asterinzitmagget

Mails bounce or get flagged as spam when sending to Google/Yahoo/Hotmail/Apple

25/02/2025 Zupertails office 365, tech, training

Whoever holds the gold makes the rules

Late 2023, Google and Yahoo announced new guidelines for sending e-mails to their networks.
Yes, you read it : “to“, not “from“.
If you’re an e-mail user and recently got a notification that your mail was refused by Gmail, read on and find out what the reasons could be and how you – as an admin – can resolve these issues.

Show me the money

Regular mail versus bulk mail

“The big boys'” requirements differentiate between regular (coming from you or me) mail usage and bulk senders, such as mass mailer for commercial purposes.

Having read the guidelines, I can narrow them down to the following…

it's SPAM — spam, bacon and eggs and spam

Let’s start out with the requirements that are applicable to all senders :

Make sure that domain spoofing is practically impossible by implementing SPF in a strict way (use the “-all” flag) and sign your mails with a DKIM key, where possible.
Make sure that recipients do not flag your messages as SPAM, either manually or automatically.
Now, this sounds like quite a general guideline… Google stuck a number to this statement and will start flagging you as a “spammer” if more than 3 out of your 1000 (0,3 %) mails to their systems get marked as SPAM.
That 0,3% doesn’t sound like a lot.
And it isn’t.
That’s why you as an IT implementer should make sure that your customer is not at any time sending out unsollicited mail. Ever.
Activation of MFA, using a separate mailing software for addressing your customers en masse and securing the customer’s domain are a NECESSITY. Protecting mail flow is no longer a matter of just username and password.

Bulk senders need to tighten the situation a bit more.

Now, before we list what the requirements for bulk senders are, I have to make clear that being defined as a “bulk sender” is a very “grey zone” kind of moment.
In official terms of Google, they define a “bulk sender” as an entity that sends 5000+ messages/day.
We’ve seen this number being interpreted by Google themselves as a much lower number in a few cases.
Basically it’s advised, to apply the requirements below for ALL your clients, as it’s best practice to tighten security as much as possible in every case.
The grey zone interpretation style of Google’s own rules also suggests this in between the lines.

Obligatory SPF and DKIM as stated above. If you’re using M365 as mail solution, there’s no reason not to set this up. It doesn’t cost anything extra and it’s a small effort that can count as a quick-fix.
DMARC policy needs to be active.
A simple “p=none” policy is ABSOLUTELY NO LONGER a good thing.
This post explains the reasons why you should in fact do something with those reports: https://www.nospamproxy.de/en/dmarc-policy-why-p-equals-none-is-a-bad-choice/
You’ve set up a DMARC record. Excellent!
Now actually make sure all your mail-sending clients (Outlook, CRM tools, printers, …) are conform with all the measures you’ve put in place.
Have a cloud-hosted CRM packet that sends over your domain name? Have it use either a M365 connector or add it’s fixed IP to the SPF record.
If it has DKIM support, use it. Always.
The number one bad guy in mass mailers that ‘ll get your domain flagged as “bad reputation” is not having a one-click unsubscribe button/link in mails that you receive after subscribing to them. (RFC 8058)
A “List-Unsubscribe” header needs to be present in the mail headers , as well as a visible unsubscribe link in the message body.
This link must not lead to a complex unsubscibe procedure with multiple questions, but must literally be “1 click”.
Another self-proclaimed Google/Yahoo standard in these grey zone rules, implies that the unsubscribe must be done within 2 days after request.

Pointer Sisters

Some extra Pointers and tools

Make sure your “From” address and the from-header are the same. Especially the domain name in the address is the more important factor here. The term this applies to is called “domain impersonation“
Where possible (not in a M365 case), try to add a valid reverse PTR DNS record that corresponds to your outgoing mail server name.
In most cases, you have to address your internet provider in order for them to add a reverse PTR record as this applies to the fixed IP addresses given out by them.
Reverse PTR records only make sense in cases where you actually send mail from a fixed IP.
As an example : I have mail server running that announces “mail.zupertails.be” as DNS name in my headers, while having a fixed IP at the office, where the server resides.
My ISP needs to add mail.zupertails.be as a reverse PTR record, linked to my fixed IP.
I’ll spare you the tech details, but trust me on this 😉
Actually read the RUA and RUF reports that you set up in your DMARC record.
They can help you understand (even when it’s already too late and your domain has been flagged as “bad”) how your mails end up in spam.
https://mxtoolbox.com/DmarcReportAnalyzer.aspx can help you greatly in understanding these otherwise unreadable reports.
There’s no quick-fix solution when your domain is flagged as “bad” or “spam”.
Domain reputation is partially an organic thing.
Every email receiving provider handles the timeout period in its own way and has no concrete documentation for outsiders available on the details as how long your domain is flagged on their side.
You can get extra information on the health of your domain and what’s causing it to suck on https://dnschecker.org/domain-health-checker.php
ARC headers are yet another way of verifying the legitimacy of your mail flow.
https://www.validity.com/blog/how-to-explain-authenticated-received-chain-arc-in-plain-english/
Not every sender or receiver for that matter checks on ARC headers or allows the implementation of it.
If the link above is too much to read : ARC allows you to add a list of hosts, that allow the rewriting of mail headers, for instance in cases of mass mailing.
M365 supports ARC.
Stating the obvious : always send your mails in RFC 5321 and RFC 5322 format, that have their origins in 2008

Very funky and interesting tools that will help you on your way of becoming the ultimate mail flow troubleshooter :

Gmail’s Postmaster tools : https://gmail.com/postmaster/
MxToolbox has way more tools available than the one in their main menu : https://mxtoolbox.com/NetworkTools.aspx
Check your domain health. Often. https://dnschecker.org/domain-health-checker.php

Zuper out

Hosting a karaoke party on Discord (and streaming it on Twitch.tv)

26/12/2024 Zupertails training

Obligatory preliminary introductory 🎶

I’ve recently gotten a renewed interest in “playing” karaoke, due to my favorite karaoke café in town shutting down and me feeling the need to sing in public.
Yes, I’m weird like that 🙂

Gotten triggered by the fact that the lovely people at twitch.tv have a separate category for “Karaoke Party” even though their guidelines state the opposite, I started looking into setting up a similar party, because “meh”.

