• Please review our updated Terms and Rules here

The move is complete, but the tweaking has only just begun

RSS is pretty much dead since 2013.

But acutally, if you scoll all the way down, there's a RSS icon at the bottom right. Does not work, however (it serves me a .php file).
 
RSS is pretty much dead since 2013.

But acutally, if you scoll all the way down, there's a RSS icon at the bottom right. Does not work, however (it serves me a .php file).
Thanks, Timo, It works for me just fine. resolves to


and it looks like Outlook shows me new posts. I find RSS still has its uses and quite a few sites provide RSS feeds.
 
Last edited:
I doubt they can actually delete your account. It will be tied to all your messages and whatnot. The database won't allow that to happen as it would invalidate table rows all over the place. They could probably hack all passwords and e-mails to just be random characters that are useless to anyone.
 
OK, so it looks like I'm not getting email notifications from the forum, after the migration.

I host my own email, and in my email server logs I see this:
Dec 29 23:35:20 mailserver postfix/smtpd[28544]: connect from forum.vcfed.org[184.72.217.124]
Dec 29 23:35:20 mailserver postfix/smtpd[28544]: setting up TLS connection from forum.vcfed.org[184.72.217.124]
Dec 29 23:35:20 mailserver postfix/smtpd[28544]: TLS connection established from forum.vcfed.org[184.72.217.124]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Dec 29 23:35:23 mailserver postfix/policy-spf[28548]: : SPF SoftFail (Mechanism '~all' matched): Envelope-from: broswell@syssrc.com
Dec 29 23:35:23 mailserver postfix/policy-spf[28548]: handler sender_policy_framework: is decisive.
Dec 29 23:35:23 mailserver postfix/policy-spf[28548]: : Policy action=REJECT SPF check returned softfail, so the message is flagged as SPAM.
Dec 29 23:35:23 mailserver postfix/smtpd[28544]: NOQUEUE: reject: RCPT from forum.vcfed.org[184.72.217.124]: 554 5.7.1 <pepinno@domain.com>: Recipient address rejected: SPF check returned softfail, so the message is flagged as SPAM.; from=<broswell@syssrc.com> to=<pepinno@domain.com> proto=ESMTP helo=<forum.vcfed.org>
Dec 29 23:35:23 mailserver postfix/smtpd[28544]: disconnect from forum.vcfed.org[184.72.217.124]

Which means that the MAIL-FROM address in the SMTP "envelope", in the emails sent from the new forum software, is broswell@syssrc.com, and that the new forum's IP address 184.72.217.124 is not explicitly authorized in the SPF record for the domain "syssrc.com" to send email with that domain in the MAIL-FROM address.

I guess the MAIL-FROM address in the SMTP "envelope" in the emails sent from the new forum software probably should be changed to something in the domain "vcfed.org" (for example, forum-admin@vcfed.org), or else if the current set up is as intended for production use then the forum's IP address 184.72.217.124 should be added to the SPF record of the "syssrc.com" domain (in order to avoid getting a "softfail result" in the SPF check when the forum's email is received, and therefore getting a better anti-spam score, and therefore maximazing the probability of reaching the recipient's Inbox).

With this I am happy that I can help, for email falls into my area of expertise.

spf_.PNG
 
Last edited:
I doubt they can actually delete your account. It will be tied to all your messages and whatnot. The database won't allow that to happen as it would invalidate table rows all over the place. They could probably hack all passwords and e-mails to just be random characters that are useless to anyone.
They can. Every forum software I know is able to. It will purge all personal data and the user name becomes something like deleted_432652. You can also choose whether or not to delete all messages.
 
The old Vbulletin software predated GDPR and dates back to when selective post and thread deletions were easy but complete account deletions required surgical database work unless the person had just joined and immediately started spamming and ISTR on at least one occasion after GDPR became mandatory (I still think it's stupid) mbbrutman and someone else had to go in and erase someone who would not shut up about the inability to make themselves disappear and they had way more than a dozen posts. It was messy because just removing them orphaned post quotes and even entire threads made by the user and the database didn't like that.
The last forum update, I have no idea how it handles account deletions but since it postdates GDPR it's almost certainly included.
Just scramble the password file.
 
