On 09 Feb 2021, at 04:20, Doug Hardie wrote:
>
> Cc: Postfix users
> To: "@lbutlr"
Please do not do this. I am subscribed to the list. I will see your message on
the list.
--
'I thought dwarfs didn't believe in devils and demons and stuff like that.'
'That's true, but... we're not sure
On 09 Feb 2021, at 06:21, Dominic Raferd wrote:
> On 09/02/2021 12:36, @lbutlr wrote:
>> On 09 Feb 2021, at 04:23, Dominic Raferd wrote:
>>> This shows plenty of 'good' servers still using TLSv1 or TLSv1.1 -
>>> including the postfix-users list servers. Of course they would probably
>>>
Zsombor B:
> Hi,
>
>
> > Please provide evidence.
>
> This is the point. :)
>
> External client sent us a mail we accepted with queue id "A".
> I have asked them to look for this "A" in their logs.
> I was told they can't find it in their logs.
Postfix also logs a Message-Id, which should be
Hi,
Please provide evidence.
This is the point. :)
External client sent us a mail we accepted with queue id "A".
I have asked them to look for this "A" in their logs.
I was told they can't find it in their logs.
Zsombor
Idézet (Wietse Venema ):
Zsombor B:
It turned out during an
On 09/02/2021 12:36, @lbutlr wrote:
On 09 Feb 2021, at 04:23, Dominic Raferd wrote:
This shows plenty of 'good' servers still using TLSv1 or TLSv1.1 - including
the postfix-users list servers. Of course they would probably downgrade to
plaintext if required, but that would reduce security.
On 09 Feb 2021, at 05:45, Wietse Venema wrote:
> Zsombor B:
>> It turned out during an investigation that our postfix servers don't
>> provide a queue id for the external clients when accepting a new email.
>
> Please provide evidence.
>
> Postfix SMTP client logging:
> ... status=sent (250
Zsombor B:
> It turned out during an investigation that our postfix servers don't
> provide a queue id for the external clients when accepting a new email.
Please provide evidence.
Postfix SMTP client logging:
... status=sent (250 2.0.0 Ok: queued as AA92365E6F)
Wietse
On 09 Feb 2021, at 04:23, Dominic Raferd wrote:
> This shows plenty of 'good' servers still using TLSv1 or TLSv1.1 - including
> the postfix-users list servers. Of course they would probably downgrade to
> plaintext if required, but that would reduce security.
That is odd. My mails from the
On 31.01.21 09:56, Daniel Armando Rodriguez wrote:
>Indeed, it was running chrooted but resolv.conf has the same content
>=== # postconf -nf
>smtp_tls_protocols = TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
this is superflous and not a good idea. Many servers support TLS1.0 max.
!SSLv2, !SSLv3
On 31.01.21 09:56, Daniel Armando Rodriguez wrote:
Indeed, it was running chrooted but resolv.conf has the same content
=== # postconf -nf
smtp_tls_protocols = TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
On 08 Feb 2021, at 06:20, Matus UHLAR - fantomas wrote:
this is superflous and not a
On 09/02/2021 10:58, @lbutlr wrote:
On 09 Feb 2021, at 03:53, @lbutlr wrote:
Looking over the last few days, I see connections rom servers I do not accept
mail from, so it looks to me based on my logs that I could easily reject TLSv1
or TLSv1.1 without missing a single mail.
Meant to
> On 9 February 2021, at 02:58, @lbutlr wrote:
>
> zgrep TLSv1 /var/log/mail.log.* | egrep -v '(TLSv1.3|TLSv1.2)' | egrep -o
> 'established from [^:]*' | sort -u
For the last week of my maillogs, I get 298 entries. Some of them are from the
US Census, several health organizations, a mail
On 09 Feb 2021, at 03:53, @lbutlr wrote:
> Looking over the last few days, I see connections rom servers I do not accept
> mail from, so it looks to me based on my logs that I could easily reject
> TLSv1 or TLSv1.1 without missing a single mail.
Meant to include this in case this helps:
On 08 Feb 2021, at 06:20, Matus UHLAR - fantomas wrote:
> On 31.01.21 09:56, Daniel Armando Rodriguez wrote:
>> Indeed, it was running chrooted but resolv.conf has the same content
> === # postconf -nf
>> smtp_tls_protocols = TLSv1.2, !TLSv1.1, !TLSv1, !SSLv2, !SSLv3
>
> this is superflous and
14 matches
Mail list logo