Re: Fallback to IPV4 in case of IPV6 is not available
> On Apr 1, 2017, at 4:19 PM, Rick Zemanwrote: > > Comcast, surprisingly, is way ahead of the residential game: I am not surprised. In addition to having IPv6 they also have DNSSEC deployed, and have published working DANE TLSA records for their MX hosts. Bottom line, SMTP at Comcast is actively maintained to modern standards. -- Viktor.
Re: Fallback to IPV4 in case of IPV6 is not available
On Sat, Mar 25, 2017 at 2:48 PM, Paul Cwrote: > I wish the world would use ipv6 enough for this to be worth doing, but > it's not going to have much benefit to you as there's almost no one > using it for smtp, from the last time I checked which was a few months > ago, google uses it perfectly, verizon too (maybe a few more cable > domains), yahoo looked like they were trying lol, website and some > services were v6 this year but smtp was not when I checked, hotmail > doesn't use it anywhere from what i can see, aol never will and almost > no self hosted mail server will have it. My guess is (unless gmail is > where most mail goes) that you might see a few percent like 1-5% of > mail ever use it. Not a bad research project or knowing v6, or if you > have other reasons, but actual sending out is just not happening any > time soon. Comcast, surprisingly, is way ahead of the residential game: Apr 1 16:17:12 miniserv postfix/smtp[79694]: Untrusted TLS connection established to smtp.comcast.net[2001:558:fe21:2a::5]:587: TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits) Apr 1 16:17:12 miniserv postfix/smtp[79694]: 252483CACE40: to= , relay=smtp.comcast.net[2001:558:fe21:2a::5]:587, delay=1.6, delays=0/0/1.3/0.25, dsn=2.0.0, status=sent (250 2.0.0 uPSRcVCa8qoNEuPSSchbjZ mail accepted for delivery) Apr 1 16:17:12 miniserv postfix/qmgr[62620]: 252483CACE40: removed
Re: message_size_limit - how to configure on multiple instances ?
thank You all :) 30 mar 2017 21:47 "Viktor Dukhovni"napisał(a): > > > On Mar 30, 2017, at 12:35 PM, Zalezny Niezalezny < > zalezny.niezale...@gmail.com> wrote: > > > > # postconf -d | grep message > > The "postconf -d" command returns compiled-in defaults. > For your actual settings, try "postconf", either with > no options or as "postconf -n" for just non-default > settings. See postconf(1) for details. > > -- > Viktor. > >
Re: need little help with DKIM, if possible.
On 30 March 2017 at 17:42, Viktor Dukhovniwrote: > > > On Mar 30, 2017, at 12:35 PM, Dominic Raferd > wrote: > > > > As I understand it, DKIM requires a separate DNS record for each > subdomain > > No, DKIM has no such requirement. The DKIM signing domain "d=" in the > DKIM signature header is not constrained to match the domain in the > rfc2822 "From:" header. All that DKIM conveys is the identity of the > domain responsible for the content. DKIM authenticates the origin > domain, not the author. Thanks Viktor on reflection that is clearly right. What I should have said is that valid DKIM only proves that the content of the email came from the domain in the From header if this domain matches the one in the DKIM header. BTW I recently discovered a neat Thunderbird Add-On 'DKIM Verifier' which can colour(color) the background to the sender name (i.e. From header) green if the domain matches the DKIM domain (example: P.V. Anthony's email in this thread, mine too I hope), orange if they mismatch (example: Angelo's emails in this thread), no colour if there is no DKIM (example: your emails in this thread), red if the DKIM signature is bad.