On Mon, Aug 02, 2021 at 04:11:42PM -0400, John Levine wrote:
> People in the web world are in a kerfuffle about an attack called ALPACA
> which (leaving out
> a lot of details) gets a web browser to send requests to a non-web server and
> then get the
> browser to interpret the responses in unf
John Levine:
> People in the web world are in a kerfuffle about an attack called ALPACA
> which (leaving out
> a lot of details) gets a web browser to send requests to a non-web server and
> then get the
> browser to interpret the responses in unfortunate ways. Most of the
> unfortunateness com
The ALPACA paper (table 2+3)/website explain that postfix is not
vulnerable to this problem - postfix drops the connection immediately
on common HTTP commands.
--
Please don't Cc: me, use only the list for replies.
I don't see a parameter to limit the number of bad commands in a
session. Is there one?
http://www.postfix.org/postconf.5.html#smtpd_soft_error_limit
http://www.postfix.org/postconf.5.html#smtpd_hard_error_limit
People in the web world are in a kerfuffle about an attack called ALPACA which
(leaving out
a lot of details) gets a web browser to send requests to a non-web server and
then get the
browser to interpret the responses in unfortunate ways. Most of the
unfortunateness comes
from the server replyi
Thanks, Viktor. I'll look into adjusting these.
Eric Shields 🚏 MassTransitHonchkrow
Ask me about the Krowverse Suite of Services.
‐‐‐ Original Message ‐‐‐
On Monday, August 2nd, 2021 at 12:50 PM, Viktor Dukhovni
wrote:
> On Mon, Aug 02, 2021 at 02:29:14PM +, Eric Shields | Mass T
I'm not using port 25. I specifically mention 465 and 587 in the rules and my
postconf output verifies this.
By endpoint I mean the public IP address in front of the computer I'm using to
send and receive email.
Eric Shields 🚏 MassTransitHonchkrow
Ask me about the Krowverse Suite of Services.
To assist with this further, either here or on another list
(preferable), I wouuld need to understand what is meant by
“endpoint” as well as a little more detail re: the packet paths…
- - -
On 2 Aug 2021, at 7:29, Eric Shields | Mass Transit Honchkrow wrote:
Hi again. I finally figured out
Eric Shields | Mass Transit Honchkrow:
> Hi again. I finally figured out that my firewall rules might be the
> reason my connection times out. So when I send an email, it doesn't get
> past the SYN_SENT stage of the TCP handshake. In addition, it does not
> leave my NAT device.
ISPs for residentia
On Mon, Aug 02, 2021 at 02:29:14PM +, Eric Shields | Mass Transit Honchkrow
wrote:
> So when I send an email, it doesn't get past the SYN_SENT stage of the
> TCP handshake. In addition, it does not leave my NAT device.
>
> I currently have my domain's DNS record pointing to the endpoint, but
Hi again. I finally figured out that my firewall rules might be the
reason my connection times out. So when I send an email, it doesn't get
past the SYN_SENT stage of the TCP handshake. In addition, it does not
leave my NAT device.
I currently have my domain's DNS record pointing to the endpoint,
11 matches
Mail list logo
