Peter Uetrecht via Postfix-users:
> Hello everyone,
>
> I need an easy way to add a custom header that depends on the domain part
> of the envelope rcpt to. If the receiving domain matches the custom header
> should be added. I know about header_checks, but that can?t be used because
> the
Hi Vijay,
thank you very much for this detailed explanation. I found it especially useful
to learn about CERT/CC's workflow, since people like me, who are neither
security researchers nor maintainers of well-known software projects, have
little insight into this. While I was able to reach
Hi Tim,
On VINCE questions:
There is the software VINCE and CERT/CC own instance, so for all the relevant
details of our workflow and communication you may find the VINCE FAQ more
valuable.
https://vuls.cert.org/confluence/display/VIN/Frequently+Asked+Questions
We are still learning ways to
I think that I have the SASL figured out, and probably it's a similar
process to get the tls_policy compliant and functional. The log:
Dec 23 13:11:32 mordor postfix/smtp[287549]: error: open database
/etc/postfix/tls_policy.db: No such file or directory
Dec 23 13:11:32 mordor
John D'Orazio via Postfix-users:
> I believe some users are in fact confusing DMARC and DKIM. DMARC is a
> policy that lets receiving servers know how to deal with mail that seems to
> be coming from your server but has *not* passed SPF and DKIM checks. From
> the Google support forum:
>
> DMARC
Tim Weber via Postfix-users:
> I think this is a very good way to look at it, and a helpful lesson
> from this situation. Especially since, reading the article as it
> was published, it is obvious that SEC must have known the impact
> to Postfix and Sendmail. I understand their urge to notify
On 12/22/23 17:30, Vijay S Sarvepalli via Postfix-users wrote:
Arguably the second server is at fault
here for “SPF” signing two emails, nevertheless the vulnerability is due
to the combinatorial or Composition Attack as Wietse has identified.
SPF does not involve any per-message signatures.
Bill Sommerfeld via Postfix-users:
> On 12/22/23 17:30, Vijay S Sarvepalli via Postfix-users wrote:
> > Arguably the second server is at fault
> > here for "SPF" signing two emails, nevertheless the vulnerability is due
> > to the combinatorial or Composition Attack as Wietse has identified.
>
I believe some users are in fact confusing DMARC and DKIM. DMARC is a
policy that lets receiving servers know how to deal with mail that seems to
be coming from your server but has *not* passed SPF and DKIM checks. From
the Google support forum:
DMARC (Domain-based Message Authentication,
On 2023-12-23 22:22, saunders.nicholas--- via Postfix-users wrote:
I think that I have the SASL figured out, and probably it's a similar
process to get the tls_policy compliant and functional. The log:
Dec 23 13:11:32 mordor postfix/smtp[287549]: error: open database
10 matches
Mail list logo
