On Mon, Feb 07, 2022 at 12:46:54AM -0500, Ruben Safir wrote:
> I pulled dovecot off of 587 and turned on stmpd settings in master.cf
> but not I need to assign the certs to the postfix settings. So I am
> kind of lost. If postfix is sitting on 587 then it needs to to the
> cryptography which see
So, I rebuilt my entire mailserver and still have issues. When I built
dovecot and postfix using the instructions on the postfix docs, it left
me with some problems and oddities. The instructions were from:
http://www.postfix.org/SASL_README.html
and the sister dovecot docs
https://doc.dovecot.or
In addition to filtering JSON input and producing JSON output in the
process, PostQF can now also generate a number of simple reports to
answer some frequently asked questions about message queue content. The
following data can be shown in reports:
* Delay reason
* Recipient address
* Recipi
On Sun, Feb 06, 2022 at 12:57:35PM -0500, Viktor Dukhovni wrote:
> As for refactoring DANE as a conditional override of local TLS policy,
> rather than a replacement of local policy, this has been discussed (see
> the list archives), but we haven't settled on a design.
See, for example, this thre
On Sunday, February 6, 2022 7:28:22 AM EST Matus UHLAR - fantomas wrote:
> >The spf.py script seems to take the first nameserver only, and whet it
> >gets no response generates the Tempfail error.
>
> That's bad SW design. If one nameserver returns fail, you should try
> another one.
It's an iss
On Sun, Feb 06, 2022 at 12:34:02PM -0500, Wietse Venema wrote:
> Postfix turns on DNSSEC when DANE is enabled. Postfix does not turn on
> DNSSEC by default, because that is not a practical option at this
> time.
On Sun, Feb 06, 2022 at 06:38:10PM +0100, Joachim Lindenberg wrote:
> There is a disti
There is a distinct setting smtp_dns_support_level = dnssec in main.cf. Doing
the extra lookups seems doable to me (not looking at the source code so far).
Joachim
-Ursprüngliche Nachricht-
Von: owner-postfix-us...@postfix.org Im
Auftrag von Wietse Venema
Gesendet: Sunday, 6 February 20
Postfix turns on DNSSEC when DANE is enabled. Postfix does not turn
on DNSSEC by default, because that is not a practical option at
this time.
Wietse
On 2022-02-06 13:28, Matus UHLAR - fantomas wrote:
On 2022-02-06 05:10, Scott Kitterman wrote:
On Saturday, February 5, 2022 11:36:40 AM EST Fourhundred Thecat
wrote:
> On 2022-02-05 16:00, Scott Kitterman wrote:
Here's how you would do essentially the same query as mentioned in
the log
di
Hello all,
after experimenting with dane, verify, and other policies of
http://www.postfix.org/TLS_README.html#client_tls, I am wondering whether the
options available are really what should be available.
Right now a sender can configure that policy as a system default or per target
domain. Ob
In the future I will try to learn a bit more about amavis and what you
can do with it.
I read that you could add a disclaimer using amavis.
Le 06/02/2022 à 13:17, Matus UHLAR - fantomas a écrit :
On 06.02.22 11:07, Forums wrote:
From what I had been told and what I could read, port 465 is
de
On 2022-02-06 05:10, Scott Kitterman wrote:
On Saturday, February 5, 2022 11:36:40 AM EST Fourhundred Thecat wrote:
> On 2022-02-05 16:00, Scott Kitterman wrote:
Here's how you would do essentially the same query as mentioned in the log
directly with pyspf:
python3 /usr/lib/python3/dist-packa
On 06.02.22 11:07, Forums wrote:
From what I had been told and what I could read, port 465 is
deprecated and I had to use port 587. So for outgoing emails I use
port 587.
it was "deprecated" (not really standardised) for ~20 years, since RFC 2476
(December 1998) was introduced, but last 4 year
On 2022-02-05 20:46, post...@ptld.com wrote:
Are you saying OpenDMARC is outdated and policyd-spf is more up to
date?
I read (a year ago) it was the other way around.
What wrong validation would OpenDMARC do because of this?
rfc 7208 is not part of libspf2, that makes opendmarc outdated
i do
When I wanted to secure my mail server, I got help from people on forums
and on this mailing list.
So I followed their explanations and advice (DKIM, SPF, DMARC, spams,...).
From what I had been told and what I could read, port 465 is deprecated
and I had to use port 587. So for outgoing email
15 matches
Mail list logo