On Mon, Nov 09, 2015 at 03:15:25PM +, Viktor Dukhovni wrote:
> I've had some luck getting .gov domains to fix the issue, for
> example, loc.gov (and around 15 associated domains) and fbi.gov
> used to not work, but now do.
>
> Yes, indeed the .mil MX host nameservers are configured with
> mis
> On Dec 14, 2015, at 2:57 PM, Jacob Hoffman-Andrews wrote:
>
> On 12/14/2015 11:23 AM, Viktor Dukhovni wrote:
>> May I ask for your help in providing configuration guidance to LE
>> users who also plan to publish DANE TLSA records.
>
> I'd be happy to help, but am a little constrained on time.
sb:
> Therefore, if you divide outbound from inbound, please add your
> MX record to the DNS of your outbound subsystem.
This is no longer about Postfix, and no longer belongs on this
list. Please take this discussion elsewhere, or be removed.
Wietse
This is the reply to a person who wanted to stay anonymous.
I am posting the reply here, with his name bleached,
because it may help similar readers.
On 12/14/15 4:42 PM, R.H. (privat) wrote:
>http://marc.info/?l=postfix-users&m=144978027304340&w=2
>> Run a "proper" e-mail server, that is,
On 12/14/2015 11:23 AM, Viktor Dukhovni wrote:
> May I ask for your help in providing configuration guidance to LE
> users who also plan to publish DANE TLSA records.
I'd be happy to help, but am a little constrained on time. If you've got
time, would you mind posting a quick explanation at
https:
On Sun, 13 Dec 2015, Alice Wonder wrote:
A big negative to Thunderbird autoconfig - it looks for http before https
resulting in MITM vulnerability.
They say it is because hosting companies like godaddy don't want to have a
TLS cert for every e-mail domain.
I agree with both :-)
They should
On Sat, Dec 05, 2015 at 04:23:16PM -0800, Jacob Hoffman-Andrews wrote:
> On 12/04/2015 11:54 AM, Viktor Dukhovni wrote:
> > Can anyone using LE automated rotation check whether the key stays the
> > same or not?
>
> It is up to the user. The official client will generate new keys for
> each issua
Wietse Venema:
> Quanah Gibson-Mount:
> > --On Monday, December 14, 2015 12:07 PM -0500 Wietse Venema
> > wrote:
> >
> > > Viktor Dukhovni:
> > >> So, we've managed to hold off on offering SNI support for a decade
> > >> since TLS was integrated into Postfix 2.2. I just wanted to see
> > >> whe
--On Monday, December 14, 2015 6:03 PM + Viktor Dukhovni
wrote:
On Mon, Dec 14, 2015 at 09:36:33AM -0800, Quanah Gibson-Mount wrote:
Given nginx's complete disregard for RFC's (*) and unwillingness to
examine or fix issues related to the email proxy portion of their
product (IMAP, POP, S
Quanah Gibson-Mount:
> --On Monday, December 14, 2015 12:07 PM -0500 Wietse Venema
> wrote:
>
> > Viktor Dukhovni:
> >> So, we've managed to hold off on offering SNI support for a decade
> >> since TLS was integrated into Postfix 2.2. I just wanted to see
> >> whether anyone still wanted it in
On Mon, Dec 14, 2015 at 09:36:33AM -0800, Quanah Gibson-Mount wrote:
> Given nginx's complete disregard for RFC's (*) and unwillingness to examine
> or fix issues related to the email proxy portion of their product (IMAP,
> POP, SMTP), I'd definitely avoid it. I.e., I would not recommend nginx as
--On Monday, December 14, 2015 12:07 PM -0500 Wietse Venema
wrote:
Viktor Dukhovni:
So, we've managed to hold off on offering SNI support for a decade
since TLS was integrated into Postfix 2.2. I just wanted to see
whether anyone still wanted it in Postfix, but perhaps if they
really did the
Chris Boylan:
>
> > You mean smtpd_recipient_limit? With 10 valid addresses, it is
> > unlikely but still possible to get mail with more recipients, when
> > address extensions are in use (the same user effectively has an
> > unlimited number of email addresses).
This limits the number of RECIPIE
Viktor Dukhovni:
> So, we've managed to hold off on offering SNI support for a decade
> since TLS was integrated into Postfix 2.2. I just wanted to see
> whether anyone still wanted it in Postfix, but perhaps if they
> really did they've moved on to other solutions.
Would haproxy/nginx be an opti
> You mean smtpd_recipient_limit? With 10 valid addresses, it is
> unlikely but still possible to get mail with more recipients, when
> address extensions are in use (the same user effectively has an
> unlimited number of email addresses).
I was thinking about the reverse situation - preventing s
Chris Boylan:
> We're going to do a mailing to our customers this week (2000+) and I'm trying
> to make sure our configuration, which is new, is set up appropriately.
>
> The email is coming from outlook as a list of lists apparently so it'll show
> up on the submission port as a large Bcc list.
On Mon, Dec 14, 2015 at 06:37:59AM -0500, Wietse Venema wrote:
> > Thanks for the moral support. I agree that SNI is not particularly
> > compelling for port 25. The strongest arguments for SNI that
> > I've seen are for port 587 submission, where there's no MX indirection,
> > users' MUAs have
We're going to do a mailing to our customers this week (2000+) and I'm trying
to make sure our configuration, which is new, is set up appropriately.
The email is coming from outlook as a list of lists apparently so it'll show
up on the submission port as a large Bcc list. Looks like I want to
tem
Jan Ceuleers:
> On 14/12/15 12:43, Wietse Venema wrote:
> > Jan Ceuleers:
> >> Hi
> >>
> >> I'm a new Postfix user, having just switched from sendmail (which I set
> >> up years ago and then forgot how).
> >>
> >> I want my Postfix server to locally deliver emails for my own accounts
> >> and those
On 14/12/15 12:43, Wietse Venema wrote:
> Jan Ceuleers:
>> Hi
>>
>> I'm a new Postfix user, having just switched from sendmail (which I set
>> up years ago and then forgot how).
>>
>> I want my Postfix server to locally deliver emails for my own accounts
>> and those of my housemates, but relay all
Jan Ceuleers:
> Hi
>
> I'm a new Postfix user, having just switched from sendmail (which I set
> up years ago and then forgot how).
>
> I want my Postfix server to locally deliver emails for my own accounts
> and those of my housemates, but relay all others. So for example:
See "Delivering some
Viktor Dukhovni:
> Thanks for the moral support. I agree that SNI is not particularly
> compelling for port 25. The more strongest arguments for SNI that
> I've seen are for port 587 submission, where there's no MX indirection,
> users' MUAs have statically configured SMTP servers.
And those cli
22 matches
Mail list logo
