Greetings,
During recent infrastructure updates, I ran into an oddity using a
check_ccert_access rule on postfix built without SASL support. The following
warning is logged:
Oct 30 14:03:22 postfix/submission/smtpd[7724]: warning: restriction
`check_ccert_access' ignored: no SASL support
Despit
On Fri, Oct 29, 2021 at 08:36:38PM -0700, Dan Mahoney (Gushi) wrote:
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
On 30.10.21 01:01, Viktor Dukhovni wrote:
Leave TLSv1 and TLSv1.1 enabled, there's no compelling reason to turn
these off for opportunistic TLS.
I agree.
unfortunately,
On Sat, Oct 30, 2021 at 06:57:41PM +0200, Matus UHLAR - fantomas wrote:
> unfortunately, security bureau in Slovakia started scanning gov. agencies
> and we already received requests to close those on smtp/25.
And do they actually have anything to say? Just disable cleartext then.
Bastian
--
O
On Sat, Oct 30, 2021 at 02:55:45PM +, Brad Barden wrote:
> Oct 30 14:03:22 postfix/submission/smtpd[7724]: warning: restriction
> `check_ccert_access' ignored: no SASL support
The proposed patch is correct. Well spotted. Thanks.
--- a/src/smtpd/smtpd_check.c 2021-10-30 14:07:05.21580132
