Re: TLS enforcement options?

On 2022-01-09 at 19:08:56 UTC-0500 (Sun, 9 Jan 2022 19:08:56 -0500) Brett Dikeman is rumored to have said: The effort of setting up LetsEncrypt is offset by the long-term benefit of automatically updated certificates, IMHO. It's even easier to automate self-signed certificate regeneration. A

Re: TLS enforcement options?

On Sun, Jan 9, 2022 at 5:29 PM raf wrote: Maybe in terms of money, but that's not the only consideration. > If a mail server cannot (for any of a number of reasons) fire up > a web server for LetsEncrypt domain ownership verification, then > it gets more complicated A DNS based challenge is als

Re: TLS enforcement options?

On Sun, Jan 09, 2022 at 10:22:36PM +0100, Joachim Lindenberg wrote: > I configured my Email server (actually a mailcow-dockerized which in > turn uses postfix) to enforce TLS for outbound mail. Obviously that > will fail occasionally, but I also have a daemon watching the postfix > queue and alert

Re: TLS enforcement options?

On Sun, Jan 09, 2022 at 10:22:36PM +0100, Joachim Lindenberg wrote: > Hello, > > I configured my Email server (actually a mailcow-dockerized > which in turn uses postfix) to enforce TLS for outbound mail. > Obviously that will fail occasionally, but I also have a daemon > watching the postfix q

Re: TLS enforcement options?

Dnia 9.01.2022 o godz. 22:22:36 Joachim Lindenberg pisze: > Ok, while subscribing to this mailing > list I had to add two more exceptions, because this mailing list uses an > untrusted certificate (https://www.checktls.com/TestReceiver?LEVEL=DETAIL >

TLS enforcement options?

Hello, I configured my Email server (actually a mailcow-dockerized which in turn uses postfix) to enforce TLS for outbound mail. Obviously that will fail occasionally, but I also have a daemon watching the postfix queue and alerting me. Kind of works for me. Ok, while subscribing to this mailin