Leaderboard

@Daniel Looking at this lookup result C:\Users\Kas>nslookup -type=TXT -debug delphipraxis.net 1.1.1.1 Server: 1.1.1.1 Address: 1.1.1.1#53 ------------ QUESTIONS: delphipraxis.net, type = TXT, class = IN ANSWERS: -> delphipraxis.net text = "v=spf1 a mx ~all" ttl = 86330 -> delphipraxis.net text = "google-site-verification=axHu87aSc4n6ry1pc4VMwdNcEsrBD8WbBeYO-jA1sl0" ttl = 86330 AUTHORITY RECORDS: ADDITIONAL RECORDS: ------------ Non-authoritative answer: delphipraxis.net text = "v=spf1 a mx ~all" delphipraxis.net text = "google-site-verification=axHu87aSc4n6ry1pc4VMwdNcEsrBD8WbBeYO-jA1sl0" Authoritative answers can be found from: I see few problems: 1) The TTL is way long, i prefer 6 minutes at most instead of 24 hours. 2) there is Sender Policy Framework (SPF) and it is correct, but it is useless in this format, literally it is saying i am here, nothing else, accepting/allowing form any IP ("~all" parameter will relax the usage too much too), doesn't help at all, mx in this format with the actual domain also saying SMTP mx domain can send an email using this domain, but reverse resolving the IP will result in your other ".eu" domain !!.... in short this SPF can/should be better and more secure, hence will help a lot with spam flagging. 3) No DomainKeys Identified Mail (DKIM) ?! 4) No Domain-based Message Authentication, Reporting and Conformance (DMARC) ?! Here is headers i got from an email form this forum Authentication-Results: spf=none (sender IP is 138.201.18.17) smtp.mailfrom=mail.danielwolf.eu; dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=delphipraxis.net; Received-SPF: None (protection.outlook.com: mail.danielwolf.eu does not designate permitted sender hosts) // these are values from Outlook (the general score) X-MS-Exchange-Organization-PCL: 2 X-MS-Exchange-Organization-SCL: 1 X-Microsoft-Antispam: BCL:0; So to break these 1) SPF should be more restrictive at least, it should list the IPs that SMTP will use, mx field is good but as mentioned above, it should be pointing to the actual mx for this domain not leaving it to the receiver to guess. 2) DKIM is helpful and will not cost you anything, just one extra layer of authentication like SPF. 3) DMARC will consolidate the SPF and DKIM together and provide one brilliant way to saty on top of things by reporting. Suggestions: 1) If you can then transfer your domain to more robust and concrete domain registrar, my self since moving all my domain to CloudFlare DNS, i never looked back, even if i am not using their services like protection of any, i just want them to serve domains and have control with API over my DNS records and subdomains. 2) change the TTL to shorter period, and here you must be very careful, if you want to start enhancing and tweaking your domains and DNS record, make sure it is 1 minute and wait until that 24h to pass then tweak it, don't touch it today if you decide you tweak something. 3) Enhance the SPF, most likely you have static IP for the mx which also serving another one or more, it is acceptable to be more than mx record on one IP, but declare these IP for each domain/subdomain, another tricky thing here, if you are allowing sending and using IPv6, then you should be 100% it will not change, it is static and controlled by you, or just disable it, also you can use and IP or a range, both will be OK and better form leaving it empty for any IP. 4) DKIM, well it is as simple at it sound generate key with hash... there is so many resources on internet so i am not getting there, on side note we can ask Angus to expand his built binary tools to include generating DKIM key, if i would do it it will be on his style with many checkboxes and radio buttons, i love doing that, "Just don't use any online service to generate the key !" use command for OpenSSL or ICS or what ever local for you. 5) there is so many to explain what mx in the SPF and its interaction with DKIM should be, but if you are delegating the sender for your domain lets say delphipraxis.net to Gmail or Outlook, it can be secure and validate , but one of these (SPF or DKIM) will fail as per designed, hence DMARC will come to rescue, also there is many resources on how to do it right, i love https://dmarcian.com/ it is free and can be paid if you prefer, DMARC will inform the receivers of email sent from your servers/SMTP.. to report the failures and may be even the success, the reported data are not private, so you should not care about an IP trying to spam other impersonating your domain, dmarcian have tools to analyze your domain parameters, so it will help you a lot, and if you used it right then services like GMail will email you back on daily/weekly/whenneeded basis a report of success delivery and failure or most important the spam recognized as pretending to be you, you can also receive these report and parse them on you own, it is just more beautiful to see their charts in work ! Extra info : About reducing TTL: TTL is there to prevent DNS attacks, yet it is two side blade (it can be debated both ways), so in my opinion the longer TTL was helping in the past, but not so relevant in modern days with DNSSEC and DNS-over-HTTPS (DoH), and here is the thing building an attack on mail/mx DNS with very shorter is rendered useless with the existence of SPF, DKIM and DMARC ! I see you are using Gmail site-verification and it is good wo work with Gmail, but that is not enough, they still have their own score, and the above will help, OutLook on other hand does use these record in their score system and consolidate with their own register method attached to your account and verified for more https://sendersupport.olc.protection.outlook.com/snds/JMRP.aspx Some additional reources https://en.wikipedia.org/wiki/Sender_Policy_Framework https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail https://en.wikipedia.org/wiki/DMARC https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-spam-spam-confidence-level-scl-about?view=o365-worldwide https://support.google.com/a/answer/174124?hl=en https://support.google.com/a/answer/2466580?sjid=17120824358789328945-EU Hope that helps, not only for Daniel !

