onexia

Your VAR can take these benchmarks back tk the vendor and request clarification and also suggest the right processor for the right job. The last time we were speccing out hosts for a refresh (totaling over 200 hosts) Intel had a giant table of what should be used for which scenario and a million other stats on the procs. 

1. ❓ Are You Sure It's S/MIME Encryption? A lot of confusion happens between: Microsoft Purview Message Encryption (OME) S/MIME encryption They are not the same, and Microsoft handles them differently in transport rules. 🛑 If your users are using Encrypt via Outlook or clicking the "Do Not Forward"/“Encrypt” button, that’s likely OME, not S/MIME. Your rule is checking for: "S/MIME EncryptedEnforce" Which only applies if the message is actually S/MIME encrypted with a certificate. ✅ Check: Is the encryption actually S/MIME? If not, your condition never matches, so the header never gets stripped. 2. 🧪 Try Changing the Rule Condition If you're using S/MIME EncryptedEnforce, and it's not matching, try changing it to: Condition: "Message type is encrypted" Or, use the message properties > message is encrypted condition. This may give broader detection and catch OME + S/MIME depending on how it's being applied. 3. 📥 Transport Rule Processing Order You said: Rule 1: Add X-Unencrypted-Message if not encrypted (Priority 1, no stop processing) Rule 2: Remove X-Unencrypted-Message if encrypted (Priority 2, stop processing) Sounds fine in theory. But in practice, mail flow rules execute before encryption gets applied in some cases, or encryption state is not available during mail flow processing — depending on where the encryption is happening (client-side S/MIME vs server-side). This is another reason why your second rule may not "see" the message as encrypted yet.

I was thinking this same thing. 

Why not? What if a dev asks the eng if they have the ability to do layer 4 or layer 7 load balancing for a new app that are creating? It is beneficial to know these things without having to stop and google.

that YAML pasted like SHIT. Sorry.

Are you able to enable HyperV optimizations? For KubeVirt VMs, we have to enable a bunch of shit to get performance up to snuff otherwise VMs are much slower than they are in VMware. I Believe ProxMox is also running on KVM so this may also be useful for you? Is your machine type qemu64? For our KubeVirt VMs: domain: clock: timer: hpet: present: false hyperv: present: true features: acpi: {} apic: {} hyperv: relaxed: {} vapic: {} spinlocks: spinlocks: 8191

Is it still the case that proxmox support is based on business hours in an EU Country I cannot remember (Belgium?) and there’s no true 24/7 prod support for us yanks?

This has been revised earlier this year and it’s a supported configuration to use Sad cards for boot, including 8.0 versions.

Databases can get pretty big man. 1.8TB would be be considered on the higher side of medium at our place.

Either a break glass local admin is required or just hop in that bih using Hirens boot CD and edit the SAM DB. I’ve dealt with a lot of VM restores and these will be your easiest ways forward.

There’s doing it right, and then whatever you’re trying to do.

AGPM

You can also get esxi for free.

That’s crazy I have a very similar story: Back in March, my org sold one of our buildings and then did a lease back of two floors. This was due to needing time to relocate the last of the staff to other sites and was only supposed to last a year. One of my first priorities was to have the new company take over the elevator phones. The building is older and in need of maintenance, the elevators are quite worn out and in need of some service. I wanted them off our systems to get us out of any possible liability. I emailed the new company in February and received no response. In March, I finally got emails for people that would respond and say it will be done in no time. Every month, I have emailed and gotten the same response. They are working on it and it will be done shortly. Due to other issues, in Mid-July it was decided to expedite our departure from the facility, and I was told have all our gear out by the end of August and our internet connection cut. I emailed the new company once again and told them the hard deadline to get off our systems. I was told it will be done before then. I told my supervisor that the elevator phones will probably not be done, and I have concerns about just unplugging and walking away. My supervisor sent me to our Risk management director. I met with Risk management and they said we should be covered after all the communication we did, but agreed that we couldn't just cut dial tone and walk away. If something did happen, I just couldn't have it on my conscious. That's when it was decided, if we can't do a standard professional handoff, we will do things the hard way. Risk management asked what my professional recommendation was, and I said, "call the fire marshal". At first, they were hesitant, but agreed, no one could question our actions if the fire marshal was involved. I expected risk management to call after we had vacated the site, but I was wrong. This afternoon, I went by the site and started some pre-decommissioning activities. In the lobby, I was greeted by the new companies facility team and two fire marshals who really wanted to talk to me. The fire marshal asked me how much warning I had given the new company, he was not happy when I said I could produce emails from February right now if he wants to see them. The new company agreed, I had given them months of notice and blamed their elevator service company for it not being done. The fire marshal asked when I was going to pull my equipment and walk away, I told him tomorrow at 1pm unless he tells me otherwise. He told the new company, they had till 1pm tomorrow to get a working elevator phone, otherwise all floors above the 1st floor could not be occupied. The fire marshal looked at me, said that after 1pm tomorrow, it is all on the new company. At that point, the impromptu meeting was adjourned, but I heard them talking some more. Evidently the fire marshal wasn't done with the new company, in his brief visit, he also found smoke detectors not working, rooms with insufficient sprinklers, unpermitted electrical work, and issues at other buildings they own in the building complex. Overall, the new company had quite a bad day, but at least I have my handoff plan done.

….make a ticket with the vendor?

Weak excuse. Very bad security posture all around.

30-60 figure salaries? That would be nuts!

Ok

Must be a stingy industry thing. We did 6bn in revenue last year (over 10bn the two years before that) and we would have been crucified if we let support contracts lapse on production equipment. We do have equipment out of vendor support, but those just get renewed under third party options.

Did you have a stroke on your last paragraph mate?

If the company is large enough to have a legal team they will scoff at $300 and tell the tech to renew the support contract.