Re: [Djigzo users] Servers wont talk to me!

[Martijn Brinkers via Users]

On 06/27/2017 09:06 PM, Paul Bronson via Users wrote:
> Yep. Everything looks perfect thats the odd part. Microsoft themselves said
> its not being blocked by any type of anti-spam.

The most likely reason is that there is something with your IP
address/SMTP config that O365 does not like.

Some possible reasons:

- The reverse IP address of the external IP used by CipherMail is not
equal to the hostname configured in the MTA settings

- You are using a from address which is not authorized to use your IP
(for example you use @gmail.com as the from or sender address)

- You have setup SPF but the IP address used by CipherMail is not
allowed by your SPF records

- You have too many recipients at the same time (O365 might not like that)

Kind regards,

Martijn


> 
> On Tue, Jun 27, 2017 at 3:04 PM, Dino Edwards via Users <
> users@lists.djigzo.com> wrote:
> 
>> Have you checked your Ciphermail IP (assuming it’s public) against any
>> blacklists?
>>
>> https://mxtoolbox.com/blacklists.aspx
>>
>>
>>
>> From: Paul Bronson [mailto:signaldevelo...@gmail.com]
>> Sent: Tuesday, June 27, 2017 2:52 PM
>> To: Dino Edwards 
>> Subject: Re: [Djigzo users] Servers wont talk to me!
>>
>> Correct. Microsoft states no issues.. Here's what I sent Martijn.
>>
>> We have a postfix server (plesk) that sends emails to cipher mail. So
>> someone in plesk sends an email lets say j...@apple.com> apple.com> is sending an email out to s...@banana.com> banana.com>. Our plesk server hosts the @apple.com
>> domain. In postfix on the plesk server, we have it setup with:
>>
>> relayhost = (cipermailserver IP)
>>
>> Mail then gets sent over to the ciphermail server. Ciphermail has the IP
>> of the plesk mail server setup as "my networks". And then it goes out from
>> there and just encrypts based on [encrypt] subject.
>>
>> There are a few domains hosted on the plesk server that would route
>> through the cipermail server.
>>
>> MTA Config:
>>
>> https://cl.ly/1Q2o312u073q
>>
>> Global:
>>
>> https://cl.ly/1U08092o1A1y
>>
>> So my issue is anytime I email out to anyone on Officer 365, I get this
>> code:
>>
>> https://cl.ly/312x3c2N2c0s
>>
>> SFP records include both the plesk email server and ciphermail server,
>> MXtoolbox shows 100% green, sending reputation is perfect.
>>
>> Hopefully this helps some..
>>
>> On Tue, Jun 27, 2017 at 2:46 PM, Dino Edwards via Users <
>> users@lists.djigzo.com> wrote:
>> But when you send to other recipients who are not on Office 365, it’s no
>> problem?
>>
>>
>>
>> From: Paul Bronson [mailto:signaldevelo...@gmail.com> signaldevelo...@gmail.com>]
>> Sent: Tuesday, June 27, 2017 2:37 PM
>> To: Dino Edwards > mydirectmail.net>>
>> Subject: Re: [Djigzo users] Servers wont talk to me!
>>
>> Correct!
>>
>> On Tue, Jun 27, 2017 at 2:25 PM, Dino Edwards via Users <
>> users@lists.djigzo.com> users@lists.djigzo.com>> wrote:
>> So, email goes from your email server to ciphermail box out to its final
>> destination. But when you send email out to Office 365 recipient you are
>> getting 550 Mailbox Unavailable messages? Or am I misunderstanding what’s
>> happening?
>>
>>
>>
>>
>> From: Paul Bronson [mailto:signaldevelo...@gmail.com> signaldevelo...@gmail.com> signaldevelo...@gmail.com>>]
>> Sent: Tuesday, June 27, 2017 11:49 AM
>> To: Dino Edwards > mydirectmail.net> dino.edwa...@mydirectmail.net>>>; Martijn Brinkers >  mart...@ciphermail.com>>>
>> Cc: users@lists.djigzo.com> users@lists.djigzo.com>
>> Subject: Re: [Djigzo users] Servers wont talk to me!
>>
>> Here is snippet:
>>
>> https://cl.ly/3w3Q2U1l1N32
>>
>> On Tue, Jun 27, 2017 at 11:44 AM, Paul Bronson > mailto:signaldevelo...@gmail.com> signaldevelo...@gmail.com>>> ldevelo...@gmail.com> signaldevelo...@gmail.com wrote:
>> Dino/Matijn,
>>
>> I am getting a lot of 550 Mailbox Unavailable for people who are using
>> microsoft 365. It happened as soon as we turned on the cipher mail server.
>> Everythins is good via mxtoolbox (all green checkmarks) but not sure why we
>> keep getthing this message. If I turn off cipher mail and just go from
>> email server to outlook 365 it goes through fine.
>>
>> Any ideas?
>>
>> On Tue, Jun 27, 2017 at 10:25 AM, Paul Bronson > mailto:signaldevelo...@gmail.com> 

Re: [Djigzo users] Servers wont talk to me!

[Dino Edwards via Users]

Can you send me an email through your ciphermail gateway directly. Our server 
is pretty locked down so if there is a problem, it may show up. That Microsoft 
error is very misleading


From: Paul Bronson [mailto:signaldevelo...@gmail.com]
Sent: Tuesday, June 27, 2017 2:52 PM
To: Dino Edwards 
Subject: Re: [Djigzo users] Servers wont talk to me!

Correct. Microsoft states no issues.. Here's what I sent Martijn.

We have a postfix server (plesk) that sends emails to cipher mail. So someone 
in plesk sends an email lets say j...@apple.com is 
sending an email out to s...@banana.com. Our plesk 
server hosts the @apple.com domain. In postfix on the plesk 
server, we have it setup with:

relayhost = (cipermailserver IP)

Mail then gets sent over to the ciphermail server. Ciphermail has the IP of the 
plesk mail server setup as "my networks". And then it goes out from there and 
just encrypts based on [encrypt] subject.

