- 2 Posts
- 4 Comments
Joined 1Y ago
Cake day: Jun 11, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
English- •
- 5M
- •
I've been self-hosting email with [Maddy](https://maddy.email/) for a bit, but haven't shared any of the addresses widely yet in part because I haven't set up a spam filter. I'm pleased with Maddy; there's much less to learn to get a server up and running with sane default behavior than with the email software of old.
Ideally, I'd like to go beyond just spam filtering and have something with arbitrary categories like newsletters and password resets. I would prefer that it learn categories when I move messages to IMAP folders from a mail client. Maddy can feed messages into arbitrary programs and pick a destination folder based on their output.
Web searches turn up a ton of classification programs, most of which seem to be more interested in playing accuracy golf with well-known corpora than expanding functionality beyond simple spam filtering.
VPNs have multiple effects. Which ones are you asking about?
The common ones that come to mind are:
- Preventing remote servers from seeing your real IP address
- Bypassing attempts to block access to popular Lemmy servers, either by network operators or the server itself
It won’t do the former because media gets loaded directly from federated servers. It might do the latter.
creator
toSolved-ish.
I got webpack to run reliably by replacing its use of md4 with sha256 in these files:
$ grep -r md4 node_modules/webpack
node_modules/webpack/lib/ModuleFilenameHelpers.js: const hash = createHash("md4");
node_modules/webpack/lib/optimize/ConcatenatedModule.js: const hash = createHash("md4");
node_modules/webpack/lib/optimize/SplitChunksPlugin.js: .createHash("md4")
node_modules/webpack/lib/NamedModulesPlugin.js: const hash = createHash("md4");
node_modules/webpack/lib/SourceMapDevToolPlugin.js: contentHash: createHash("md4")
node_modules/webpack/lib/WebpackOptionsDefaulter.js: this.set("output.hashFunction", "md4");
node_modules/webpack/lib/HashedModuleIdsPlugin.js: hashFunction: "md4",
then in `config/initializers/content_security_policy.rb’, I replaced the line
.script_src :self, assets_host, "'wasm-unsafe-eval'"
with
p.script_src :self, assets_host, "'wasm-unsafe-eval' 'unsafe-eval'"
This seems like way more tinkering with the code and defaults than I should need to keep the server running so I’ll probably dig more later. I hope this post ends up being useful to anyone else having an issue.
- •
- 1Y
- •
I just updated my Mastodon server to the latest version due to a security vulnerability. I got a 500 page and `error:0308010C:digital envelope routines::unsupported` in the logs from mastodon-web.
I could reproduce by running bin/webpack from the command line. Some searching led me to try Node 16 LTS, but then I get an apparently blank page when I load the site and `call to eval() blocked by CSP` in the browser console.
The API works normally; this only affects the website.
It seems to me software designed to facilitate discussion shouldn’t have a downvote buttton. There should be a UI for marking comments as inappropriate, but it should require a second step saying why. Perhaps one of the reasons should even be “I disagree”, but that option should have no effect.
It’s not impossible to abuse of course, but it nudges people in the right direction. Those UI nudges can be pretty effective.