Category: Server

Categories
Blog Messenger Security Server

2025-11-03: free UnifiedPush Service with NTFY

🔧 I Run My Own Push Service – Without Google or Apple

As an IT service provider, I value privacy, control, and independence. Most apps on Android or iOS rely on the major cloud services from Google (Firebase Cloud Messaging) or Apple (APNS) for their notifications.
These systems are convenient—but they also mean that every notification travels through external servers.

I wanted to do things differently: privacy-friendly, transparent, and fully under my own control.
That’s why I’ve set up my own push service based on NTFY.

🌐 What Is NTFY?

🧠 NTFY is a free and open-source software solution that sends push notifications over the internet—without a central provider, simply via HTTPS. You can think of it like a small private mail carrier for your apps: Instead of Google or Apple forwarding your messages, your own server takes care of it.

📲 This becomes especially powerful when combined with the open standard UnifiedPush. UnifiedPush ensures that apps on your smartphone are no longer dependent on Google services to receive messages. Instead, the apps register with your own push server—in my case:

🌍 https://ntfy.it-service-commander.de

This allows notifications (for example from messengers or email apps) to work without a Google account or Play Services.

🔒 Privacy and Security Come First

🛡️ The big advantage: All data stays on my server.

That means:

  • No connection to Google, Apple, or any other cloud provider
  • No data sharing or analysis by third parties
  • Full control over retention periods, logs, and access rights

📊 Push messages contain no actual content.
They are only small technical signals such as “New message available.” Your app then retrieves the actual encrypted content directly from the respective service (e.g., Matrix or email). This ensures complete data protection—no one but you and your app can see the content of your messages.

⚙️ How to Set Up the Service in Your NTFY App


📲 Setup is incredibly simple:

  1. Open the NTFY app (available free on F-Droid or the Play Store).
  2. Go to Settings → UnifiedPush Server.
  3. Enter my server address:
    👉 https://ntfy.it-service-commander.de

That’s it!
From now on, supported apps will automatically use this server to receive push notifications.

💡 Many privacy-friendly apps such as Element (Matrix), FluffyChat, or NextPush already support UnifiedPush.

🧰 Technical Background (Simply Explained)

💻 I run my NTFY server on a secured Linux system.
A reverse proxy (Nginx Proxy Manager) handles encrypted HTTPS connections. User self-registration is disabled, and strict limits are in place for message and attachment sizes. Uploads without authentication are completely turned off.

This ensures that the server is used solely for push notifications—not for files or chat messages. That prevents abuse and keeps communication lightweight and secure.

🚀 My Conclusion

🔒 I can now offer push notifications without relying on Google or Apple.
That gives me full control over technology and data privacy, allowing me to provide clients with a modern and secure alternative.

📡 If you value privacy, data sovereignty, and independence, running your own UnifiedPush service with NTFY is the right choice.

📥 Download NTFY and Try It Yourself

⬇️ You can download the NTFY app safely and for free here:

📱 Android (Google Play Store)
👉 Open NTFY in the Play Store

🐧 Android (F-Droid – Google-free version)
👉 Download NTFY from F-Droid

🍎 Apple iOS (App Store)
👉 View NTFY in the App Store

🛰️ Direct download from IT-Service-Commander.de

Manual installation file available for free download (for advanced users)

Connect NTFY directly to my server and start using privacy-friendly push notifications – completely free from Google or Apple services.

🛡️ “Owning your infrastructure isn’t a burden – it’s digital freedom.”
– Yours,
Tom Commander

Categories
Blog Cloud Future Security Server

2025-10-12: Rhineland & Digital Future – IT with Heart and Mind

🧡 The Rhineland – a place of culture, progress, and community
In the Rhein-Erft district, tradition meets innovation. Between vibrant culture, dedicated people, and constant change, the Rhineland is a region where people love to live – and work.

⛰️ A symbol of transformation: the Sophienhöhe
Behind the Sophienhöhe, the Hambach open-cast mine is still in operation. The forested hill shows how nature can return to an area once shaped by industry. It stands for change – just as modern IT creates something new from existing systems.

💡 IT services with a regional touch
As an IT service provider based in the Rhineland, I help companies make their IT infrastructure secure, efficient, and future-proof. My services include:

  • 🔒 Data backup & IT security
  • ☁️ Cloud and remote work solutions
  • 🖥️ Remote maintenance & video conferencing
  • 🌐 Websites & hosting on German servers

🚀 My goal: Technology should work for you – reliably, securely, and without complications.
With personal support and clear communication, I provide IT solutions tailored to your business – modern, sustainable, and people-oriented.

