[OT] SOPHOS savdid/savd privilege question

2019-12-12 Thread Ralf Hildebrandt
Currently I'm using SOPHOS savdid/savd within rspamd. * savdid is running as unprivileged user "sophosav" * savd, on the other hand, is run as root - probably by default :( Naturally, I'd like savd to run as a non-root user, but is that possible at all? Anybody got some hints and caveats for such

Re: [OT] SOPHOS savdid/savd privilege question

2019-12-12 Thread Julius Suarez (GMail)
Hi Mr. Ralf, >From what I know about savd - - It was designed to be run by root only. - The daemon was supposed to handle the on-access scanning and the framework that will handle other tasks. - Some tasks include - configuration, thread control, runtime debugging, logging, etc --> which I believ

SMTP REQUIRETLS (RFC 8689)

2019-12-12 Thread Max Mazurov
Hello, list. It is common knowledge that TLS for server-server SMTP is merely opportunistic and there is no strong guarantee it will be used. Even worse, in many cases MTAs lack any protection against active attacks (e.g. via MitM involving downgrade to plaintext or DNS poisoning to spoof MX reco