Leonid Isaev:
> Hello,
>
> One of arguments of pipe(8) is "user=" that instructs it to run an
> external programunder specified user. For example, the following snippet will
> run faxmail(1) under the user faxmail:
> -8<-
> fax unix - nn - 1
Hello,
One of arguments of pipe(8) is "user=" that instructs it to run an
external programunder specified user. For example, the following snippet will
run faxmail(1) under the user faxmail:
-8<-
fax unix - nn - 1 pipe
flags= user=faxmail
ted alternate MXes (subject to smtp_mx_address_limit and
> smtp_mx_session_limit). But the odds of the problem returning will
> be small.
>
> Wietse
>
> 20190906
>
> Bugfix: don't whitewash OpenSSL errors after the plaintext
> channel is disabl
On 9/6/19 2:03 PM, @lbutlr wrote:
> On 6 Sep 2019, at 09:30, Phil Stracchino wrote:
>> Can anyone by chance point me to any documentation that explains how to do
>> this?
>
> Not off hand, but what you are looking for on google is:
>
> fail2ban "action.d”
>
> (the quotes will force google to
On 6 Sep 2019, at 09:30, Phil Stracchino wrote:
> Can anyone by chance point me to any documentation that explains how to do
> this?
Not off hand, but what you are looking for on google is:
fail2ban "action.d”
(the quotes will force google to return results with action.d)
In fact, if you
returning will
be small.
Wietse
20190906
Bugfix: don't whitewash OpenSSL errors after the plaintext
channel is disabled, to avoid looping on "shutdown while
in init" errors. File: tlsproxy/tlsproxy.c.
diff --exclude=man --exclude=html --exclude=README_FIL
Viktor Dukhovni:
> > On Sep 6, 2019, at 11:39 AM, Wietse Venema wrote:
> >
> > SSL_shutdown(), see below. is called ONLY AFTER state->plaintext_buf
> > I/O error. But state->plaintext_buf is null until the handshake is
> > completed.
> >
> > OpenSSL may enter the init state later, during
On Fri, 6 Sep 2019 at 16:31, Phil Stracchino wrote:
> On 8/10/19 2:17 AM, Dominic Raferd wrote:
> > I have a fail2ban ban - quite active - based on this:
> >
> > failregex = ^%(__prefix_line)sdisconnect from \S+\[\]
> > (ehlo|helo)=\d+ .*auth=0/\d
> >
> > See also
> On Sep 6, 2019, at 11:39 AM, Wietse Venema wrote:
>
> SSL_shutdown(), see below. is called ONLY AFTER state->plaintext_buf
> I/O error. But state->plaintext_buf is null until the handshake is
> completed.
>
> OpenSSL may enter the init state later, during session
> renegotiation. How would
Viktor Dukhovni:
> On Fri, Sep 06, 2019 at 11:03:16AM -0400, Wietse Venema wrote:
>
> > Forget that. The tlsproxy daemon does not use the code that
> > implements tls_fast_shutdown_enable/tls_fast_shutdown.
> >
> > In fact the tlsproxy daemon never invokes SSL_shutdown(), except
> > when there
On Fri, Sep 06, 2019 at 11:03:16AM -0400, Wietse Venema wrote:
> Forget that. The tlsproxy daemon does not use the code that
> implements tls_fast_shutdown_enable/tls_fast_shutdown.
>
> In fact the tlsproxy daemon never invokes SSL_shutdown(), except
> when there is an I/O error on the plaintext
On 8/10/19 2:17 AM, Dominic Raferd wrote:
> I have a fail2ban ban - quite active - based on this:
>
> failregex = ^%(__prefix_line)sdisconnect from \S+\[\]
> (ehlo|helo)=\d+ .*auth=0/\d
>
> See also http://www.postfix.org/announcements/postfix-3.0.0.html.
> (I whitelist a few ips that are our
Wietse Venema:
> A. Schulze:
> >
> >
> > Am 06.09.19 um 14:24 schrieb Wietse Venema:
> >
> > Hello Wietse!
> >
> > > Any particular Postfix and OpenSSL version?
> > postfix-3.4.6
> > openssl-1.1.1c
> >
> > > Does setting tls_fast_shutdown_enable (or tls_fast_shutdown)
> > > make a difference?
A. Schulze:
>
>
> Am 06.09.19 um 14:24 schrieb Wietse Venema:
>
> Hello Wietse!
>
> > Any particular Postfix and OpenSSL version?
> postfix-3.4.6
> openssl-1.1.1c
>
> > Does setting tls_fast_shutdown_enable (or tls_fast_shutdown)
> > make a difference?
> I could set tls_fast_shutdown = no and
Am 06.09.19 um 14:24 schrieb Wietse Venema:
Hello Wietse!
> Any particular Postfix and OpenSSL version?
postfix-3.4.6
openssl-1.1.1c
> Does setting tls_fast_shutdown_enable (or tls_fast_shutdown)
> make a difference?
I could set tls_fast_shutdown = no and try again.
Unfortunately that mean I
A. Schulze:
>
> Hello,
>
> today I enabled smtp_tls_connection_reuse on some production server.
> after approx. an hour and ~70 reused SMTP connections, tlsproxy on two
> machines logged this:
>
> ...
> Sep 6 09:03:52 idvmailout03 postfix/tlsproxy[18637]: DISCONNECT
> [213.23.92.204]:25
>
On 06.09.19 16:56, Wesley Peng wrote:
I found if peer MTA's timestamp is too much different from my end, the
messages may not be displayed.
displayed where? postfix is a mail transfer agent, not mail user agent/
for example, when you try to sign up to apache projects' mailing list,
like one
Hello,
today I enabled smtp_tls_connection_reuse on some production server.
after approx. an hour and ~70 reused SMTP connections, tlsproxy on two
machines logged this:
...
Sep 6 09:03:52 idvmailout03 postfix/tlsproxy[18637]: DISCONNECT
[213.23.92.204]:25
Sep 6 09:03:59 idvmailout03
Hello,
I found if peer MTA's timestamp is too much different from my end, the
messages may not be displayed.
for example, when you try to sign up to apache projects' mailing list,
like one of this page:
https://flink.apache.org/community.html
The response message's (for user to confirm)
19 matches
Mail list logo