Categories
Blog Backupsolutions Security Server Uptime

2025-09-27: Backup or Bankruptcy – Why I Pull the Plug on Cyber-Extortionists

Imagine this: It’s Monday morning, the coffee machine is running, your PC boots up – and suddenly, shock. Instead of your usual desktop, a dark message pops up: “Your data has been encrypted. Pay in cryptocurrency XY.”
This scenario happens every single day in companies across the globe – from small businesses to international corporations. Cybercriminals make no exceptions.

🔒 Ransomware – a Growing Threat

A recent example shows how serious this has become: In September 2025, a ransomware attack on IT service provider Collins Aerospace crippled the check-in systems of several European airports – including Berlin. Thousands of passengers were stranded, flights were delayed or canceled altogether. Investigators believe the ransomware group HardBit was behind the attack.

👉 The message is clear: If even critical infrastructures with million-dollar budgets can be knocked out, how quickly could it happen to small and mid-sized companies without a professional backup strategy?

And this is exactly where I come in: How do I protect your business from this nightmare?

☁️ My Safety Net: The 3-2-1 Principle

I rely on the proven 3-2-1 principle:

  • 3 copies of your data
  • 2 different storage types (e.g., local backup and NAS)
  • 1 copy stored externally in the cloud

This ensures that even in the worst case – if your local IT is compromised – your data remains safe, encrypted, and quickly recoverable.

🚀 My Backup Solutions – Scalable for Your Business

I know every company is different. That’s why I offer packages tailored to size and data requirements:

  • Starter Package: 5 TB of data – ideal for small businesses and startups
  • Business Package: 10 TB of data – perfect for growing companies
  • Enterprise Package: 20 TB and up – scalable for corporations and complex IT environments

All packages include automated backups, bank-level encryption, and cloud storage in European data centers.

💡 More Than Backups – Guaranteed Business Continuity

For me, it’s not just about securing your data – it’s about getting you back on your feet fast in the event of an attack. After all, what good are backups if you’re offline for days? With my solutions, you’ll be up and running again in no time – whether in the office, at home, or on the go.

Conclusion

Ransomware isn’t going away – but your company doesn’t have to be a victim. With the 3-2-1 principle, modern backup strategies, and scalable cloud solutions, I make sure your data is protected and your business keeps moving.

Without a proper backup strategy, the managing director is personally liable – and that’s about as funny as a dentist visit without anesthesia. 🦷

Categories
Blog Server Video conference

2025-09-13: Secure Video Conferences for Your Business

As IT-Service-Commander, I now offer professional video conferencing solutions tailored for companies. Many businesses still rely on US providers like Zoom or Teams – which comes with risks regarding data protection and dependency. My solution: GDPR-compliant, hosted on German servers, and easy to use.

Your benefits:

  • Strong security & encryption
  • Join via link – no registration required
  • Works in browser or via mobile app
  • Useful features: screen sharing, chat, recording, password protection

The system is based on the proven open-source platform Jitsi – transparent, reliable, and independent. Whether for small team meetings, webinars, or large-scale online events: I provide a solution customized to your company’s size and requirements.

🤝 My service for you:

  • Personal consultation & setup
  • Training and ongoing support
  • Flexible packages with transparent pricing

This gives you full control over your data, reliable technology, and a future-proof communication solution.

👉 Learn more at: Video conference

Categories
Blog Cloud Security Server

2025-09-05: Microsoft Lock-In? Break Free – Build Your Own Cloud!

Let’s be honest: Do you really want to hand over your sensitive data blindly to a corporation like Microsoft?
I don’t. And that’s exactly why I keep advising my clients not to fall into the dependency trap of Microsoft Cloud.

🔒 Control Instead of Dependence

In Microsoft Cloud, it’s not you but Microsoft who decides what happens with your data, where it’s stored, and which features will still be available tomorrow. Once you’re locked into this ecosystem, it becomes very hard to get out.
That’s what I call vendor lock-in – and it’s not a technical feature, but an economic trap.

⚡ Your Own Cloud – Faster Than You Think

Many believe running their own cloud is complicated, expensive, and slow. The truth is just the opposite:

  • With modern open-source solutions, I can set up a high-performance cloud environment for you in no time.
  • A VPN server ensures secure access from anywhere.
  • Your own cloud server takes care of data storage – and you remain in full control.

