On 6 Sep 2019, at 14:37, @lbutlr wrote:
> I do need to go through the logs again at some point and see how things are
> shaping up. It would be interesting to see what the server-to-server
> encryption looks like now for valid mail. I suspect that 1.1 has dropped to
> near 0 and 1.0 is more
On 6 Sep 2019, at 14:14, Matus UHLAR - fantomas wrote:
TLSv1.0 is EOLed and should not be used nor supported.
>
>> On 6 Sep 2019, at 01:57, Matus UHLAR - fantomas wrote:
>>> well, if your clients (some old server installations) only support tls1.0,
>>> it's better to allow it than forgint
TLSv1.0 is EOLed and should not be used nor supported.
On 6 Sep 2019, at 01:57, Matus UHLAR - fantomas wrote:
well, if your clients (some old server installations) only support tls1.0, it's
better to allow it than forgint it to go plaintext or reject the mail at all.
On 06.09.19 00:57,
On 6 Sep 2019, at 01:57, Matus UHLAR - fantomas wrote:
> On 06.09.19 00:57, @lbutlr wrote:
>> TLSv1.0 is EOLed and should not be used nor supported.
>
> well, if your clients (some old server installations) only support tls1.0,
> it's better to allow it than forgint it to go plaintext or reject
On Fri, 6 Sep 2019, Reio Remma wrote:
Does the Received check only check the last untrusted relay?
No, the named header checks test all the headers having that name
(presuming there are multiple present).
If you want to verify that TLS was used on the connection into your
infrastructure,
On 06/09/2019 15:53, RW wrote:
On Fri, 6 Sep 2019 09:51:06 +0300
Reio Remma wrote:
Hello!
I recently did an experiment where I stopped accepting incoming
e-mail without TLS. This seemingly cut off about 95-99% of spam.
Unfortunately there still seem to be a small percentage of servers
sending
On Fri, 6 Sep 2019 09:51:06 +0300
Reio Remma wrote:
> Hello!
>
> I recently did an experiment where I stopped accepting incoming
> e-mail without TLS. This seemingly cut off about 95-99% of spam.
> Unfortunately there still seem to be a small percentage of servers
> sending without TLS, so that
On 06/09/2019 15:25, RW wrote:
On Fri, 6 Sep 2019 10:17:23 +0300
Reio Remma wrote:
On 06/09/2019 09:57, @lbutlr wrote:
On 6 Sep 2019, at 00:51, Reio Remma wrote:
Even though I recall QMail having TLSv1 back when we were still
using it.
TLSv1.0 is EOLed and should not be used nor supported.
On Fri, 6 Sep 2019 10:17:23 +0300
Reio Remma wrote:
> On 06/09/2019 09:57, @lbutlr wrote:
> > On 6 Sep 2019, at 00:51, Reio Remma wrote:
> >> Even though I recall QMail having TLSv1 back when we were still
> >> using it.
> > TLSv1.0 is EOLed and should not be used nor supported.
> >
> > But
On 6 Sep 2019, at 00:51, Reio Remma wrote:
Even though I recall QMail having TLSv1 back when we were still
using it.
On 06.09.19 00:57, @lbutlr wrote:
TLSv1.0 is EOLed and should not be used nor supported.
On 06/09/2019 10:57, Matus UHLAR - fantomas wrote:
well, if your clients (some
On 06/09/2019 10:57, Matus UHLAR - fantomas wrote:
On 6 Sep 2019, at 00:51, Reio Remma wrote:
Even though I recall QMail having TLSv1 back when we were still
using it.
On 06.09.19 00:57, @lbutlr wrote:
TLSv1.0 is EOLed and should not be used nor supported.
well, if your clients (some old
On 6 Sep 2019, at 00:51, Reio Remma wrote:
Even though I recall QMail having TLSv1 back when we were still using it.
On 06.09.19 00:57, @lbutlr wrote:
TLSv1.0 is EOLed and should not be used nor supported.
well, if your clients (some old server installations) only support tls1.0,
it's
On 06/09/2019 09:57, @lbutlr wrote:
On 6 Sep 2019, at 00:51, Reio Remma wrote:
Even though I recall QMail having TLSv1 back when we were still using it.
TLSv1.0 is EOLed and should not be used nor supported.
But yes, mailing lists are therein reason I a=have not gone 100% TLS myself
(it’s
On 6 Sep 2019, at 00:51, Reio Remma wrote:
> Even though I recall QMail having TLSv1 back when we were still using it.
TLSv1.0 is EOLed and should not be used nor supported.
But yes, mailing lists are therein reason I a=have not gone 100% TLS myself
(it’s not just this one, sadly).
There is
Hello!
I recently did an experiment where I stopped accepting incoming e-mail
without TLS. This seemingly cut off about 95-99% of spam. Unfortunately
there still seem to be a small percentage of servers sending without
TLS, so that was a no go.
Now I've instead turned to SpamAssassin to
15 matches
Mail list logo