"faaleoleo.io — who is behind the "[email protected]" attacks
An anonymous sender using the identity "Dev Team" [email protected] has
been posting hostile attacks on NGBackup, both directly and to the public
bacula-users mailing list. The domain and email headers tie this identity
to the Bacula / BareOS circle in Germany, specifically to Reiner Jung
(M:Tier).

SPF evidence. The SPF record for faaleoleo.io (which authorizes who may
send email on its behalf) lists:

178.63.245.123 → www.mtier.org (M:Tier, Reiner Jung's company)
So faaleoleo.io explicitly authorizes M:Tier's server to send mail for it.
The domain also shares the same host and SPF IP block as its mail server
mail.sec4share.me. All infrastructure is Hetzner, Germany.

Header evidence (stronger than SPF). The hostile email of 7 Jul 2026 ("Re:
[Bacula-users] The NGbackup"), From [email protected], was addressed
To: Heitor Faria and Reiner Jung [email protected]. An earlier attack (4
Jul) was addressed to Heitor and Arno Lehmann [email protected], another
long-time Bacula figure. All messages sent via mail.sec4share.me using the
"Canary" client, with DKIM failing for @faaleoleo (consistent with a
throwaway/impersonation domain).

Conclusion. The anonymous [email protected] identity is operated from,
and SPF-linked to, M:Tier's infrastructure, and Reiner Jung is a named
party on the attack thread. This is the German Bacula/BareOS circle using a
non-attributable identity to attack a competitor. What is not provable is
the exact person who typed each message (the WHOIS registration is
privacy-masked); the records prove the infrastructure and the circle, not
signed authorship."

Is this true, Reiner?

On Tue, Jul 7, 2026 at 8:00 AM Dev Team <[email protected]> wrote:

