On 2015/9/14 星期一 12:14, Viktor Dukhovni wrote:
That's clear now. You SHOULD enable STARTTLS on port 25, if you
haven't already. Consider publishing DANE TLSA records, but only
if you can do it right, nobody benefits from badly implemented TLSA
records. Consider enabling DANE for outbound mai
On Mon, Sep 14, 2015 at 11:32:57AM +0800, Ken Peng wrote:
> You are exactly right, we are talking about securing inbound mail.
So finally we have a clear problem statement.
In that case, firstly inbound email is always port 25. Barring
special-case manual routing agreed by both parties, email i
Viktor,
On 2015/9/14 星期一 11:16, Viktor Dukhovni wrote:
On Mon, Sep 14, 2015 at 10:32:46AM +0800, Ken Peng wrote:
All our MX servers can be setup with tls secure.
So the servers in question are inbound MX hosts accepting mail from
other domains on port 25? And you were asking a question abou
On Mon, Sep 14, 2015 at 10:32:46AM +0800, Ken Peng wrote:
> All our MX servers can be setup with tls secure.
So the servers in question are inbound MX hosts accepting mail from
other domains on port 25? And you were asking a question about
securing inbound mail?
If so, why were you asking port
On September 14, 2015 4:32:24 AM Ken Peng wrote:
This is what I actually want to ask for, about the transfer secure.
Thx.
atleast you did not use spamhaus css like postfix.org does, so the reply
you did was rejected on postfix maillist from me, sad anti spammers wins always
https://dane.sy
Hi,
Sorry for my poor expression, :)
All our MX servers can be setup with tls secure.
But as people have said in the list, we should accept the messages which
are not encrypted otherwise it will break RFC.
If the peer MTAs send messages to us, with non-encrypted content, these
messages should n
On Mon, Sep 14, 2015 at 10:05:13AM +0800, Ken Peng wrote:
> My real question is this one I sent before,
You're not listening. The right answer depends on the role your
MTA plays and its relationship to the clients it serves. If you
don't provide the proper context, nobody can give you a sensibl
Hi,
My real question is this one I sent before,
So, if we most time transfer messages between MTAs with non-encrypted,
what destinations should these email systems exist for?
http://www.emailquestions.com/encrypted-email-service-providers/
From production viewpoints, we can develop that a enc
On Mon, Sep 14, 2015 at 09:56:27AM +0800, Ken Peng wrote:
> On 2015/9/14 星期一 9:50, Viktor Dukhovni wrote:
> >What is the Postfix version of your server? What software do the
> >clients use?
>
> We are actually using a customized version of Postfix, adding some features
> to support distributed sy
We are actually using a customized version of Postfix, adding some
features to support distributed systems. Yes I was talking about MTA to
MTA communications, not MUA. We have hundreds of Postfix as MX cluster.
The user number is huge, it's more than 500 millions IMO.
On 2015/9/14 星期一 9:50, V
On Mon, Sep 14, 2015 at 09:07:30AM +0800, Ken Peng wrote:
> For security transfer, can I have the setup in Postfix to force peer MTA
> using SMTP/SSL port (465) for email delivery only? Thx.
You're not asking a sufficiently detailed question, and we're not
psychic, so your question has no answer
On September 14, 2015 3:23:31 AM Alice Wonder wrote:
For security transfer, can I have the setup in Postfix to force peer MTA
using SMTP/SSL port (465) for email delivery only? Thx.
Port 465 is deprecated. It should not be used.
can you say what mua it is that in ?
when i use ssl in thund
So, if we most time transfer messages between MTAs with non-encrypted,
what destinations should these email systems exist for?
http://www.emailquestions.com/encrypted-email-service-providers/
Thanks.
On 2015/9/14 星期一 9:36, Alice Wonder wrote:
But the RFC (I don't know number offhand) says you
On 09/13/2015 06:34 PM, Ken Peng wrote:
On 2015/9/14 星期一 9:23, Alice Wonder wrote:
On 09/13/2015 06:07 PM, Ken Peng wrote:
Hi,
For security transfer, can I have the setup in Postfix to force peer MTA
using SMTP/SSL port (465) for email delivery only? Thx.
Port 465 is deprecated. It sho
On 2015/9/14 星期一 9:23, Alice Wonder wrote:
On 09/13/2015 06:07 PM, Ken Peng wrote:
Hi,
For security transfer, can I have the setup in Postfix to force peer MTA
using SMTP/SSL port (465) for email delivery only? Thx.
Port 465 is deprecated. It should not be used.
25 is what your server sh
On 09/13/2015 06:07 PM, Ken Peng wrote:
Hi,
For security transfer, can I have the setup in Postfix to force peer MTA
using SMTP/SSL port (465) for email delivery only? Thx.
Port 465 is deprecated. It should not be used.
25 is what your server should use to accept mail from other MTAs.
If y
16 matches
Mail list logo
