From: "Doug Bissett" Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTP id 2580615 for ecs-isp@2rosenthals.com; Mon, 25 May 2026 16:07:30 -0400 Received: from [192.168.200.201] (port=43755 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtp (Exim 4.98.2) (envelope-from ) id 1wRba7-000000002xk-1uR2 for ecs-isp@2rosenthals.com; Mon, 25 May 2026 16:07:24 -0400 Received: from 209.205.66.1.ae-bonded.cipherkey.net ([209.205.66.1]:63457 helo=nephi.ocii.com) by mail2.2rosenthals.com with esmtp (Exim 4.98.2) (envelope-from ) id 1wRba4-000000004E4-0H4f for ecs-isp@2rosenthals.com; Mon, 25 May 2026 16:07:20 -0400 Received: from sam.ocii.com (sam.ocii.com [209.205.66.14]) by nephi.ocii.com (8.13.8+Sun/8.13.8) with ESMTP id 64PK1iWd013536 for ; Mon, 25 May 2026 14:01:44 -0600 (MDT) Received: from dougb.tplinkdns.com (xx114251023.cipherkey.com [64.114.251.23] (may be forged)) by sam.ocii.com (8.13.8+Sun/8.12.9) with ESMTP id 64PK7F0J026796 for ; Mon, 25 May 2026 14:07:15 -0600 (MDT) Received: from IREBBS8 (xx114251023.cipherkey.com [64.114.251.23]) by dougb.tplinkdns.com (Weasel v3.11) for ; Mon, 25 May 2026 14:07:10 -0600 X-SASI-Hits: BODY_SIZE_6000_6999 0.000000, BODY_SIZE_7000_LESS 0.000000, CTE_8BIT 0.000000, DATE_TZ_NA 0.000000, HTML_00_01 0.050000, HTML_00_10 0.050000, IN_REP_TO 0.000000, LEGITIMATE_SIGNS 0.000000, MAY_BE_FORGED 0.000000, MSG_THREAD 0.000000, MSG_THREAD_SOLO 0.000000, NO_URI_HTTPS 0.000000, RDNS_GENERIC_POOLED 0.000000, RDNS_SUSP 0.000000, RDNS_SUSP_GENERIC 0.000000, REFERENCES 0.000000, REPLYTO_SAMEAS_FROM 0.000000, SENDER_NO_AUTH 0.000000, SUPERLONG_LINE 0.050000, SUSP_DH_NEG 0.000000, TO_IN_SUBJECT 0.500000, USER_AGENT 0.000000, __ANY_URI 0.000000, __BANNER_TRUSTED_SENDER 0.000000, __BODY_VOICEMAIL 0.000000, __BOUNCE_CHALLENGE_SUBJ 0.000000, __BOUNCE_NDR_SUBJ_EXEMPT 0.000000, __CP_NOT_1 0.000000, __CP_URI_IN_BODY 0.000000, __CT 0.000000, __CTE 0.000000, __CTYPE_CHARSET_QUOTED 0.000000, __CT_TEXT_PLAIN 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000, __DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000, __FRAUD_INTRO 0.000000, __FROM_ACC_ENDS_IN_DIGIT 0.000000, __FUR_HEADER 0.000000, __HAS_FROM 0.000000, __HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_REPLYTO 0.000000, __HAS_X_MAILER 0.000000, __HIGHBIT_ASCII_MIX 0.000000, __INVOICE_MULTILINGUAL 0.000000, __IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000, __MIME_BOUND_CHARSET 0.000000, __MIME_TEXT_ONLY 0.000000, __MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000, __MIME_VERSION 0.000000, __MULTIPLE_URI_TEXT 0.000000, __NO_HTML_TAG_RAW 0.000000, __PHISH_PHRASE1_A 0.000000, __PHISH_SPEAR_GREETING 0.000000, __RCVD_FROM_DOMAIN 0.000000, __RCVD_FROM_SUSP_HOSTNAME 0.000000, __REFERENCES 0.000000, __REPLYTO_SAMEAS_FROM 0.000000, __REPLYTO_SAMEAS_FROM_ACC 0.000000, __REPLYTO_SAMEAS_FROM_ADDY 0.000000, __REPLYTO_SAMEAS_FROM_DOMAIN 0.000000, __REPLYTO_SAMEAS_FROM_NAME 0.000000, __SANE_MSGID 0.000000, __SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_HEUR 0.000000, __SCAN_D_NEG_HEUR2 0.000000, __SL_HEAVY 0.000000, __SUBJ_ALPHA_END 0.000000, __SUBJ_ALPHA_NEGATE 0.000000, __SUBJ_REPLY 0.000000, __TO_IN_SUBJECT2 0.000000, __TO_MALFORMED_2 0.000000, __TO_NAME 0.000000, __TO_NAME_DIFF_FROM_ACC 0.000000, __TO_REAL_NAMES 0.000000, __UNSUBSCRIBE_1 0.000000, __URI_IN_BODY 0.000000, __URI_MAILTO 0.000000, __URI_NOT_IMG 0.000000, __URI_NO_PATH 0.000000, __URI_NS 0.000000, __URI_WITHOUT_PATH 0.000000, __USER_AGENT 0.000000 X-SASI-Probability: 10% X-SASI-RCODE: 200 X-SASI-Version: Antispam-Engine: 5.1.4, AntispamData: 2026.5.25.192719 X-SASI-Hits: BODY_SIZE_6000_6999 0.000000, BODY_SIZE_7000_LESS 0.000000, CTE_8BIT 0.000000, DATE_TZ_NA 0.000000, HTML_00_01 0.050000, HTML_00_10 0.050000, IN_REP_TO 0.000000, LEGITIMATE_SIGNS 0.000000, MAY_BE_FORGED 0.000000, MSG_THREAD 0.000000, MSG_THREAD_SOLO 0.000000, NO_URI_HTTPS 0.000000, RDNS_GENERIC_POOLED 0.000000, RDNS_SUSP 0.000000, RDNS_SUSP_GENERIC 0.000000, REFERENCES 0.000000, REPLYTO_SAMEAS_FROM 