If you’re looking for the guide on how to join my own karaoke party, click HERE

Different setups require different approaches

There’s a couple of ways to get similar results here.
You have to ask yourself the question whether you want to host a karaoke party physically at your own location, host it solely online or make it into a sort of “hybrid” situation.

Depending on that question, you might need different audio devices and use different audio/video sources in your favorite streaming software.
I’ll use “OBS Studio” (not to be confused with the somewhat similar but more memory-hogging “Streamlabs OBS”) in this example.

For the sake of this guide, I shall assume you already know how to set up OBS to start your streaming adventure.
If you haven’t done this before, https://www.lifewire.com/twitch-streaming-with-obs-studio-4151808 will be a quite helpful guide into this.

In this guide I will use my very own hard- and software setup as guideline; feel free to use any hardware and software that you see fit. You’ll only need a somewhat good microphone and an internet connection. Webcam is already optional, but adds more to the immersion, of course.
The most important thing to keep in mind with karaoke is to have fun with your friends.

Step by step

Hardware choice
Preferred karaoke software
Setting up Discord
Setting up OBS

1. Hardware

Audio

Your audio input will be the more important one here.
A good microphone will make all the difference in improving the quality of your performance.

As a lower rank audiophile, I’ve got a variety of microphones lying around, because singing might require a different mic than just talking to your streamers.

For my streams and other audio shizzle, I use either :

Blue Snowball iCE (link) , with an small pop filter in front of it.
This very budget-friendly streamer mic is perfect for voice recording or talking to your peers in an excellent quality.
Hyper X Cloud Alpha (link), because I wanted a wireless headset with a respectable microphone, but awesome chamber drivers. A higher rank audiophile would have gone for a wired headset btw 😉
(no laughing plz) Singstar PS2 microphones incl. their respective USB connector

You can’t buy these things new anymore, but believe me when I say that when you find these puppies in a working state on a second-hand market, you buy them.
The have one of the better sound quality for non-professional gear and I see them going from €10 to €40 for a set with USB amp.One thing you should know about the Singstar mics is that they’re (almost) plug and play in Windows. More on that during the setup phase…

Video

As mentioned above, video hardware is less important here.
However, it increases the entertainment value of your stream when you actually see who is performing.
When going to a real life karaoke gig, you like to look at the “artist”, right ?

I won’t bother you with the details on my webcams. Just know that I have one set up in the top corner of my game room for VR purposes and that it’s a 4K resolution model made in China, therefore cheap as hell 😀

Other video advice I can give you is to have at least one extra screen that you’ll use exclusively for your karaoke needs, in this case.
Make sure you can read the the lyrics on your favorite karaoke platform and you’re good to go.

2. Prefered karaoke software

Now, in order to keep your setup as low-cost as possible, you could play your karaoke sessions through a simple Youtube search.
There’s more than a handful of YT channels that provide songs that have lyrics over them. Popular ones include :

Next to Youtube, you can either download specific local Karaoke videos or use a dedicated piece of karaoke software, such as…

KaraFun
Kanto Karaoke
PCDJ Karaoki
Siglos Karaoke Professional
…

…of which the Karafun Windows software is my personal favorite. It also has an Android and iPhone app for your on-the-road singing needs, as well as support for multiple screens, web-requests and much more.
For the professional apps such as these, there’s a small price attached to them.
Karafun used to have a “weekend price”, but now you’re paying €7,99/month (cancelable anytime), which still is peanuts for an evening of fun.
For that price, you get access to 61000+ songs in their library.

No I’m not sponsored by Karafun 😉

3. Setting things up on the host side : Discord

Of both host and guest setup, the Discord host setup is the tricky part, as you’re going to have to keep a lot of audio flows in mind. Especially when you’re also streaming your karaoke session to your favorite streaming platform in the process.

For this example we’ll try to keep it simple, as Discord has a specific channel type for this called a “stage” channel, but it requires you – as an admin – to continously swap out people in the spotlight and allow speaking rights.
If you’re into controlling everything yourself, Discord has a nifty guide on this type of channel –>
https://support.discord.com/hc/en-us/articles/1500005513722-Stage-Channels-FAQ

For our “easy mode”, however, you’ll be creating a separate voice channel where you apply specific rights to it (unless you want anyone that can join your server to be able to sing, that is…)

In this channel, if nobody’s performing, you can allow everybody present to be able to speak, but ask them to mute their microphones somebody starts performing.
Since you, the admin, will most probably be the one who is streaming, you can also mute these users on your side, so that the viewers on-stream only hear what you want them to hear : the singer and their music.

Shamelessly stolen from Winbuzzer's website ;-)

This page (https://zupertails.be/wur/?p=539) explains in a bit more detail how this works on the performer’s side

Don’t forget to unmute everybody when your performer is done 😉

4. Setting up OBS

First off, you have to consider what you want your viewers to hear and see when they check out your live stream.

In case of a karaoke moment on Discord, you will want them to see/hear :

All the sound of your Discord session. This includes your users talking and singing.
A limited window of your Discord screen. Your viewers don’t need to see your list of channels and servers on the left, they just want to see the interaction and the performance)
Optional sound from some overlay such as StreamElements or anything else that allows user interaction.
Your very own microphone.
The sound (and optionally but preferably the video) from your own karaoke software, as you’ll be performing as well.

Keep in mind when you’re streaming and you want to interact with your Twitch/Youtube/… audience onstream, that you mute yourself as well, during somebody’s performance. You don’t want to be the ass-like host that talks during people’s performances, when you deny others !

As I don’t like reinventing the wheel, here’s an already relatively big starter guide on adding specific audio sources from windows or apps to your stream :
https://obsproject.com/kb/application-audio-capture-guide

As for sharing your Discord window without all the clutter on the left, again no wheel reinvention will be done :
https://www.youtube.com/watch?v=RLpAOlmmz4A

Keep in mind that it’s preferable to have your Discord sit in a dedicated screen or part of a (bigger) screen, so that it never changes size, when you follow the Youtube guide above.
Failure in doing so, will result in a messed up or badly cut out window being displayed, after you use the ALT-key method to cut off parts of the screen.
Always make sure to think about the resolution and screen size you’re streaming in, so that the shared Discord session fits in nicely with the screen ratio.

