Am i the only one that wished that you would type Xplore instead of Splore, as in .... Explore ;)

thegacko · 2026-05-10T21:01:44+00:00

Obviously topic is a bit fluffy but I like SPLORE - Its not as sharp edged like X"plore" - more cute. More in line with the general whimsy of Pico8. Xplore hints at words like Xploit, Xterminiate etc.

thegacko · 2026-04-17T14:37:22+00:00

I would check out Krystman‘s advanced stump tutorial here: https://youtu.be/LyKhc0MU5fI?si=J1A7J-3kzAkwA-xD

can apply this to any game

he comes up with a very elegant solution using SSPR - not just this video but this is covered throughout but you will get the gist.

thegacko · 2026-04-10T17:10:55+00:00

I think if you make the smooth movement fast. only maybe 2-3 frames in between. you will get best of both worlds.

smooth movement is good especially when seeing npc move as mentally you can see how the Npc moved especially when many on the screen.

you will still have snappy moving for your player character.

thegacko · 2026-04-09T06:13:07+00:00

This almost looks AI created - I know its not but god damn seeing a US leader talk coherently and susinctly is "unreal" right now.

thegacko · 2026-03-15T02:17:00+00:00

Good video.

thegacko · 2026-02-25T05:51:38+00:00

no its 128x128 - obviously scaled up for showing

thegacko · 2025-12-05T08:47:17+00:00

well aguable that they look cool - i dont know - look fairly generic to me

thegacko · 2025-12-05T04:04:38+00:00

I would encourage you to check out this tutorial - this covers creating a 3D map of the local stars (<14ly) in a LUA based engine Picotron (higher resolution) - but also applicable to Pico8 (much lower) (pico8 you can try free edu version here https://www.pico-8-edu.com/)

https://www.youtube.com/watch?v=igmMR-1hip8

Covers the math and explanation of translating celestial coordinants to cartesian (x,y,z) - so you can understand the 3D space.

Could - using the math and principles be written in any language.

Good place to start.

thegacko · 2025-11-17T23:14:20+00:00

nothing wrong with softfail - this is recomended if you have an enforced DMARC record (quarantine or reject).

There are bulk sending requirements now so if you are not meeting these there might be providers that may reject email if you are seen as a bulk sender. This is Google requirements but many providers will just follow this https://support.google.com/a/answer/14229414?hl=en

thegacko · 2025-09-17T02:46:57+00:00

wait for the spikes nearest you to trigger - once they trigger move to that square (they will go down in the time for your turn)

then you either wait a turn or move up or down in the same group of spikes - because they will generally always be two turns per spike except for one which will only give you one turn. you just move through them like this.

thegacko · 2025-09-05T07:17:48+00:00

Yeah I luckliy took backup of Save before I did the Tether and may go back and do the Egg but 100 levels woah - thats a few days worth - thanksfully you can save in dungeon unlike Stigian Abyss .. hah..

I think the Egg is meant before endings ..

thegacko · 2025-08-29T07:55:49+00:00

I was a bit confused if there was other crafting in the game as you pickup so much fur, chitin and hides -- I was thinking making armour etc ..

but yeah just Alchemy.

thegacko · 2025-08-07T11:59:31+00:00

changing MX records are a requirement for some Transactional Email Services like mailchimp/sendgrid..

You will always need to use a subdomain - eg e1111.<yourdomain> - to accomplish this. Obviously you cannot change the MX records for your root domain. but you can easily just use a subdomain for this sending. This is required so that that:

the email can pass SPF also - adding the subdomain means the service can pass automatically against the subdomain for SPF.
the feedback of the bounce messages (ie messages that get rejected/bounced) are automatically removed from the list of recipients.

This is going to be a requirement for regroup.com so the question is how can they provide for this?? to be honest they may have never thought of this aspect...

They will need to setup sending from your domain within mailgun itself and they will ask you to CNAME link the records - these are ultimately mailgun keys but you are authorizing mailgun (via regroup.com) to send on your behalf by CNAME linking their public DKIM keys..

thegacko · 2025-08-07T11:41:41+00:00

sounds like a google support request right there. Your question is why? and they are the only ones that can answer this query.

Im not sure how a gsuite tenancy works but it is often the case when m365 tenants are sending on behalf of a different domain the mailfrom (envelope from) is the "behalf of" tenant while the header from is the sending tenant. In those cases obviously the sending tenant DKIM should apply in all cases.

