Re: Lavabit like encryption with OpenSMTPD

2015-02-09 Thread Craig Skinner
agencies, etc. Govts businesses have access to freemail data. Encrypting only one end of the transaction offers little privacy. SSL tranmission is of little benefit, for the same reason. Cheers, -- Craig Skinner | The cost to be the boss: http://www.youtube.com/watch?v=xVHIGYgDvsI -- You

Re: Lavabit like encryption with OpenSMTPD

2015-02-09 Thread Craig Skinner
On 2015-02-08 Sun 10:56 AM |, Gilles Chehade wrote: 1- you need the queue to be encrypted. 2- you need mails delivered to the users to be encrypted. The SENDER encrypts their message in their MUA, _before_ sending. 3- you need mails to be decrypted when a user retrieves them. The recipient

Re: pre-queue spam check

2015-04-11 Thread Craig Skinner
On 2015-04-11 Sat 16:04 PM |, Joerg Jung wrote: From my understanding, the user connects on port 25 (using STARTTLS and SMTP AUTH), is blocked by spamd (451 temporarily greylisted for 25 min), but usually MUAs try again some seconds later... Users connect to the submission port 587 via

Re: Receiving broken e-mails?

2015-08-17 Thread Craig Skinner
On 2015-07-25 Sat 20:39 PM |, Herbert J. Skuhra wrote: Later I had this issue with e-mails from a different mailing list. Unfortunately those message are missing on gmane. I can reproduce this issue easily: - run OpenSMTPD, request mlm to resend the message ... broken - run Postfix,

Re: spamd

2015-08-01 Thread Craig Skinner
On 2015-08-01 Sat 08:16 AM |, SSL wrote: 2) spamd (send mail to gmail but *** cannot recieve from gmail *) - black.pf - ... pass in on $ext_if proto tcp to any port submission table spamd persist table spamd-white persist pass in on $ext_if proto tcp

Re: Debug 'Message is not RFC 2822 compliant'?

2015-07-13 Thread Craig Skinner
On 2015-07-11 Sat 22:26 PM |, Eric Ripa wrote: Thanks for the response. I suspected that but given that the actual content in this case is confidential I was a bit hesitant. Heres the leading part of the [MSG] section. Can you see anything triggering this? It might be a (UTF)

Re: The OpenSMTPD audit, a debrief

2015-10-10 Thread Craig Skinner
On 2015-10-09 Fri 19:40 PM |, Gilles Chehade wrote: > > The report taught us a few things and helped us spot weak points that we > will work on hardening to make sure. I'll summarize a bit, MTAs could be the most complex daemon commonly deployed. For a very small, part time team, this is a huge

Re: TLS verify

2015-11-28 Thread Craig Skinner
e: Sat, 28 Nov 2015 08:48:09 + From: Craig Skinner <skin...@britvault.co.uk> To: Martin de Wendt <mar...@mdewendt.de> Subject: Re: TLS verify User-Agent: Mutt/1.5.23 (2014-03-12) On 2015-11-27 Fri 13:32 PM |, Martin de Wendt wrote: > incoming emails from any tls required This isn

Re: Mails getting chopped in half

2016-01-30 Thread Craig Skinner
Hi Edd, On 2016-01-29 Fri 14:09 PM |, Edd Barrett wrote: > > * Maybe there's a race in reading the /var/mail/edd mbox. (Should I >even have fdm reading a mbox while smtpd maybe is writing >to it?) Compare OpenSMTPd's syslog mail delivery timestamps & your cronjob freq maildirs are

Re: Mails getting chopped in half

2016-02-01 Thread Craig Skinner
On 2016-01-29 Fri 14:09 PM |, Edd Barrett wrote: > > Some mails I receive are being cut in two by either: opensmtpd, fdm or > spamassassn. I have opensmtpd running on an OpenBSD-5.8 machine. fdm > (invoked from cron) picks up mail from /var/mail/edd (an mbox) and > passes it to spamassassin for