There, that’s it.

If you think, I missed anything in this guide or if you need more detailed information, give me a heads-up on whatever platform you know me in.
I’ll be glad to add to this guide where needed.

Musical greetings,
Z.

Joining a Zuper karaoke session!

26/12/2024 Zupertails training

How to join Zupertails’ karaoke stream

If you see me streaming some karaoke event on Twitch or just notice me being active on my Karaoke channel on Discord, feel free to drop in.
Karaoke is meant to be enjoyed by many instead of solo and is more of a social event than anything else.

Don’t have my Discord yet?
Join on https://discord.gg/srsx5V8ZzA
Ask me to give you a specific karaoke role (“Cyber Singer Mika“) if you don’t see that voice channel in order for you to be able to join one of my karaoke channels.

I’ll try to maintain a list during our fun session in order for everybody to get an equal amount of “screen/singing time”.
There is, however, no obligation whatsoever to sing. If you wanna hang out and chill, that’s also fine. Socializing is what karaoke is about (among other things lol)
During somebody’s performance, i advise to mute your microphone, as it might interfere with the performer’s concentration (and it’s just considered to be a dick-move in general to talk during somebody singing)
During your performance, you can either share your screen/app where you’re getting the karaoke song from (Youtube, Karafun, …) and we all watch your screen sharing session that you use to sing along to.

Or… you can use a slightly more advanced setup with VoiceMeeter (a free piece of software) to mix your MIC input with the actual sound and have us listen to only your voice channel, containing voice and song at the same time.

Discord will almost perfectly sync your voice with your screen sharing session. Screen sharing or mixing with VoiceMeeter will result in practically the same experience for the listeners, except that we don’t get to see the lyrics onscreen in the latter option.

There are tons of guides on how to configure VoiceMeeter out there, should you want to use it.
https://voicemeeter.com/first-steps-connect-your-mic-and-mix-your-voice-with-any-pc-sound/ is a good place to start.
But that’s not what this post is about 😉

Sending M365 mail from your all-in-one scanner/printer

22/02/2024 Zupertails office 365, tech, training

Precursor

Imagine the following : you recently migrated your mail platform from the “classic” POP/IMAP mailbox setup towards Microsoft 356’s mail solution.

If you’ve done the M365 setup correctly and migrated everything towards your new cloud environment (see tons of previous posts 😉) you’ll soon run into some issues when trying to send an e-mail from your super-cool all-in-one printer/scanner/copy/fax machine, which is hooked up to the network and ready to send scanned documents in your (domain) name.

One of these issues being that you receive a NDR from your recipient relating to something like “Error 550 5.7.1 The user or domain that you are sending to (or from) has a policy that prohibited the mail that you sent” or anything basically that falls back to “we don’t trust this e-mail, because you smell of spam/phishing/malconfigured SMTP/…”

Your printer – in this example – still has port 25 and (for instance) uit.telenet.be as outgoing mail server (yes, I’m Belgian – hence the .be TLD on my site)

(PS : don’t want to read this entire story ? CTRL-F your way to “How do I set this thing up ?”)

Behind the scenes

What happened behind the scenes before and after your migration, concerning mail flow ?

Before your migration,

you used to have and old-school mail provider that allowed a lot.
Your recipients didn’t care much or already added your scanned mails with PDF’s in them in their ~~white~~ allow-list.
Maybe your mails got through, maybe they didn’t.

Your outgoing mail provider (let’s say it’s Telenet nv for the sake of the already mentioned example above) doesn’t really care what you send over their mail server, as long as you send it from an IP address on their network.

(a small note : at the time of this writing Telenet no longer accepts anonymous port 25; they need authentication through an @telenet.be address and use port 587 with TLS encryption)
(another small sidenote : Proximus still allows anonymous port 25 at this time cough)

Whatever the case, it would allow senders to send any mail they want from any e-mail address they want, as long as they use their own internet provider’s mail address.

After migrating to M365,

Microsoft kind of enforces you to add certain DNS records, before 100% completing the setup wizard of their Online Exchange offer.
✅ green ticks tick my own boxes as well, so as an OCD-enjoying IT guy, I can’t not complete this wizard :p

One of these records you have to create is an SPF record, which partly regulates the mail flow for your domain by defining. (more on the SPF record on [this page])
Microsoft is also kind enough to allow you to send over their own SMTP servers (good guy MS !!!) and provides certain regulations in order to be able to do so.

Server/Smart Host: smtp.office365.com
Port: 587
TLS/Start TLS: Enabled
Username/Email address and password: pretty obvi what this is….

In a perfect world, you’d be able to just enter these settings in your super-duper all-in-one printer and you’d be good to go. 👌

HOWEVER…

On the dreaded day of June 30, 2023 Microsoft disabled out-of-the-box support for a tiny little protocol we know as TLS.
Specifically, they disabled support for TLS 1.0 and 1.1 (fear not).
A lot of these printers use this “older” protocol and – as you might already guess – this complicates the entire sending-of-mail process.

Never fear, though !

Microsoft built in a backdoor/workaround in their own security enforcement and still allows you to send mails like you would in “days of olden”.

How do I set this thing up ?

We’ll take this random internet screenshot from the mail settings tab in an OKI printer as an example :

Following all instructions you find on the internet, this would be the way to go.
And it is.

Using these settings in 2024 will result in a “cannot send mail” error on the printer.

Did you misconfigure something on this printer ?
NO.

