RSpamd Spamfilter Configuration - Best Practise Guide
Mail system structures can quickly become messy and complicated. The more features you need, the more services are required. Most Linux mail servers use Postfix as the Mail Transfer Agent (MTA) and a Mail Delivery Agent (MDA) like Dovecot. If you have mail aliases pointing to other systems, you need a sender rewriting service; to sign outgoing mails with DKIM, you need a signing service; to reduce spam, you need a spam filter, and so on. This is why today’s mail infrastructure can appear bloated — or, as some might say, a complicated mess.
Tailscale VPN with Dracut Initrd
Debian 13 (Trixie) still ships with initramfs-tools by default – the traditional initrd system that prepares your system for boot. But times are changing. With systemd becoming the standard, the boot process is evolving: GRUB is gradually being replaced by systemd-boot, and more and more systems are moving from initramfs-tools to dracut.
Writeup: SaarCTF 2025 - Routerploit
Before getting into the actual write‑up, I want to thank SaarSec for organizing this year’s Attack/Defense CTF. I took part as a member of the Squareroots team and spent the first hour working on the Routerploit challenge. During that time, I discovered two different vulnerabilities in the service and ended up capturing more than 700 flags in the tick it fires the first time.
Wireshark Remote Packet Capturing using SSH and tcpdump
It’s very easy to capture packets from a remote server if everything is installed — Wireshark on the local machine, SSH keys are set up, and tcpdump is installed on the remote host. I always forget the exact command because I don’t use it often; when I need it I usually end up Googling for a few minutes. This post exists so I can open my blog and find the command faster.