There are a few domains hosted on the plesk server that would route through the 
cipermail server.

MTA Config:

https://cl.ly/1Q2o312u073q

Global:

https://cl.ly/1U08092o1A1y

So my issue is anytime I email out to anyone on Officer 365, I get this code:

https://cl.ly/312x3c2N2c0s

SFP records include both the plesk email server and ciphermail server, 
MXtoolbox shows 100% green, sending reputation is perfect.

Hopefully this helps some..

On Tue, Jun 27, 2017 at 2:46 PM, Dino Edwards via Users 
> wrote:
But when you send to other recipients who are not on Office 365, it’s no 
problem?



From: Paul Bronson 
[mailto:signaldevelo...@gmail.com]
Sent: Tuesday, June 27, 2017 2:37 PM
To: Dino Edwards 
>
Subject: Re: [Djigzo users] Servers wont talk to me!

Correct!

On Tue, Jun 27, 2017 at 2:25 PM, Dino Edwards via Users 
>>
 wrote:
So, email goes from your email server to ciphermail box out to its final 
destination. But when you send email out to Office 365 recipient you are  
getting 550 Mailbox Unavailable messages? Or am I misunderstanding what’s 
happening?




From: Paul Bronson 
[mailto:signaldevelo...@gmail.com>]
Sent: Tuesday, June 27, 2017 11:49 AM
To: Dino Edwards 
>>;
 Martijn Brinkers 
>>
Cc: 
users@lists.djigzo.com>
Subject: Re: [Djigzo users] Servers wont talk to me!

Here is snippet:

https://cl.ly/3w3Q2U1l1N32

On Tue, Jun 27, 2017 at 11:44 AM, Paul Bronson 
>>>

Re: [Djigzo users] Servers wont talk to me!

[Dino Edwards via Users]

Have you checked your Ciphermail IP (assuming it’s public) against any 
blacklists?

https://mxtoolbox.com/blacklists.aspx



From: Paul Bronson [mailto:signaldevelo...@gmail.com]
Sent: Tuesday, June 27, 2017 2:52 PM
To: Dino Edwards 
Subject: Re: [Djigzo users] Servers wont talk to me!

Correct. Microsoft states no issues.. Here's what I sent Martijn.

We have a postfix server (plesk) that sends emails to cipher mail. So someone 
in plesk sends an email lets say j...@apple.com is 
sending an email out to s...@banana.com. Our plesk 
server hosts the @apple.com domain. In postfix on the plesk 
server, we have it setup with:

relayhost = (cipermailserver IP)

Mail then gets sent over to the ciphermail server. Ciphermail has the IP of the 
plesk mail server setup as "my networks". And then it goes out from there and 
just encrypts based on [encrypt] subject.

There are a few domains hosted on the plesk server that would route through the 
cipermail server.

MTA Config:

https://cl.ly/1Q2o312u073q

Global:

https://cl.ly/1U08092o1A1y

So my issue is anytime I email out to anyone on Officer 365, I get this code:

https://cl.ly/312x3c2N2c0s

SFP records include both the plesk email server and ciphermail server, 
MXtoolbox shows 100% green, sending reputation is perfect.

Hopefully this helps some..

On Tue, Jun 27, 2017 at 2:46 PM, Dino Edwards via Users 
> wrote:
But when you send to other recipients who are not on Office 365, it’s no 
problem?



From: Paul Bronson 
[mailto:signaldevelo...@gmail.com]
Sent: Tuesday, June 27, 2017 2:37 PM
To: Dino Edwards 
>
Subject: Re: [Djigzo users] Servers wont talk to me!

Correct!

On Tue, Jun 27, 2017 at 2:25 PM, Dino Edwards via Users 
>>
 wrote:
So, email goes from your email server to ciphermail box out to its final 
destination. But when you send email out to Office 365 recipient you are  
getting 550 Mailbox Unavailable messages? Or am I misunderstanding what’s 
happening?




From: Paul Bronson 
[mailto:signaldevelo...@gmail.com>]
Sent: Tuesday, June 27, 2017 11:49 AM
To: Dino Edwards 
>>;
 Martijn Brinkers 
>>
Cc: 
users@lists.djigzo.com>
Subject: Re: [Djigzo users] Servers wont talk to me!

Here is snippet:

https://cl.ly/3w3Q2U1l1N32

On Tue, Jun 27, 2017 at 11:44 AM, Paul Bronson 
>>>

Re: [Djigzo users] Servers wont talk to me!

[Dino Edwards via Users]

But when you send to other recipients who are not on Office 365, it’s no 
problem?



From: Paul Bronson [mailto:signaldevelo...@gmail.com]
Sent: Tuesday, June 27, 2017 2:37 PM
To: Dino Edwards 
Subject: Re: [Djigzo users] Servers wont talk to me!

Correct!

On Tue, Jun 27, 2017 at 2:25 PM, Dino Edwards via Users 
> wrote:
So, email goes from your email server to ciphermail box out to its final 
destination. But when you send email out to Office 365 recipient you are  
getting 550 Mailbox Unavailable messages? Or am I misunderstanding what’s 
happening?




From: Paul Bronson 
[mailto:signaldevelo...@gmail.com]
Sent: Tuesday, June 27, 2017 11:49 AM
To: Dino Edwards 
>; Martijn 
Brinkers >
Cc: users@lists.djigzo.com
Subject: Re: [Djigzo users] Servers wont talk to me!

Here is snippet:

https://cl.ly/3w3Q2U1l1N32

On Tue, Jun 27, 2017 at 11:44 AM, Paul Bronson 
>>
 wrote:
Dino/Matijn,

I am getting a lot of 550 Mailbox Unavailable for people who are using 
microsoft 365. It happened as soon as we turned on the cipher mail server. 
Everythins is good via mxtoolbox (all green checkmarks) but not sure why we 
keep getthing this message. If I turn off cipher mail and just go from email 
server to outlook 365 it goes through fine.

Any ideas?

