On 02-07-18 01:15, Dr. Rolf Jansen wrote:
> Hello,
>
> I read carefully the technical paper about the exfiltration attack
> (efail) on decrypted S/MIME or PGP content.
>
> https://efail.de
> https://efail.de/efail-attack-paper.pdf
>
> According to my understanding, sanitizing text/html content
On 04/25/2017 01:19 PM, robert.wo...@robertwolfe.org wrote:
> On 2017-04-25 01:54, martijn.list wrote:
>
>> I need to configure a smart host for Exchange Online (Office 365), i.e.,
>> all email sent with Exchange Online should be relayed through an
>> external Postfix
Hi,
I need to configure a smart host for Exchange Online (Office 365), i.e.,
all email sent with Exchange Online should be relayed through an
external Postfix server (smarthost). O365 allows a smarthost to be
configured. Unfortunately you can only configure the hostname (or IP) of
the smarthost
On 10/30/2015 10:04 AM, Jeroen Scheerder wrote:
> L.S.,
>
> I ran into a little something. I have separated my main smtp service
> (tcp/25) and smtps/submission services (tcp/465, tcp/587).
> The smtps/submission services have a few extra virtual aliases, but they also
> (don't ask) add a
On 10/30/2015 12:56 PM, Jeroen Scheerder wrote:
> Quoth Jeroen Scheerder (30 Oct 2015, 12:46):
>
>> That would result in a
>>
>> 250-SIZE 1024
>>
>> helo message, *and* a true size limit of 10239918.
>
> I obviously omitted the evident edit. I had meant to write:
>
> "That would result
On 03/04/2015 09:30 PM, Sebastian Nielsen wrote:
But how can I retain a copy of message before milter? Could then remove
the hashcash milter and DKIM milter (since those does not change that -b
does succeed validation and no -b does fail validation) and send a test
mail.
But that's an
On 10/05/2014 08:47 PM, A. Schulze wrote:
Do you have a so-called security appliance in the path? Many have
a history of tampering with email.
Do you have other anti-spam software in the path that modifies
mail headers such as X-Spam:?
To be complete: there is an easy way to invalidate
On 06/29/2014 02:02 PM, m...@ruggedinbox.com wrote:
Hi nice people, easy question for this nice Sunday :D
Are you aware of any solution that would replicate (or even improve) the
technology that was developed by lavabit to encrypt their users mailboxes ?
There is an architecture
Hi,
Google Apps and Exchange online allows you to relay all outgoing email
through an external mail server.
Google Apps calls this an Outbound mail gateway:
https://support.google.com/a/answer/178333
And Microsoft calls this Outbound Smart Hosting:
On 01/16/2014 12:52 PM, James Day wrote:
Hello Postfix User List,
I have a mail server that I use to provide a smart host service for my
customers. I have a problem sending a message onto a recipient in the domain
cbhc.uk.com. The failure message is below.
I'm struggling to work out why
Hi,
I must be doing something wrong but I'm unable to add a
check_recipient_access restriction to smtpd in master.cf.
I have added the following additional smtpd daemon to master.cf
127.0.0.1:10027 inet n - n - 10 smtpd
-o
On 09/10/2013 03:30 PM, /dev/rob0 wrote:
On Tue, Sep 10, 2013 at 03:17:30PM +0200, martijn.list wrote:
I must be doing something wrong but I'm unable to add a
check_recipient_access restriction to smtpd in master.cf.
I have added the following additional smtpd daemon to master.cf
127.0.0.1
On 01/03/2013 04:12 PM, Michael Blessenohl wrote:
Am 03.01.2013 06:05, schrieb Viktor Dukhovni:
On Thu, Jan 03, 2013 at 04:49:50AM +0100, Michael Blessenohl wrote:
/var/log/mail.info:
Jan 3 03:09:45 hostname postfix/smtpd[5781]: connect from
mail-we0-f173.google.com[74.125.82.173]
Jan 3
On 01/03/2013 09:48 PM, Michael Blessenohl wrote:
I'm sorry, I'll try not to use my smartphone again to answer mails from
this list.
