Time to theorycraft concerning this line:

>HRC open source server?

We know for a fact that stonetear made posts on reddit about how to change the TO: addresses on HRC's email server. This made mention of Microsoft Exchange server. I checked into MSExchange and Apache based mail servers, first leading me to this: https:// en.wikipedia.org/wiki/Apache_James

That's all well and good but this goes further. It turns out that MSExchange made changes so their "reverse proxy" capability was deprecated: https:// www. cgoosen.com/2013/03/exchange-server-and-the-reverse-proxy/

We also know that stonetear posted "Exchange 2010 for life", leading me to believe he was affected by the loss of a reverse proxy on HRC's mail severs.

The suggestion on this page was to install Apache with mod_proxy flagged. This is untested for enterprise mail service. Naturally, since he's a retard this caused problems for the HRC server.

Later on, security vulnerabilities started to rise due to the use of mod_proxy on Apache servers: https:// www.beyondsecurity.com/scan_pentest_network_vulnerabilities_apache_running_version_prior_2_2_22

>* The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of RewriteRule and ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an @ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because >of an incomplete fix for CVE-2011-3368.

It it possible that stonetear ran open source Apache software in parallel with MSExchange to get around limitations that MSExchange may have had. CrowdStrike may have been given access to run remote code on those MSExchange mail servers resulting in:

>[Missing emails]

That's my theory, anons. I'm not /tech/, just from /pol/.