On Thu, Jan 06, 2011 at 01:22:50AM -0500, Jerrale G wrote:
>> 0. http://www.postfix.org/TLS_README.html
>> 1. http://www.entropykey.co.uk/
>> 2. http://www.postfix.org/TLS_README.html#tlsmgr_controls
>>
>
> We use /dev/random. Using /dev/urandom does not cause enough entropy,
> which may just be
On 12/23/2010 1:02 AM, micah wrote:
Obviously it is well understood that the security of cryptographic
software, such as TLS, depends on good random numbers. Postfix's
tlsmgr(8) maintains a PRNG pool, which is fed from an external source,
configured via tls_random_source, typically /dev/urandom (
On 11-01-06 12:25 AM, Victor Duchovni wrote:
On Wed, Jan 05, 2011 at 11:49:07PM -0500, brian wrote:
I know I'm in over my head here. Not only am I unsure how to test this, I'm
also having trouble interpreting the results I do get.
That's mostly
On Wed, Jan 05, 2011 at 11:49:07PM -0500, brian wrote:
> I know I'm in over my head here. Not only am I unsure how to test this, I'm
> also having trouble interpreting the results I do get.
That's mostly it.
>> Your client restrictions deny access
On 11-01-05 11:03 PM, Victor Duchovni wrote:
On Wed, Jan 05, 2011 at 10:48:21PM -0500, brian wrote:
The SSL handshake worked just fine, what's the problem?
I don't know; that's why I posted a query to the list. I assumed,
though, that there was a problem because I get this "Client host
rejec
On Wed, Jan 05, 2011 at 10:48:21PM -0500, brian wrote:
> Postfix 2.5.6-1
> Cyrus SASL 2.1.22-8
>
> I receive the following error when attempting to connect on port 465:
> -- snip --
> $ openssl s_client -connect mail.MYDOMAIN:465
> CONNECTED(0003)
> ...
> verify error:num=19:self signed certif
Postfix 2.5.6-1
Cyrus SASL 2.1.22-8
I receive the following error when attempting to connect on port 465:
-- snip --
$ openssl s_client -connect mail.MYDOMAIN:465
CONNECTED(0003)
...
verify error:num=19:self signed certificate in certificate chain
verify return:0
...
No client certificate CA
On Wed, Jan 05, 2011 at 06:56:31PM -0500, Wietse Venema wrote:
> Each verify or postscreen or tlsmgr process will at set times
> scan the database for old entries.
>
> If it so happens that this scan doesn't finish before the new one
> starts, then it would really be a W*T*F* moment if the code d
Stefan Jakobs:
> On Tuesday, 14th of December 2010, 20:09:26 Wietse Venema wrote:
>
> > > Yes, I have tested that and it worked without problems. If you
> > > are interested then I will send you the logs of that test.
> >
> > Yes, it would help when I want to run some tests (the results should
>
On Tuesday, 14th of December 2010, 20:09:26 Wietse Venema wrote:
> > Yes, I have tested that and it worked without problems. If you
> > are interested then I will send you the logs of that test.
>
> Yes, it would help when I want to run some tests (the results should
> be similar).
I send you th
Le 04/01/2011 22:24, Noel Jones a écrit :
> On 1/4/2011 3:04 PM, pf at alt-ctrl-del.org wrote:
>>
>> I'm trying to stop the chain of:
>> Sender calls recipient, recipient calls their tech,
>> recipient's tech calls me... Then I tell them to contact the
>> sender's admin... Then the sender's admin c
Le 04/01/2011 21:23, Jeroen Geilman a écrit :
> On 1/4/11 8:32 PM, pf at alt-ctrl-del.org wrote:
>>
>> The only rejects that I get calls or emails about are:
>> reject_non_fqdn_helo_hostname,
>> reject_unknown_helo_hostname,
>> reject_unknown_client_hostname,
>
> Don't blindly use that. It causes
On Wed, Jan 05, 2011 at 10:02:12PM +, Ian Halperin wrote:
> > > I was thinking of doing this with an after-queue content filter, which
> > > uses pipe(8) to run a script on each message, and the script itself
> > > will spawn "postsuper -h " if it decides to put the message
> > > on hold.
> >
> > I was thinking of doing this with an after-queue content filter, which
> > uses pipe(8) to run a script on each message, and the script itself
> > will spawn "postsuper -h " if it decides to put the message
> > on hold.
>
> No this is wrong. Just tag the message, and put appropriate header_chec
On Wed, Jan 05, 2011 at 05:25:53PM +, Ian Halperin wrote:
> I would like postfix to send all emails received on SMTP off to an
> external process, which will decide whether to allow them through as
> normal, or whether to put them into the hold queue (or another
> quarantine area), where they
Hi guys, any advice on the below?
I would like postfix to send all emails received on SMTP off to an
external process, which will decide whether to allow them through as
normal, or whether to put them into the hold queue (or another
quarantine area), where they have to wait for admin approval.
I
Hi guys, any advice on the below?
I would like postfix to send all emails received on SMTP off to an
external process, which will decide whether to allow them through as
normal, or whether to put them into the hold queue (or another
quarantine area), where they have to wait for admin approval.
I
17 matches
Mail list logo
