raf:
> On Wed, Sep 22, 2021 at 10:52:02PM -0400, Viktor Dukhovni
> wrote:
>
> > On Thu, Sep 23, 2021 at 09:28:59AM +1000, raf wrote:
> >
> > > > Thanks. This is the result of lazy coding in a nasty language.
> > > > I should stop hidden static buffers, or switch to a language
> > > > has automa
> On 23 Sep 2021, at 6:46 am, Wietse Venema wrote:
>
> C and C++ are similar enough that C can easily be wrapped in C++.
> I'd love to adopt Gtest which I have been using internally at Google
> over the past 5+ years.
Sure, but these days you can write C in any language. :-)
By which I mean tha
On 2021-09-23 04:34, Girish Venkatachalam wrote:
On 04:41 PM 17-Sep-21, Benny Pedersen wrote:
On 2021-09-17 14:40, Christian Schmitz wrote:
make a spamassassin rule to check dkim, make that dkim score 1000, if
you reject high score spam there is nothing more to do
In this day and age rspamd
Hi,
I was looking for a way to use implicit TLS with LMTP, similar to
`smtp_tls_wrappermode = yes`. I don't see any mention of
lmtp_tls_wrappermode in http://www.postfix.org/postconf.5.html but
https://github.com/vdukhovni/postfix/blob/f246147ec54bb2b79ac84522d1d1a6c2b1664bd6/postfix/src/globa
On Thu, Sep 23, 2021 at 01:19:57PM -0400, David Mandelberg wrote:
> Is lmtp_tls_wrappermode safe to use even though it's not documented?
Yes, it is safe to use. The SMTP and LMTP client code Postfix is
largely a single code base that implements both protocols, with only
minor differences (no MX
Thank you!
Op 23-09-2021 om 13:44 schreef Viktor Dukhovni:
On Thu, Sep 23, 2021 at 01:19:57PM -0400, David Mandelberg wrote:
Is lmtp_tls_wrappermode safe to use even though it's not documented?
Yes, it is safe to use. The SMTP and LMTP client code Postfix is
largely a single code base that
I re-ask again since my postscreen responds to connections with dnsbl
code 450 instead of a 5xx, with which those servers are trying to resend
the mail again and again
postfix/submission/postscreen[1724625]: NOQUEUE: reject: RCPT from
[XXX.XXX.XXX.XXX]:46994: 450 4.7.1 Service unavailable; client
Hi,
With the settings below, postfix 3.5.6 and openssl 1.1.1k successfully
connected to a server with a 2048-bit RSA key, which should be
disallowed by openssl's security level 4.
tls_high_cipherlist = DEFAULT:!eNULL:!aNULL:@SECLEVEL=4:@STRENGTH
smtp_tls_mandatory_ciphers = high
When I use o
On Thu, Sep 23, 2021 at 10:02:26PM -0400, David Mandelberg wrote:
> With the settings below, postfix 3.5.6 and openssl 1.1.1k successfully
> connected to a server with a 2048-bit RSA key, which should be
> disallowed by openssl's security level 4.
Postfix explicitly overrides the security level
On Thu, Sep 23, 2021 at 06:46:33AM -0400, Wietse Venema
wrote:
> C and C++ are similar enough that C can easily be wrapped in C++.
> I'd love to adopt Gtest which I have been using internally at Google
> over the past 5+ years.
>
> Wietse
That would give the best return to investment rat
Op 23-09-2021 om 22:26 schreef Viktor Dukhovni:
On Thu, Sep 23, 2021 at 10:02:26PM -0400, David Mandelberg wrote:
With the settings below, postfix 3.5.6 and openssl 1.1.1k successfully
connected to a server with a 2048-bit RSA key, which should be
disallowed by openssl's security level 4.
Pos
On Fri, Sep 24, 2021 at 01:45:04AM +0200, Francesc Peñalvez wrote:
> I re-ask again since my postscreen responds to connections with dnsbl
> code 450 instead of a 5xx, with which those servers are trying to resend
> the mail again and again
>
> postfix/submission/postscreen[1724625]: NOQUEUE: reje
Ok, I think I've got a partial workaround. If I'm reading the TLS 1.3
spec (and the output of `openssl ciphers -s -tls1_3`) correctly, it has
an effective minimum of 128 bits of security with forward secrecy, not
including the security of the public key(s) or PKIX signatures. So as
long as the
13 matches
Mail list logo