Re: Verifying addresses on Exchange/AD from an edge server

2016-02-18 Thread Craig Skinner
Hi Jason, On 2016-02-18 Thu 20:28 PM |, Jason Tubnor wrote: > > Maybe even a script that I can run say every 3 hours, a bit of hackery, uniq > and a makemap would get me by as well. > Export the recipients from SexChange & putty scp the list to your box. Adapt these ideas to your situation:

Re: Sample Procedure and commands for clearing Spam from your mail queues

2016-07-20 Thread Craig Skinner
On Tue, 19 Jul 2016 16:03:42 +0200 Christian Kellermann wrote: > Using a blacklist in smtpd.conf and updating that list would spare you > the troubles of touching the packet filter rules. > > Or am I missing something? # spamdb -t -a ip.ad.dr.ess -- You received this mail because you are

Re: Message is not RFC 2822 compliant

2016-09-19 Thread Craig Skinner
Hi Will, On Sun, 18 Sep 2016 16:04:40 -0700 William Sloan wrote: X-Mailer: Apple Mail (2.3124) > I have a long running email thread with some friends that > yesterday when I attempted to reply to a message I got an error that > the message could not be delivered because it was not RFC 2822

Re: table ownership/permissions issues

2016-08-17 Thread Craig Skinner
Hi Jeremy/all, On Wed, 17 Aug 2016 00:25:30 -0500 Jeremy Volkening wrote: > > The short of it is that to share the passwd file, either: > > 1. The file must be world-readable (not so good) > > 2. The opensmtpd and dovecot daemon users must share a primary group, > or > > 3. The daemons

Re: Failing to relay to gmail

2016-10-25 Thread Craig Skinner
Hello, On Mon, 24 Oct 2016 14:59:22 +0200 K. Peter wrote: > > It is maybe because smtp.qmail.com is a CNAME: > > $ dig smtp.gmail.com +short mx > gmail-smtp-msa.l.google.com. > Is the recipient's address u...@smtp.gmail.com ??? Romildo wrote the address of malaqu...@gmail.com, not

Client (r)DNS client hostname restrictions

2017-07-29 Thread Craig Skinner
Hi, On Sat, 29 Jul 2017 06:12:31 +0500 Sandro Cardelli spammed: > Received: from rptf.pisem.net (221.176.221.70 [221.176.221.70]) > by mx1.poolp.org (OpenSMTPD) with ESMTP id 780e > for ; > Sat, 29 Jul 2017 03:12:32 +0200 (CEST) > From: "Sandro

Re: Guidence to use OpenLDAP with OpenSMTPD

2017-08-02 Thread Craig Skinner
Hi Markus, On Tue, 1 Aug 2017 18:01:38 +0200 Markus Rosjat wrote: > Am 01.08.2017 um 16:48 schrieb Craig Skinner: > > > Thunderbird (& others) can use MD5 passwords with Dovecot too: > > https://wiki2.dovecot.org/HowTo/CRAM-MD5 > > I dont know if I go this way

Re: Guidence to use OpenLDAP with OpenSMTPD

2017-08-01 Thread Craig Skinner
2.dovecot.org/HowTo/CRAM-MD5 Cheers, -- Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in/yGqkv7 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Fail2Ban filter for OpenSMTPD

2017-06-20 Thread Craig Skinner
On 2017-06-17 Sat 14:56 PM |, Peter N. M. Hansteen wrote: > > Examples in the most recent PF tutorial start at > https://home.nuug.no/~peter/pftutorial/#44 and there is a oneliner that > would be an easy starting point for adapting to your needs at the bottom > of

QUIT quickly when message is over SIZE

2017-08-31 Thread Craig Skinner
Hi, From the SMTP session trace below, OpenSMTPd should have QUIT quickly after reading the SIZE parameter: Cheers. - Forwarded message from Mail Delivery System - Date: Thu, 31 Aug 2017 00:18:05 +0100 (BST) From: Mail Delivery System