Here’s what you need to change on the Microsoft side :

Through https://admin.microsoft.com browse your Users > Active Users and click the mail enabled user for your all-in-one device (Yes, you need to have a mail-enabled user for this)
On the screen that appears on the right, go to the “Mail” tab and click “Manage email apps“
By default “Authenticated SMTP” is not active.
Activate it and press “save changes”
That’s not where it stops, though.
Microsoft, sneaky as they are, still disable SMTP AUTH on a more global level.
So just activating the above, will result in the same sending error on your device.
sooooo, let’s go to https://admin.exchange.microsoft.com for part 2 of the config.
On the Exchange Online admin center go to Settings (in the left) column and pick “Mail Flow” (not to be confused the the “Mail Flow” fold-out menu in the left column).
One thing that needs to be de-activated is the “Turn off SMTP AUTH protocol for your organization“. (the tick needs to be unticked – super confusing option – double negatives and all)
Depending on the type of device, you may or may not need to opt-in the tick “Turn on use of legacy TLS clients“.
Even though Micro$oft disabled TLS 1.0 and 1.1, they still allow older TLS versions to communicate with the SMTP AUTH endpoint “smtp.office365.com”.
Press “Save”, give it a couple of hours tops and BAM, send at will with your Brother MFC something something, your mail enabled camera system, CRM software, …

I’ll leave the “plus addressing” tick for you to Google. It’s a cool feature, with little use-case.
Still cool though.

I haven’t talked about using an account that uses MFA, where you could use “app passwords” up to 2024, but due to security reasons Microsoft is discontinuing this feature

Peace out.
Happy mailing !

DKIM simplified and how it works (but not for beginners)

08/09/2023 Zupertails office 365, tech, training

Lifting shrouds from IT-related mysteries is what we do here.

DKIM… yet another mys(t)ery to so many, but actually not that much rocket science as it seems.
Let me explain :

Simplified as an acronym, DKIM stands for “Domain Keys Identified Mail” and is nothing more than “just another TXT record” in your DNS.
In a previous post, you could read up about SPF records and how they can diminish the amount of spam being sent FROM your domain name. DKIM takes this to a next step.
It’s the implementation of DKIM that will require some extra feedback from me, though.

Extremely simplified

Woodpecker.co explains DKIM as following :

“Take Game of Thrones to get the bigger picture of DKIM. Ned Stark is sending a raven with a message to king Robert. Everyone could take a piece of paper, write a message and sign it Ned Stark. But there’s a way to authenticate the message – the seal. Now, everyone knows that Ned’s seal is a direwolf (that’s the public key). But only Ned has the original seal and can set it on his messages (that’s the private key).”

Quite the analogy, if you’ve seen GoT (and no spoilers, even !)

What happens when using DKIM ?

The entire concept is based on encryption of a specific value that uses a public and a private key, that are generated in pairs and therefore cannot exist apart from each other.

The public value is stored (obviously) in a public location where all e-mail servers and clients can access it : the DNS server that holds your domain name (OVH, Skynet, Godaddy, Combell, …)

The private value is sent in an encrypted way over internet and can be verified through means of that private key, to check if it used the original correct signature.
It’s comparable to how an MD5 checksum works

(with the exception that at the time of this writing, DKIM can not yet be broken and it’s possible to “fake” an MD5 lol)

This hidden signature is then verified by the mail server, through which you send your signed mail, as well as all other mail servers where this message passes (in its original form).

Because…. the signature is added to the mail headers and is completely independant from how SPF records work, a proxy’ing mail server that just passes on your message, retains headers.
Theoretically, your mail could fail on an SPF, but could be perfectly valid on a DKIM basis !

Fool-proof ?

Is this method a fool-proof way of confirming ALL mails from your domain are safe now ?

A simple answer : NO.

DKIM is kind of the reverse of SPF, whereas SPF tells the receiving mail server what mail NOT to trust.
DKIM tells the receiving mail server that this specific mail, sent from this specific source is – in fact – OK to receive. DKIM does not guarantee that mails from your domain name, sent from a source other than the one defined in the key verification, are in fact safe, because the key in the verified mail message only counts for the specified source.

“Should I not bother to use DKIM, then ?”

You should still try to implement DKIM wherever possible, as all methods of securing your mail flow and getting spam/phishing mails out of this digital world, are most welcome.

What does DKIM look like & “comment ça marche” ?

Enough with the theory; let me explain how (and when) this works.

First of all, your own mail server, through which YOU send outgoing mail, has to have support for DKIM key generation.
Most ISPs (I think we can say “all ISPs”) will not use DKIM, as this would mean having to sign every friggin mail message that the millions of their customers send out on a daily basis.
All mail software would first have to talk on an encrypted basis to a public SMTP server to stuff that signed key in the mail header of their own mail message.
Seeing as most ISPs allow sending over their mailservers, without any authentication whatsoever, except for sending from their IP address range, this can ony mean : a big no-no.

Onward.

If your mail server supports DKIM (we’ll be using Microsoft 365 as an example), we can go ahead and create a DKIM.

https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/email-authentication-dkim-configure?view=o365-worldwide explains in heavy detail how to create a DKIM pair on a M365 mail-based subscription (Exchange Online in short).
Go ahead and read the article.
The come back here, for a small moment of enlightenment.

…

All caught up?
Good.

The original private key is never shown and is only known to your very own mailserver.
You get to see – usually in the form of a next-next-next wizard – the entries you have to add as a CNAME record in your own DNS server that hosts the domain name from which you’re sending mail.

