From: "Massimo S." Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTP id 2590060 for ecs-isp@2rosenthals.com; Tue, 26 May 2026 05:53:00 -0400 Received: from secmgr-va.2rosenthals.com ([50.73.8.217]:44867 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1wRoSz-000000003Wd-0VqI for ecs-isp@2rosenthals.com; Tue, 26 May 2026 05:52:54 -0400 Received: from mail2.quasarbbs.net ([80.86.52.115]:10113) by mail2.2rosenthals.com with esmtp (Exim 4.98.2) (envelope-from ) id 1wRoSv-000000005AR-019U for ecs-isp@2rosenthals.com; Tue, 26 May 2026 05:52:50 -0400 X-SASI-Hits: BODY_SIZE_7000_7999 0.000000, CTE_8BIT 0.000000, DKIM_ALIGNS 0.000000, DKIM_SIGNATURE 0.000000, HTML_00_01 0.050000, HTML_00_10 0.050000, IN_REP_TO 0.000000, LEGITIMATE_SIGNS 0.000000, MSGID_SAMEAS_FROM_HEX_844412 0.100000, MSG_THREAD 0.000000, MSG_THREAD_SOLO 0.000000, NO_URI_HTTPS 0.000000, REFERENCES 0.000000, REPLYTO_SAMEAS_FROM 0.000000, SENDER_NO_AUTH 0.000000, SUPERLONG_LINE 0.050000, SUSP_DH_NEG 0.000000, TO_IN_SUBJECT 0.500000, USER_AGENT 0.000000, __ANY_URI 0.000000, __BANNER_TRUSTED_SENDER 0.000000, __BODY_VOICEMAIL 0.000000, __BOUNCE_CHALLENGE_SUBJ 0.000000, __BOUNCE_NDR_SUBJ_EXEMPT 0.000000, __CP_NOT_1 0.000000, __CP_URI_IN_BODY 0.000000, __CT 0.000000, __CTE 0.000000, __CT_TEXT_PLAIN 0.000000, __DKIM_ALIGNS_1 0.000000, __DKIM_ALIGNS_2 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000, __DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000, __FRAUD_INTRO 0.000000, __FROM_DOMAIN_NOT_IN_BODY 0.000000, __FROM_NAME_NOT_IN_ADDR 0.000000, __FROM_NAME_NOT_IN_BODY 0.000000, __FUR_HEADER 0.000000, __HAS_FROM 0.000000, __HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_REPLYTO 0.000000, __HEADER_ORDER_FROM 0.000000, __HIGHBIT_ASCII_MIX 0.000000, __INVOICE_MULTILINGUAL 0.000000, __IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000, __MIME_BOUND_CHARSET 0.000000, __MIME_TEXT_ONLY 0.000000, __MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000, __MIME_VERSION 0.000000, __MOZILLA_USER_AGENT 0.000000, __MSGID_HEX_844412 0.000000, __MULTIPLE_URI_TEXT 0.000000, __NO_HTML_TAG_RAW 0.000000, __PHISH_PHRASE1_A 0.000000, __PHISH_SPEAR_GREETING 0.000000, __REFERENCES 0.000000, __REPLYTO_SAMEAS_FROM_ACC 0.000000, __REPLYTO_SAMEAS_FROM_ADDY 0.000000, __REPLYTO_SAMEAS_FROM_DOMAIN 0.000000, __SANE_MSGID 0.000000, __SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_HEUR 0.000000, __SCAN_D_NEG_HEUR2 0.000000, __SL_HEAVY 0.000000, __SUBJ_ALPHA_END 0.000000, __SUBJ_ALPHA_NEGATE 0.000000, __SUBJ_REPLY 0.000000, __TO_IN_SUBJECT 0.000000, __TO_MALFORMED_2 0.000000, __TO_NAME 0.000000, __TO_NAME_DIFF_FROM_ACC 0.000000, __TO_REAL_NAMES 0.000000, __UNSUBSCRIBE_1 0.000000, __URI_IN_BODY 0.000000, __URI_MAILTO 0.000000, __URI_NOT_IMG 0.000000, __URI_NO_PATH 0.000000, __URI_NS 0.000000, __URI_WITHOUT_PATH 0.000000, __USER_AGENT 0.000000 X-SASI-Probability: 10% X-SASI-RCODE: 200 X-SASI-Version: Antispam-Engine: 5.1.4, AntispamData: 2026.5.26.92719 X-SASI-Hits: BODY_SIZE_7000_7999 0.000000, CTE_8BIT 0.000000, DKIM_ALIGNS 0.000000, DKIM_SIGNATURE 0.000000, HTML_00_01 0.050000, HTML_00_10 0.050000, IN_REP_TO 0.000000, LEGITIMATE_SIGNS 0.000000, MSGID_SAMEAS_FROM_HEX_844412 0.100000, MSG_THREAD 