Last edited:
They can. Every forum software I know is able to. It will purge all personal data and the user name becomes something like deleted_432652. You can also choose whether or not to delete all messages.
Well, that's not really the same as deleting your account. That is simply replacing it with junk. As I said the database software will
have checks on removing something like that. But replacing with junk is just as good.
 
The old Vbulletin software predated GDPR and dates back to when selective post and thread deletions were easy but complete account deletions required surgical database work unless the person had just joined and immediately started spamming and ISTR on at least one occasion after GDPR became mandatory (I still think it's stupid) mbbrutman and someone else had to go in and erase someone who would not shut up about the inability to make themselves disappear and they had way more than a dozen posts. It was messy because just removing them orphaned post quotes and even entire threads made by the user and the database didn't like that.
The last forum update, I have no idea how it handles account deletions but since it postdates GDPR it's almost certainly included.
Just scramble the password file.
My thoughts exactly. You can't simply rip data out of a database without affecting other data (tables). Or it can be done but requires lots of work to fix up this removal.
 
If still I get a "The old forum is currently down for an upgrade to Xenforo." landing page for a specific forum thread, does that mean the thread was lost completely, or just that that particular thread wasn't migrated yet?

Relevant thread: https://www.vcfed.org/forum/forum/genres/pcs-and-clones/9538-seagate-st-506-in-a-5150-5160

This thread's second and third pages are not cached on Google or Wayback, and I have important information from past-me that I need to read :D!
 
A lot of forum softwares allow the administrator to delete accounts, but all that happens is the user can't login any more, and you can't look up the member's details. The posts stay there, unless the administrator wants to remove them (one by one usually).
 
Mine disappear after I have read them.

If I then Select “What’s new” my “read” items are identified from my “unread” items in a slightly lighter colour.

I am happy with this behaviour.

Dave
Mine don't disappear after being read and I don't see any change in their color. I must be missing something. Any suggestions?
 
Thank you to @modem7 for pointing this out, but there is a conversion from old posts to new. Using his example:
This might work for threads that were made in VBulletin5 (Xenforo offers an id preservation option when you do the upgrade). But it will not work for any VBulletin4 links, because the conversion from vb4 to vb5 does not preserve id's.

Example:
Code:
http://www.vcfed.org/forum/showthread.php?53134-Adding-lowercase-to-a-Model-1-in-2016

does not convert to:

https://forum.vcfed.org/index.php?threads/Adding-lowercase-to-a-Model-1-in-2016.53134

Xenforo offers a URI redirect plugin. @ajacocks I recommend this plugin for the security reasons that @Timo W. mentioned. However, the plugin will not work with vbulletin4 id's as-is.

I've been working on this issue with the plugin. You can read the background here. I got it working yesterday, although I want to refine my fix. It also meant (minimally) editing the plugin php code, which comes with its own risks. I am hoping to present these findings to the xenforo folks and, if we're lucky, they can incorporate it into a release.

In the meantime, in that thread, there was a recommendation from a user 'hstammlerj' in that thread that you could implement. Since vcfed was on vb5 for such a short period of time, the vast majority of links will be from the vb4 days. You can simply bulk update the id's in the import table with the old vb4 id's without needing to resort to php editing like I did.

Disclaimer. I am not involved in the VCFED upgrade. I migrated off of vbulletin5 for a website I administrate, and am excited to see it successful here. VCFED gets credit for lighting the fire under me to finally bite the bullet and get it done.
 
OK, so it looks like I'm not getting email notifications from the forum, after the migration.

I host my own email, and in my email server logs I see this:


Which means that the MAIL-FROM address in the SMTP "envelope", in the emails sent from the new forum software, is broswell@syssrc.com, and that the new forum's IP address 184.72.217.124 is not explicitly authorized in the SPF record for the domain "syssrc.com" to send email with that domain in the MAIL-FROM address.

I guess the MAIL-FROM address in the SMTP "envelope" in the emails sent from the new forum software probably should be changed to something in the domain "vcfed.org" (for example, forum-admin@vcfed.org), or else if the current set up is as intended for production use then the forum's IP address 184.72.217.124 should be added to the SPF record of the "syssrc.com" domain (in order to avoid getting a "softfail result" in the SPF check when the forum's email is received, and therefore getting a better anti-spam score, and therefore maximazing the probability of reaching the recipient's Inbox).