As cryptography goes, the mailserver recieves your request to send a mail to somebody.
Next, it adds a specific unique mail header to your outgoing mail, based on its own private key, in combination with the key known to the public (and thus shown in your DNS records, for others to reverse verify)

Before showing the layout of the DKIM record, let me show you what a signed mail header looks like.
If you’ve been following my instructions, you’ve already seen a DKIM record on the Microsoft website mentioned above, by the way :p

DKIM-Signature: v=1; a=rsa-sha256; d=example.net; s=newyork;
c=relaxed/simple; q=dns/txt; t=1117574938; x=1118006938;
h=from:to:subject:date:keywords:keywords;
bh=MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=;
b=dzdVyOfAKCdLXdJOc9G2q8LoXSlEniSbav+yuU4zGeeruD00lszZVoG4ZHRNiYzR

Analysis time :

Every DKIM signed mail starts with “DKIM-Signature:”
The obvious part “v=1” defines the versioning (duh). Ironically at the time of writing, the version will always be “1”
“a” defines the signing algorithm, usually RSA-SHA or RSA-SHA256
“d” stands for the domain name of the sender
“s” is short for “selector” which can be found in the corresponding DNS record (in this case) newyork._domainkey.example.net
“c” is the abbreviation for “canonicalization algorithm”. A tricky one to explain, but I’ll try my best.
You can see it contains 2 values. They represent header/body and define the (dis)allowing of slight header changes in mail forwarding.
“Relaxed” allows a certain change in the header (for instance when forwarding a mail).
“Simple” just tells the receiving mail server, that no change in the mail header part is allowed for it to still be a trusted DKIM key.
“q” is for “query” and tells the receiving end how to perform the DKIM check.
The q-part is optional. At the time of writing, the only valid entry here is “DNS/TXT”, which defines that a DNS lookup needs to be done, looking into a certain TXT field.
“t” is the timestamp
“x” falls together with the timestamp and stands for “expiration”, in case you have a fast-rotating key-pair in your DKIM setup and want to assure the receiving end of a higher security level.
“h” lists the signed header fields …
…while “bh” is the hash for the body part of the mail
“b” is the actual signature data.

Should you totally want to geek out more on the RFC for DKIM, you can get your groove on at https://dkim.org/specs/rfc4871-dkimbase.html

The DNS record(s)

Why did I keep this part for last ?
You could see in the above example, that the RFC leaves space for a different way of reading your DKIM record.
For now, we don’t have a different technology other than DNS to exchange DKIM data, but if DKIM were to be upgrading, so to speak, the possibilities would not be limited to DNS.

The actual public key would look like this :

NAME :
nameofyourselector._domainkey.example.net

TYPE :
TXT

CONTENTS OF RECORD :
v=DKIM1; k=rsa; p=KLJHLHkjhkhkluhiukhjiulYUHKJUIYUYNJKHLKHIOUHJhjkhkjhklhjkh

The content of this record will be provided by your mail server, when you go through the DKIM generating process

A different approach is the use of a CNAME record instead of a TXT record, where your key is stored elsewhere.
Depending on the suggestion your mail server gives you, you’ll implement one or the other.

Your CNAME record could look like this :

NAME :
nameofyourselector._domainkey.example.net

TYPE :
CNAME

CONTENTS OF RECORD :
heresmykey.something.anotherdomain.com

There we have it.
Theory and samples.

If you have any questions, don’t hesitate to contact me by mail, postal pigeon, smoke signal, …

Zuper out

Handy websites concerning this subject :

https://mxtoolbox.com/
https://easydmarc.com/tools/dkim-record-generator

Getting the most out of your Beat Saber copy

09/05/2022 Zupertails Games, tech, VR

We’re (still) playing Beat Saber !

…and that’s because of the addictiveness of the game (the release of natural dopamines helps a great deal too :p)
To keep everything spicy while playing, there’s a ton of things you can do to improve your gameplay experience.

In this post I’ll be discussing fun upgrades for the PC version of Beat Saber, in case you’re still playing the “vanilla” version. (I’ll post something on upgrading your Oculus version as well in an other post).
If you’re already using mods, you might see an other perspective and/or learn some new things. Or you could even teach me some new stuff, posting your comments below.

Convenient table of contents :

Mod Assistant
Custom Songs
Scoresaber
Sniping
Git gud
Customize more
Light it up
Stay fit

Modder lover

First thing’s first.
Making life easier is what it’s all about.

After installing Beat Saber, you can surf to the Mod Assistant Github page and click on the “Download Here” link on the page to get the latest release. Modassistant also auto-updates, as a lovely built-in quality-of-life feature, by the way.

Follow the installation instructions on the Github page, after which you’ll be presented with a screen similar to this :

Modassistant screen 1

Click accept and then click on the Options button on your left.
Click the “Activate OneClick Installations”

…and make sure all three options are activated. You might be welcomed with a security popup from your computer depending on your Windows security settings.

Afterwards, click on the “Mods” button and install all of the default selected mods, by confirming the “Install or Update” button in the bottom right of the Mods window. They will be your absolute basic list of required mods.

Always make sure that you boot up and shut down Beat Saber at least once, after installing the mods through Modassistant.

(Warning, should you be unlucky and get an ‘unsupported version’ notification, there’s ways around that. More on that in a later post on downgrading Beat Saber to a compatible version)

Now… on to the list of mods.

Custom Songs

Loading more than the default songs into Beat Saber, is where the fun part of the customizing starts. Who doesn’t want to rock out to some superhappy anime theme or headbang to the latest Rammstein song ?
Didn’t find anything that tickled your fancy in those 65000+ songs ?
Why not create your own song in popular tools such as Chromapper or MediocreMapper ?
Although creating your own songs is something for an other post…

It’s optional, but I still strongly recommend creating accounts on Bsaber.com and Beatsaver.com

The sites mentioned above use the same database in the background, but Bsaber (aka Beast Saber) has a good search engine and lists specially created song playlists. It’s also used as a helper tool for adding custom songs on the standalone version of Beat Saber on the Oculus Quest).
Beatsaver on the other hand, allows you – as a content creator – to upload your manually created (the “manual” part is an important factor) Beat Saber maps.

In the chapter above this one, I let you activate OneClick installations.
This is where that option shines, as ModAssistant allows you to add songs to your game in – you’ll never guess it – one click.

Clicking the little cloud icon opens ModAssistant’s installer tool (after maybe a security popup from your browser)

Installed !

Et voila, your song has been added to the list of custom songs within Beat Saber and is now playable in a separate menu tab :

Custom songs

Have fun !

Competitive spirit

Competition is one of the things that keep me going.
Beat Saber’s built-in scoring system has a neat feature where you can see your Steam friends and their resp. scores.
However, when you’ll start adding custom songs (see above), there’s no way Beat Saber can save its scores for these songs as they’re not part of the “official” songlist.

The tool you’re going to need here is the ever-so-popular “Scoresaber“, which basically is a global ranking system for custom songs.