0.000000, SENDER_NO_AUTH 0.000000, SUPERLONG_LINE 0.050000, SUSP_DH_NEG 0.000000, TO_IN_SUBJECT 0.500000, USER_AGENT 0.000000, __ANY_URI 0.000000, __BANNER_TRUSTED_SENDER 0.000000, __BODY_VOICEMAIL 0.000000, __BOUNCE_CHALLENGE_SUBJ 0.000000, __BOUNCE_NDR_SUBJ_EXEMPT 0.000000, __CP_NOT_1 0.000000, __CP_URI_IN_BODY 0.000000, __CT 0.000000, __CTE 0.000000, __CTYPE_CHARSET_QUOTED 0.000000, __CT_TEXT_PLAIN 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000, __DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000, __FRAUD_INTRO 0.000000, __FROM_ACC_ENDS_IN_DIGIT 0.000000, __FUR_HEADER 0.000000, __HAS_FROM 0.000000, __HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_REPLYTO 0.000000, __HAS_X_MAILER 0.000000, __HIGHBIT_ASCII_MIX 0.000000, __INVOICE_MULTILINGUAL 0.000000, __IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000, __MIME_BOUND_CHARSET 0.000000, __MIME_TEXT_ONLY 0.000000, __MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000, __MIME_VERSION 0.000000, __MULTIPLE_URI_TEXT 0.000000, __NO_HTML_TAG_RAW 0.000000, __PHISH_PHRASE1_A 0.000000, __PHISH_SPEAR_GREETING 0.000000, __RCVD_FROM_DOMAIN 0.000000, __RCVD_FROM_SUSP_HOSTNAME 0.000000, __REFERENCES 0.000000, __REPLYTO_SAMEAS_FROM 0.000000, __REPLYTO_SAMEAS_FROM_ACC 0.000000, __REPLYTO_SAMEAS_FROM_ADDY 0.000000, __REPLYTO_SAMEAS_FROM_DOMAIN 0.000000, __REPLYTO_SAMEAS_FROM_NAME 0.000000, __SANE_MSGID 0.000000, __SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_HEUR 0.000000, __SCAN_D_NEG_HEUR2 0.000000, __SL_HEAVY 0.000000, __SUBJ_ALPHA_END 0.000000, __SUBJ_ALPHA_NEGATE 0.000000, __SUBJ_REPLY 0.000000, __TO_IN_SUBJECT 0.000000, __TO_IN_SUBJECT2 0.000000, __TO_MALFORMED_2 0.000000, __TO_NAME 0.000000, __TO_NAME_DIFF_FROM_ACC 0.000000, __TO_REAL_NAMES 0.000000, __UNSUBSCRIBE_1 0.000000, __URI_IN_BODY 0.000000, __URI_MAILTO 0.000000, __URI_NOT_IMG 0.000000, __URI_NO_PATH 0.000000, __URI_NS 0.000000, __URI_WITHOUT_PATH 0.000000, __USER_AGENT 0.000000 X-SASI-Probability: 10% X-SASI-RCODE: 200 X-SASI-Version: Antispam-Engine: 5.1.4, AntispamData: 2026.5.25.192719 X-PostmasterCheck: FAIL Message-ID: <100.98160600d9ab146a.003@ocii.com> To: "eCS ISP Mailing List" Date: Mon, 25 May 2026 14:06:49 -0600 (MDT) Reply-To: "Doug Bissett" In-Reply-To: References: Priority: Normal User-Agent: PMMail/3.27 (os/2; U; Warp 4.5; en-CA; i386; ver 3.27.00.2028) X-Mailer: PMMail 3.27.00.2028 for OS/2 Warp 4.5 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Subject: Re: [eCS-ISP] Re[2]: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime I don't think it is malicious. It is more likely a futile attempt to look like "they" are doing something about the problem. 47 days is a simple target, that AI should be able to defeat in a day, or two. The main problem is, that "they" can't seem to get their act together, and stop the abuse of the internet. On 2026-05-25, at 19:40:06, Massimo S. wrote: > >Agree. > >This stuff (40 days certificate lifetime), like other idiocies i believe are methods built by large companies to >discourage the birth of new small businesses in the sector, >or to kick out the smaller ones already there. > >Over-regulation is a new and terrible phenomenon. > >massimo > >Il 25/05/2026 18:47, Dan Napier ha scritto: >>Guys, >>As a lifelong Safety and Security person, I have often seen what can only be described as less than >optimal soulutons to past system failures.  Or DAS.  Somebody builds a wall that is ten feet high, another >comes along with an eleven foot ladder.  Or somebody digs a hole under the wall.  At a recent criminal >investigation during a warranted search, I observed  the educated police officer open a tool proof thirty hour >safe in about 45 seconds.  So changing the combination daily would not have solved that problem!  "The >best laid plans of mice and men gang aft agley" >>Respectfully Submitted >>Dan Napier >>------ Original Message ------ >> From "Dan Napier" > >>To "eCS ISP Mailing List" > >>Date 5/17/2026 7:03:17 PM >>Subject [eCS-ISP] Re[2]: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime >>Peter, >>>Yes I think that linux tries much more often. But I have not found that Steve's script needs to run more >than once. I guess I am just lucky. >>>Cron on the first tenth twentieth and twenty ninth. In the middle of the night on the west coast. But I am >still testing. More news in December. >>>Dan >>> >>>------ Original Message ------ >>>From "Peter Moylan" > >>>To "eCS ISP Mailing List" > >>>Date 5/17/2026 17:58:41 >>>Subject Re: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime >>> >>>>On 18/05/26 03:08, Dan Napier wrote: >>>>>Buenso Dai, Chaio, Good day, Well, I am running LE. The mirrored >>>>>servers problem can be solved. You need to be in control of both your >>>>>Apache servers and your DNS servers. It is a security issue so I >>>>>would not dream of discussing that on a public platform. It can be >>>>>accomplished. For a single OS2 apache server with no control to the >>>>>DNS you can use cron to run steven's script on a few days of the >>>>>month. If LE fails to update nothing happens, if it updates it >>>>>updates! I forgot to update and decided to try that so far so good. >>>>Does you "a few days of the month" mean that you are suggesting getting >>>>a new certificate a lot more often than required? I hadn't thought of that. >>>>I'm not using cron to schedule this. Instead, I'm using a feature of >>>>DragText that puts a "Schedule" page into the Properties of every >>>>program object. At present I run my update script once every 80 days. >>>>Let's Encrypt has two main drawbacks: >>>>1. The short expiry time (90 days). >>>>2. The fact that an update attempt often fails (busy server?) so that >>>>the job has to be repeated manually. >>>>I keep meaning to write a higher-level script that will check for an >>>>update failure and repeat the attempt an hour or two later. The best >>>>checking method is not yet obvious to me. Parse the log file, or look at >>>>the "last written" date of the certificate file? Probably the latter is >>>>easier. >>>>>Is there a utility that will start to run a script every 47 days? Or >>>>>be smart enuf to remember when it last ran and run 47 days later? >>>>DragText can do that, but I would have thought that cron can also do it. >>>>-- Peter Moylan peter@pmoylan.org >>>>http://www.pmoylan.org >>>>=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= >>>>This message is sent to you because you are subscribed to >>>>the mailing list >. >>>>To unsubscribe, E-mail to: > >>>>To switch to the DIGEST mode, E-mail to > >>>>To switch to the INDEX mode, E-mail to > >>>>Send administrative queries to > >>>>To subscribe (new addresses), E-mail to: > and reply to the confirmation email. >>>>Web archives are publicly available at: http://lists.2rosenthals.com >>>>This list is hosted by Rosenthal & Rosenthal, LLC >>>>P.O. Box 281, Deer Park, NY 11729-0281. Non- >>>>electronic communications related to content >>>>contained in these messages should be directed >>>>to the above address. (CAN-SPAM Act of 2003) >>>>=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > >=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= >This message is sent to you because you are subscribed to > the mailing list . >To unsubscribe, E-mail to: >To switch to the DIGEST mode, E-mail to >To switch to the INDEX mode, E-mail to >Send administrative queries to >To subscribe (new addresses), E-mail to: and reply to the confirmation >email. >Web archives are publicly available at: http://lists.2rosenthals.com > >This list is hosted by Rosenthal & Rosenthal, LLC >P.O. Box 281, Deer Park, NY 11729-0281. Non- >electronic communications related to content >contained in these messages should be directed >to the above address. (CAN-SPAM Act of 2003) > >=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > -- **************************** From Doug Bissett's ArcaOS system dougb007 AT ocii.com **************************** ... A can of worms doesn't open itself.