> Heitor,
>
> NOBODY can/will run a backup on SAP which is not certified! You will loose
> your support same moment. I think I know SAP and requirements well. SAP
> have very hard requirements even how your setup for testing - staging and
> production must look like.
>
> Your is based on what? active active, stand by, bow failover work. how you
> get a quorum?
>
> I really would like to talk to a customer of you which is experience of
> your new development. Which if your customer use a Mainframe? Government i
> know the responsible people in Brazil and I could ask them they know
> anything about NG backup. 0r maybe SERPO? All my contacts dont know
> anything about NGbackup
>
>
>
> On Dienstag, Juli 07, 2026 at 2:11 PM, Heitor Faria <[email protected]>
> wrote:
> Hello Reiner,
>
> Thanks for the detailed note. It's clear you read the material closely, so
> let me answer point by point.
>
> PodHeitor vs NGBackup. You're conflating two different products (thanks
> for being my fan). PodHeitor was built on Community Bacula and deprecated
> for the better stuff. NGBackup is a from-scratch engine: 1,000+ Rust source
> files, zero C, memory-safe by construction. That's not a marketing
> adjective. It's why the whole class of memory-corruption CVEs that legacy
> engines keep publishing cannot occur here. So "nothing has changed since
> PodHeitor" is simply wrong. Everything under the hood changed.
>
> "Just repackaged community plugins." Every NGBackup plugin is written in
> one standard language, Rust, compiled and memory-safe. That is materially
> more performant and more serious than the open-ended
> PowerShell/Python/shell scripts that other suites rely on for their
> plugins. Uniform tooling, no interpreter sprawl, no per-plugin runtime
> surprises. That is original engineering, not copy-paste.
>
> High availability. This is real HA, not file copying. NGBackup runs an
> active/standby Director pair with product-managed catalog and configuration
> replication. It supports automatic failover with witness quorum and a
> split-brain guard, plus planned, unplanned, maintenance and test failover
> modes, and failback with reverse sync. Calling that "SCP/SFTP somewhere" is
> not accurate. It is a designed control-plane HA architecture, and it is
> exactly what enterprise backup HA is supposed to mean.
>
> Deduplication. There's nothing to misunderstand here. Any backup
> specialist knows dedup ratios improve as more repetitive, retained backups
> accumulate. We state the industry-standard 20x, with some environments
> exceeding 60x at higher retention and redundancy. That's a range tied to
> retention, reported exactly the way every dedup vendor reports one. Not a
> lab trick. Arithmetic.
>
> Where else we are ahead of Bacula Enterprise:
>
> A single control plane. Every daemon (Director, SD, FD) is remotely
> reconfigurable, reloadable and restartable from one place, including remote
> SD/FD config edits with validation, atomic apply and rollback. Bacula has
> none of this.
> Config-as-data. Director configuration lives in the database as immutable,
> versioned revisions. No config-file sprawl across daemons and plugins.
> No clear-text passwords in files. Enrollment is token-based. Secrets are
> sealed, never written in plaintext to a .conf.
> Modern and vastly more complete Web and console interfaces.
> Mainframe / SAP HANA. We have real customers running both in Brazil. The
> ADABAS plugin ships today. z/OS binaries are being built. On SAP HANA
> specifically, the absence of a formal certification badge doesn't mean the
> capability can't be delivered. Certification is a commercial and
> partnership step, not a technical ceiling. We have customers on it.
> Bloom filters and segment locality in Dedup for better performance.
>
> Pricing. Enterprise backup is quote-based across this market. Bacula
> Enterprise and the other vendors don't publish price lists either. Ours is
> the same model, with a concrete migration discount for teams leaving Veeam,
> Commvault or NetBackup.
>
> On the "copy-paste" thesis generally. A single Rust control plane,
> active/standby HA with automatic failover, config-as-data in the catalog,
> tokenized enrollment with no plaintext secrets, and Rust-native plugins are
> not things the community project offers. That is original design, and it's
> shipping.
>
> I'll note, since it's relevant to the tone here, that you have a
> commercial relationship with Bacula Systems, and this critique arrives
> alongside messages on LinkedIn that I'd characterize as threats. I'm glad
> to have a technical debate on the merits. I'd rather keep it there.
>
> Best regards,
> Heitor Faria
> NGBackup / NGStructures, LSG Global Group
>
> On Tue, Jul 7, 2026 at 6:41 AM Reiner Jung <[email protected]> wrote:
>
>> Heitor,
>>
>> It looks as if the only real selling point of your solution is that it is
>> written in Rust. Apart from that, if you take a closer look at what you are
>> trying to sell here, it is just marketing fluff.
>>
>> Let’s take ransomware detection as an example. It is more than doubtful
>> that what you are selling now is any different from what you already tried
>> to market some time ago as PodHeitor. It was ineffective and pointless
>> then, and nothing here suggests that has changed.
>>
>> Your claim of deduplication with a 60x factor is highly questionable. I
>> have no idea how you arrive at such numbers – presumably under idealized
>> lab conditions with a carefully selected configuration that has little to
>> do with reality.
>>
>> You also write:
>>
>> “From the mainframe to Microsoft 365 in one place — 21 database,
>> virtualization and cloud plugins.”
>>
>> I assume you do not have a mainframe at home, and it does not appear on
>> your actual plugin list either. This makes your marketing statement
>> misleading at best. As PodHeitor there was ever SAP HANA. You never can
>> provide this as you must be a partner and you are not.
>>
>> Your so‑called “high availability” is no such thing; at most it is a
>> simple failover where you copy files somewhere else using SCP/SFTP.
>> Architecturally, this is just wrong and falls far short of what real HA
>> means in enterprise backup. Is this really automatic failure? Ask you AI,
>> it is not.
>>
>> Your entire solution looks just as fragile as your previous offerings
>> that you kept promoting with bpipe and similar tools.
>>
>> There is also no transparent price list, just a vague promise to be 50%
>> cheaper than Veeam. Where are your actual prices? On your own site, you
>> instead advertise discounts of “≥ 50% off your current Veeam / Commvault /
>> NetBackup contract,” which raises even more questions about how realistic
>> and sustainable your pricing is.
>>
>> Based on the documents you have published in the past, it is doubtful
>> that you even fully understood what your AI-generated material is saying.
>>
>> Most of the features you list here are not innovations at all but a cheap
>> copy of what you have simply recompiled or repackaged from Bacula
>> Community, which already offers many plugins and advanced backup functions
>> in open source form.
>>
>> The more interesting question is how you and your development team intend
>> to further develop Bacula Core itself, or whether you are once again just
>> waiting for the next community release so you can copy new features into
>> your product.
>>
>> Innovation does not come from copy and paste. It comes from original
>> design, real-world testing, and delivering value beyond what the community
>> has already built.
>>
>>
>>
>
> --
> Atenciosamente,
>
> Heitor faria (Miami)
> https://ngbackup.com
> WhatsApp: +1 786-726-1749 | +55 61 98268-4220
> _______________________________________________
> Bacula-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/bacula-users
>
>

-- 
Atenciosamente,

Heitor faria (Miami)
https://ngbackup.com
WhatsApp: +1 786-726-1749 | +55 61 98268-4220
_______________________________________________
Bacula-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bacula-users

Reply via email to