Notes

After finding out it works with Gunicorn, I also tested PCDENotes with uWSGI. It works too :)

While PCDENotes (this web application) is provided using Apache and mod_wsgi on this server, I tried to run it with Gunicorn and nginx on my Raspberry Pi. It works :)

I wanted to build a reverse proxy configuration for a web app. But on a certain URL, I wanted to allow either none or one specific query string.

Here is a snippet from my nginx configuration:

location /my/app {
    if ($query_string !~ "(^$)|(^key=value$)") {
        return 404;
    }

    proxy_pass https://app.example.local/my/app;
}

The regex (^$)|(^key=value$) does the magic. If the URL doesn't match on the regex, nginx returns HTTP status 404. If it does match, nginx proxies the request to the web app.

While migrating one AD domain to another, I stumbled into the legacyExchangeDN problem.

We had a lot of of global mail contacts in the first domain pointing to recipients in the other domain and vice versa. Many users had cached contacts in Outlook that ceased to work after migrating to the other domain generating IMCEAEX non-delivery reports.

So we had to fix this by adding the legacyExchangeDN string of the mail contacts as a X500 proxy address.

Luckily this does not affect mailboxes migrated using Exchange's forest migration feature. The legacyExchangeDN is properly migrated.

Some good information on this topic:

English:

• https://docs.microsoft.com/en-us/exchange/troubleshoot/email-delivery/imceaex-ndr
• https://blog.quadrotech-it.com/blog/what-is-the-x500-email-address/

German:

• https://www.frankysweb.de/exchange-migration-sonderfall-pst-migration-550-5-1-1/
• https://www.langlitz-it.de/?p=1048
• https://blog.devilatwork.de/office365-exchange-nachricht-konnte-nicht-zugestellt-werden-legacyexchangedn-und-x500/

Recently I tried to rebuild some port forwarding rules on a Cisco ASA using Cisco ASDM. I wanted to use the Public Server feature. Strangely it didn't allow me to create port forwarding rules on the public interface IP. It got the following error message:

The public address cannot be the same as the public interface address.

I don't understand this, because using plain NAT rules works just well on the interface IP.

I built the NAT rules in the following way and it works fine for me: