On Sat, July 25, 2009 19:41, mouss wrote:
> That said, I personally disable it because I don't see the value it
> brings. but that doesn't make me feel more secure.
you prefer to see the probe email if probed ? :)
maybe i dont understand the power of vrfy :/
--
xpoint
On Sat, July 25, 2009 19:00, Damian Myerscough wrote:
> VRFY command because it allow attackers to see what users
> were valid e.g. local users could be identified.
imho it does not make sense, what happend if sender try sending email to
recipient and parse the results ?
--
xpoint
On Sat, July 25, 2009 17:47, mouss wrote:
> cacert is free too, but since it is not trusted by clients, it is
> unclear whether it is worth the pain.
cacert is trusted in gentoo / ubuntu currently, might something happend lately ?
again my firefox does work with my own cert that is signed with c
Damian Myerscough a écrit :
> Hello,
>
> I have been recently playing with Postfix a lot and I was curious of the
> consequences of disabling the VRFY command. I have disabled the
> VRFY command because it allow attackers to see what users
> were valid e.g. local users could be identified.
>
the
John Mok a écrit :
> Hi Mouss,
>
> Thank you for your prompt reply.
>
> The following is the smptd verbose log,
next time, do not show verbose logs unless asked. the less we have to
read, the better.
> [snip]
Are you using a proxy_filter? if so, take a look at
http://www.postfix.org/
Hello,
I have been recently playing with Postfix a lot and I was curious of the
consequences of disabling the VRFY command. I have disabled the
VRFY command because it allow attackers to see what users
were valid e.g. local users could be identified.
--
Regards,
Damian Myerscough
LuKreme a écrit :
> On Jul 22, 2009, at 16:51, "Benny Pedersen" wrote:
>> yes this is clear to me its is so, but i dont know why self signed ssl
>> is being used so much when there is plenty of good trusted
>> signers :/
>
> Because a selfsigned cert is good enough and FREE.
>
you can also run
Hi Mouss,
Thank you for your prompt reply.
The following is the smptd verbose log, but I do not see any clue from it :-
=== begin of mail log ===
< Jul 24 14:15:59 imapsv02 postfix/smtpd[17966]: connect from
imapsv02.auth.hk1.sml.citizen.co.jp[10.144.1.50]
< Jul 24 14:15:59 imapsv02 postfix/s
Gotcha... Wasn't thinking about threaded views. Sorry about that.
Rodman
> Rodman Frowert a écrit :
>> Mouss wrote,
>>
>>> please do not hijack threads. send a new message instead of replying to
>>> an unrelated one.
>>
>> I started this thread.
>
> you replied to Noel's post (in the "Disabling
Rodman Frowert a écrit :
> Mouss wrote,
>
>> please do not hijack threads. send a new message instead of replying to
>> an unrelated one.
>
> I started this thread.
you replied to Noel's post (in the "Disabling SSLv2..." thread).
changing the subject is not enough:
check your post and you'll s
On Sat, 25 Jul 2009, l...@ngc.net.ua wrote:
> Hello people,
> sorry may be for stupid question, but I`m stuck...
> I`m using postfix+maildrop for virtual domains.
> Problem is:
> for u...@domain - ok
> for user.surn...@domain - i get error:
>
> Jul 25 14:45:37 hvost postfix/pipe[16333]: D112111A5
Hello people,
sorry may be for stupid question, but I`m stuck...
I`m using postfix+maildrop for virtual domains.
Problem is:
for u...@domain - ok
for user.surn...@domain - i get error:
Jul 25 14:45:37 hvost postfix/pipe[16333]: D112111A5C4:
to=, relay=maildrop, delay=0.37,
delays=0.05/0.05/0/0.27,
Mouss wrote,
> please do not hijack threads. send a new message instead of replying to
> an unrelated one.
I started this thread. Not sure what thread I purportedly hijacked you
are referring to.
> if you want virtual users, then the way to go is virtual_mailbox_domains
> (after removing $mydom
Jake Vickers:
[ Charset UTF-8 unsupported, converting... ]
> Noel Jones wrote:
> > Jake Vickers wrote:
> >>
> >> I also tried these settings (smtpd_tls_mandatory_protocols = !SSLv2)
> >> on a Debian build (running 2.3.8) with a self-signed cert and am
> >> still getting a SSLv2 connection. I'm su
*I have :*
Postfix - virual users in Openldap
Main.cf >
local_transport = maildrop
maildrop_destination_recipient_limit = 1
local_recipient_maps =
Master.cf >
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
Openldap
Maildrop - non config files
Authlib
please do not hijack threads. send a new message instead of replying to
an unrelated one.
Rodman Frowert a écrit :
> Noel,
>
> I understand that anything for "mydomain" is looked up in /etc/passwd
> which is a type of local recipitant table. But what if I want to feed
> that "lookup system" anot
John/SML a écrit :
> [snip]
>
> It worked well by storing the virtual_alias_maps in hash table, but it
> failed when changed to LDAP with an error "Error : 4.3.0 queue file
> write error...".
Show postfix _logs_. see the DEBUG README.
>[snip]
clunk.wercl...@wibblywobblyteapot.co.uk (Clunk Werclick) writes:
> > >> >>> It seems lots of lookups per message and I'm not sure that mysql
> > >> >>> will not crash like this
> >
> > Who's to say what "a lot" of lookups are? Why do you think mysql will
> > Just Crash? You're far better off loo
18 matches
Mail list logo
