On Wed, Apr 09, 2014 at 11:01:05PM +, Viktor Dukhovni wrote:
> > I'd like to 'hear' Wietse's and Victor's opinion on how could
> > this nasty bug affect a TLS service like submission?
>
> In pretty much the same way that it applies to web services.
Note that the leak can also take place from
On Thu, Apr 10, 2014 at 02:38:32AM +, Rob Tanner wrote:
> The policyd daemon is a perfect tool for setting quotas (i.e., number
> of message per hour, day, etc). The problem is that we depend
> heavily of Postfix's extraordinary ability to do LDAP based aliasing
> of groups and when it each r
Hi,
Since, they as we might, folks still respond to phishing attacks with their
email name and password, at least I can mitigate the damage to our network
reputation when the bad boys use what they’ve caught as a vehicle for sending
out 1000’s of SPAM messages. The policyd daemon is a perfect
On Wed, Apr 9, 2014 at 7:26 PM, Viktor Dukhovni
wrote:
> On Wed, Apr 09, 2014 at 07:05:50PM -0400, Ian Evans wrote:
>
> > Thanks for this. Since many touch their email servers far less than their
> > postfix configs, is there a list of files we absolutely have to check for
> > SSL issues?
>
My fi
On Wed, Apr 09, 2014 at 07:05:50PM -0400, Ian Evans wrote:
> Thanks for this. Since many touch their email servers far less than their
> postfix configs, is there a list of files we absolutely have to check for
> SSL issues?
Apply the absolutely most recent patch level of whichever OpenSSL
librar
> "AD" == Arthur Dent writes:
AD> I don't want postfix to do anything other than deliver to procmail.
Postfix works fine here for that.
I use, in main.cf:
mailbox_command = /usr/bin/procmail -pt
and, in .fetchmailrc:
defaults mda "/usr/sbin/sendmail -i -f %F -- %T"
-JimC
--
James Cl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Thanks! Victor
Very much appreciated.
- --
Victoriano Giralt
Enviado desde el movil / Sent from mobile
-BEGIN PGP SIGNATURE-
Version: APG v1.0.9
iG0EAREIAC0FAlNF0pMmHFZpY3Rvcmlhbm8gR2lyYWx0IDx2aWN0b3JpYW5vQHVt
YS5lcz4ACgkQV6+mDjj1PTgZTwCgi
On Wed, Apr 9, 2014 at 7:01 PM, Viktor Dukhovni
wrote:
>
> - Upgrade to 1.0.1g ASAP if running 1.0.1--1.0.1f, and/or re-compile
> OpenSSL with -DOPENSSL_NO_HEARTBEATS
>
> - Replace server TLS private keys and certificates.
>
> - Consider asking users to change SASL PLAIN/LOGIN auth passw
On Wed, Apr 09, 2014 at 05:54:33PM -0400, Victoriano Giralt wrote:
> I'd like to 'hear' Wietse's and Victor's opinion on how could
> this nasty bug affect a TLS service like submission?
In pretty much the same way that it applies to web services.
* SSL/TLS Private keys may be compromised.
*
Am 09.04.2014 23:54, schrieb Victoriano Giralt:
> I'd like to 'hear' Wietse's and Victor's opinion on how could this nasty bug
> affect a TLS service like submission?
>
> I suppose that the answer would very well be that "it depends on the
> availability of exploits", but ...
in doubt *any* s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I'd like to 'hear' Wietse's and Victor's opinion on how could this nasty bug
affect a TLS service like submission?
I suppose that the answer would very well be that "it depends on the
availability of exploits", but ...
Thanks for your time and su
Wietse:
>> # transport
>> example.com defer:
>
> example.com retry:
>
> (the defer service does not spe[a]k the "delivery agent" protocol).
Roberto Carraro:
> I didn't get the difference between the two; I did see that both are
> effective in sticking mails in the mail queue.
The incorrect sol
Grooz, Marc (regio iT):
> I use the Option speed_adjust so Postfix open a new session to
> amavis in a proxy setup.
You can use stunnel here.
Wietse
13 matches
Mail list logo