The result: super fast, flexible, and free from artificial limitations.

🛠️ Multiple Paths to Success

There isn’t just one way to do it – there are several great options that can be tailored to your needs:

  • Nextcloud: One of the most popular open-source platforms for files, calendars, contacts, and more.
  • Synology DiskStation: Ready-to-use hardware solutions with built-in cloud software, easy to administer.

Whether you prefer maximum flexibility or a convenient turnkey package – both are possible, without falling into Microsoft’s grip.

💡 Why It’s Better
  • No license fees: Stop paying monthly for unused accounts.
  • Full data sovereignty: Your data stays where it belongs – with you.
  • Transparency: Open solutions, no black box.
  • Flexibility: Adapted to your business, not to a corporation’s rules.
🚀 My Offer to You

As an IT service provider, I specialize in freeing companies from the Microsoft Cloud straitjacket and setting up powerful alternatives.
You don’t need to understand the hardware or software in detail – I take care of the setup, security, and operation.

👉 The result: Your own cloud. Independent, fast, and secure.

Categories
Blog Android Messenger OpenSource Security Server

2025-08-17: Molly – Your Privacy-Focused Alternative to Signal

As an IT consultant, I see every day how important secure and private messaging is. Signal does a great job and is rightly considered one of the most secure messengers ✅ – but Molly puts even more emphasis on privacy and control.

What’s especially interesting: On GrapheneOS, Molly is available by default, as it is recommended there as a trusted messenger. But you can also use Molly on any other Android system by simply installing the APK manually.

Why Molly?

Molly is based on the Signal protocol but adds additional security features such as encryption at rest (encrypting locally stored data).

Other advantages include:

  • Open-Source – transparent and verifiable.
  • More control – option to use your own push infrastructure.
  • Optimized for privacy – especially in combination with GrapheneOS.

For a deeper look at GrapheneOS, check this out:
GrapheneOS – More Security, Less Google: How to Make Your Smartphone Truly Private

Download the Latest Version
Please note:
Manual installation file available for free download (for advanced users)
Setup with My Molly-Socket Server

To make Molly even more privacy-friendly, you can connect it to my own Molly-Socket server:

https://molly.it-service-commander.de

Here’s how:

  1. Open the app.
  2. Go to Settings → Notifications → Push Notifications.
  3. Select “Unified Push” ? as the push service.
  4. Scan the QR code from my website.
    (https://molly.it-service-commander.de/)

This way, your push notifications don’t run through third-party servers but through your own infrastructure ?️ – a clear advantage for privacy.

Conclusion

Signal is already excellent ✅ – but Molly is the even more privacy-focused choice. On GrapheneOS, Molly comes preinstalled, and on any other Android system it can easily be installed manually.

I personally use Molly every day – not just as a messenger, but as part of a holistic privacy strategy.

Categories
Blog DNS E-Mail Server Webhosting

2025-08-12: My Own Mail Server – and Why Telekom Initially Didn’t Like It

As an IT service provider, I wanted to see for myself: running my own mail server – fully under my control, without depending on external providers.
For this, I use Mailcow, an open-source mail server suite running on a dedicated VPS at Hetzner. Everything is secured, regularly patched, and equipped with anti-spam mechanisms.
So far, so good – or so I thought.

What Actually Happens When an Email Is Sent?

When you send an email, several technical steps happen in the background:

  1. Connection Between Servers
    Your mail server accepts the message and connects to the target mail server – for example, Microsoft, Yahoo, GMX, Web.de, or Telekom.
  2. Identity and Security Checks
    Before the email is accepted, the receiving server checks:
    • Reverse DNS – Does the IP address match the hostname?
    • SPF, DKIM, DMARC – Do the authentication records match?
    • Reputation – Is the sending server known as trustworthy or as a spam source?
  3. Acceptance or Rejection
    If the server fails these checks, the result is ❌ “554 – Bad reputation” or a similar error message.
My Problem with Telekom

While Google, GMX, Web.de, and Yahoo accepted my emails without complaint, Telekom blocked everything coming from my server.
The reason: my IP address had been “inactive for a long time” and therefore had no reputation. For security reasons, Telekom does not accept such senders until they are reviewed – a protection mechanism for their customers.

In practice, this meant that even perfectly configured emails with all standards in place were rejected until I contacted Telekom directly.

