Re: Removing an old post
- Message from Viktor Dukhovni - Date: Tue, 15 Feb 2022 11:26:18 -0500 From: Viktor Dukhovni Reply-To: postfix-users@postfix.org Subject: Re: Removing an old post To: postfix-users@postfix.org On 15 Feb 2022, at 11:07 am, Jaroslaw Rafa wrote: It could help a bit if OP would know where exactly his security team found the posting in question. Then he should write to administrator of that particular site asking for removal. But even if it will be removed there, it is only one - as you noted - of multiple places where this post exists. But maybe his security team will be happy with removing it from that particular place where they found it... I would expect an archive operator to rightly refuse to remove archived posts. If I were an archive operator, I might suggest to the OP that a simpler solution might be to disband a security team that is blissfully ignorant of the ways of the Internet. It doesn't say anything positive about their security team does it, that their carefully corporate-risk-policy-assessed response to exposure of internal hostnames 8 years ago (wtf were they doing that someone thought this was a useful exercise lol) is to ask that it get deleted off the interwebs. Never mind horse bolted gate shutting... the gate hinges have rusted and the gate has fallen over on this one. It would be funny if it were not quite so disturbing. -- Simon Wilson M: 0400 12 11 16
Re: Removing an old post
On 2022-02-15 12:32, Wakefield, Robin wrote: Please consider the environment before printing this email or its attachments. why do you belive we are printing
Re: Removing an old post
> On 15 Feb 2022, at 11:07 am, Jaroslaw Rafa wrote: > > It could help a bit if OP would know where exactly his security team found > the posting in question. Then he should write to administrator of that > particular site asking for removal. But even if it will be removed there, it > is only one - as you noted - of multiple places where this post exists. But > maybe his security team will be happy with removing it from that particular > place where they found it... I would expect an archive operator to rightly refuse to remove archived posts. If I were an archive operator, I might suggest to the OP that a simpler solution might be to disband a security team that is blissfully ignorant of the ways of the Internet. -- Viktor.
Re: Removing an old post
Stating the obvious, if you want privacy, hire a consultant. Original Message From: r...@rafa.eu.org Sent: February 15, 2022 8:08 AM To: postfix-users@postfix.org Subject: Re: Removing an old post Dnia 15.02.2022 o godz. 10:33:50 Bill Cole pisze: > >Our internal security team have detected an archived post from me > >dating back to August 2014 that contains some internal host > >information. > > > >Can this post be removed please? > > In short: no, it cannot. That's not a possibility, and your security > team should know it. Anything posted publicly to the Internet risks > the fate of being forever public, and that it most true for postings > to lists like this one. > > This is a public mailing list. It does not have a single > authoritative archive. It could help a bit if OP would know where exactly his security team found the posting in question. Then he should write to administrator of that particular site asking for removal. But even if it will be removed there, it is only one - as you noted - of multiple places where this post exists. But maybe his security team will be happy with removing it from that particular place where they found it... -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub."
Re: Removing an old post
Dnia 15.02.2022 o godz. 10:33:50 Bill Cole pisze: > >Our internal security team have detected an archived post from me > >dating back to August 2014 that contains some internal host > >information. > > > >Can this post be removed please? > > In short: no, it cannot. That's not a possibility, and your security > team should know it. Anything posted publicly to the Internet risks > the fate of being forever public, and that it most true for postings > to lists like this one. > > This is a public mailing list. It does not have a single > authoritative archive. It could help a bit if OP would know where exactly his security team found the posting in question. Then he should write to administrator of that particular site asking for removal. But even if it will be removed there, it is only one - as you noted - of multiple places where this post exists. But maybe his security team will be happy with removing it from that particular place where they found it... -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub."