Log into scoresaber.com with your Steam credentials in order to link the SC account to your personal Steam account, so you can start playing in the “big league”.

Modassistant (above) has Scoresaber as a built-in mod for you to activate, so that your Beat Saber will automatically upload scores to the global ranking database and you can get competitive with your friends or get an understanding on where you place in the world and country rankings.

Your personal page will look something like this, after a couple of ranked songs :

Score saber scores by Zupertails — Sample scoresaber page. Yes, I’m not a pro :p, don’t judge me.

(For a more up-to-date view, check the link to my profile here.)

Scoresaber also has an great API, documented on https://docs.scoresaber.com/ (you’re welcome – this specific URL is badly documented everywhere), so that (for instance) you could create your own bot on discord or create your own personal ranking system among friends, if you’re a little tech-savvy.

For a more detailed explanation on how the PP (Performance Points) system in Scoresaber works, see https://bsaber.com/indepth-guide/
Mostly, just focus on your accuracy and keep in mind that the main idea is to have fun.

More competition !

The term “sniping” in Beat Saber refers to specifically targeting somebody’s score on his or hers best performed songs.
In order to get better at Beat Saber and increasing your score/rank, sniping is actually a pretty efficient way of working yourself upwards in terms of skill.

One of the mods you’ll need here is “Playlistmanager” from Modassistant, if you want to save yourself some trouble in manually seeking songs.

Here’s how it works :

Surf to https://ss-details.herokuapp.com/sniper (there are similar tools/websites)
This specific site requires you to add 2 players. The sniper (usually you) and the sniped (the player that is some ranks above you on Scoresaber is a safe an typical choice)
Click “Create snipe playlist” after fiddling with the options and an A.I. will generate a playlist of songs for you to beat your target’s score at. A file with extension .bplist will be generated and downloaded.
Now open Modassistant and go to the Options tab, where you will click on “Install playlist”, where you will select the recently downloaded .bplist file.
This will start downloading and installing all songs required for you to snipe your target.
Your new playlist will appear at the top in this menu (screenshot)

Have fun improving your skill in this competitive way !

Increasing your PeePee (you heard me…)

An other efficient way of improving your Beat Saber skills is to have another A.I. analyze your Scoresaber profile (see where the Scoresaber part is getting more and more important ?)

The lovely URL you’ll have to visit here : https://scoresaber.balibalo.xyz/peepee

You’ll also need Playlistmanager as in the post above.

Entering your personal Scoresaber URL will have the site instantly starting the analysis.

Give it a couple of seconds and you’ll be presented with a screen that offers you 2 downloadable playlists.

Not played : after analysis of your current scores, the A.I. presents you with songs that seem good training levels and (mostly) will be completable in days or weeks, considering your skill level.

To improve : the A.I. gives you a list of songs that it thinks you can improve, based on your current scoring profile.

Both playlists have a little “Playlist” button that allows you to either download a .bplist file or install it instantly through the OneClick button.

Have fun getting even better !

Customize EVERYTHING

Been playing Beat Saber for weeks or even months and you’re starting to get tired of the same “dull” look of your sabers ?

Does the amount of particles flying around on the screen bother you or can your PC not handle all the stuff on screen ?

Check out a variety of mods such as Saber Tailor, Custom Platforms, Particle Overdrive, Tweaks55 and whatnot.

Modassistant offers tons of extra plugins to improve or upgrade your Beat Saber experience in tons of ways possible.
I’m not gonna go over all the possible mods, as that’s something that others have done before me, but just be aware that the options are almost limitless.

An example website where you can get custom sabers :

https://www.fandomspot.com/best-beat-saber-custom-sabers/

Trippin ballz (aka Noodle and Mapping extensions)

Some Beat Saber levels have (either optional or obligatory) extra functionality built in that graphically increase your experience

I have a quick and dirty unedited version of the song “Somewhere out there” that show the wonders of mapping extensions.
I’m also holding some custom sabers to give you an idea.

You’ll sometimes bump into songs that have a greyed out Play button as they might require one of these extensions (it will be explained which one(s) you are missing, by a small question mark next to to the song preview window)

Check out the following list of drool-worthy levels :

Top 8 Best Beat Saber Visually Stunning Custom Songs W/LINKS

Enjoy !

Stay fit (YUR)

The main reason I bought my VR kit is to get back in shape.
I used to play Dance Dance Revolution “back in the days” to build up some stamina.

Then, life happened and I slowly grew out of it.

YUR logo

Being competitive in spirit, I needed something extra to get me in shape, apart from Scoresaber.
That’s where “YUR” kickedstarted me.

YUR is a free piece of software that installs on your Apple/Android device and gaming computer and brings fitness to a gaming level.
It has the ability to sync 2-ways with Google Fit and Apple Health and has an overlay in VR games that track your movement progress and calculates your burnt calories.

I got introduced to YUR in another rhythm game : Synth Riders.
This has a built-in YUR watch that – by the flick of your wrist – shows you the calory meter like a real smartwatch.

Give it a try, if fitness and health stats get you going !

Extra’s

There’s a couple of cool mods out there that are still worth trying :

Beat Together : https://github.com/BeatTogether/BeatTogether holds the download for a Beat Saber plugin that allows multiplayer for custom songs (installation instructions on the site). A real fun feature I only got to know waaaay after I started playing B.S.

Enhanced Stream Chat : included in Modassistant, this plugin shows you your Twitch live chat on-screen while playing. Fun for quick interaction.
Also check out LIV’s streamerkit as a great alternative

Counters+ : want to see live how good you’re doing in Beat Saber apart from a simple ranking system ? Counters+ show you in full detail what you’re doing in terms of accuracy and hit percentage.

That’s (not) all folks !

Zuper out (for now)

We’re playing Beat Saber !

27/07/2021 Zupertails Games, VR, windows

Howdy !

In case you’ve been living under a rock or are not inclined to show interest in video games, you might have heard about the rhythm game “Beat Saber”, released in 2018 for PC and later adapted for Playstation VR and Oculus VR headsets.