0.000000, MSG_THREAD_SOLO 0.000000, NO_URI_HTTPS 0.000000, REFERENCES 0.000000, REPLYTO_SAMEAS_FROM 0.000000, SUPERLONG_LINE 0.050000, SUSP_DH_NEG 0.000000, TO_IN_SUBJECT 0.500000, USER_AGENT 0.000000, __ANY_URI 0.000000, __AUTH_RES_PASS 0.000000, __BANNER_TRUSTED_SENDER 0.000000, __BODY_VOICEMAIL 0.000000, __BOUNCE_CHALLENGE_SUBJ 0.000000, __BOUNCE_NDR_SUBJ_EXEMPT 0.000000, __CP_NOT_1 0.000000, __CP_URI_IN_BODY 0.000000, __CT 0.000000, __CTE 0.000000, __CT_TEXT_PLAIN 0.000000, __DKIM_ALIGNS_1 0.000000, __DKIM_ALIGNS_2 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000, __DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000, __FRAUD_INTRO 0.000000, __FROM_DOMAIN_NOT_IN_BODY 0.000000, __FROM_NAME_NOT_IN_ADDR 0.000000, __FROM_NAME_NOT_IN_BODY 0.000000, __FUR_HEADER 0.000000, __HAS_FROM 0.000000, __HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_REPLYTO 0.000000, __HEADER_ORDER_FROM 0.000000, __HIGHBIT_ASCII_MIX 0.000000, __INVOICE_MULTILINGUAL 0.000000, __IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000, __MIME_BOUND_CHARSET 0.000000, __MIME_TEXT_ONLY 0.000000, __MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000, __MIME_VERSION 0.000000, __MOZILLA_USER_AGENT 0.000000, __MSGID_HEX_844412 0.000000, __MULTIPLE_URI_TEXT 0.000000, __NO_HTML_TAG_RAW 0.000000, __PHISH_PHRASE1_A 0.000000, __PHISH_SPEAR_GREETING 0.000000, __REFERENCES 0.000000, __REPLYTO_SAMEAS_FROM_ACC 0.000000, __REPLYTO_SAMEAS_FROM_ADDY 0.000000, __REPLYTO_SAMEAS_FROM_DOMAIN 0.000000, __SANE_MSGID 0.000000, __SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_HEUR 0.000000, __SCAN_D_NEG_HEUR2 0.000000, __SL_HEAVY 0.000000, __SUBJ_ALPHA_END 0.000000, __SUBJ_ALPHA_NEGATE 0.000000, __SUBJ_REPLY 0.000000, __TO_IN_SUBJECT 0.000000, __TO_MALFORMED_2 0.000000, __TO_NAME 0.000000, __TO_NAME_DIFF_FROM_ACC 0.000000, __TO_REAL_NAMES 0.000000, __UNSUBSCRIBE_1 0.000000, __URI_IN_BODY 0.000000, __URI_MAILTO 0.000000, __URI_NOT_IMG 0.000000, __URI_NO_PATH 0.000000, __URI_NS 0.000000, __URI_WITHOUT_PATH 0.000000, __USER_AGENT 0.000000 X-SASI-Probability: 10% X-SASI-RCODE: 200 X-SASI-Version: Antispam-Engine: 5.1.4, AntispamData: 2026.5.26.92719 DKIM-Signature: v=1; q=dns/txt; a=rsa-sha256; c=relaxed/relaxed; s=default; d=ecomstation.it; bh=U01xDOY4nZ7xSWEFGIx+KCQ5bBV2CDvM9cCoEi4T0YA=; h=Return-Path:From:To:Subject:Date:Message-ID; b=CzlvdWP+/Jm/k3CNotq029BCLoWOhHE+JW4KCvzMqrWyufnpUZlgaTd5/iVsJ+9m4Pum2 WjEB9tVM+zomLlgJneLIKuq9qS3Iu9upnizDNx0X2Ig5p7c94guq3ogoftDzK+YTnCJS4iC FaIZvkHFl7blKVJYWRxeIyweb1OexjcXiFze8KbSUI8gC38XgBN1jlc2sYn0cH/AJQs+nFU rmQopu5XK0hBk2ew9AnoWcvhJ5N1g4cemUGx62946i9RQOa0Qshw/yozAuEgUSEZPr9JfBr 8mB8rtcXQZSioAkZQHxRNnl4+9jMW0F2qwyFW0JJ4Te0B4TOTfzGKOopeg2Q== Received: from [192.168.10.199] (dtp [192.168.10.199]) by srv2 (Weasel v3.11) for ; Tue, 26 May 2026 11:52:42 -0000 Reply-To: ml@ecomstation.it Subject: Re: [eCS-ISP] Re[2]: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime To: eCS ISP Mailing List References: Organization: Massimo S. Message-ID: <51145f41-d65f-9b15-7692-bf6bd0e7ecdb@ecomstation.it> Date: Tue, 26 May 2026 11:52:38 +0200 User-Agent: Mozilla/5.0 (OS/2; U; Warp 4.5; it-IT; rv:1.7.13) Gecko/20060424 Thunderbird/1.0.8 Mnenhy/0.7.