On Friday, 4 January 2019 2:02:20 AM AEDT Florian Zumbiehl via Exim-dev wrote:
> Hi,
>
> > For the record, if you have a sensitive security issue, please mail
> >
> > secur...@exim.org
>
> well, that's good to know, I guess, but may I suggest you put that on the
> website somewhere?
It pro
Hi,
> Once one is logged in or creates a log-in to file a report, it really is
> quite straightforward:
>
> http://www.exim.org/ --> [bugs]
> https://bugs.exim.org/ --> [File a Bug]
> https://bugs.exim.org/enter_bug.cgi which looks as attached
Well, so, once you have done a bunch of steps that a
On 2019-01-04 Florian Zumbiehl via Exim-dev wrote:
> On 2019-01-04 Jeremy Harris via Exim-dev wrote:
>> On 04/01/2019 01:02, Florian Zumbiehl via Exim-dev wrote:
>>> may I suggest you put that on the
>>> website somewhere?
>> It was already there, at https://bugs.exim.org/enter_bug.cgi
> That
Hi,
> On 04/01/2019 01:02, Florian Zumbiehl via Exim-dev wrote:
> > may I suggest you put that on the
> > website somewhere?
>
> It was already there, at https://bugs.exim.org/enter_bug.cgi
That page only tells me that "Bugzilla needs a legitimate login and
password to continue.". Clicking arou
On 04/01/2019 01:02, Florian Zumbiehl via Exim-dev wrote:
> may I suggest you put that on the
> website somewhere?
It was already there, at https://bugs.exim.org/enter_bug.cgi
--
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim
details at http://www.exim.org/
Hi,
> For the record, if you have a sensitive security issue, please mail
> secur...@exim.org
well, that's good to know, I guess, but may I suggest you put that on the
website somewhere? Just put a text file in
https://www.exim.org/static/doc/security/ or something, that's linked as
"security
For the record, if you have a sensitive security issue, please mail
secur...@exim.org
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim
details at http://www.exim.org/ ##
Hi,
> If we're changing `$host` based upon CNAMEs in DNS, then yes this will
> do The Wrong Thing. It might be a security problem then, because the
> normally-insecure DNS changes the name we validate the certificate
> against. We can't rely upon DNSSEC for this default example config.
Yes, tha
On 2018-12-20 at 20:50 +, Jeremy Harris via Exim-dev wrote:
> The wording "should be" could be relaxed slightly, maybe, since it isn't
> required by Exim's parsing. "It is simplest to", perhaps?
Didn't we used to require it? I forget. Feel free to update it.
> I see you quietly removed prd
On 19/12/2018 00:51, Phil Pennock via Exim-dev wrote:
> I think this change is generally useful, in having a cleaner setup for a
> very common use-case, and showing exactly where new macros should be
> defined, which can reduce some of the pain encountered by newcomers to
> Exim.
The wording "shou
On 2018-12-17 at 18:44 -, Jasen Betts via Exim-dev wrote:
> What does DANE say we shoud ask for? I remember it being non-obvious but
> easily explained. However I don't however remember the detail.
RFC 7672 section 2.2.2.
If DNSSEC is available for every step along the way, for all CNAMEs in
On 2018-12-17 Phil Pennock via Exim-dev wrote:
> On 2018-12-16 at 10:42 +, Jeremy Harris via Exim-dev wrote:
> > On 16/12/2018 10:20, Andreas Metzler via Exim-dev wrote:
> > > 4.92rc1 adds this to the smarthost_smtp transport:
> > >
> > > tls_sni = $host
> > >
> > > I do not think that alway
On 2018-12-16, Phil Pennock via Exim-dev wrote:
> On 2018-12-16 at 10:42 +, Jeremy Harris via Exim-dev wrote:
>> On 16/12/2018 10:20, Andreas Metzler via Exim-dev wrote:
>> > 4.92rc1 adds this to the smarthost_smtp transport:
>> >
>> > tls_sni = $host
What does DANE say we shoud ask for? I r
On 2018-12-16 at 10:42 +, Jeremy Harris via Exim-dev wrote:
> On 16/12/2018 10:20, Andreas Metzler via Exim-dev wrote:
> > 4.92rc1 adds this to the smarthost_smtp transport:
> >
> > tls_sni = $host
> >
> > I do not think that always works as expected. Depending on the DNS setup
> > (CNAME, ro
On 16/12/2018 10:20, Andreas Metzler via Exim-dev wrote:
> 4.92rc1 adds this to the smarthost_smtp transport:
>
> tls_sni = $host
>
> I do not think that always works as expected. Depending on the DNS setup
> (CNAME, round robin) $host will not contain the name of the selected
> smarthost anymore
15 matches
Mail list logo