In the virtual reality of Beat Saber, you carry a lightsaber – not unlike a Jedi knight – in each hand are are supposed to slash through blocks that come flying towards you.
Speaking of Jedi, there’s even een mod that allows you to play with the Darth Maul dual saber.
But I’m diverting…

Oculus Quest 2 is getting official wireless PC support | Rock Paper Shotgun

Late april 2021, I caved under peer pressure and got me the better value-for-money VR headset you can find : the Oculus Quest 2.

Disclaimer : yes I am aware that I have to sell my soul to the devil, sacrifice a virgin and deliver my first-born to Lucifer, because you can’t use the Oculus series anymore without a Facebook account and have Mark Zuckerberg know your every move (literally)

Get. Over. It.

€350 wil net you the best VR €350 will ever buy (for now) and this price statement is – commercially spoken – a slap in the face towards other VR headset manufacturers, stating it CAN be cheaper.
Well done, Zuck.

One of the many budget cuts that has been made here is the so-called “inside-out tracking“, where the headset has 4 tiny camera’s built-in and doesn’t use an external set of cameras to track your movement.
This has advantages as well as shortcomings, e.g. :

the headset has built-in WiFi and is therefore a complete standalone working machine (I even play at night in my back yard)
body tracking is not possible. Also when you hold your controller behind you, the headset doesn’t know the controller’s location.

It’s now almost August 2021 and I still have no regrets on buying this headset. Neither have the CIA been knocking on my door asking why I have this thing on my head every evening and play super-realistic VR shooting games.
@CIA, if you’re reading this, you have no power here.

Enough on praising the Quest 2.
Let’s focus on the subject of this post : Beat Saber.

Beat Saber on Steam

Some of you might know I’ve been a sucker for rhythm games for a long time now.
When Dance Dance Revolution finally hit the European market, I gladly taped my plastic way-too-expensive dance mat to my floor tiles (thank you, Super Dragon Toys for ripping me off lol)

When Guitar Hero got released, I was an early adopter.

Samba De Amigo ; some OCC (the lanparty) visitors might remember me playing this insane game for 10 hours straight.

The list goes on.

Why did I wait so long to hop on the VR hype train to play this amazing game ?
Well… I’ve never been a “true” PC gamer (translates as : I was/am too poor to buy a VR gaming rig)
The Oculus 2 was the first product to give me an affordable but real VR experience (I’m not counting you, Samsung Gear VR).
To this date I’m still gaming on a minimal setup, which just about covers my needs, but nothing more.

Now, why Beat Saber ?

I wanted to see if I could lose some weight, playing video games as it’s been 5 years since I (hyper)actively played on a dance machine (In The Groove 2), where the latter kept me at 85kg, being a 1,85m guy.
“The good life” had other intentions with me, so in order to get back in shape I needed a workout. I hate going to the gym and I’m not a weight lifter nor am I a runner, so alternatives needed to be sought.

At first I bought Beat Saber on the Oculus store which runs smoothly and was a fun little workout.
Until… I discovered bsaber.com, where you can add custom made songs to your existing Beat Saber game (after some software fiddling)

Dopamine released at 110% rates in my body as some of my old favorite songs became available to play in Beat Saber all of a sudden.
A couple of friends (hey, Dax & Sogg) had just gotten into VR as well and played their game through Steam.
Being hooked to the game but having no way of sharing or comparing my scores with them, I made the decision of switching to PC instead of using the standalone version of the game.

Luck had it that I could find a (relatively) cheap graphics card upgrade for my now 8+ years old “gaming” PC so I could finally get the minimal specs for a VR-ready PC (sorry nVidia GTX1600 with 3GB, you really weren’t VR-ready even though the box said so :p)
One expensive USB cable (and a little later one expensive 5GHz dedicated access point) later, Beat Saber was ON!

This is where the competitiveness came in.
Beat Saber has a mod called “ScoreSaber” which allows for custom songs to have a scoring system of their own. In fact, ScoreSaber is the generally used scoring system for the game instead of the built-in scoring table.
You compare scores based on your Steam account name and are ranked by country and worldwide.
Starting at the very bottom of the scoring table and being a bit adept at rhythm games, the growth curve in which I got to top 200 of Belgium worked as a huge motivator.
Having friends that like the same f*cked up style of music as I do, helps as well <3

I currently reside in the top 150 of my country, where the real work begins.
I know my Quest 2 hardware will not be sufficient to reach certain levels, but I’m having an awesome time nevertheless AND I lost some weight already. Not to mention the fact that I feel way fitter (in the British and the American sense lol)

On top of that I get to make these cool mixed reality videos and I’m having a blast.

Beat sabering the night away

My Youtube channel : https://www.youtube.com/c/Zupertails/videos

Overhyped.
Cya laterz 😉

Is there such a thing as free multiplayer video games ?

20/02/2019 Zupertails Android, Games, windows

Multiplayer LAN games for cheapskates

aka “I prefer free or cheap games”

First of all, a small disclaimer is required. This list is mainly based on my personal experience when roaming LAN parties in combination with the games I like to play myself.

Not all these games require a platform account, but adding friends to your game is way easier like that.

For the biggest part of this list, you’ll be needing a PC (obviously) and if you haven’t already done so, you need to first create an account on the following platforms through their respective websites :

Steam (the mothership of gaming platforms)
GOG (for lovers of retro games)
HumbleBundle (very cheap games, where your money’s donated to a charity)
Origin (that other mothership of gaming platforms)
Battle.net (limited amount of games, but huge player base. Does World of Warcraft ring a bell ?)

Steam :

War Thunder
War Thunder. pew pew vroom vroom

Lots of fun and easy to learn.
Flying planes and bombing tanks.
Cross platform for Linux, Windows, Mac and Playstation 4
World of Warships
A bit more hard core. You get to pilot actual replica of ships in a huge naval battle.
Starts easy, but gets really intense on higher ranks.
If you need a slow-paced but action-intensive game, this is for you
Warframe
Yet another Steam game not obliged to run specifically on Steam.
Sci-fi Spacey third person shooter with a simple and balanced class system.
Star Trek Online
Star Trek Online screenshot

Command your own crew in your personal NCC-ship.
Multiplayer Trekkie heaven.
Star Conflict
Massive multiplayer space ship pew-pew.
Not really a beginner kinda game to start playing, but tons of fun with an experienced group of players. If you’ve played EVE Online and like that game, this is probably for you !
Winning Putt
Sexy golf ?

