Hello fellow postfix users,
how do you currently run postfix in containers? As far as I can see
there is no official image out there, just a number of people who
published their own.
If I was to start building an image, I'd likely do something like this: [0]
Gary R. Schmidt via Postfix-users wrote in
:
|On 15/10/2024 14:36, Nico Schottelius via Postfix-users wrote:
|>
|> Good morning,
|>
|> Jaroslaw Rafa via Postfix-users writes:
|>
|>> Dnia 14.10.2024 o godz. 13:03:48 Nico Schottelius via Postfix-users \
|>> pisze:
|>>>
|>>> In a nutshe
On 2024-10-15 at 13:02:02 UTC-0400 (Tue, 15 Oct 2024 17:02:02 +)
Serhii via Postfix-users
is rumored to have said:
On 10/15/24 16:52, Bill Cole via Postfix-users wrote:
Unless you've intentionally enabled EXPN in your config, you probably
have not done anything really wrong but not all de
On 10/15/24 16:52, Bill Cole via Postfix-users wrote:
Unless you've intentionally enabled EXPN in your config, you probably have not
done anything really wrong but not all defaults are ideal. There are some
non-defaults which will break SOME enumeration attempts:
main.cf:
smtpd_reject_unlist
On 2024-10-15 at 11:03:13 UTC-0400 (Tue, 15 Oct 2024 16:03:13 +0100)
Paul Fowler via Postfix-users
is rumored to have said:
Hi,
Are there best practices for avoid OS username enumeration on a mail
relay?
I'm surprised it works at all against Postfix...
Or is it something that maybe I've m
I have checked this script and the simplest thing you can do is to delay
rejection of invalid RCPT TO to DATA or END-OF-DATA. In this case, nmap will
output all usernames it uses to check, making this info completely useless for
potential attacker.
On 10/15/24 15:03, Paul Fowler via Postfix-us
Nico Schottelius via Postfix-users:
>
> Wietse Venema via Postfix-users writes:
>
> > The nice part is that trust is decentralized. The bad part is that
> > decentralized trust does not scale globally. It might work on a
> > small scale of a few hundred participants. Email is much bigger.
>
> A
On 15.10.24 16:03, Paul Fowler via Postfix-users wrote:
Are there best practices for avoid OS username enumeration on a mail relay?
Or is it something that maybe I've misconfigured?
E.g. the nmap smtp-enum-users script shows some default users.
Host is up (0.13s latency).
PORT STATE SERVICE
2
Hi,
Are there best practices for avoid OS username enumeration on a mail relay?
Or is it something that maybe I've misconfigured?
E.g. the nmap smtp-enum-users script shows some default users.
Host is up (0.13s latency).
PORT STATE SERVICE
25/tcp open smtp
| smtp-enum-users:
| root
|_ admi
Hi Nico,
I'm a bit worried about offering/selling IPv6-only "email" services to
customers, fully independent of your web of trust idea:
A large fraction of the SME (small and medium sized enterprises) and public
service operators, whose networks I know from supporting some business-related
sof
Dnia 15.10.2024 o godz. 18:28:37 Nico Schottelius via Postfix-users pisze:
>
> > Your comparison to IPv6 vs IPv4 isn't very good, as everybody tries to do
> > their best to level the barrier between IPv6 and IPv4, not strenghten
> > it.
>
> tbh, I think this is only true to a small degree for DS-
Jaroslaw Rafa via Postfix-users writes:
> Dnia 15.10.2024 o godz. 12:36:12 Nico Schottelius via Postfix-users pisze:
>>
>> You got a point there, there would be a barrier between classic email
>> and "secure email" (or whatever term comes to one's mind).
>>
>> Actually a bit similar as the split
On 11.10.24 20:57, Adam Weremczuk via Postfix-users wrote:
Is it possible to only allow certain subnets (LAN and VPN in my case)
to send to a specific email address?
Postfix can see the IP address or sender's username (if SASL is used).
Ideally, all other sources should be silently dropped.
Dnia 15.10.2024 o godz. 12:36:12 Nico Schottelius via Postfix-users pisze:
>
> You got a point there, there would be a barrier between classic email
> and "secure email" (or whatever term comes to one's mind).
>
> Actually a bit similar as the split between the IPv6 and IPv4 world -
> hence my ar
Dnia 15.10.2024 o godz. 15:51:13 Gary R. Schmidt via Postfix-users pisze:
>
> Maybe lobby the ITU to have a standard (or whatever) created?
ITU already created a standard for e-mail long ago. It's called X.400.
Wasn't too widely adopted. I'm not sure if anybody is still using this.
--
Regards,
15 matches
Mail list logo
