> On Aug 16, 2018, at 11:03 AM, Wietse Venema wrote:
>
> Are you assuming that Postfix won't run unless a library with
> the right SOname exists? That is definitely not safe to assume.
>
> It may make sense skip the warning when both versions are known to
> share the same ABI. But that knowle
Viktor Dukhovni:
>
>
> > On Aug 16, 2018, at 6:30 AM, A. Schulze wrote:
> >
> > https://github.com/vdukhovni/postfix/blob/master/postfix/src/tls/tls_misc.c#L971
>
> I am planning a patch to silence these for Postfix 3.4, and Wietse
> may choose to apply the same to some or all of 3.3, 3.2, 3.1
comes knocking.
Original Message
From: robac...@fastmail.us
Sent: August 15, 2018 2:51 AM
To: postfix-users@postfix.org
Subject: Re: New to Postfix. 3 questions about security functions.
Thanks alot for the comments so far!
>> (1)
>>
>>What do folks here recommend to use
> On Aug 16, 2018, at 6:30 AM, A. Schulze wrote:
>
> https://github.com/vdukhovni/postfix/blob/master/postfix/src/tls/tls_misc.c#L971
I am planning a patch to silence these for Postfix 3.4, and Wietse
may choose to apply the same to some or all of 3.3, 3.2, 3.1 and 3.0.
--
Viktor.
Viktor Dukhovni:
Therefore, if a system is upgraded to OpenSSL 1.1.1, Postfix will
use 1.1.1 without a rebuild.
but the mail log get flooded with ugly warnings:
https://github.com/vdukhovni/postfix/blob/master/postfix/src/tls/tls_misc.c#L971
I do run postfix-3.3.1 + openssl-1.1.1-pre* sinc
> On Aug 15, 2018, at 8:54 AM, Bill Cole
> wrote:
>
>> But I don't want to make the mistake of turning it on just to be current, if
>> I then make it impossible to communicate with my servers.
>
> Typically there is no need to "turn on" TLS versions in Postfix, it is only a
> matter of how
> On Aug 15, 2018, at 5:51 AM, robac...@fastmail.us wrote:
>
> Back to the TESTing question. How does Postfix notify you if you do?
>
> Only in the error logs? Or some response that I should get as a response in
> my mailer?
I would set:
delay_warning_time = 2h
and if any mail is
On 14 Aug 2018, at 23:05 (-0400), robac...@fastmail.us wrote:
Hello,
I'm starting the process of moving my mail from a hosted service to my
own. It'll include a Postfix server.
I got a test server running locally and 'sending & receiving' mail
inside my lan.
Now I'm doing my reading on s
On Wed, 15 Aug 2018 at 10:52, wrote:
> That 'trusteddomainproject' sounds a bit more official. Or at least
> broader. But I really don't know. Seems like there aren't a lot of people
> working on it. Or that bugs get the attention they need.
>
That is the home of opendkim and opendmarc (and a
Thanks alot for the comments so far!
>> (1)
>>
>>What do folks here recommend to use?
> On my current server, I skipped amavisd-new because sometimes it stalls the
> mail queue. Nor do I run SpamAssassin. I'm happy just using RBLs. I'm running
> opendkim, openspf, and opendmarc.
> Regarding DK
On Wed, 15 Aug 2018 at 09:32, Gary wrote:
> ...
> I'm guessing you will be using a VPS. I'm on Digital Ocean running Centos.
> But I assume this is a function of what country you reside in. Some
> sysadmins will assume if you are on a VPS, you are a spammed. ATT for
> example. They will whitelist
imes it stalls the
mail queue. Nor do I run SpamAssassin. I'm happy just using RBLs. I'm running
opendkim, openspf, and opendmarc.
Original Message
From: robac...@fastmail.us
Sent: August 14, 2018 8:06 PM
To: postfix-users@postfix.org
Subject: New to Postfix. 3 questions about secur
> On Aug 14, 2018, at 11:53 PM, Viktor Dukhovni
> wrote:
>
> DANE is ready for adoption, with multiple fielded implementations and many
> (312 thousand inbound plus some large ones still outbound only) live domains.
>
> Outbound DANE is simple. Make sure you have a DNSSEC-validating resolve
> On Aug 14, 2018, at 11:05 PM, robac...@fastmail.us wrote:
>
> (2)
>
> Is it time -- in the real-world -- to force STARTTLS yet?
Google reports ~90% of email (volume) inbound/outbound to Gmail uses TLS.
That 10% by volume is probably a larger fraction by count of destination
domains. STARTT
Hello,
I'm starting the process of moving my mail from a hosted service to my own.
It'll include a Postfix server.
I got a test server running locally and 'sending & receiving' mail inside my
lan.
Now I'm doing my reading on security issues, authentication, and the like.
I've got stacks of a
15 matches
Mail list logo