Actually, it hasn't. What was missing has happened before, i.e. it does not automatically download iOS support (weird). From the Xcode menu select Settings, then the Platforms tab. For the iOS 17.2 item, click Get: (which I have already done in this picture) Even weirder: while downloading it says "simulator". Once that completes, deployment should work.

It appears Xcode 15.1 has broken Delphi - I'm having the same problems with that version. Reverting to an earlier version may fix it. I'm about to find out.

VCL implements "garbage collection" for unused device contexts and it periodically releases them. To prevent that you need to call Lock on Canvas, and call Unlock when you no longer need the same device context. But, without seeing your code it is hard to say whether there is more going on.

Yes I reinstalled the last official release Xcode 15.0.1 - Oct 18 2023 and all works as expected. Well that only cost me half a day. Thanks.

You don't need to copy data from one FireDAC dataset to a TFDMemTable; All FireDAC datasets are mem-tables and can work in offline/briefcase mode. All you need to do is make sure you fetch all data from the server. Do a FetchAll like it said in the other thread posted.

Fixed. You should be grateful that the CE is released at a point where it's the least broken version you can get.

This is funny, a few weeks ago I added advanced cross-platform support of network adapters in the mORMot 2 network layer. It can retrieve all mac addresses of the network interfaces, and also much more information like each kind of adapter, its MTU, speed or gateway/broadcast IPs. And it is cross-platform, so it works not only on Windows but also on POSIX (tested on MacOS and Linux). https://github.com/synopse/mORMot2/blob/fe3fdf53e54dc770bda8d9858c8d6ff5ebf4ac4d/src/net/mormot.net.sock.pas#L517

Another solution that also reduces the binary size is disabling unnecessary Java libraries. By default projects include all kinds of things, like Billing, FireBase, various Google Play services... and if they are not used in the application, they will just be a dead weight.

Check the minSdkVersion value in your projects AndroidManifest.template.xml file. If it's below 21, the packaging tools are unable to use multidex, thus the error. The > 65536 methods refers to how many methods are included in the jar files (in Project Manager, in the Libraries node under the relevant Android target), which grew substantially from Delphi 11.3 to Delphi 12. If the minSdkVersion value is %minSdkVersion%, the IDE replaces it with the default supported value which is 23, in the resulting AndroidManifest.xml in the project output. If this is the case for you, there may be some other configuration issue.

I created a setup script for Ubuntu. I just updated it to address the Python 3.6 dependency issue. https://embt.co/Ubuntu4Delphi22 I've tested it on several different installs, and it works great. If you only want to fix the Python 3.6 dependency issue: You can use the following sudo apt install python3 libpython3-dev -y ln -sf `ls -1 /usr/lib/x86_64-linux-gnu/libpython3.*.so.1.0 | tail -1` ~/PAServer-22.0/lldb/lib/libpython3.so The first line ensures you have Python3 installed, but if you have a recent Ubuntu, that shouldn't be an issue. I usually had Python 3.10 installed. The second line looks in /usr/lib/x86_64-linux-gnu/ for a file matching the mask libpython3.*.so.1.0 and then updates the symbolic link Note: It assumes you installed PAServer in the folder ~/PAServer-22.0 Good luck!