Re: QUIT quickly when message is over SIZE

2017-09-01 Thread Craig Skinner
Hi Edgar, On Thu, 31 Aug 2017 15:23:06 -0500 Edgar wrote: > Postfix logs on opensmtpd list. Seems like heresy to me. The SMT _Protocol_ was created to inter-operate on various daemons. Interaction with other daemons is simply the protocol of mail transfer. Cheers, -- Craig Skinner | h

Re: QUIT quickly when message is over SIZE

2017-09-01 Thread Craig Skinner
Hi Gilles/all again, With a bit of commentary below: On Thu, 31 Aug 2017 11:41:04 +0100 Craig Skinner wrote: > > Transcript of session follows. > OpenSMTPd running on lists.OpenBSD.Org has a message to send, and knows what size that message is. lists: knock knock teak &g

Re: Credentials Table

2018-08-28 Thread Craig Skinner
/HowTo/CRAM-MD5 http://wiki2.dovecot.org/Authentication http://wiki2.dovecot.org/Authentication/Mechanisms http://wiki2.dovecot.org/Authentication/Mechanisms/DigestMD5 http://wiki2.dovecot.org/Authentication/PasswordSchemes http://wiki2.dovecot.org/HowTo/ConvertPasswordSchemes Cheers, -- Craig Skinner

Re: Testing SMTP Authentication CLI

2018-09-10 Thread Craig Skinner
r agent (MUA) authenticated mail submission port. 25 is for MTA to MTA duties, not for user authentication. Regards, -- Craig Skinner | http://linkd.in/yGqkv7 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Problem sending mail with Apple Mail

2018-04-10 Thread Craig Skinner
hat non-standard port, it would work too - but you are using a non-RFC port and hard coding it Hey, why not use port 22? Hmmm I wonder... Cheers, -- Craig Skinner | http://linkd.in/yGqkv7 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail t

Re: Problem sending mail with Apple Mail

2018-04-10 Thread Craig Skinner
On Tue, 10 Apr 2018 12:51:55 +0300 Reio Remma wrote: > Curious indeed, if Apple autoconfiguration would work properly on the > submission port. > Yes Reio:- > >> On 10 Apr 2018, at 5:43 PM, Craig Skinner wrote: > >> > >> Port 465 is not RFC compliant.

Re: Problem sending mail with Apple Mail

2018-04-10 Thread Craig Skinner
On Tue, 10 Apr 2018 10:22:28 Nick Gyurov wrote: > ... autoconfiguration worked when listening on submission Fuck me! _WHAT_A_BIG_SURPRISE_!!! Bloody hell! Perhaps Firefox will start browsing on port 80 next! Whoop!!! Maybe ssh will one day connect to port 22 too! Stunned! -- Craig Skin

Re: Problem sending mail with Apple Mail

2018-04-10 Thread Craig Skinner
to be operative? Cheers, -- Craig Skinner | http://linkd.in/yGqkv7 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Help setting up anti-spam using Dovecot and whatever with 6.3

2018-03-28 Thread Craig Skinner
g.ip.address -y main.ip.add.ress -Y primary.mx.host.name -Y another.mx.host.name' spamlogd_flags='-I -Y primary.mx.host.name -Y another.mx.host.name' Consider ungrey-robins to cope with round-robin dumb fuck freemailers: http://web.Britvault.Co.UK/products/ungrey-robins/ Cheers, -- Craig

Re: OpenSMTPD 6.4.0

2018-06-29 Thread Craig Skinner
o something like this & watch the logs: user$ print delete | mail -s test matt.schwart...@gmail.com Cheers, -- Craig Skinner | http://linkd.in/yGqkv7 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: spamd

2018-10-17 Thread Craig Skinner
telisting domains. See: http://web.Britvault.Co.UK/products/ungrey-robins/ Cheers, -- Craig Skinner | http://linkd.in/yGqkv7 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Report Domain: dotbit.ro Submitter: fastmail.com Report-ID:2018.10.15.155619520

