Starfighter is not a security company. We're going to test for a wide range of skill sets. These may include web app security but will not be limited to that.
You can reasonably assume "What skills does the market want to hire for?" is a good proxy for what we'll be assessing for. I love security, but that's 0.01% of the software market. We have... grander ambitions.
I don't think the issue is as much with the clients as it is with the spam filtering Google provides. The sheer volume of emails they handle allows them to have the best spam filtering in the world. Something, that will be very difficult to duplicate through OSS.
The issue is with sending mail. Running my own mail server just feels like a loosing proposition as inevitably it'll be blocked because it's not a well known one.
Certainly this is what will happen if everyone thinks the same way as you...
(I have been my own SMTP server (hosted by OVH) for a few months now. I was blocked exactly once, by custom filtering from a small provider where the delivery status notification said to appeal to abuse@, I emailed them and they fixed it in minutes.)
> Certainly this is what will happen if everyone thinks the same way as you...
What will happen? More people will block small providers because fewer exists? The issue is much larger than that. There need to be better ways to deal with email than just dropping it for arbitrary reasons.
> I was blocked exactly once
... that you know of
I've worked for companies where our internal mail servers just couldn't email some people; we presume their ISP black listed us and never published it on a shared list. (We only know this because people would call because they never got the email with the link to their purchased item.)
I do not have the time to worry about if every email I send will get delivered. Many systems don't send you a status notification; they just accept and then drop the message, meaning you may not see an error in the logs. You may not show up on public black lists for days. That's not something I want to be sinking my time into. I'd rather pay someone to run a well-known service that is very unlikely to have delivery issues.
My understanding of this answer is that the SMTP said it had accepted it, but the sender would have been notified afterwards that the message had not been delivered, had the return addresses correctly been set up. This seems OK to me; I would have received the bounce.
(Also, the mail was sent from www-data, which I think was an acceptable clue to classify the message as spam no matter from which server it came from.)
Similar story. I couldn't email msn (or exchange, etc.) but there was a web form I could fill out. Annoying, but I got to have some fun describing the type of emails I sent to my "list" and its "unsubscribe process".
This is very peculiar. From past Dropbox acquisitions, one can extrapolate they're almost certainly working on online collaboration tools. I wonder if Dropbox is using this as a way to gain footholds in large enterprise.
It's actually pretty easy once you realize that you have to pay for the licences on all Microsoft technologies once BizSpark ends. It gives just enough time to be too locked in to easily adopt a different technology stack.