Sounds stupid, but it’s stupidly addictive as well.
Multiplayer golf. What more do you want ? :p
Team Fortress 2
The very first free-to-play game on Steam and still totally worth mentioning.
This game stood the test of time and still kicks ass in the current-gen list of competitive shooters.
It’s a team-based shooter where with many game typs such as “capture the flag”, ‘plant the bomb”, “king of the hill”, …
OGAT
Of Guards and Thieves

The title stands for “Of Guards And Thieves”, in case you’re wondering 🙂
This little hidden gem has you play as either a member of the thieves or a guard (oooh, unexpected), where you have to infiltrate a mansion ans steal items or prevent the thieves from doing so.
Sounds simple, but it’s a real blast.
DOTA 2
Defending the Ancients like a bawz

Spice is the variety of life. Or is it the other way around ? DOTA started as a simple mod for Warcraft 3, but quickly grew towards a thing of its own.
DOTA 2 (Defense of The Ancients) is one of those games, where you defend your base and conquer your oponent’s. Computer-controlled units are your grunts, where you manually control a leader. As classic as it gets.

Origin :

While Origin occasionally used to have an “On the house” action every now and then, there’s not a lot of actual free games on their platform.
They stopped giving away freebies mid 2018 and don’t have plans to do so again (yet).
Nevertheless, Origin is EA’s gaming platform and it can never hurt to create an account here.

If you’re a fan of specific EA games (list on this Wiki page), have a go at Origin.

Also : PLAY ULTIMA ONLINE !!!

Humble Bundle :

Also, an other website that’s not known for instant-freebies.
HOWEVER….
Humble Bundle’s profit is poured mainly into general healthcare, Red Cross, humanitary help, … projects.
Every month or so, you’ll see a little announcement on their site where you get to buy an “Humble Bundle”, which usually consists of around 10 to 12 games. Depending on the amount of money you donate, you’ll receive a small, medium o full package of games, usually Steam keys or DRM-free downloads.

It’s a bit of a gamble to get into their “Humble Montly” program, but definitely worth to create an account and stay on the lookout for a good bundle of games.
They even release e-books or specific software such as video editors every now and then !

GOG :

The GOG.COM platform has come a long way over the years.
It started out more like a fan-service to old-school gamers, but quickly grew into a legal distribution platform for the older games.
Now, GOG also provides the newer games on the market but is still known for its classic and historical games.
An easy search (https://www.gog.com/games?sort=popularity&page=1&price=free) will get you into their list of free games (and demo’s).

As a lover of old games, I suggest the Ultima series, but they’re all mostly single-player RPG’s.
Gwent is quite likeable though. If you ever played “The Witcher 3”, you’ll love this. It’s the card minigame that has gotten a seperate game of its own. Very addicitve, although most card game players will either stick to Magic The Gathering Online, Pokémon The Trading Card Game Online (basically Magic for beginners) or HeartStone (on Battle.net)

Non-platform :

A couple of game have already been mentioned that are not necesarily platform-bound, but there’s a few ones that are not bound to any software distribution platform.

OpenTTD
Choo Choo mother f*cker

This beauty is a serious blast from the past, but remains an awesome game over all the years it had to fight to stay in the top game charts.
As a free game OpenTTD (which is unoficially short for ‘Open Transport Tycoon Deluxe’).
OpenTTD consists of a very simple concept to create the most optimal and lucrative transport system to get your products from A to B (and even to C and D in the process). The challenge for most people in this game, is getting the awesome train system to work.
It’s a blast in multiplayer as you’ll soon be fighting over who gets the best coal prices in order to move them to your energy plant and whatnot.
Fantasic game that gave me a good time in the past and I’m getting the urge to play it again by just writing about it.
There’s even an Android port for the game, if you’re into that.
Pokémon TCGO
Addictive Pokémon-themed card game from the creators of the all-popular card game series ‘Magic The Gathering’. It’s basically a gateway game to get you to play Magic AND there’s also a physical copy where you receive goodies for the online game per card pack.
The online game is completely free though.
You CAN invest real money in card decks, but it’s more of a time investment than an actual cash cow. Very fun to play with your kids, as most of the common languages are translated into it.

Actual non-video games ??? On a LAN party ???

And here we go again with the LAN party thing…
I’ve mentioned it before, but LAN parties are not all about sitting behind a computer screen for as long as you can.
They’re social events.
Part of the main audience happens to love real life party games and/or board games as well, so why not combine both ? As (almost) per definition, the default LAN party will last a complete weekend starting on a friday evening, going on ’till sunday evening. Depending on extended weekends, or going to events such as LANcamp (R.I.P.) this time might get extended to even a whole week.
When you’re my age (old) you lose interest in this mundane task of sitting behind a screen for over 48 hours and need a diversion.

SINGSTAR !!
Hey I just met you and this is crazy, but be my singing buddy and get drunk, maybe ?

The classic karaoke game that everybody (that sings) loves.
Get everybody either really drunk and laugh your asses off, or battle in a competition of actual good singing voices.
Either way, Singstar gets the job done.
Protip : don’t karaoke near concentrated Counter Strike players (screw you sour-pissing CS player at Frag-o-Matic)
Any fricking board game you like to play with friends.
I mean it, just get together with a couple of mates and pick something (preferably short in game time) as a diversion from your computer screen.
Dance Dance Revolution
Arrows everywhere

Or In the Groove or Stepmania, whatever floats your boat.
Just make sure you play it on the controller it’s created for : THE DANCE MAT.
Oh, and provide a shower opportunity on your LAN party, cause you’ll sweat your ass off…

Epilogue

This list of games is never done and you know it.
Let me know in the comments below if you have anything to add to this list of awesome freebies to get your (LAN) party started or throw me a PM on Facebook if you will.