With this I am happy that I can help, for email falls into my area of expertise.

View attachment 1237224
That error makes sense. I just changed the default and reply to email addresses to forum@vcfed.org and would be interested to know if this fixes the issue. The VCFed domain is actually a Google Workspace domain, and this forum is hosted in AWS, so I may have some more work to do with them on getting SPF/DMARC/DKIM and an email relay working for that email address.
 
If you do that, PLEASE invalidate all passwords and email addresses stored there! Since it's just an archive then, no one will maintain or ever again update it. Which of course means that as soon as a security flaw is known for that outdated version, the forum may get attacked and the database leaked.

Should that not be possible or wanted, I ask you to completely delete my account from the old forum. Thanks.

Just catching up on this thread. I think what we may want to to do in the short run is simply reset all the user passwords and emails to something super generic, and make everyone's permission read only. That way the data integrity is maintained, but the security risk is mitigated.

I'll bring this up with @ajacocks in the coming weeks. We will also look into the link redirection issue. That said, I suspect it may be some time before we can get that all taken care of, though I think it'll help if we come up with a priority list and what not.
 
That error makes sense. I just changed the default and reply to email addresses to forum@vcfed.org and would be interested to know if this fixes the issue. The VCFed domain is actually a Google Workspace domain, and this forum is hosted in AWS, so I may have some more work to do with them on getting SPF/DMARC/DKIM and an email relay working for that email address.
I'm still not getting the email messages from the new forum software (yes, I could set up an ad-hoc exception in my email server to be able to successfully receive them, but let's do the work to "sanitize" the new forum's mail flow).

These are the logs now in my email server, when email from the new forum is trying to be delivered:
Jan 2 06:01:38 mailserver postfix/smtpd[26755]: connect from forum.vcfed.org[184.72.217.124]
Jan 2 06:01:39 mailserver postfix/smtpd[26755]: setting up TLS connection from forum.vcfed.org[184.72.217.124]
Jan 2 06:01:39 mailserver postfix/smtpd[26755]: TLS connection established from forum.vcfed.org[184.72.217.124]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Jan 2 06:01:42 mailserver postfix/policy-spf[26760]: : SPF SoftFail (Mechanism '~all' matched): Envelope-from: forum@vcfed.org
Jan 2 06:01:42 mailserver postfix/policy-spf[26760]: handler sender_policy_framework: is decisive.
Jan 2 06:01:42 mailserver postfix/policy-spf[26760]: : Policy action=REJECT SPF check returned softfail, so the message is flagged as SPAM.
Jan 2 06:01:42 mailserver postfix/smtpd[26755]: NOQUEUE: reject: RCPT from forum.vcfed.org[184.72.217.124]: 554 5.7.1 <pepinno@domain.com>: Recipient address rejected: SPF check returned softfail, so the message is flagged as SPAM.; from=<forum@vcfed.org> to=<pepinno@domain.com> proto=ESMTP helo=<forum.vcfed.org>
Jan 2 06:01:42 mailserver postfix/smtpd[26755]: disconnect from forum.vcfed.org[184.72.217.124]

This "soft-fail" in the SPF check happens because the new forum's IP addres (184.72.217.124) is not included in the SPF record of the domain "vcfed.org".

This is the current SPF record for the "vcfed.org" domain:
v=spf1 +a +mx include:_spf.google.com +ip4:54.236.142.0 +ip4:162.208.84.230 +ip4:162.208.84.200 +ip4:162.208.84.225 +ip4:199.193.246.42 ~all
2022-01-02_spf-of-vcfed.org.png

The problem would be solved adding the IP address 184.72.217.124 to it, like this:
v=spf1 +a +mx include:_spf.google.com +ip4:54.236.142.0 +ip4:162.208.84.230 +ip4:162.208.84.200 +ip4:162.208.84.225 +ip4:199.193.246.42 +ip4:184.72.217.124 ~all
 
Back
Top