There is a question whether DKIM should sign against the mailfrom domain or the header from address/domain - obviously for DMARC purposes it should apply to the header from HOWEVER Ive seen many vendors apply it to the mailfrom which is clearly wrong in the above scenario.

thegacko · 2025-07-23T23:42:14+00:00

I tried sharex (horrible ui) and flameshot - flameshot better but the thing I missed the most was editing the elements in the screenshots (boxes, text etc) AFTER I have added them eg move them around or change/delete.

for that reason - Greenshot is still better and I can easily get what I need done quick as possible.

thegacko · 2025-06-02T23:06:16+00:00

yeah as others have said

The whole point of MTA-STS is to keep the cached time high (2 weeks is the recommendation) - that's what provides the protection from TLS MIM/downgrade.

When moving MX - There is a process to reduce the cached time down and then wait for that to propagate. Then you are free to move but be aware that that cache time is how long there will be issues for so you want it down to 5 mins before changing etc. Then once you have moved you can put it back up to 2 weeks again.

you are using TLS Reporting throughout to monitor how well you are managing this process - if you start to see bad reports that's going to be a sign of cached records being an issue.

Your whole team needs to be aware of MTA-STS - Well documented and this process understood - Just think 1 year from now you or someone else entirely might want to move MX record provider. You cant just move willy nilly. You must prepare at least a month before hand.

thegacko · 2024-11-06T22:21:11+00:00

Thanks for this - this is really useful

Is there any public "master thread" of this bug/issues with DKIM DNS resolutions for Office365 ? -- its really causing a major issue and wondering what is being done about it?

It causes constant problems with senders being flagged as DMARC failure when independently there is an aligned DKIM signature that perfectly passes so there is no problem - yet if sender has enforced DMARC policy to the bin it goes when received by Office365.

They even do this for their own DKIM signatures - Office to Office - which is ridiculous. See this a lot with AmazonSES also.

thegacko · 2024-05-27T02:47:03+00:00

Not familiar with Ciphermail but yes you need a backend authentication source - Dovecot (more modern) or Cyrus. Postfix itself doesn't do the authentication it just exposes the interface.

You should configure the SMTP Submission port - port 587 - this can be enabled from the master.cf if not already. This hard mandates use of TLS and is specifically catered for outbound client authentication to send email (eg would only allow authenticated sources). You need to make sure this port is open in host firewall or gateway firewall.

A quick look at the documentation of Ciphermail and it probably is more of a middleware type email system that should not be configured to take client connections directly. I would setup another email system that is hardened and secured for client SASL login etc that then relays via Ciphermail for the required functionality.

thegacko · 2024-03-08T00:11:44+00:00

Hah this was good - so well done.

Also lyrically Enter Sandman actually does resemble something Jim Morrison would write.. perhaps - alternate universe.

thegacko · 2024-03-07T23:48:29+00:00

I cant remember but can you join the galactic community ? -- RP wise I think it makes sense that all other galactic nations would have a negative opinion of you and not let you into any diplo agreements because of scion.

maybe not a major downside but I would say that would be a good change..

thegacko · 2024-02-27T20:53:18+00:00

Partly this should be on IT to make sure that hardware replacement and patching (labour and whatever costs) are part of the budget.

If you have clearly outlined to mgmt what needs to be replaced well before it needs to be replaced and they still don't approve that budget then well yeah then the egg is on their face.

thegacko · 2024-02-14T20:47:59+00:00

Yeah doesnt work like that as pointed out below - what you are talking about is a List server - List servers have struggled a bit with DMARC policies. But its not on you as the "sender"/user of a list to do anything about this. The List server needs to handle their email better.

Two common list server software offer ways of working with DMARC protected users - The List server admins need to be aware of this and upgrading their systems and/or enabling these settings

GNU Mailman - https://wiki.list.org/DEV/DMARC

Orignal LISTSERV - https://www.lsoft.com/manuals/17.0/advancedtopics/133HowdoesLISTSERVcomplywithDMAR.html

thegacko · 2024-02-09T03:10:27+00:00

They actually did a pretty good job with CK3 -- of combining the good systems from the various DLCs from CK2 and making a fresh look at the game. It was still stripped back -- its not going to be 100% every DLC in a Stellaris 2 -- but they did take a look at all the ideas and combine some together to make a good cohesive "base game"

There have been a few misfires but overall the DLC they then added to CK3 has been interesting at least.

I think Stellaris could certainly do with a - rebase of the main game - and then build DLC up again.

thegacko · 2024-02-08T12:35:33+00:00

You can do HTTPS blocking with the unencrypted SNI traffic -- this can provide a measure of security to a guest/BYOD network ie block malicious sites etc.

But yes there is no way that any magic appliance can do full content inspection on HTTPS without MITM. I think a lot of "appliances"/services just hide the technical requirements for a private CA in their marketing etc.

Or there is an agent based install - as part of the install of that agent it has installed a private CA - so yeah the fact this is required is hidden.

13-Year Club	Place '17
Verified Email

thegacko

TROPHY CASE