I ment using a remote machine as client to connect to the postfix server
as opposed to connect to the machine itself. I don't know why it does
matter, but
On 12/12/2012 01:00 PM, Stan Hoeppner wrote:
On 12/11/2012 2:03 AM, martijn.list wrote:
I guess in practice hardly no one will use it in this form but since I'm
working on a web gui on which users can enter some RBL syntax I had to
check what formats are accepted or not.
Then you need
On 12/11/2012 04:17 AM, Stan Hoeppner wrote:
On 12/10/2012 2:38 AM, martijn.list wrote:
It's probably my misunderstanding on the reject_rbl_client syntax
No, it's your misunderstanding of the dnsbl reply syntax.
reject_rbl_client example.com=[127;128].0.0.1
I use this as a restriction
It's probably my misunderstanding on the reject_rbl_client syntax but if
I use the following reject_rbl_client configuration , the mail logs
tells me that the reject_rbl_client syntax is invalid:
reject_rbl_client example.com=[127;128].0.0.1
I use this as a restriction in
On 05/19/2011 05:44 PM, Shawn Heisey wrote:
On 5/18/2011 10:30 PM, Noel Jones wrote:
On 5/18/2011 8:11 PM, Shawn Heisey wrote:
monitor.example.com[10.2.1.39]: 503 5.5.1 Error: send
HELO/EHLO first
But that's a different error message. For this, you need to set
# main.cf
On 02/25/2011 09:02 AM, Nicolas Michel wrote:
Hello,
I was asking myself about the kind of connection used by a MTA to
contact another one.
For exemple, I know that we can setup in a MUA an SSL (or TLS)
connection when configuring the SMTP connection. So the connection
between the MUA and
Just use opportunistic TLS on both ends and go.
It depends on the requirements whether TLS is good enough. It's not
always possible to be 100% certain that the complete route is TLS
protected. All intermediate servers should protect the message with TLS
and this is something the sending server
2. Do not forward *any* emails, period.
That's probably the simplest solution :)
Wouldn't using an owner alias be a solution? (see expand_owner_alias).
You can set the owner alias of the forward to some internal address.
This internal address will only be used to 'suck-up' the bounces of
Wouldn't using an owner alias be a solution? (see expand_owner_alias).
You can set the owner alias of the forward to some internal address.
This internal address will only be used to 'suck-up' the bounces of
forwarded messages.
Interesting idea!
It works for me. I forward a copy of every
My question is, if I am right, how can I find out which account has been
compromised?
You can add this to main.cf:
smtpd_sasl_authenticated_header=true
This will add the SASL authenticated user to the received headers which
allows you to see who's account was used.
Kind regards,
Martijn
Thanks Martijn, but if the SASL user gets put into the headers, then
doesn't that just meant that the recipient will see who the message came
from, rather than the administrator - me?
Yes but you said:
...I started seeing a huge number of rejected emails in the deferred
queue...
If the SASL
You can try Djigzo (http://www.djigzo.com/). It's an open source email
encryption gateway with support for S/MIME and PDF encryption (with
support for random generated passwords via SMS gateway).
You can install it on your own system (.tar and .deb files available) or
you can use the provided
lst_ho...@kwsoft.de wrote:
Have a look for PGP or S/MIME. This is client side encryption and must
therefore configured in the client settings, not postfix.
You can use a S/MIME gateway like Djigzo open source email encryption
gateway (www.djigzo.com) to encrypt all your incoming email with
I’m no expert on SPF but as far as I understand it only checks if a
sender is ‘allowed’ to send using that domain, so no relation what so
ever on dropping mail from parties that don’t use SPF…
Or am I missing something?
A lot of statistics are used to filter out spam so it wouldn't surprise
However, i have to write a new one in C/C++ and I'm getting some trouble
with the dot indicating the end-of-message. The problem is that when
i send the message back from the filter written in C/C++ anyone can
perform a spam injection by sending messages with this content:
.
MAIL FROM:
28 matches
Mail list logo