On Tue, Jun 27, 2017 at 10:25 AM, Paul Bronson 
>>
 wrote:
DIno,

Thanks for all your help! Can you post the complete apache config file? Also I 
think the paths are wrong (?) Mine is https://x.x.x.x:8443/ciphermail is the 
main admin page.. I wanted to change the main portal page to something else so 
I could block port access to 8443 on the firewall

On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users 
>>
 wrote:
There is certainly  way to do it with Tomcat but I can’t really help with that, 
I’m not that familiar with it. I can tell you that Apache is a much more 
advanced http server with a lot more functionality than Tomcat. Tomcat is 
primarily designed to serve Java Servlets and JSPs.

My method is simpler I believe because it does not require you changing the 
configuration of Tomcat and ciphermail. You simply put Apache in front of it 
with the mod_proxy_ajp module which communicates with Tomcat  using the default 
config.

Of course, it’s all up to you how you want to proceed.

From: Paul Bronson 
[mailto:signaldevelo...@gmail.com>]
Sent: Monday, June 26, 2017 6:48 PM
To: Dino Edwards 
>>
Subject: Re: [Djigzo users] Servers wont talk to me!

I dont NEED to use apache, is there a way to do it with tomcat?

On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users 
> should get you started 
for TLS:

# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/cert.cer
smtpd_tls_key_file = /etc/ssl/certs/key.key
smtpd_tls_CAfile = /etc/ssl/certs/root.cer
#smtpd_use_tls=yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_loglevel = 1

I misspoke earlier. It’s been so long since I did this. Ciphermail comes 
bundled with Tomcat and it runs on port  if I’m not mistaking. So, if you 
want to utilize Apache instead, you have to install mod_proxy_ajp module in 
Apache and setup an apache config like below:

ProxyPass /djigzo http://localhost:/djigzo
ProxyPassReverse /djigzo http://localhost:/djigzo
ProxyPass /web http://localhost:/web
ProxyPassReverse /web http://localhost:/web
ProxyTimeout 3600


Changing the port has to be done within apache. So, if you want to use 443, you 
must of course install mod_ssl on apache, as well as certificate. I have a 
complete Apache config file if you want, let me know and I’ll post the relevant 
parts.


From: Paul Bronson 

Re: [Djigzo users] Servers wont talk to me!

[Dino Edwards via Users]

I sincerely doubt it

From: Paul Bronson [mailto:signaldevelo...@gmail.com]
Sent: Tuesday, June 27, 2017 2:42 PM
To: Dino Edwards 
Subject: Re: [Djigzo users] Servers wont talk to me!

Hi Dino,

Does this have to do with our 550 Mailbox unavailable issue?

On Tue, Jun 27, 2017 at 2:36 PM, Dino Edwards 
> wrote:
I had to disable https on tomcat by inserting the following line in the 
/etc/default/tomcat6 file because no matter what I did, Ciphermail would 
redirect to port 8443:

JAVA_OPTS="$JAVA_OPTS -Ddjigzo.https.all=false"

After you do that, Ciphermail should answer on either port 8080 or  don't 
remember which right off the top of my head. I have mine configured for port 
  but if your Tomcat is running on 8080 obviously adjust the ProxyPass 
lines below to your port number.

Here’s my apache config:


ProxyRequests Off

SSLEngine on
SSLCertificateFile /etc/ssl/certs/certificate.cer
SSLCertificateKeyFile /etc/ssl/certs/private/key.key
SSLCertificateChainFile /etc/ssl/certs/chain.cer
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

Order deny,allow
Allow from all

ProxyPass /djigzo http://localhost:/djigzo
ProxyPassReverse /djigzo http://localhost:/djigzo
ProxyPass /web http://localhost:/web
ProxyPassReverse /web http://localhost:/web
ProxyTimeout 3600

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" 
combined
CustomLog /var/log/apache2/ciphermail combined




From: Paul Bronson 
[mailto:signaldevelo...@gmail.com]
Sent: Tuesday, June 27, 2017 10:25 AM
To: Dino Edwards 
>
Cc: users@lists.djigzo.com
Subject: Re: [Djigzo users] Servers wont talk to me!

DIno,

Thanks for all your help! Can you post the complete apache config file? Also I 
think the paths are wrong (?) Mine is https://x.x.x.x:8443/ciphermail is the 
main admin page.. I wanted to change the main portal page to something else so 
I could block port access to 8443 on the firewall

On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users 
> wrote:
There is certainly  way to do it with Tomcat but I can’t really help with that, 
I’m not that familiar with it. I can tell you that Apache is a much more 
advanced http server with a lot more functionality than Tomcat. Tomcat is 
primarily designed to serve Java Servlets and JSPs.

My method is simpler I believe because it does not require you changing the 
configuration of Tomcat and ciphermail. You simply put Apache in front of it 
with the mod_proxy_ajp module which communicates with Tomcat  using the default 
config.

Of course, it’s all up to you how you want to proceed.

From: Paul Bronson 
[mailto:signaldevelo...@gmail.com]
Sent: Monday, June 26, 2017 6:48 PM
To: Dino Edwards 
>
Subject: Re: [Djigzo users] Servers wont talk to me!

I dont NEED to use apache, is there a way to do it with tomcat?

On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users 
>>
 wrote:
The following settings in main.cf should get 
you started for TLS:

# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/cert.cer
smtpd_tls_key_file = /etc/ssl/certs/key.key
smtpd_tls_CAfile = /etc/ssl/certs/root.cer
#smtpd_use_tls=yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_loglevel = 1

I misspoke earlier. It’s been so long since I did this. Ciphermail comes 
bundled with Tomcat and it runs on port  if I’m not mistaking. So, if you 
want to utilize Apache instead, you have to install mod_proxy_ajp module in 
Apache and setup an apache config like below:

ProxyPass /djigzo http://localhost:/djigzo
ProxyPassReverse /djigzo http://localhost:/djigzo
ProxyPass /web http://localhost:/web
ProxyPassReverse /web http://localhost:/web
ProxyTimeout 3600


Changing the port has to be done within apache. So, if you want to use 443, you 
must of course install mod_ssl on apache, as well as certificate. I have a 
complete Apache config file if you want, let me know and I’ll post the relevant 
parts.