Re: Removing an old post
On 2022-02-15 at 06:32:52 UTC-0500 (Tue, 15 Feb 2022 11:32:52 +) Wakefield, Robin is rumored to have said: Hello, Our internal security team have detected an archived post from me dating back to August 2014 that contains some internal host information. Can this post be removed please? In short: no, it cannot. That's not a possibility, and your security team should know it. Anything posted publicly to the Internet risks the fate of being forever public, and that it most true for postings to lists like this one. This is a public mailing list. It does not have a single authoritative archive. Posted messages are distributed swiftly to hundreds of recipient addresses, some of which feed into public and private archives or subsequent modes of distribution. No one knows all or even most of the places that your formerly-internal information has been stored. The idea that an accidental disclosure can be reversed 8 years after the fact is a fantasy. Regards Robin Wakefield [ridiculously huge disclaimer/warning/whatever in 2 languages ignored and snipped] -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire
Re: Log reader for postscreen whitelisting
On Tue, 15 Feb 2022, 8:03 pm Wietse Venema, wrote: > > > Perhaps it would be easier to look up SPF records and expand those > into access lists? I'm sure somene did that 15 years ago. > > > Yes that's what postwhite apparently does by looking up SPF records. But I noticed that some Google IPs in my mail log were not in that list. I will dig deeper into why that is the case. Perhaps I am missing something about the right way of using Postwhite. Thank you for your prompt response. Nitin
Re: gradual shift of traffic
On Mon, Feb 14, 2022 at 5:55 PM Wietse Venema wrote:
The randmap() feature comes to mind.
Instead of "relayhost = old.example" or "relayhost = new.example" use:
default_transport =
randmap:{smtp:old.example, smtp:old.example, smtp:new.example}
On 15.02.22 11:51, Danil Smirnov wrote:
Can this technique be used in case of "new.example" is the Postfix itself,
i.e. sending without the relay?
E.g. like this:
default_transport =
randmap:{smtp:old.example, smtp:old.example, smtp:}
that's not a relayhost then. If postfix processes mail locally, it does not
use relayhost.
relayhost is only used for outgoing e-mail, there's no setting only to use
relayhost only sometimes.
you could use multiple instances of postfix on your machine (so there's
another instance on your machine behaving as relayost for you), but that's
too much complexity needed to pass only part of your e-mail to relayhost.
perhaps you could use smtp_fallback_relay
http://www.postfix.org/postconf.5.html#smtp_fallback_relay
which has a different meaning, but perhaps could to what you mean by
"warming up" the new relay.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux IS user friendly, it's just selective who its friends are...
Re: Log reader for postscreen whitelisting
Nitin N: > Hi folks, > > I was looking at Postwhite to generate whitelist IP addresses for > Postscreen. So I set up and ran it once to look at the list of IPs it > generates. Then I randomly checked a Google IP that was there in my maillog > and noticed that it was not there in Postwhite's list. Well I do understand > Postwhite's list is not supposed to be exhaustive and it needs to be > regularly updated via cron. > > So, I was wondering if I could update my whitelist by continuously reading > my maillog using some tool especially if the emails are from known domains > such as Google, Outlook, Yahoo etc. Is there any tool out there which does > this already? Perhaps it would be easier to look up SPF records and expand those into access lists? I'm sure somene did that 15 years ago. Wietse
Re: gradual shift of traffic
Danil Smirnov:
> On Tue, Feb 15, 2022 at 3:11 PM Wietse Venema wrote:
>
> > > Can this technique be used in case of "new.example" is the Postfix
> > itself,
> > > i.e. sending without the relay?
> >
> > You asked aobut warming up a new relayhost, so I gave a solution
> > for doing that.
> >
>
> Yes, and thank you for that.
>
>
> > > E.g. like this:
> > >
> > > default_transport =
> > > randmap:{smtp:old.example, smtp:old.example, smtp:}
> >
> > You would not be using the new relayhost.
> >
>
> Yes, but what if my new "relayhost" is just that host where I have my
> Postfix installed?
You keep changing the problem, as if my previous answers are worthless.
Wietse
Log reader for postscreen whitelisting
Hi folks, I was looking at Postwhite to generate whitelist IP addresses for Postscreen. So I set up and ran it once to look at the list of IPs it generates. Then I randomly checked a Google IP that was there in my maillog and noticed that it was not there in Postwhite's list. Well I do understand Postwhite's list is not supposed to be exhaustive and it needs to be regularly updated via cron. So, I was wondering if I could update my whitelist by continuously reading my maillog using some tool especially if the emails are from known domains such as Google, Outlook, Yahoo etc. Is there any tool out there which does this already? Thanks in advance. Best regards, Nitin
Re: gradual shift of traffic
On Tue, Feb 15, 2022 at 3:11 PM Wietse Venema wrote:
> > Can this technique be used in case of "new.example" is the Postfix
> itself,
> > i.e. sending without the relay?
>
> You asked aobut warming up a new relayhost, so I gave a solution
> for doing that.
>
Yes, and thank you for that.
