I feel like there should be a third box with Wall Street raider types, for scrapers that use Selenium browser automation.

I don’t think it’s entirely unblockable - adsense seems to know to only serve unmonetized PSA ads - but I think it’s very difficult to discriminate between “this is a real browser controlled by an end user” and “this is a real browser being controlled by automated test software”.

This.

My units and integration tests are for the things I thought of, and more importantly, don’t want to accidentally break in the future. I will be monumentally stupid a year from now and try to destroy something because I forgot it existed.

Testers get in there and play, be creative, be evil, and they discuss what they find. Is this a problem? Do we want to get out in front of it before the customer finds it? They aren’t the red team, they aren’t the enemy. We sharpen each other. And we need each other.

Love this, 100% accurate. QA people are amazing, protect us from ourselves in so many ways we didn’t even think of.

I feel like objecting to the “General advice about email is don’t” thing but I don’t know if I understand the objections well enough to refute them. I self host email for mspencer.net (meaning all requests including DNS are served from hardware in my living space) and I have literally zero spam and can’t remember the last time I had to intervene on my mail server.

On one hand: My emails are received without issue by major providers (outlook, gmail, etc) and I get nearly zero spam. (Two spam senders were using legitimate email services, I reported them, and got human-seeming replies from administrators saying they would take care of it.) And I get amusing pflogsumm (summarizes postfix logs) emails daily showing like 5 emails delivered, 45 rejected, with all of the things that were tried but didn’t work.

On the other: most of the spam prevention comes from greylist, making all new senders retry after a few minutes (because generally a legit MTA will retry while a spammer will not) and that delays most emails by a few minutes. And it was a bear to set up. I used a like 18 step walkthrough on linuxbabe dot com I think, but added some difficulty by storing some use and alias databases on OpenLDAP / slapd instead of in flat files.

But hey, unlimited mail aliases, and I’m thinking of configuring things so emails bounce if they seem to contain just a notification that terms and conditions are updated somewhere. I don’t know, cause some chaos I guess.

And I have no idea if my situation is persuasive for anyone because I don’t know what the general advice means. And I worry it’ll have the unfortunate side effect of making self hosting type nerds like me start forgetting how to run their own email, causing control of email to become more centralized. And I strongly dislike that.

I’m surprised I’m the first comment saying this, but all I see is a user who needs help expressing their needs but who is not getting that help. Sure they don’t have our experience with decomposing problems and anticipating technical issues, but that’s normal and expected.

Yep, mspencer dot net (what little of it is currently up, I suck at ops stuff) is 2012-vintage hardware, four boxes totaling 704 GB RAM, 8x10TB SAS disks, and a still-unused LTO-3 tape drive. I’ll upgrade further when I finally figure out how to make proper use of what I already have. Until then it’s all a fancy heated cat tree, more or less.