On Sun, Feb 23, 2014 at 12:38:26PM -0500, Wietse Venema wrote:
> Applied to Postfix 2.8 and onwards.
Thanks. Returning to the OP's question, disabling anonymous
cipher-suites will no substantially help to (after the fact) detect
MITM attacks. All the attacker has to do is present some other
cer
Viktor Dukhovni:
> diff --git a/src/tls/tls_client.c b/src/tls/tls_client.c
> --- a/src/tls/tls_client.c
> +++ b/src/tls/tls_client.c
> @@ -1045,7 +1045,9 @@ TLS_SESS_STATE *tls_client_start(const
> TLS_CLIENT_START_PROPS *props)
> */
> if (log_mask & TLS_LOG_SUMMARY)
> msg_info("
On Sun, Feb 23, 2014 at 02:28:07PM +0100, Dirk St?cker wrote:
> And whatever I do I'm unable to get any of these three to show a
> trusted connection to any of the others. It trusts Google and GMX
> and whatever, but not my own servers. That's disturbing.
>
> Here the configs I use essentially
E
Dirk St?cker:
> Hello,
>
> I'm lost and don't find any solution anymore, so I now need to ask.
If in doubt, turn off chroot. Some Linux distributions mistakenly
turn it on and make Postfix unnecessarily difficult to use.
Wietse
http://www.postfix.org/DEBUG_README.html#no_chroot
TRY TUR
Hello,
I'm lost and don't find any solution anymore, so I now need to ask.
I'm running three mail-servers with Postfix 2.9.6 (valid TLS cert), 2.7.2
(self-signed), 2.11.0 (self-signed).
And whatever I do I'm unable to get any of these three to show a trusted
connection to any of the others.