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: it Content-Transfer-Encoding: 8bit Doug, i guess you live in Australia, i don't know what happens there with rules and regulations.. But, here i Europe working in a number of sectors, *not only IT*, is becoming a real pain in the ... We live the phenomenon of over-regulation and huge bureaucracy from the EU parliament. With certain regulations they are asking the same requirement from a one man business as what they ask to giants like Microsoft, Amazon and such.. I'm at 54, i can't believe anymore that politicians are so much stupid or incompetent so that they don't know with this over-regulation are favoring giant companies and kicking out of the market small ones. We see also a "new" situation that also big companies are moving away from Italy or Europe due to the high costs of over-regulation and bureaucracy. And this is not happening only in the IT sector. massimo Il 25/05/2026 22:06, Doug Bissett ha scritto: > I don't think it is malicious. It is more likely a futile attempt to look like "they" are doing something about the problem. 47 days is a simple target, that AI should be able to defeat in a day, or two. The main problem is, that "they" can't seem to get their act together, and stop the abuse of the internet. > > On 2026-05-25, at 19:40:06, Massimo S. wrote: >> >> Agree. >> >> This stuff (40 days certificate lifetime), like other idiocies i believe are methods built by large companies to >> discourage the birth of new small businesses in the sector, >> or to kick out the smaller ones already there. >> >> Over-regulation is a new and terrible phenomenon. >> >> massimo >> >> Il 25/05/2026 18:47, Dan Napier ha scritto: >>> Guys, >>> As a lifelong Safety and Security person, I have often seen what can only be described as less than >> optimal soulutons to past system failures.  Or DAS.  Somebody builds a wall that is ten feet high, another >> comes along with an eleven foot ladder.  Or somebody digs a hole under the wall.  At a recent criminal >> investigation during a warranted search, I observed  the educated police officer open a tool proof thirty hour >> safe in about 45 seconds.  So changing the combination daily would not have solved that problem!  "The >> best laid plans of mice and men gang aft agley" >>> Respectfully Submitted >>> Dan Napier >>> ------ Original Message ------ >>> From "Dan Napier" > >>> To "eCS ISP Mailing List" > >>> Date 5/17/2026 7:03:17 PM >>> Subject [eCS-ISP] Re[2]: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime >>> Peter, >>>> Yes I think that linux tries much more often. But I have not found that Steve's script needs to run more >> than once. I guess I am just lucky. >>>> Cron on the first tenth twentieth and twenty ninth. In the middle of the night on the west coast. But I am >> still testing. More news in December. >>>> Dan >>>> >>>> ------ Original Message ------ >>> >From "Peter Moylan" > >>>> To "eCS ISP Mailing List" > >>>> Date 5/17/2026 17:58:41 >>>> Subject Re: [eCS-ISP] Re[2]: [eCS-ISP] SSL cert lifetime >>>> >>>>> On 18/05/26 03:08, Dan Napier wrote: >>>>>> Buenso Dai, Chaio, Good day, Well, I am running LE. The mirrored >>>>>> servers problem can be solved. You need to be in control of