On Mon, May 15, 2023 at 05:45:33PM +0100, Graeme Fowler via Exim-users wrote:
> > Have secrets in a separate file?
> That can be done already, in a variety of different ways. I suggest
> you have a read of the documentation.
If that was meant for me, it's a misunderstanding. I am very well aware
Howdy all
On 15 May 2023, at 17:18, Ian Z via Exim-users
wrote:
> Have secrets in a separate file?
That can be done already, in a variety of different ways. I suggest you have a
read of the documentation.
That said, a lot of server software which may use privileged ports or provide
access to
On Mon, May 15, 2023 at 12:14:03PM +0100, Martin A. Brooks wrote:
> > But that's quite beside the point. exim.conf should be world readable
> > for the sake of users reading it with cat, less or emacs, to figure
> > out what the configuration is. Anything else amounts to security by
> > obscurity.
On Mon, 15 May 2023 at 06:54, Ian Z via Exim-users <
exim-users@lists.exim.org> wrote:
> But that's quite beside the point. exim.conf should be world readable
> for the sake of users reading it with cat, less or emacs, to figure
> out what the configuration is. Anything else amounts to security by
On Sun, 14 May 2023, Jeremy Harris via Exim-users wrote:
Hi!
On 14/05/2023 18:56, Markus Reschke via Exim-users wrote:
They take a list of common user names, add your domain name, and then loop
through 100 RCPT TOs per mail.
An escalating delay per RCPT *reject* isn't hard.
I was able to
On 15/05/2023 09:24, Olaf Hopp (SCC) via Exim-users wrote:
My question is, if this is the intended way to resolve this issue ?
This needs an OpenLDAP specialist to answer. Exim only passes on
the filename [using ldap_set_option( , LDAP_OPT_X_TLS_CERTFILE )].
--
Cheers,
Jeremy
--
## subscri
Dear Collegues,
I have two different LDAP servers out of my control.
One of them moved to certs from LetsEncrypt, the other is still
using certs from our company CA.
In the past both of them used our company CA and I had the full chain
of the CA defined with option "ldap_ca_cert_file = myCAchain.p
It is certainly intended; the run up to it has not yet begun.
--
Cheers,
Jeremy
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscr...@lists.ex
On 15/05/2023 06:52, Ian Z via Exim-users wrote:
exim.conf should be world readable
for the sake of users reading it with cat, less or emacs, to figure
out what the configuration is. Anything else amounts to security by
obscurity.
There are often secrets in the config (eg. database-access crede