✅ The Path to Getting Whitelisted

After a friendly but very technical exchange with Telekom’s Email Engineering team, the following requirements became clear:

  • The hostname of my server had to clearly identify me as the operator.
  • A publicly accessible contact option (phone number, legal notice) had to be linked directly to the sending domain.
  • The server could not be a shared host – only I am allowed to send emails from this IP.
  • Abuse protection (rate limits, account blocking for spam) had to be active.

I adjusted the configuration, redirected my domain cmdsrv.de directly to my legal notice page, and confirmed all required points.
Shortly afterward, I received confirmation from Telekom that my IP reputation would be reset:

“We will arrange for the reputation of this IP number to be reset in our systems. (Please note that depending on system load, it may take up to 24 hours for the change to take effect, but experience shows that this is usually done within one to two hours.)”

DMARC Reports – A Must for Admins

In addition to SPF, DKIM, and a clean reputation, as a mail server operator you should regularly evaluate DMARC reports.
These reports are automatically sent by many providers if you create a Postmaster address and set the appropriate DMARC entry in your DNS records.

Example of a valid DMARC DNS record:

v=DMARC1; p=quarantine; rua=mailto:postmaster@DOMAINNAME.de

Important:

  • postmaster@DOMAINNAME.de must be a functional email address that you check regularly.
  • These reports show you from which IP addresses emails were sent in the name of your domain and whether they passed SPF/DKIM checks.
  • This way, you can detect abuse and configuration errors early.
Useful Links for Testing Mail Server Reputation & Configuration

Tip: Run these tests before going live – this will help you avoid surprises with strict providers like Telekom.

☎️ Telekom Postmaster Contact

If your emails are blocked by Telekom, you can reach the Email Engineering team here:

Deutsche Telekom AG
E-Mail Engineering
Deutsche-Telekom-Allee 9
64295 Darmstadt
E-Mail: tobr@rx.t-online.de
Postmaster FAQ: https://postmaster.t-online.de

✅ Mail Server Operator Checklist

Security & Authentication

  • SPF record correctly set
  • DKIM signature active and valid
  • DMARC policy set (and reports reviewed)
  • Functional postmaster@ address created

DNS & Accessibility

  • Reverse DNS (PTR) points to the correct hostname
  • A and MX records are correct and point to the server
  • Website legal notice/contact page linked with sending domain

Reputation & Testing

  • IP address not on blacklists
  • Passed tests with Google, Microsoft, Telekom, GMX/Web.de
  • Mail test score at least 9/10

Operation & Monitoring

  • Spam and virus protection active
  • Rate limits for outgoing mail
  • Log monitoring & alerts for unusual activity
  • Regular backups of mail server configuration and mailboxes

Networking with Other IT Administrators
If you need support or want to exchange ideas with other admins facing similar problems, you’re welcome to join my Matrix Support Groups.
Here I’m happy to help with questions about mail servers, networking, and IT security:
https://it-service-commander.de/en/support-3/groups/

Categories
Webhosting Blog Server Uptime

2025-07-10: New: Web Hosting for Your Online Presence – Directly Managed by Your IT Service Provider

As your trusted IT service provider, I am now pleased to offer not only traditional IT services but also professional web hosting for your online presence.

What can you expect?

With my web hosting service, you will receive:

WordPress websites – customized to your individual needs.
Your own domain & email address – e.g. max.mustermann@your-domain.com.
Worry-free package – I handle the setup, maintenance, and security for you.

For more details, please visit my website under:
➡️ Private Clients => Homepage/Website or
➡️ Businesses => Website.

Technically up to date

Your WordPress site runs in a modern Docker container and is hosted on a virtual private server (VPS). This ensures high flexibility and performance.

Security and backups:

  • Nightly automatic backups of your entire website (including Docker container) are performed.
  • Your emails are managed on a separate VPS using the reliable Mailcow software, enabling you to send and receive emails with your own domain and personalized addresses.

Professional management included

As your IT service provider, I take care of the complete administration and monitoring of your web hosting:

Regular security updates, including for WordPress and installed plugins.
Monitoring to ensure your website is always online.
Prompt assistance, should any issues arise.

Interested?

If you would like to host a new website affordably through me or move an existing WordPress installation, feel free to get in touch. ✉️
I will be happy to advise you individually and find the perfect solution for your project.

Categories
Blog Anonymity Messenger Security Server

2025-06-15: Use WhatsApp securely with a Proxy

In an age where data privacy is increasingly important, it’s essential to be aware of your digital footprint. Messaging apps like WhatsApp, operated by Meta (formerly Facebook), collect a wide range of metadata — even though message content is end-to-end encrypted.