From: Paul Bronson 
[mailto:signaldevelo...@gmail.com>]
Sent: Monday, June 26, 2017 2:42 PM
To: Dino Edwards 
>>
Cc: 

Re: [Djigzo users] Servers wont talk to me!

[Dino Edwards via Users]

I just realized the apache config gets screwed up by the email client. I have 
attached it as a text instead

I had to disable https on tomcat by inserting the following line in the 
/etc/default/tomcat6 file because no matter what I did, Ciphermail would 
redirect to port 8443:

JAVA_OPTS="$JAVA_OPTS -Ddjigzo.https.all=false"

After you do that, Ciphermail should answer on either port 8080 or  don't 
remember which right off the top of my head. I have mine configured for port 
  but if your Tomcat is running on 8080 obviously adjust the ProxyPass 
lines below to your port number.



From: Paul Bronson [mailto:signaldevelo...@gmail.com] 
Sent: Tuesday, June 27, 2017 10:25 AM
To: Dino Edwards 
Cc: users@lists.djigzo.com
Subject: Re: [Djigzo users] Servers wont talk to me!

DIno,

Thanks for all your help! Can you post the complete apache config file? Also I 
think the paths are wrong (?) Mine is https://x.x.x.x:8443/ciphermail is the 
main admin page.. I wanted to change the main portal page to something else so 
I could block port access to 8443 on the firewall

On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users 
 wrote:
There is certainly  way to do it with Tomcat but I can’t really help with that, 
I’m not that familiar with it. I can tell you that Apache is a much more 
advanced http server with a lot more functionality than Tomcat. Tomcat is 
primarily designed to serve Java Servlets and JSPs.

My method is simpler I believe because it does not require you changing the 
configuration of Tomcat and ciphermail. You simply put Apache in front of it 
with the mod_proxy_ajp module which communicates with Tomcat  using the default 
config.

Of course, it’s all up to you how you want to proceed.

From: Paul Bronson [mailto:signaldevelo...@gmail.com]
Sent: Monday, June 26, 2017 6:48 PM
To: Dino Edwards 
Subject: Re: [Djigzo users] Servers wont talk to me!

I dont NEED to use apache, is there a way to do it with tomcat?

On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users 
> wrote:
The following settings in main.cf should get you started for 
TLS:

# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/cert.cer
smtpd_tls_key_file = /etc/ssl/certs/key.key
smtpd_tls_CAfile = /etc/ssl/certs/root.cer
#smtpd_use_tls=yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_loglevel = 1

I misspoke earlier. It’s been so long since I did this. Ciphermail comes 
bundled with Tomcat and it runs on port  if I’m not mistaking. So, if you 
want to utilize Apache instead, you have to install mod_proxy_ajp module in 
Apache and setup an apache config like below:

ProxyPass /djigzo http://localhost:/djigzo
ProxyPassReverse /djigzo http://localhost:/djigzo
ProxyPass /web http://localhost:/web
ProxyPassReverse /web http://localhost:/web
ProxyTimeout 3600


Changing the port has to be done within apache. So, if you want to use 443, you 
must of course install mod_ssl on apache, as well as certificate. I have a 
complete Apache config file if you want, let me know and I’ll post the relevant 
parts.


From: Paul Bronson 
[mailto:signaldevelo...@gmail.com]
Sent: Monday, June 26, 2017 2:42 PM
To: Dino Edwards 
>
Cc: users@lists.djigzo.com
Subject: Re: [Djigzo users] Servers wont talk to me!

Okay I will try that. I am also noticing that mxtoolbox states this server 
isn't configured for TLS? I do not see any settings under interface for this. 
Is this set on postfix main.cf file manually?

Also if I wanted to remove the port or change the port to a default 443 do I 
need to do this within apache, or does the GUI do the config itself?

On Mon, Jun 26, 2017 at 2:37 PM, Dino Edwards via Users 
>>
 wrote:
I’m guessing sendmail got installed by accident or as part of something else. 
Not sure. I would either uninstall sendmail or change its port number if it’s 
absolutely necessary, although it doesn’t seem like that’s the case.

Since the Web GUI runs on a different port, you can set whatever hostname you 
want in ciphermail as long as that hostname is resolvable by the outside world 
and as long as the back-end webserver (apache I assume) is configured to answer 
on that port. So, if you want the web portal to be 
https://webportal.domain.tld:8443/ in ciphermail under settings --> portal

è Base URL you set it as follows:

https://webportal.domain.tld:8443/web/portal/



From: Paul Bronson 

Re: [Djigzo users] Servers wont talk to me!

[Dino Edwards via Users]

So, email goes from your email server to ciphermail box out to its final 
destination. But when you send email out to Office 365 recipient you are  
getting 550 Mailbox Unavailable messages? Or am I misunderstanding what’s 
happening?




From: Paul Bronson [mailto:signaldevelo...@gmail.com]
Sent: Tuesday, June 27, 2017 11:49 AM
To: Dino Edwards ; Martijn Brinkers 

Cc: users@lists.djigzo.com
Subject: Re: [Djigzo users] Servers wont talk to me!

Here is snippet:

https://cl.ly/3w3Q2U1l1N32

On Tue, Jun 27, 2017 at 11:44 AM, Paul Bronson 
> wrote:
Dino/Matijn,

I am getting a lot of 550 Mailbox Unavailable for people who are using 
microsoft 365. It happened as soon as we turned on the cipher mail server. 
Everythins is good via mxtoolbox (all green checkmarks) but not sure why we 
keep getthing this message. If I turn off cipher mail and just go from email 
server to outlook 365 it goes through fine.

Any ideas?

