Hello
I have to setup a secured email server
- encrypted filesystem
- SSL or TLS only for SMTP and IMAPS
- Talking only to some known other same-secured servers
Any info/links welcome !
Please do not start some flame war around this !
I've been ordered to set up such server and I KNOW there
On 2013.10.23 08:44:10 +0200, BONNET, Frank wrote:
Hello
I have to setup a secured email server
- encrypted filesystem
- SSL or TLS only for SMTP and IMAPS
- Talking only to some known other same-secured servers
Any info/links welcome !
http://www.postfix.org/TLS_README.html
Hello,
I have an application that during its operation it generates lots of RFC-822
format emails.
My task is to send them to a single remote email address, and I've decided that
I rely on
postfix to do the job.
I wouldn't use a regular smtp chat with the postfix smtpd daemon, because I
Kov?cs Albert:
I wouldn't use a regular smtp chat with the postfix smtpd daemon,
because I don't want to block the application until smtpd receives
the message.
There is no need to block the application. Use parallism.
My next idea is to just modify the application, and drop (with the
link()
Hello Wietse,
thanks for the clarification, I'd stick to a stable and supported method.
On the QSHAPE_REAME page you say that try to keep the volume of local mail
injection to a moderate level.
Can you give me a rough estimation on moderate level for such an environment
where the only source
Try postfix, dovecot, forced ssl/tls, with gpg-mailgate. I only allow imaps
connections then gpg-mailgate encrypts all messages with the users public key.
Works perfectly. Just my 2c.
Bruce
Kov?cs Albert:
Hello Wietse,
thanks for the clarification, I'd stick to a stable and supported
method.
Thanks. And I with I had a better answer.
Speaking which, Postfix supports QMQP. This protocol is simpler
than SMTP, designed by Dan Bernstein, and is based on netstrings.
Netstrings are
Roland de Lepper:
smtpd_milters = inet:81.x.x.x:8092 inet:217.x.x.x:8092
milter_default_action = tempfail
milter_connect_timeout = 10s
This works perfectly without any problems. the question raised, what if the
connection between the mailserver and location B is down. Is the email
As
Hi Wietse,
Thanks for the reply.
What about milter_default_action = quarantine ?
regards,
Roland de Lepper
On Wed, Oct 23, 2013 at 1:24 PM, Wietse Venema wie...@porcupine.org wrote:
Roland de Lepper:
smtpd_milters = inet:81.x.x.x:8092 inet:217.x.x.x:8092
milter_default_action =
On 10/23/2013 6:22 AM, Kovács Albert wrote:
On the QSHAPE_REAME page you say that try to keep the volume of
local mail injection to a moderate level.
Can you give me a rough estimation on moderate level for such an
environment where the only source of messages
is the local injection? I mean
On 10/23/2013 8:40 AM, Roland de Lepper wrote:
Hi Wietse,
Thanks for the reply.
What about milter_default_action = quarantine ?
The quarantine action accepts mail and puts it in the hold queue
when the milter cannot run.
Once mail is on hold, manual intervention is required.
The
Roland de Lepper:
Hi Wietse,
Thanks for the reply.
What about milter_default_action = quarantine ?
As documented, this leaves the message in the hold queue. If the
Milter should have done something with the message, then those
things will never happen. The message is now in the queue,
On Wed, Oct 23, 2013 at 09:39:36AM +0200, Tobias Reckhard wrote:
with instructions on how to extract public key digests from X.509
certs also at:
http://www.postfix.org/postconf.5.html#smtp_tls_fingerprint_digest
Those instructions had me confused a bit, I think I now see why. I'd
this stems from another discussion
[http://archives.neohapsis.com/archives/postfix/2013-10/0454.html].
i'm currently doing:
transport_maps = hash:$table_directory/transports
cat transports
example.com example-internal:
foo.example.com smtp:
.example.com
On Wed, Oct 23, 2013 at 11:24:13AM -0400, btb wrote:
i'm wondering if this could be done in a different manner, that
wouldn't require the explicit smtp reference for foo.example.com -
for example:
example.com example-internal:
.example.com!foo.example.com
Hi all :-)
I read a lot but not enough...
I need a something to block the spam when an account email has violated...
so the spammer can use that account to relay spam emails to the world
Are there postfix options to block this (or slowing down) or I need use
third parts software?
Need I work
Pol Hallen:
Hi all :-)
I read a lot but not enough...
I need a something to block the spam when an account email has violated...
so the spammer can use that account to relay spam emails to the world
Are there postfix options to block this (or slowing down) or I need use
third parts
Try: postfwd or policyd rate limiting.
Sure! Thanks! A last question:
real situation: sasl+tls user accounts.
supposed situation: someone hack an account and take user+pass. That
person do a script like this:
i=0
while [ $i != 50 ]; do
echo test | /usr/bin/mail -s test message$i
On Wed, Oct 23, 2013 at 07:25:29PM +0200, Pol Hallen wrote:
Wietse:
Try: postfwd or policyd rate limiting.
Sure! Thanks! A last question:
real situation: sasl+tls user accounts.
supposed situation: someone hack an account and take user+pass.
That person do a script like this:
i=0
On Tue, Oct 22, 2013 at 06:07:49AM +, Viktor Dukhovni wrote:
Follow-up, comments after a brief email discussion with Paul Wouters
of RedHat:
* Firstly, client TLS extensions are not possible when the client starts
with an SSLv2 compatible SSL HELLO. So the list of supported curves
is
Am 23.10.2013 22:57, schrieb Viktor Dukhovni:
On Tue, Oct 22, 2013 at 06:07:49AM +, Viktor Dukhovni wrote:
Follow-up, comments after a brief email discussion with Paul Wouters
of RedHat:
thank you so much for that!
* Firstly, client TLS extensions are not possible when the client
21 matches
Mail list logo
