First company I worked for, built around 40 websites with Drupal 7...in only a year (don't know if it's a lot for today's standards, but I was one guy doing everything). Of course I didn't have the time to keep updating everything and I continually insisted to the boss that we need more people if we are going to expand. Of course he kept telling me to keep working harder and that I "got this". Well, after a year a couple of websites got defaced, you know the usual stuff if you've been around for some time. Felt pretty bad at the time, it was a similar feeling to having your car stolen or something.

Anyways, fast forward about 2 years, started working on another company, and well...this one was on another level. They had a total of around 40 websites, with about 10 of them being Joomla 1.5 installations (Dear Lord have mercy on my soul(the security vulnerabilities from these websites only, were greater than Spiderman's responsibilities)) and the others where WordPress websites, all that ON A SINGLE VPS, I mean, come on... Websites being defaced on the daily, pharma-hacks everywhere, server exploding from malware queing about 90k of spam emails on the outbox, server downtime for maintenance happening almost weekly, hosting company mailing me on the daily about the next malware detection adventure etc. Other than that, the guy that I was replacing, was not giving a single fuck. He was like, "dude it's all good here, everything works just fine and all you have to do is keep the clients happy and shit". Sometimes, I hate myself for being too caring and responsible back then.

I'm still having nightmares of that place. Both that office and that VPS.

Uh-oh I fucked up.

Not at work, but with my website where I had an email forwarder to an external address. The forwarding was everything so that I could do the spam filtering and occasional check in one place. Unfortunately, that triggered the spam detection at the external address (after some years!), and my provider ended up on a blacklist.

That got me a pretty angry mail from my hosting provider who had already disabled the forwarding and wanted to make sure that I understood the issue and would not put it in again.

I thought about whether they had fucked up because it was even possible to do that, or whether I had fucked up because I should have known. Hm yeah I opted for the latter and apologised.

The support guy seemed happy that I didn't try to argue (possibly like other customers...), and advised that I just should add another account in my email client. Sure, at least that will prevent this shit from happening again.

He also mentioned that every single blacklist issue they had experienced in this year was accidental due to external forwarding issues and that they would consider just disabling it altogether.

Which is probably a smart move, just as hint for these ranters here who work at hosting companies. Or at least only enable external forwarding if spam assassin or so is in place.

I have created a "Spam Email Detection using Machine Learning" Project.

Do check out and let me know if any suggestions.

The project is uploaded on "myblindbird" website. Visit myblindbird and search "spam email detection" it will land you on the article.

Thanks