On Tue, Jun 27, 2017 at 10:25 AM, Paul Bronson 
> wrote:
DIno,

Thanks for all your help! Can you post the complete apache config file? Also I 
think the paths are wrong (?) Mine is https://x.x.x.x:8443/ciphermail is the 
main admin page.. I wanted to change the main portal page to something else so 
I could block port access to 8443 on the firewall

On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users 
> wrote:
There is certainly  way to do it with Tomcat but I can’t really help with that, 
I’m not that familiar with it. I can tell you that Apache is a much more 
advanced http server with a lot more functionality than Tomcat. Tomcat is 
primarily designed to serve Java Servlets and JSPs.

My method is simpler I believe because it does not require you changing the 
configuration of Tomcat and ciphermail. You simply put Apache in front of it 
with the mod_proxy_ajp module which communicates with Tomcat  using the default 
config.

Of course, it’s all up to you how you want to proceed.

From: Paul Bronson 
[mailto:signaldevelo...@gmail.com]
Sent: Monday, June 26, 2017 6:48 PM
To: Dino Edwards 
>
Subject: Re: [Djigzo users] Servers wont talk to me!

I dont NEED to use apache, is there a way to do it with tomcat?

On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users 
>>
 wrote:
The following settings in main.cf should get 
you started for TLS:

# TLS parameters
smtpd_tls_cert_file = /etc/ssl/certs/cert.cer
smtpd_tls_key_file = /etc/ssl/certs/key.key
smtpd_tls_CAfile = /etc/ssl/certs/root.cer
#smtpd_use_tls=yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_loglevel = 1

I misspoke earlier. It’s been so long since I did this. Ciphermail comes 
bundled with Tomcat and it runs on port  if I’m not mistaking. So, if you 
want to utilize Apache instead, you have to install mod_proxy_ajp module in 
Apache and setup an apache config like below:

ProxyPass /djigzo http://localhost:/djigzo
ProxyPassReverse /djigzo http://localhost:/djigzo
ProxyPass /web http://localhost:/web
ProxyPassReverse /web http://localhost:/web
ProxyTimeout 3600


Changing the port has to be done within apache. So, if you want to use 443, you 
must of course install mod_ssl on apache, as well as certificate. I have a 
complete Apache config file if you want, let me know and I’ll post the relevant 
parts.


From: Paul Bronson 
[mailto:signaldevelo...@gmail.com>]
Sent: Monday, June 26, 2017 2:42 PM
To: Dino Edwards 
>>
Cc: 
users@lists.djigzo.com>
Subject: Re: [Djigzo users] Servers wont talk to me!

Okay I will try that. I am also noticing that mxtoolbox states this server 
isn't configured for TLS? I do not see any settings under interface for this. 
Is this set on postfix main.cf 
file manually?

Also if I wanted to remove the port or change the port to a default 443 do I 
need to do this within apache, or does the GUI do the config itself?

On Mon, Jun 26, 2017 at 2:37 PM, Dino Edwards via Users 

Re: [Djigzo users] Servers wont talk to me!

[Paul Bronson via Users]

Here is snippet:

https://cl.ly/3w3Q2U1l1N32

On Tue, Jun 27, 2017 at 11:44 AM, Paul Bronson 
wrote:

> Dino/Matijn,
>
> I am getting a lot of 550 Mailbox Unavailable for people who are using
> microsoft 365. It happened as soon as we turned on the cipher mail server.
> Everythins is good via mxtoolbox (all green checkmarks) but not sure why we
> keep getthing this message. If I turn off cipher mail and just go from
> email server to outlook 365 it goes through fine.
>
> Any ideas?
>
> On Tue, Jun 27, 2017 at 10:25 AM, Paul Bronson 
> wrote:
>
>> DIno,
>>
>> Thanks for all your help! Can you post the complete apache config file?
>> Also I think the paths are wrong (?) Mine is
>> https://x.x.x.x:8443/ciphermail is the main admin page.. I wanted to
>> change the main portal page to something else so I could block port access
>> to 8443 on the firewall
>>
>> On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users <
>> users@lists.djigzo.com> wrote:
>>
>>> There is certainly  way to do it with Tomcat but I can’t really help
>>> with that, I’m not that familiar with it. I can tell you that Apache is a
>>> much more advanced http server with a lot more functionality than Tomcat.
>>> Tomcat is primarily designed to serve Java Servlets and JSPs.
>>>
>>> My method is simpler I believe because it does not require you changing
>>> the configuration of Tomcat and ciphermail. You simply put Apache in front
>>> of it with the mod_proxy_ajp module which communicates with Tomcat  using
>>> the default config.
>>>
>>> Of course, it’s all up to you how you want to proceed.
>>>
>>> From: Paul Bronson [mailto:signaldevelo...@gmail.com]
>>> Sent: Monday, June 26, 2017 6:48 PM
>>> To: Dino Edwards 
>>> Subject: Re: [Djigzo users] Servers wont talk to me!
>>>
>>> I dont NEED to use apache, is there a way to do it with tomcat?
>>>
>>> On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users <
>>> users@lists.djigzo.com> wrote:
>>> The following settings in main.cf should get you
>>> started for TLS:
>>>
>>> # TLS parameters
>>> smtpd_tls_cert_file = /etc/ssl/certs/cert.cer
>>> smtpd_tls_key_file = /etc/ssl/certs/key.key
>>> smtpd_tls_CAfile = /etc/ssl/certs/root.cer
>>> #smtpd_use_tls=yes
>>> smtpd_tls_security_level = may
>>> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
>>> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
>>> smtpd_tls_loglevel = 1
>>>
>>> I misspoke earlier. It’s been so long since I did this. Ciphermail comes
>>> bundled with Tomcat and it runs on port  if I’m not mistaking. So, if
>>> you want to utilize Apache instead, you have to install mod_proxy_ajp
>>> module in Apache and setup an apache config like below:
>>>
>>> ProxyPass /djigzo http://localhost:/djigzo
>>> ProxyPassReverse /djigzo http://localhost:/djigzo
>>> ProxyPass /web http://localhost:/web
>>> ProxyPassReverse /web http://localhost:/web
>>> ProxyTimeout 3600
>>>
>>>
>>> Changing the port has to be done within apache. So, if you want to use
>>> 443, you must of course install mod_ssl on apache, as well as certificate.
>>> I have a complete Apache config file if you want, let me know and I’ll post
>>> the relevant parts.
>>>
>>>
>>> From: Paul Bronson [mailto:signaldevelo...@gmail.com>> signaldevelo...@gmail.com>]
>>> Sent: Monday, June 26, 2017 2:42 PM
>>> To: Dino Edwards > dino.edwa...@mydirectmail.net>>
>>> Cc: users@lists.djigzo.com
>>> Subject: Re: [Djigzo users] Servers wont talk to me!
>>>
>>> Okay I will try that. I am also noticing that mxtoolbox states this
>>> server isn't configured for TLS? I do not see any settings under interface
>>> for this. Is this set on postfix main.cf
>>> file manually?
>>>
>>> Also if I wanted to remove the port or change the port to a default 443
>>> do I need to do this within apache, or does the GUI do the config itself?
>>>
>>> On Mon, Jun 26, 2017 at 2:37 PM, Dino Edwards via Users <
>>> users@lists.djigzo.com>> users@lists.djigzo.com>> wrote:
>>> I’m guessing sendmail got installed by accident or as part of something
>>> else. Not sure. I would either uninstall sendmail or change its port number
>>> if it’s absolutely necessary, although it doesn’t seem like that’s the case.
>>>
>>> Since the Web GUI runs on a different port, you can set whatever
>>> hostname you want in ciphermail as long as that hostname is resolvable by
>>> the outside world and as long as the back-end webserver (apache I assume)
>>> is configured to answer on that port. So, if you want the web portal to be
>>> https://webportal.domain.tld:8443/ in ciphermail under settings -->
>>> portal
>>>
>>> è Base URL you set it as follows:
>>>
>>> 

