I just configured a tls policy map with a fingerprint check on my server to
communicate securely with the SMTP server of a friend of me.
It works fine. If fingerprint check fails on sending out the mail, it will be
deferred.
However there are three points which I don't understand:
1. Why my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello,
new here.
Situation:
When configuring the network in YaST, ifup method (openSUSE Linux), it
may create an entry like this in /etc/hosts (the very last line):
127.0.0.1 localhost
192.168.1.2some_host.some_domain some_host
127.0.0.2
I use vim to edit the Postfix config. What should I use?
On Tue, Jun 11, 2013 at 10:28 PM, Viktor Dukhovni
postfix-us...@dukhovni.org wrote:
On Tue, Jun 11, 2013 at 09:34:38PM +0200, polloxx wrote:
no luck yet.
local_header_rewrite_clients = static:all smtp_tls_CAfile =
Carlos E. R.:
Situation:
When configuring the network in YaST, ifup method (openSUSE Linux), it
may create an entry like this in /etc/hosts (the very last line):
127.0.0.1 localhost
192.168.1.2some_host.some_domain some_host
127.0.0.2 some_host.some_domain some_host
polloxx:
local_header_rewrite_clients = static:all smtp_tls_CAfile =
/etc/postfix/cacert.pemsmtp_tls_session_cache_database =
btree:/mailout/var/spool/postfix/smtp_tls_session_cache
smtp_tls_security_level = maysmtp_use_tls = yessmtpd_tls_CAfile
=
/etc/postfix/cacert.pem
I got a connection from someone with a client certification:
Received: from foo.bar (foo.bar [10.0.0.1])
(using TLSv1.1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
(Client CN mail.foo.bar, Issuer StartCom Class 1 Primary
Intermediate Server CA (not verified))
by
On 06/08/2013 08:17 PM, Wietse Venema wrote:
Jeroen Geilman:
On 06/04/2013 02:20 PM, Erwan David wrote:
On Tue, Jun 04, 2013 at 01:44:46PM CEST, Tom Hendrikx t...@whyscream.net said:
On 06/04/2013 01:22 PM, Antonio Guti?rrez Mayoral wrote:
Hi Wietse,
Yes, its a solution, but these emails
On 06/12/2013 03:02 PM, Peter Bauer wrote:
I got a connection from someone with a client certification:
Received: from foo.bar (foo.bar [10.0.0.1])
(using TLSv1.1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
(Client CN mail.foo.bar, Issuer StartCom Class 1 Primary
If he can just use a (sender-dependent) transport to send his
newsletter to, that would take care of the blockage, wouldn't it ?
Yes, provided that he does not saturate the active queue. There
is, however, no need to cripple this transport with single-recipient
deliveries. If one delivery
Thanks to all of you.
Now it works, although set nowrap in vim did not solve the issue. I had
to add the parameters using postconf -e.
Is this normal?
Now I see 250-STARTTLS when I telnet to the server on port 25.
Is there another way to test if the setup works?
On Wed, Jun 12, 2013 at 2:46 PM,
On Wed, Jun 12, 2013 at 03:23:38PM +0200, Jeroen Geilman wrote:
On 06/12/2013 03:02 PM, Peter Bauer wrote:
How can I check the certificate of the incoming email? By
fingerprint would be nice. And I would like to refuse it if check
fails.
On Wed, Jun 12, 2013 at 03:02:40PM +0200, Peter Bauer wrote:
I got a connection from someone with a client certification:
Received: from foo.bar (foo.bar [10.0.0.1])
(using TLSv1.1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
(Client CN mail.foo.bar, Issuer StartCom Class
Apararently, my previous reply has been lost. I resend.
On 2013-06-12 14:40, Wietse Venema wrote:
Carlos E. R.:
Does the machine have a network interface with IP address 127.0.0.2?
Dunno. I guess not, because it is not listed in ifconfig output.
However, they tell me that any address in
polloxx:
Thanks to all of you.
Now it works, although set nowrap in vim did not solve the issue. I had
to add the parameters using postconf -e.
Is this normal?
set nowrap has no effect after the text is already wrapped.
Wietse
Thanks Wietse.
Can we test this setup?
