On 23/3/25 23:16, lutz.niederer--- via Postfix-users wrote:
postfix or rspamd: which one should be used to query them and why?
I like rspamd because it has more features then just rbl. For me rspamd
has been very effective.
P V Anthony
smime.p7s
Description: S/MIME Cryptographic
On 23/6/2022 1:20 am, Luc GMail wrote:
Many thanks for the replies I've got so far. They helped, and now I have
postfix running with SASL, and both ports 587 and 465 answer on telnet.
But I still can't authenticate:
This may not be very helpful at this stage but here goes.
Checkout ispconfig.
On 17/6/2022 10:23 pm, Gomes, Rich wrote:
Are there any other solutions out there to should be considered as well?
Not sure what direction to go in, what does everyone think?
Take a look at rspamd.
https://rspamd.com
P.V.Anthony
On 17/6/2022 12:11 pm, raf wrote:
Something like the following should do it (after making
the renewal config changes that Viktor mentioned (or
including them in the command)):
certbot renew --force-renewal --cert-name XXX
Also note that there is a very useful forum for help with
letsencrypt
On 16/6/2022 8:16 pm, Viktor Dukhovni wrote:
So it is far from clear what you could do to make this client happy.
Perhaps some security middlebox near the client is misbehaving, or its
TLS stack is broken beyond repair. Your best may be to disable STARTTLS
for connections from this client:
On 15/6/2022 3:08 am, Viktor Dukhovni wrote:
Increasing security is primarily about raising the *ceiling*, and rarely
about raising not floor. When you set the bar too high, instead of
greater security, mail is sent in the clear or not at all.
Got better logs for the ariba.com problem. The lo
On 15/6/2022 3:08 am, Viktor Dukhovni wrote:
Increasing security is primarily about raising the *ceiling*, and rarely
about raising not floor. When you set the bar too high, instead of
greater security, mail is sent in the clear or not at all.
https://datatracker.ietf.org/doc/html/rfc7435
On 15/6/2022 2:43 am, Viktor Dukhovni wrote:
The simplest configuration is therefore to just leave the parameter
unset, the default value will be sensible.
I have just commented out smtpd_tls_dh1024_param_file
I have made so much of mistakes trying to increase security.
Talk about bobo on my
On 15/6/2022 2:33 am, Viktor Dukhovni wrote:
Actually, don't. I meant "2".
Ok. I have just changed it to "2".
Thank you for being patient.
P.V.Anthony
On 15/6/2022 2:16 am, Viktor Dukhovni wrote:
Either add the option:
--preferred-chain "ISRG Root X1"
to your cron job running "certbot renew", or else add the following to
configuration under
/etc/letsencrypt/renewal/,
preferred_chain = ISRG Root X1
Wow!!!
Thank you very much fo
On 15/6/2022 2:20 am, Viktor Dukhovni wrote:
For this, in the renewal configuration file:
rsa_key_size = 2048
or on the command-line:
--rsa-key-size=2048
Thank you very very very much for helping. I really do appreciate it
very very very much.
This advice has saved me a lot of
On 15/6/2022 1:45 am, Viktor Dukhovni wrote:
Two comments on your server setup:
* The server certificate is 4096 bit RSA. This is needlessly turgid.
The issuing CA is 2048 bits, there is little to gain from a
stronger EE key. Some peer libraries may not support keys of this
On 15/6/2022 1:32 am, Viktor Dukhovni wrote:
You may need to temporarily raise the TLS log level to "2".
smtpd_tls_loglevel = 2
Just did smtpd_tls_loglevel = 3 just to be sure.
This is unfortunately going to apply to all remote clients, not just
"ariba".
Noted.
P.V.Anthony
On 15/6/2022 12:38 am, Wietse Venema wrote:
What is the output from:
# postconf -nf | grep tls | grep -v smtp_
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_dh1024_param_file = /etc/pki/tls/private/postfix.dh.param
smtpd_tls_key_file = /etc/postfix/smtpd.key
smtpd_tls_loglevel = 3 #
On 13/6/2022 4:31 pm, Wietse Venema wrote:
Delete the TLS protocol and cipher crap, and see if that solves
the problem.
I am sad to report, even after removing the bad configs, the ariba
emails are still not coming in.
Here are the logs. Is there any other thing I can do?
-- st
On 13/6/2022 5:04 pm, Viktor Dukhovni wrote:
Well, it is certainly not recommended in the Postfix documentation.
Various OpenSSL cipher recommendations on the Internet are generally
a bad idea. So sure, "crap".
Thank you very much, Wietse and Viktor, for taking the time to reply and
helping.
On 13/6/2022 4:31 pm, Wietse Venema wrote:
Delete the TLS protocol and cipher crap, and see if that solves
the problem.
Thank you very much for replying and helping.
Haha! Oh no! I must have made such a big mistake for it to be called
crap. Haha!
Just to confirm, are these to be deleted?
Hi,
Having problems with purchase order emails from ariba.com systems.
Has anyone experienced this similar issue with ariba.com?
Here are the logs from our side.
-- start
Jun 13 15:13:22 mail postfix/smtpd[4153705]: connect from
ansmtp.ariba.com[216.109.10
On 14/4/2022 8:18 am, raf wrote:
I too like rspamd.
I've read that it was not maintained, someone took over it ?
Jeff
I think you read wrong. The original author put out a release 5 days ago.
And there were 8 new contributors for that release.
The release before that was last November.
chee
On 13/4/2022 3:24 pm, Juri Haberland wrote:
There is rspamd. It does more than just DMARC, but seems to be in better
shape than OpenDMARC.
I too like rspamd.
P.V.Anthony
On 23/9/2021 10:34 am, Girish Venkatachalam wrote:
In this day and age rspamd is much better.
I second that.
P.V.Anthony
On 27/4/2021 2:11 pm, Viktor Dukhovni wrote:
http://www.postfix.org/postconf.5.html#smtpd_discard_ehlo_keyword_address_maps
http://www.postfix.org/postconf.5.html#smtpd_discard_ehlo_keywords
smtpd-ehlo-discard.cidr:
# NetName:MERCK1
# NetHandle: NET-155-91-0-0-1
1
On 23/7/2020 5:12 pm, Tessa Plum wrote:
Would you please suggest the antispam system which is powered by machine
learning model/policy?
I am working on ML/DL research filed and would like to know this
industry system.
I am not sure if this fits the requirement. I use rspamd.com. Works
grea
23 matches
Mail list logo