Re: [Djigzo users] DLP Encryption

[Martijn Brinkers via Users]

On 06/27/2017 04:37 PM, Paul Bronson via Users wrote:
> Hey Martijn!
> 
> I would be taking the keywords from:
> 
> https://www.fda.gov/downloads/Drugs/DevelopmentApprovalProcess/UCM071118.pdf
> 
> and putting them into a list. I'd like the trigger to check if one of these
> words is in an email and if it's NOT encrypt, to encrypt it.
> 
> Can you help me with the settings? Thanks :)

A list of keywords to match on is easy. Just make sure the keywords are
added in lowercase and the keywords are separated with |

Did you read the DLP setup guide?

https://www.ciphermail.com/documents/html/dlp-setup-guide/

There should be examples of what you need.

I have attached an example of a couple of keywords. The example xml file
can be imported using "Import patterns" on the DLP Policy Patterns page.

Because the list is a long list of keywords, I suggest you create
several patterns, for example a file with all products names starting
with A, a file with product names starting with B etc. But that is up to
you.

If you created the list you might share it with the group so others
might benefit.

Kind regards,

Martijn Brinkers



> On Tue, Jun 27, 2017 at 10:33 AM, Martijn Brinkers via Users <
> users@lists.djigzo.com> wrote:
> 
>> On 06/27/2017 04:29 PM, Paul Bronson via Users wrote:
>>> Hi,
>>>
>>> Anyone have any ideas on this? On other solutions it's possible to select
>>> HIPAA triggers in DLP and just encrypt it and let it go out. Does this
>>> solution do it?
>>
>> There are no HIPAA specific triggers. You can however create a list of
>> HIPAA specific DLP patterns. The DLP triggers are regular expression
>> patterns which can match certain content in the body (or subject) of an
>> email.
>>
>> Do you have a list of keywords/patterns that should be detected for HIPAA?
>>
>> Kind regards,
>>
>> Martijn Brinkers
>>
>> --
>> CipherMail email encryption
>>
>> Email encryption with support for S/MIME, OpenPGP, PDF encryption and
>> secure webmail pull.
>>
>> https://www.ciphermail.com
>>
>> Twitter: http://twitter.com/CipherMail
>> ___
>> Users mailing list
>> Users@lists.djigzo.com
>> https://lists.djigzo.com/lists/listinfo/users
>>
> ___
> Users mailing list
> Users@lists.djigzo.com
> https://lists.djigzo.com/lists/listinfo/users
> 


-- 
CipherMail email encryption

Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.

https://www.ciphermail.com

Twitter: http://twitter.com/CipherMail



false
HIPAA product names A
MUST_ENCRYPT
a-hydrocort|hydrocortisone|sodium|succinate|a-methapred|methylprednisolone sodium succinate
1


___
Users mailing list
Users@lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users

Re: [Djigzo users] Servers wont talk to me!

[Paul Bronson via Users]

Dino/Matijn,

I am getting a lot of 550 Mailbox Unavailable for people who are using
microsoft 365. It happened as soon as we turned on the cipher mail server.
Everythins is good via mxtoolbox (all green checkmarks) but not sure why we
keep getthing this message. If I turn off cipher mail and just go from
email server to outlook 365 it goes through fine.

Any ideas?

On Tue, Jun 27, 2017 at 10:25 AM, Paul Bronson 
wrote:

> DIno,
>
> Thanks for all your help! Can you post the complete apache config file?
> Also I think the paths are wrong (?) Mine is https://x.x.x.x:8443/
> ciphermail is the main admin page.. I wanted to change the main portal
> page to something else so I could block port access to 8443 on the firewall
>
> On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users <
> users@lists.djigzo.com> wrote:
>
>> There is certainly  way to do it with Tomcat but I can’t really help with
>> that, I’m not that familiar with it. I can tell you that Apache is a much
>> more advanced http server with a lot more functionality than Tomcat. Tomcat
>> is primarily designed to serve Java Servlets and JSPs.
>>
>> My method is simpler I believe because it does not require you changing
>> the configuration of Tomcat and ciphermail. You simply put Apache in front
>> of it with the mod_proxy_ajp module which communicates with Tomcat  using
>> the default config.
>>
>> Of course, it’s all up to you how you want to proceed.
>>
>> From: Paul Bronson [mailto:signaldevelo...@gmail.com]
>> Sent: Monday, June 26, 2017 6:48 PM
>> To: Dino Edwards 
>> Subject: Re: [Djigzo users] Servers wont talk to me!
>>
>> I dont NEED to use apache, is there a way to do it with tomcat?
>>
>> On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users <
>> users@lists.djigzo.com> wrote:
>> The following settings in main.cf should get you started
>> for TLS:
>>
>> # TLS parameters
>> smtpd_tls_cert_file = /etc/ssl/certs/cert.cer
>> smtpd_tls_key_file = /etc/ssl/certs/key.key
>> smtpd_tls_CAfile = /etc/ssl/certs/root.cer
>> #smtpd_use_tls=yes
>> smtpd_tls_security_level = may
>> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
>> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
>> smtpd_tls_loglevel = 1
>>
>> I misspoke earlier. It’s been so long since I did this. Ciphermail comes
>> bundled with Tomcat and it runs on port  if I’m not mistaking. So, if
>> you want to utilize Apache instead, you have to install mod_proxy_ajp
>> module in Apache and setup an apache config like below:
>>
>> ProxyPass /djigzo http://localhost:/djigzo
>> ProxyPassReverse /djigzo http://localhost:/djigzo
>> ProxyPass /web http://localhost:/web
>> ProxyPassReverse /web http://localhost:/web
>> ProxyTimeout 3600
>>
>>
>> Changing the port has to be done within apache. So, if you want to use
>> 443, you must of course install mod_ssl on apache, as well as certificate.
>> I have a complete Apache config file if you want, let me know and I’ll post
>> the relevant parts.
>>
>>
>> From: Paul Bronson [mailto:signaldevelo...@gmail.com> signaldevelo...@gmail.com>]
>> Sent: Monday, June 26, 2017 2:42 PM
>> To: Dino Edwards  dino.edwa...@mydirectmail.net>>
>> Cc: users@lists.djigzo.com
>> Subject: Re: [Djigzo users] Servers wont talk to me!
>>
>> Okay I will try that. I am also noticing that mxtoolbox states this
>> server isn't configured for TLS? I do not see any settings under interface
>> for this. Is this set on postfix main.cf
>> file manually?
>>
>> Also if I wanted to remove the port or change the port to a default 443
>> do I need to do this within apache, or does the GUI do the config itself?
>>
>> On Mon, Jun 26, 2017 at 2:37 PM, Dino Edwards via Users <
>> users@lists.djigzo.com> users@lists.djigzo.com>> wrote:
>> I’m guessing sendmail got installed by accident or as part of something
>> else. Not sure. I would either uninstall sendmail or change its port number
>> if it’s absolutely necessary, although it doesn’t seem like that’s the case.
>>
>> Since the Web GUI runs on a different port, you can set whatever hostname
>> you want in ciphermail as long as that hostname is resolvable by the
>> outside world and as long as the back-end webserver (apache I assume) is
>> configured to answer on that port. So, if you want the web portal to be
>> https://webportal.domain.tld:8443/ in ciphermail under settings -->
>> portal
>>
>> è Base URL you set it as follows:
>>
>> https://webportal.domain.tld:8443/web/portal/
>>
>>
>>
>> From: Paul Bronson [mailto:signaldevelo...@gmail.com> signaldevelo...@gmail.com> signaldevelo...@gmail.com>>]
>> Sent: Monday, June 26, 2017 2:13 PM
>> To: Dino Edwards  

Re: [Djigzo users] DLP Encryption

[Paul Bronson via Users]

I mean even if you can just give me the expression that ciphermail wants
and put a word or two in there and I can do the rest?

On Tue, Jun 27, 2017 at 10:37 AM, Paul Bronson 
wrote:

> Hey Martijn!
>
> I would be taking the keywords from:
>
> https://www.fda.gov/downloads/Drugs/DevelopmentApprovalProcess/
> UCM071118.pdf
>
> and putting them into a list. I'd like the trigger to check if one of
> these words is in an email and if it's NOT encrypt, to encrypt it.
>
> Can you help me with the settings? Thanks :)
>
> On Tue, Jun 27, 2017 at 10:33 AM, Martijn Brinkers via Users <
> users@lists.djigzo.com> wrote:
>
>> On 06/27/2017 04:29 PM, Paul Bronson via Users wrote:
>> > Hi,
>> >
>> > Anyone have any ideas on this? On other solutions it's possible to
>> select
>> > HIPAA triggers in DLP and just encrypt it and let it go out. Does this
>> > solution do it?
>>
>> There are no HIPAA specific triggers. You can however create a list of
>> HIPAA specific DLP patterns. The DLP triggers are regular expression
>> patterns which can match certain content in the body (or subject) of an
>> email.
>>
>> Do you have a list of keywords/patterns that should be detected for HIPAA?
>>
>> Kind regards,
>>
>> Martijn Brinkers
>>
>> --
>> CipherMail email encryption
>>
>> Email encryption with support for S/MIME, OpenPGP, PDF encryption and
>> secure webmail pull.
>>
>> https://www.ciphermail.com
>>
>> Twitter: http://twitter.com/CipherMail
>> ___
>> Users mailing list
>> Users@lists.djigzo.com
>> https://lists.djigzo.com/lists/listinfo/users
>>
>
>
___
Users mailing list
Users@lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users

Re: [Djigzo users] DLP Encryption

[Paul Bronson via Users]

Hey Martijn!

I would be taking the keywords from:

https://www.fda.gov/downloads/Drugs/DevelopmentApprovalProcess/UCM071118.pdf

and putting them into a list. I'd like the trigger to check if one of these
words is in an email and if it's NOT encrypt, to encrypt it.

