then I can boot myself from everything and be a happy pleb.
The reverse proxy is already there to handle the stupid www thing. Just a matter of having an alternate discourse.conf in sites-enabled to point to a static page during rebuilds.
1 Like
Oh, that’s very easy then.
The only part of our setup that isn’t out of the box, bog standard is the reverse proxy, the www subdomain, and how the SSL certs renew. I have detailed notes about that stuff in the staff forum.
1 Like
Weird thing I just noticed. I posted a giphy link in another thread, and checked back a while later and noticed the post had been edited. I didn’t understand why, because I knew I didn’t do it. So I noticed this:
So, the system notices an image hotlink (or whatever it’s called), downloads the image and then edits the post with the actual image? That’s cool I guess, but I wonder about the storage implications. Probably negligible.
I just noticed this, thought it was interesting and didn’t know where else to post it, so I am leaving it here so I can explore later.
It’s always done that, as do most forums and social media platforms these days. Even 2p2 does it. Hot linking images is just terrible practice for half a dozen different reasons.
lol crazy I just noticed it. Yea that’s a great feature. Going through ancient threads in 22 is a bummer because most of the images are gone.
It also solves the problem of insecure content on secure pages, which is why 2p2 started caching images when they finally switched to https. One of the nicest thing Discourse does with rehosted images is optimize them on upload and generate responsive sizes. That’s a huge benefit for mobile users.
1 Like
- Be sure to set the
notification emailfrom: address correctly in your site settings. The domain specified in the “from” address of the emails you send is the domain your email will be validated against .
Just saw this in some documentation while I was testing our email service (I want to make sure the delivery is timely and arrives in the main inbox of the major email providers, outlook/gmail. everything looks great so far).
This seems like something that would have been very easy to screw up and we got it right first time. I was trying to set up a subdomain for our email but then told myself that was idiotic and overkill.
I’m glad I went with something that wasn’t a freebie service with capped emails. It is very reasonably priced at $.80/1000 emails after 3 months of free emails. It is very favorably reviewed. I can also set alerts when our emails reach a level that would piss me off (like 50,000 emails in a month in a registration attack or something) and stop the service.
ETA: This reminds me - we can send way more email than we are sending. If there’s something in the site that sends email notifications that we are not using, I think we should use that. Unless that would annoy users.
ETA ETA: Ok, outlook goes to spam. I will fix (try to) that.
Used mail-tester.com as recommended by discourse to test that my emails have the right headers and shit. It passed all tests and gave us a 10/10 score except for a few under “security.” Turns out we were missing a DMARC policy. don’t worry, no one knows what that is. including me. I just figured some headers had to be weird so I went down that rabbit hole and arrived at this.
I have added to our Google Domains and ran the test again, and it picked up the change, but the test for that DMARC still failed. It couldn’t detect a reason why, so it said to wait a few hours and try again if you recently modified your DNS configs (I did, obv).
I should have ran these tests before if I was being really thorough.
ETA: There are no more security errors, we get a perfect score from the recommended testing site. If I cannot resolve by the end of the week, I will consult the discourse forums. Registration emails shouldn’t go to spam, ever. Screw you microsoft, constant pain in my ass.
ETA ETA: I hit my free limit for test emails on the test site. Will try again tomorrow. Weirdly irritated by this.
This guy had the same issue, also with mailgun - Email spam folder problems with Outlook / Hotmail - installation - Discourse Meta
If it’s just outlook I’m honestly willing to say screw it and put this on the backburner. I think most people use gmail anyway. I’ll make all the tests from mail-tester pass, and then if outlook is still sending it straight to junk, then fine.
This is why I stopped using my hotmail as my main account. Their spam detection falsely identifies legit mail as spam yet I get a ton of actual spam in my main inbox.
I seriously can’t let this go. I checked blacklists and we are on UCEPROTECT Level 3. Which means our IP range has been associated with a spammer in the past. I have been reading that this is common for digital ocean ip ranges. So, that could be the issue, or maybe not. Regardless, the solution is to actually pay them to get off the list, or move our domain elsewhere. What a scam.
There’s also a way to contact microsoft directly and apply to become a trusted sender - that may be the solution.
Dude FUCK these guys, checking the reason we got blacklisted on their shitty website that looks like it’s straight out of 1994:
As you should know now: It is not you, it is your complete provider which got UCEPROTECT-Level 3 listed.
Your IP (…) was NOT part of a spamrun, but you are the one that has freely chosen your provider.
By tolerating or ignoring that your provider doesn’t care about spammers you are indirectly also supporting the global spam with your money.
Seen from this point of view, you really shouldn’t wonder about the consequences.
Anyway, I doubt this is the problem.
What sort of emails are you imagining sending? We disabled email digests
And changed the blue-highlighted options as well, but they have no affect unless we enable digests
Not sure why we decided to disable email digests (if I ever received an email digest I would insta-rage-unsubscribe and I assume zz hates them as much as I do, so that’s probably why). I re-enabled them for a second to see what happens and it adds the Activity Summary option to the User Preferences page
If we enable digest emails, as long as we leave default email digest frequency at “never,” users would have to opt-in to get digests. We can also change the default frequency and then users would have to opt-out to not get them (I hate this idea, but maybe not everyone hates digest emails as much as I do).
Not sure if there is a setting somewhere for a reminder email for people who have signed up for accounts but then not logged in. Thought there was but don’t see it now.
Yea those are kind of what I was thinking of. I am not really for or against digest emails, but that’s something we could probably put to a community vote in the About Administration thread if we really care about it. I don’t know what’s best, I just wanted to say that we are subscribed to this email service and if we wanna send more mail, we totally can. For what we are using right now it is very cheap and we aren’t sending a lot anyway. I’m not for sending email every time someone replies or @ 's someone, because that’ll really run up the bill (probably still would be less than 10 bucks a month).
I think an opt-in would be much better than opt-out. I certainly don’t want those emails automatically, but I would consider opt-in.
Anyway what we are doing has been working and I definitely don’t want to spam people’s inboxes. I already get enough spam on the email I registered with.
Not sure if we had a reason to disable them other than we both hate them (maybe the email we were using at the time couldn’t handle the volume?), so I wouldn’t want to enable them without checking with @zikzak first, but then if we want to enable them as opt-in and let people know it’s available, I think we can just do it without asking for permission. I mean who can in good faith object to enabling a feature that allows user to decide to opt in to something they want, that nobody who doesn’t want never needs to think about.
1 Like
Yeah, it was probably in the early stages where we were both incredibly annoyed by all the notifications and gameification and I started turning things off with extreme prejudice. Opt-in seems fine. On by default seems beyond horrible.
3 Likes
yea it’s all set up. Just this annoying problem of unstuck email going to outlook spam folder.
As far as the email blacklist stuff goes, we’ve only had this IP for a few months. Dunno if the previous one was on any naughty lists.
You can request a new one if you want. I should be handing ownership of the DO account over to you in the next 24-48 hours, but I don’t even know if that’s necessary for you to request one. I’ve found them to be pretty responsive to these things and very happy to help. Only hard part is finding out how to open a ticket, and then finding out how to get back to your ticket once you’ve opened one.
I guess this particular organization blacklisted the entire ISP, from what I can tell looking at their report. You should check the site out, it’s hilarious. From what I can tell right now though, I don’t think outlook consults this list when filtering incoming mail.