both your >>>>>> Apache servers and your DNS servers. It is a security issue so I >>>>>> would not dream of discussing that on a public platform. It can be >>>>>> accomplished. For a single OS2 apache server with no control to the >>>>>> DNS you can use cron to run steven's script on a few days of the >>>>>> month. If LE fails to update nothing happens, if it updates it >>>>>> updates! I forgot to update and decided to try that so far so good. >>>>> Does you "a few days of the month" mean that you are suggesting getting >>>>> a new certificate a lot more often than required? I hadn't thought of that. >>>>> I'm not using cron to schedule this. Instead, I'm using a feature of >>>>> DragText that puts a "Schedule" page into the Properties of every >>>>> program object. At present I run my update script once every 80 days. >>>>> Let's Encrypt has two main drawbacks: >>>>> 1. The short expiry time (90 days). >>>>> 2. The fact that an update attempt often fails (busy server?) so that >>>>> the job has to be repeated manually. >>>>> I keep meaning to write a higher-level script that will check for an >>>>> update failure and repeat the attempt an hour or two later. The best >>>>> checking method is not yet obvious to me. Parse the log file, or look at >>>>> the "last written" date of the certificate file? Probably the latter is >>>>> easier. >>>>>> Is there a utility that will start to run a script every 47 days? Or >>>>>> be smart enuf to remember when it last ran and run 47 days later? >>>>> DragText can do that, but I would have thought that cron can also do it. >>>>> -- Peter Moylan peter@pmoylan.org >>>>> http://www.pmoylan.org >>>>> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= >>>>> This message is sent to you because you are subscribed to >>>>> the mailing list >. >>>>> To unsubscribe, E-mail to: > >>>>> To switch to the DIGEST mode, E-mail to > > >>>>> To switch to the INDEX mode, E-mail to > > >>>>> Send administrative queries to > > >>>>> To subscribe (new addresses), E-mail to: > > and reply to the confirmation email. >>>>> Web archives are publicly available at: http://lists.2rosenthals.com >>>>> This list is hosted by Rosenthal & Rosenthal, LLC >>>>> P.O. Box 281, Deer Park, NY 11729-0281. Non- >>>>> electronic communications related to content >>>>> contained in these messages should be directed >>>>> to the above address. (CAN-SPAM Act of 2003) >>>>> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= >> >> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= >> This message is sent to you because you are subscribed to >> the mailing list . >> To unsubscribe, E-mail to: >> To switch to the DIGEST mode, E-mail to >> To switch to the INDEX mode, E-mail to >> Send administrative queries to >> To subscribe (new addresses), E-mail to: and reply to the confirmation >> email. >> Web archives are publicly available at: http://lists.2rosenthals.com >> >> This list is hosted by Rosenthal & Rosenthal, LLC >> P.O. Box 281, Deer Park, NY 11729-0281. Non- >> electronic communications related to content >> contained in these messages should be directed >> to the above address. (CAN-SPAM Act of 2003) >> >> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= >> > >