On Wed, Jun 12, 2013 at 5:29 PM, Wietse Venema wie...@porcupine.org wrote:
polloxx:
Thanks to all of you.
Now it works, although set nowrap in vim did not solve the issue. I had
to add the parameters using postconf -e.
Is this normal?
set nowrap
polloxx:
Thanks to all of you.
Now it works, although set nowrap in vim did not solve the issue. I had
to add the parameters using postconf -e.
Is this normal?
Wietse:
set nowrap has no effect after the text is already wrapped.
polloxx:
Thanks Wietse.
Can we test this setup?
If you mean
Carlos E. R.:
Apararently, my previous reply has been lost. I resend.
On 2013-06-12 14:40, Wietse Venema wrote:
Carlos E. R.:
Does the machine have a network interface with IP address 127.0.0.2?
Dunno. I guess not, because it is not listed in ifconfig output.
Then, 127.0.0.2
On 2013-06-12 Wietse Venema wrote:
If you mean that set nowrap in vim did not put the line breaks
back, then that is to be expected.
If you mean that set nowrap in vim removes line breaks, then that
is a question for vim users/faqs/maintainers.
FTR: set wrap or set nowrap don't add or
On 6/12/2013 10:53 AM, polloxx wrote:
Thanks Wietse.
Can we test this setup?
If you're asking how to test your TLS, use the openssl s_client.
openssl s_client -connect se.rv.er.ip:port -starttls smtp
If it's working, you'll get several screens full of connection info
and certificate
The postfix performance claims made via this thread are far-fetched to say
the least. Most postfix users will only see outbound throughput in the
range of ~250,000/hour per instance in a production setting. Yet, people on
here are claiming 10 million/hour? I guess that would be possible if a
Am 12.06.2013 21:17, schrieb fletch:
here are claiming 10 million/hour? I guess that would be possible if a
sender were to run, say, 40 postfix instances which would be a complete
management nightmare of course.
You already lost.
I did this even 5-6 years ago with 3-4 millionen mails / hour
fletch:
The postfix performance claims made via this thread are far-fetched to say
the least. Most postfix users will only see outbound throughput in the
range of ~250,000/hour per instance in a production setting. Yet, people on
here are claiming 10 million/hour? I guess that would be
On 06/12/2013 12:17 PM, fletch wrote:
The postfix performance claims made via this thread are far-fetched to say
the least. Most postfix users will only see outbound throughput in the
range of ~250,000/hour per instance in a production setting. Yet, people on
here are claiming 10 million/hour?
Am 12.06.2013 21:17, schrieb fletch:
The postfix performance claims made via this thread are far-fetched to say
the least. Most postfix users will only see outbound throughput in the
range of ~250,000/hour per instance in a production setting. Yet, people on
here are claiming 10
Peer,
There's no way that's a production figure. You may have queued that many,
but I seriously doubt you got anything close to 3-4 million/hour when
postfix was actually conducting delivery with the remote gateways...
On Wed, Jun 12, 2013 at 1:02 PM, Peer Heinlein [via Postfix]
On 6/12/2013 4:40 PM, fletch wrote:
Peer,
There's no way that's a production figure. You may have queued that many,
but I seriously doubt you got anything close to 3-4 million/hour when
postfix was actually conducting delivery with the remote gateways...
This point is somewhat moot,
I know powermta as well as postfix and I think I can add to some of the
comments on here, powermta is not cheap by any means and of course postfix
is free, however pmta might have some settings out of the box that are
optimized for bulk but they can not come close to postfix as far as email
wie...@porcupine.org (Wietse Venema) wrote:
fletch:
The postfix performance claims made via this thread are far-fetched to
say
the least. Most postfix users will only see outbound throughput in the
range of ~250,000/hour per instance in a production setting. Yet,
people
What do you mean by: ...they can not come close to postfix as far as email
standards go? My understanding is that powermta fully complies with the
various RFCs.
Also, I'm sure there are far more spammers using free software like postfix
rather than paying for a commercial product.
On Wed, Jun
On Wed, Jun 12, 2013 at 03:53:17PM -0700, fletch wrote:
What do you mean by: ...they can not come close to postfix as far as email
standards go? My understanding is that powermta fully complies with the
various RFCs.
Also, I'm sure there are far more spammers using free software like
30 matches
Mail list logo
