u/RedSquirrelFtw

There's a huge CVE for Apache right now and the repos don't seem to be updated to next version yet, Just wondering how long does it normally take for versions to catch up? I normally don't pay attention but now I kinda am given the severity! I get this takes a while for the devs as they need to build the package not only for apache but the dependencies as well which I imagine is a tedious process.

Trying to adjust elbows to 90 is a pain in the ass. Spent over an hour fiddling with one and just got pissed off at how tedious and how much time I was wasting on such a simple thing. The middle section just wouldn't budge no matter what I try. Gave up, returned all of them to Home Depot. Trying to use flex duct to do the 90s, but trying to get them to sleeve around the pipe is no cup of tea either even after crimping the end of the pipe. It's just stupid having to waste so much time trying to get such a simple task done there's got to be a faster way.

Do they make preformed 90's that I don't need to mess with just to try to get them the right way? I'm in Canada so it would need to be available here. I googled but not really finding much. How do the pros form these in a timely matter when getting paid by the job and not by the hour? Is there some kind of special tool or something?

Noticed some spam and the "From" was actually spoofing my internal domain, which is not advertised anywhere. This is rather concerning, how are they getting that domain? The way my email setup works is that I have regular online accounts with an online domain, and my internal mail server uses fetchmail to get the mail and store it locally. Internal network uses i.domain.com and all my internal servers use names like server.i.domain.com, so mail is mail.i.domain.com. The emails are coming from mail.i.domain.com. Headers show it was received by the online server which is normal, but how did the spammer know about the i.domain.com? Both servers are running up to date Devuan. Is there any ways to check if one of them has been compromised? I don't see anything obvious. Internal one is very unlikely, it is not opened to the internet and any servers on my network that are opened to the internet are on a separate vlan.

Edit: To add, there is no references to the internal domain of the internal mail server anywhere on the external server. Not even SPF records etc. The internal mail server never sends mail directly, it uses the SMTP (via SASL auth) of the external server. The internal mail server does not appear in any headers either. If I send mail to my gmail for example you don't see the internal mail server.