> > E.g. like this:
> >
> > default_transport =
> > randmap:{smtp:old.example, smtp:old.example, smtp:}
>
> You would not be using the new relayhost.
>
Yes, but what if my new "relayhost" is just that host where I have my
Postfix installed?
I.e. if I want to send mails directly without relay for 10% of my traffic,
and keep the remaining traffic going via the old relay.
Does the above configuration work for this purpose?
Danil
Re: Removing an old post
Wakefield, Robin: > Hello, > > Our internal security team have detected an archived post from me > dating back to August 2014 that contains some internal host > information. > > Can this post be removed please? You can try to ask the owners of on-line archives and search engines. After a message is sent out to ~1 subscribers, I have no control over its content. Wietse
Re: gradual shift of traffic
Danil Smirnov:
> Hi Wietse,
>
> Thank you very much for your answer!
>
> On Mon, Feb 14, 2022 at 5:55 PM Wietse Venema wrote:
>
> > The randmap() feature comes to mind.
> >
> > Instead of "relayhost = old.example" or "relayhost = new.example" use:
> >
> > default_transport =
> > randmap:{smtp:old.example, smtp:old.example, smtp:new.example}
> >
> >
> Can this technique be used in case of "new.example" is the Postfix itself,
> i.e. sending without the relay?
You asked aobut warming up a new relayhost, so I gave a solution
for doing that.
> E.g. like this:
>
> default_transport =
> randmap:{smtp:old.example, smtp:old.example, smtp:}
You would not be using the new relayhost.
Wietse
Removing an old post
Hello, Our internal security team have detected an archived post from me dating back to August 2014 that contains some internal host information. Can this post be removed please? Regards Robin Wakefield Les informations contenues dans ce message ainsi que les pièces jointes sont exclusivement destinées aux personnes désignées en qualité de destinataires ou autorisées à les recevoir. Ces informations sont strictement confidentielles et peuvent être couvertes par le secret professionnel. Si vous avez reçu ce message par erreur, merci de le détruire ainsi que toutes les éventuelles copies et d'en informer immédiatement l'expéditeur. Nous vous rappelons qu'il est formellement interdit de le copier, le faire suivre, le divulguer ou d'en utiliser tout ou partie sous peine de poursuites civiles ou pénales. UBS (France) S.A. décline toute responsabilité quant aux erreurs ou omissions qui pourraient affecter le contenu de ce message. Vous nous avez autorisés, en nous communiquant votre adresse électronique, à vous contacter par ce moyen. Si vous ne souhaitez plus recevoir d'e-mails de notre part, veuillez l'indiquer à l'adresse suivante : communication-fra...@ubs.com. Pour savoir comment UBS traite et préserve la confidentialité de vos données à caractère personnel, consultez notre déclaration de confidentialité. https://www.ubs.com/global/fr/legal/country/france/data-privacy-notice-eugdpr.html Afin de contribuer au respect de l'environnement, merci de n'imprimer cet e-mail qu'en cas de nécessité. The information contained in this communication as well as its attachments are intended solely for the use of the individual or entity to whom it is addressed and to others authorized to receive it. It may contain confidential and privileged information. If you are not the intended recipient or if you have received this communication by error, please delete all copies from your system and notify the sender immediately by responding to this email. You are hereby notified that any disclosure, copying, distribution or taking of any action regarding the content of the information is strictly prohibited and may qualify as a criminal offence. UBS (France) S.A. declines any liability as to the errors or omissions which could affect the content of this communication. By communicating your e-mail address, you have authorized us to contact you by such a mean. Should you refuse to receive further e-mails from our company, please let us know at the following email address: communication-fra...@ubs.com. For information on how UBS processes and keeps secure your personal data, please visit our Privacy Notice. https://www.ubs.com/global/fr/legal/country/france/data-privacy-notice-eugdpr.html Please consider the environment before printing this email or its attachments.
Re: gradual shift of traffic
Hi Wietse,
Thank you very much for your answer!
On Mon, Feb 14, 2022 at 5:55 PM Wietse Venema wrote:
> The randmap() feature comes to mind.
>
> Instead of "relayhost = old.example" or "relayhost = new.example" use:
>
> default_transport =
> randmap:{smtp:old.example, smtp:old.example, smtp:new.example}
>
>
Can this technique be used in case of "new.example" is the Postfix itself,
i.e. sending without the relay?
E.g. like this:
default_transport =
randmap:{smtp:old.example, smtp:old.example, smtp:}
Best regards,
Danil
