Re: Pledge() in smtpd

2015-11-11 Thread Martijn van Duren 

On 11/12/15 01:37, michalzient...@gmail.com wrote:

Hello guys,

Recently i was reading about new OpenBSD security mechanism called pledge(). I 
think this is another great idea from OpenBSD. Are you going to make use of it ?

Regards,
Michal Zientara



Pledge is already used within the OpenBSD tree[1], so yes.
On other platforms I can't tell you, since I'm not a developer on either 
smtpd or the other platforms, although I reckon it's highly unlikely, 
since it's an in kernel implementation. But as Theo stated[2]: someone 
smart might be able to build a compatible layer upon seccomp. Just don't 
hold your breath.


[1] 
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/smtpd.c?rev=1.254=text/x-cvsweb-markup

[2] http://www.openbsd.org/papers/hackfest2015-pledge/mgp00034.html

--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Pledge() in smtpd

2015-11-11 Thread Loganaden Velvindron 
On Thu, Nov 12, 2015 at 4:37 AM,   wrote:
> Hello guys,
>
> Recently i was reading about new OpenBSD security mechanism called pledge(). 
> I think this is another great idea from OpenBSD. Are you going to make use of 
> it ?
>

Yes, OpenSMTPd is already taking advantage of pledge() in OpenBSD.

However, please note that this is an OpenBSD-only implementation, as pledge

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Odp.: Re: Pledge() in smtpd

2015-11-11 Thread michalzientara 
That's great, thanx!
--Oryginalna wiadomość--
Od: Martijn van Duren
Do: misc@opensmtpd.org
DW: michalzient...@gmail.com
Temat: Re: Pledge() in smtpd
Wysłano: 12 lis 2015 08:27

On 11/12/15 01:37, michalzient...@gmail.com wrote:
> Hello guys,
>
> Recently i was reading about new OpenBSD security mechanism called pledge(). 
> I think this is another great idea from OpenBSD. Are you going to make use of 
> it ?
>
> Regards,
> Michal Zientara
>
>
Pledge is already used within the OpenBSD tree[1], so yes.
On other platforms I can't tell you, since I'm not a developer on either 
smtpd or the other platforms, although I reckon it's highly unlikely, 
since it's an in kernel implementation. But as Theo stated[2]: someone 
smart might be able to build a compatible layer upon seccomp. Just don't 
hold your breath.

[1] 
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/smtpd.c?rev=1.254=text/x-cvsweb-markup
[2] http://www.openbsd.org/papers/hackfest2015-pledge/mgp00034.html

b��yǢ��m�+)[yƮ�쨹�޲��r��y�h�+kiv��N�r��zǧu���[h�+��칻�&ޢ���kiv��

Pledge() in smtpd

2015-11-11 Thread michalzientara 
Hello guys,

Recently i was reading about new OpenBSD security mechanism called pledge(). I 
think this is another great idea from OpenBSD. Are you going to make use of it 
? 

Regards,
Michal Zientara


-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Please help greenhorn to send email.

2015-11-11 Thread Giovanni Bechis 
On 11/11/15 08:13, Mohammad H. Al Shami wrote:
> What I personally do is have a single server in my network able to send 
> emails to the public, and all other servers just relay via that server.
> 
> Makes handling DKIM/SPF/DMARC easier IMHO
> 
you should correctly setup your hostname and you dns then.
At least your hostname should resolve to something.
 Cheers
  Giovanni 

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org