Re: Pledge() in smtpd
On 11/12/15 01:37, michalzient...@gmail.com wrote: Hello guys, Recently i was reading about new OpenBSD security mechanism called pledge(). I think this is another great idea from OpenBSD. Are you going to make use of it ? Regards, Michal Zientara Pledge is already used within the OpenBSD tree[1], so yes. On other platforms I can't tell you, since I'm not a developer on either smtpd or the other platforms, although I reckon it's highly unlikely, since it's an in kernel implementation. But as Theo stated[2]: someone smart might be able to build a compatible layer upon seccomp. Just don't hold your breath. [1] http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/smtpd.c?rev=1.254=text/x-cvsweb-markup [2] http://www.openbsd.org/papers/hackfest2015-pledge/mgp00034.html -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Pledge() in smtpd
On Thu, Nov 12, 2015 at 4:37 AM,wrote: > Hello guys, > > Recently i was reading about new OpenBSD security mechanism called pledge(). > I think this is another great idea from OpenBSD. Are you going to make use of > it ? > Yes, OpenSMTPd is already taking advantage of pledge() in OpenBSD. However, please note that this is an OpenBSD-only implementation, as pledge -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Odp.: Re: Pledge() in smtpd
That's great, thanx! --Oryginalna wiadomość-- Od: Martijn van Duren Do: misc@opensmtpd.org DW: michalzient...@gmail.com Temat: Re: Pledge() in smtpd Wysłano: 12 lis 2015 08:27 On 11/12/15 01:37, michalzient...@gmail.com wrote: > Hello guys, > > Recently i was reading about new OpenBSD security mechanism called pledge(). > I think this is another great idea from OpenBSD. Are you going to make use of > it ? > > Regards, > Michal Zientara > > Pledge is already used within the OpenBSD tree[1], so yes. On other platforms I can't tell you, since I'm not a developer on either smtpd or the other platforms, although I reckon it's highly unlikely, since it's an in kernel implementation. But as Theo stated[2]: someone smart might be able to build a compatible layer upon seccomp. Just don't hold your breath. [1] http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/smtpd.c?rev=1.254=text/x-cvsweb-markup [2] http://www.openbsd.org/papers/hackfest2015-pledge/mgp00034.html b��yǢ��m�+)[yƮ�쨹���r��y�h�+kiv��N�r��zǧu���[h�+��칻�&ޢ���kiv��
Pledge() in smtpd
Hello guys, Recently i was reading about new OpenBSD security mechanism called pledge(). I think this is another great idea from OpenBSD. Are you going to make use of it ? Regards, Michal Zientara -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Please help greenhorn to send email.
On 11/11/15 08:13, Mohammad H. Al Shami wrote: > What I personally do is have a single server in my network able to send > emails to the public, and all other servers just relay via that server. > > Makes handling DKIM/SPF/DMARC easier IMHO > you should correctly setup your hostname and you dns then. At least your hostname should resolve to something. Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org