Fortunately, there’s a solution for anyone who wants to continue using WhatsApp without exposing their connection details: my free WhatsApp Proxy Service!

What Does My WhatsApp Proxy Do?

My WhatsApp proxy service acts as an intermediary between your device and WhatsApp’s servers. Instead of connecting directly to Meta’s servers, your data traffic is routed through my proxy. This means:

  • ✉️ Hidden IP Address: WhatsApp (i.e., Meta) no longer sees your real IP address, preventing them from determining your location or internet provider.
  • ✔️ No Geo-Tracking: The detour via proxy makes it nearly impossible to track your location.
  • ✔️ Encrypted Communication: All data is transmitted using SSL encryption.
  • ⛔️ Minimal Metadata: Information about your device, region, or connection time is significantly reduced.
  • ✔️ Free and Anonymous: The service is completely free and requires no registration.
How to Set Up the WhatsApp Proxy
  1. Open WhatsApp and tap the three dots in the top right corner (⋮).
  2. Navigate to Settings > Storage and Data > Proxy.
  3. Enable Use Proxy.
  4. Tap on Set up Proxy and enter the following details:
    • Proxy Host: whatsapp.it-service-commander.de
    • Chat Port: 7001
    • Media Port: 7007
  5. Confirm by tapping the check mark ✅.
  6. It should now display “Connected”.

And that’s it — you’re securely connected via my proxy! ?

Why Using a WhatsApp Proxy Makes Sense ❓

Meta makes its money through ads and analytics — not just by what you write, but by tracking when, where, how, and with whom you communicate. Even without accessing your message content, Meta knows when you’re online, who you’re chatting with, and from where.

Conclusion ✅

My WhatsApp Proxy Service offers a simple, effective tool to enhance your digital privacy. No registration, no fees — just real benefits:

More privacy, less surveillance.

Try it out yourself and feel free to share this information with others who value digital self-determination.

I am an IT specialist focused on networks and server services. I am happy to assist with technical questions or custom requirements. Feel free to get in touch — inquiries are always welcome.

Categories
Blog Messenger OpenSource Security Server

2025-06-11: Replace Microsoft Teams with Matrix & Element

In a time when data protection, digital sovereignty, and cost control are more important than ever, many companies are looking for a real alternative to Microsoft Teams. As an IT service provider, I offer exactly that: a powerful, modern communication solution – based on the Matrix protocol and the open-source Element interface.

? What is Element – and what is Matrix?
  • Element X / Element Web is the front-end interface for messaging, file sharing, and video conferencing – available on laptops, smartphones, and tablets.
  • Matrix Synapse is the backend – it runs on your own server and handles secure, decentralized communication.
?️ Full control over your data – no dependency on Microsoft

With my solution, every company runs its own communication server in a German data center. This ensures that every message, file, and call stays in-house – without being routed through U.S.-based platforms or global cloud infrastructures.

? No data transfer to the USA
? No Microsoft accounts or licenses required
?? Server location: Germany – fully GDPR compliant
100% independence from U.S. corporations

Everything modern teams need
  • ? One-on-one and group messaging
  • ? Secure file sharing
  • ? Voice and video calls
  • ? Cross-platform usage (laptop, phone, tablet)
  • ?️ Structured rooms for teams and projects
? Trusted by military and governments

Matrix and Element are already in use by various military and public-sector organizations: The U.S. Navy uses Matrix on multiple ships for secure internal communication. The German Bundeswehr operates its own Matrix-based messenger (BwMessenger). Governments in France, Luxembourg, Sweden, and the German healthcare sector also rely on Matrix for secure, sovereign communication.

This is all provided on a secure, open-source foundation – flexible, transparent, and future-ready.

? Clear savings – year after year

Compared to Microsoft Teams, a company with 20 employees can save up to $1000 per yearwhile keeping full control over all internal communication and data.

?️ My offer to you
  • Setup and operation of your own Matrix instance
  • Deployment of Element Web / Element X as the user interface
  • Ongoing maintenance, security updates, and technical support
  • GDPR-compliant configuration
  • Optional: onboarding and training for your team
✅ Conclusion

With Matrix and Element, you gain a professional, secure, and cost-effective communication platform – without Microsoft, without data leakage, and without vendor lock-in.

? I’m happy to provide a custom quote tailored to your company size and needs.
Independent. Secure. Future-proof. – Your new communication solution.