Can you help me with the settings? Thanks :)

On Tue, Jun 27, 2017 at 10:33 AM, Martijn Brinkers via Users <
users@lists.djigzo.com> wrote:

> On 06/27/2017 04:29 PM, Paul Bronson via Users wrote:
> > Hi,
> >
> > Anyone have any ideas on this? On other solutions it's possible to select
> > HIPAA triggers in DLP and just encrypt it and let it go out. Does this
> > solution do it?
>
> There are no HIPAA specific triggers. You can however create a list of
> HIPAA specific DLP patterns. The DLP triggers are regular expression
> patterns which can match certain content in the body (or subject) of an
> email.
>
> Do you have a list of keywords/patterns that should be detected for HIPAA?
>
> Kind regards,
>
> Martijn Brinkers
>
> --
> CipherMail email encryption
>
> Email encryption with support for S/MIME, OpenPGP, PDF encryption and
> secure webmail pull.
>
> https://www.ciphermail.com
>
> Twitter: http://twitter.com/CipherMail
> ___
> Users mailing list
> Users@lists.djigzo.com
> https://lists.djigzo.com/lists/listinfo/users
>
___
Users mailing list
Users@lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users

Re: [Djigzo users] DLP Encryption

[Paul Bronson via Users]

Hi,

Anyone have any ideas on this? On other solutions it's possible to select
HIPAA triggers in DLP and just encrypt it and let it go out. Does this
solution do it?

On Mon, Jun 26, 2017 at 6:51 PM, Paul Bronson 
wrote:

> On other solutions it's possible to select HIPAA triggers in DLP and just
> encrypt it and let it go out. Does this solution do it?
>
> Paul
>
___
Users mailing list
Users@lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users

Re: [Djigzo users] Servers wont talk to me!

[Paul Bronson via Users]

DIno,

Thanks for all your help! Can you post the complete apache config file?
Also I think the paths are wrong (?) Mine is https://x.x.x.x:8443/ciphermail
is the main admin page.. I wanted to change the main portal page to
something else so I could block port access to 8443 on the firewall

On Tue, Jun 27, 2017 at 8:08 AM, Dino Edwards via Users <
users@lists.djigzo.com> wrote:

> There is certainly  way to do it with Tomcat but I can’t really help with
> that, I’m not that familiar with it. I can tell you that Apache is a much
> more advanced http server with a lot more functionality than Tomcat. Tomcat
> is primarily designed to serve Java Servlets and JSPs.
>
> My method is simpler I believe because it does not require you changing
> the configuration of Tomcat and ciphermail. You simply put Apache in front
> of it with the mod_proxy_ajp module which communicates with Tomcat  using
> the default config.
>
> Of course, it’s all up to you how you want to proceed.
>
> From: Paul Bronson [mailto:signaldevelo...@gmail.com]
> Sent: Monday, June 26, 2017 6:48 PM
> To: Dino Edwards 
> Subject: Re: [Djigzo users] Servers wont talk to me!
>
> I dont NEED to use apache, is there a way to do it with tomcat?
>
> On Mon, Jun 26, 2017 at 2:54 PM, Dino Edwards via Users <
> users@lists.djigzo.com> wrote:
> The following settings in main.cf should get you started
> for TLS:
>
> # TLS parameters
> smtpd_tls_cert_file = /etc/ssl/certs/cert.cer
> smtpd_tls_key_file = /etc/ssl/certs/key.key
> smtpd_tls_CAfile = /etc/ssl/certs/root.cer
> #smtpd_use_tls=yes
> smtpd_tls_security_level = may
> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
> smtpd_tls_loglevel = 1
>
> I misspoke earlier. It’s been so long since I did this. Ciphermail comes
> bundled with Tomcat and it runs on port  if I’m not mistaking. So, if
> you want to utilize Apache instead, you have to install mod_proxy_ajp
> module in Apache and setup an apache config like below:
>
> ProxyPass /djigzo http://localhost:/djigzo
> ProxyPassReverse /djigzo http://localhost:/djigzo
> ProxyPass /web http://localhost:/web
> ProxyPassReverse /web http://localhost:/web
> ProxyTimeout 3600
>
>
> Changing the port has to be done within apache. So, if you want to use
> 443, you must of course install mod_ssl on apache, as well as certificate.
> I have a complete Apache config file if you want, let me know and I’ll post
> the relevant parts.
>
>
> From: Paul Bronson [mailto:signaldevelo...@gmail.com signaldevelo...@gmail.com>]
> Sent: Monday, June 26, 2017 2:42 PM
> To: Dino Edwards  mydirectmail.net>>
> Cc: users@lists.djigzo.com
> Subject: Re: [Djigzo users] Servers wont talk to me!
>
> Okay I will try that. I am also noticing that mxtoolbox states this server
> isn't configured for TLS? I do not see any settings under interface for
> this. Is this set on postfix main.cf file
> manually?
>
> Also if I wanted to remove the port or change the port to a default 443 do
> I need to do this within apache, or does the GUI do the config itself?
>
> On Mon, Jun 26, 2017 at 2:37 PM, Dino Edwards via Users <
> users@lists.djigzo.com users@lists.djigzo.com>> wrote:
> I’m guessing sendmail got installed by accident or as part of something
> else. Not sure. I would either uninstall sendmail or change its port number
> if it’s absolutely necessary, although it doesn’t seem like that’s the case.
>
> Since the Web GUI runs on a different port, you can set whatever hostname
> you want in ciphermail as long as that hostname is resolvable by the
> outside world and as long as the back-end webserver (apache I assume) is
> configured to answer on that port. So, if you want the web portal to be
> https://webportal.domain.tld:8443/ in ciphermail under settings --> portal
>
> è Base URL you set it as follows:
>
> https://webportal.domain.tld:8443/web/portal/
>
>
>
> From: Paul Bronson [mailto:signaldevelo...@gmail.com signaldevelo...@gmail.com>>]
> Sent: Monday, June 26, 2017 2:13 PM
> To: Dino Edwards  mydirectmail.net>>>
> Cc: users@lists.djigzo.com users@lists.djigzo.com>
> Subject: Re: [Djigzo users] Servers wont talk to me!
>
> Hi Dino,
>
> Wonder why sendmail keeps trying to start then.. Odd.
>
> I'd really like to set the web portal to a different address versus the
> HELO name I meant, sorry.
>
> Paul
>
> On Mon, Jun 26, 2017 at 2:02 PM, Dino Edwards via Users <
>