2018-10-19 Thread Craig Skinner
ns, e.g: $ dig lampero.ro TXT +short "v=spf1 include:_spf.%{d} ~all" $ dig _spf.lampero.ro TXT +short "v=spf1 +a:mail.lampero.ro ~all" $ dig dotbit.ro TXT +short "v=spf1 include:_spf.lampero.ro ~all" Cheers, -- Craig Skinner | http://linkd.in/yGqkv7

Re: different lmtp destinations from table for mail delivery depending on email address

2018-12-27 Thread Craig Skinner
rite it when users are added/removed): joe@public.domain -> joe@imap1.private sarah@public.domain -> sarah@imap2.private andy@public.domain -> andy@imap3.private Cheers, -- Craig Skinner | http://linkd.in/yGqkv7 -- You received this mail because you are subscribed to misc@opensmtpd.org

Re: Opensmtpd failover

2018-11-29 Thread Craig Skinner
Thomas, you're a stupid, standards breaking, sack of shit. STOP EMAILING ME PRIVATELY YOUR FUCKWIT CRAP!!! MX records have a purpose. Read what they are for. STOP SENDING ME YOUR FUCKWIT PRIVATE IDEAS ABOUT MX RECORDS On Wed, 28 Nov 2018 13:06:03 Craig Skinner wrote: > On Wed, 28

Re: Opensmtpd failover

2018-11-24 Thread Craig Skinner
then relay over SMTP when the primary can recieve the spooled mail. > ... A solution is to use dot-lock files ... Maildirs solve the hideous problems of mboxes... whether on NFS or not. Cheers, -- Craig Skinner | http://linkd.in/yGqkv7 -- You received this mail because you are subscribed to misc@

Re: Opensmtpd failover

2018-11-24 Thread Craig Skinner
. Cheers, -- Craig Skinner | http://linkd.in/yGqkv7 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: OpenSMTP as mx backup

2018-11-26 Thread Craig Skinner
re on Friday evening, and you can't order parts until Monday, which take a week to arrive Some shit takes more than 4 days to fix. Cheers, -- Craig Skinner | http://linkd.in/yGqkv7 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: m

Re: Opensmtpd failover

2018-11-26 Thread Craig Skinner
ing traffic. Then then you get the next flight to your final destination & Hogmanay for 3 days. Cheers, -- Craig Skinner | http://linkd.in/yGqkv7 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Vacation with smtpd doesn't work in 6.4

2018-11-17 Thread Craig Skinner
disks to govts. Cheers, -- Craig Skinner | http://linkd.in/yGqkv7 -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: request (privately) for maillog

2020-02-25 Thread Craig Skinner
On Mon, 24 Feb 2020 18:41:19 +0100 "Peter J. Philipp" wrote: > I got another "bouncing messages from misc@opensmtpd.org" message. The > particular message was 4669 that bounced. Yet I have no record of this in > my maillog,... Same here. Cheers, -- Craig Skinner | http://linkd.in/yGqkv7

Re: 421 errors

2020-02-18 Thread Craig Skinner
G'day Jeff, On Mon, 17 Feb 2020 18:48:41 -0500 Jeff Moskow wrote: > (host foo.bar.com[192.168.2.2] said: 421 try again later (in reply to end of > DATA command)) The primary MX OpenBSD machine is running spamd. http://man.OpenBSD.Org/spamd Cheers, -- Craig Skinner | http://linkd.in/yGqkv7

Re: Relaying and forwarding between multiple servers

2020-05-26 Thread Craig Skinner
Hi Chris, On 24/05/2020 21:46, Christian Baer wrote: I want to move the full fledged server That server is known as the 'primary mail exchanger' (primary MX). to the machine in my basement You'll need a static IP address from your home ISP, and be able to set the reverse DNS to match