similar to: Dovecot MTA

On Wed, Apr 27, 2016 at 1:04 AM, Alice Wonder <alice at domblogger.net> wrote: > Not with a smtp that enforces DANE. I'm aware of how DANE works. The only problem is no MTA outside of Postfix implements it. You can thank the hatred of DNSSEC for that. Brandon Vincent

On Wed, Apr 27, 2016 at 12:50 AM, Alice Wonder <alice at domblogger.net> wrote: > That is the only reliable way to avoid MITM with SMTP. Except I can just strip STARTTLS and most MTAs will continue to connect. Brandon Vincent

On 04/27/2016 07:50 PM, Alice Wonder wrote: > On 04/27/2016 12:41 AM, Alice Wonder wrote: >> On 04/27/2016 12:30 AM, James Hogarth wrote: >> *snip* >>> >>> Unless you have a very specific requirement for a very bleeding edge >>> feature it's fundamentally a terrible idea to move away from the >>> distribution packages in something as exposed

Hello All, I need to set up a new mail server to replace an aging CentOS 6.3 mail server. I was wondering what were some of the best guides on the web for Postfix (Maildir), Spamassassin, ClamAV, Dovecot? Regards, Ben Archuleta

On Fri, March 31, 2017 4:46 pm, Alice Wonder wrote: > On 03/31/2017 02:40 PM, Kenneth Porter wrote: >> On 3/31/2017 2:15 PM, Valeri Galtsev wrote: >>> Well, it sounds like you are one of the companies with whose effort I >>> have >>> to fight constantly in my own effort to protect our users from spam... >> >> What makes Postfix superior in fighting

On 02/19/2017 05:39 AM, KT Walrus wrote: >> That's one of the reasons I don't like Let's Encrypt, with one year certs it is easier to look at the certs and see what is going to expire in the coming month needing a new private key. > > I use dehydrated (with Cloudflare DNS challenges) and as far as I know, it seems to generate a new private key every time. Yeah that would

Is there some reason to use a mail.domain.com cert for mail rarher than just using domain.com for everything? Historically the subdomain were used because they were on different hardware. That is www was on one machine and mail was on another. ? Original Message ? From: dovecot at dovecot.org Sent: March 14, 2019 3:56 PM To: dovecot at dovecot.org Reply-to: jtam.home at gmail.com

On 8/11/2017 1:29 PM, Ralph Seichter wrote: > On 11.08.2017 11:36, Michael Felt wrote: > >> This is what Ralph means when he says "have been running a CA for >> 15+ years" - not that he is (though he could!) sell certificates >> commercially - rather, he is using an initial certificate to sign >> later certificates with. > Actually, I do sell certificates

On 04/27/2016 12:30 AM, James Hogarth wrote: *snip* > > Unless you have a very specific requirement for a very bleeding edge > feature it's fundamentally a terrible idea to move away from the > distribution packages in something as exposed as a webserver ... I use to believe that. However I no longer. First of all, advancements in TLS happen too quickly. The RHEL philosophy of

That is one of the reasons I do not bother since long with public CAs but rather deploy my own, including own OSCP responder. Which has of course has some drawbacks like redundancy, resilience, bandwidth provision, geographical spread, implementing CA security standards and CA trust in clients. Latter though could be easily overcome if browser and email clients were to support DNSSEC/DANE

Is there an extra step which must be taken to get postfix to deliver email via a relay host when the postfix machine is pointing to an samba internal DNS? I did a test setup using a public DNS server and it worked. Same setup where the machine (Debian 9) is pointing to a samba DNS doesn't work. The errors in the postfix log seem to be DNS related. Thanks,

I know it is not dovecot who should fix this. But anyone using dovecot is using an MTA, and receiving spam ;) I know how to look at email headers. Spf and dkim is not solving anything here. -----Original Message----- From: Sebastian Nielsen [mailto:sebastian at sebbe.eu] Sent: donderdag 11 juni 2020 10:23 To: Marc Roos; 'dovecot'; 'users' Subject: SV: handling spam from

On 02/18/2017 10:24 PM, Robert L Mathews wrote: > On 2/17/17 1:38 PM, chaouche yacine wrote: > >> Seems wrong to me too, Robert. If you put your private key inside >> your certificate, won't it be sent to the client along with it ? > > No; any SSL software that uses the file will extract the parts it needs > from it and convert them to its internal format for future

> On 29. Sep 2018, at 23:58, John R. Dennison <jrd at gerdesas.com> wrote: > > Save yourself the effort, time, headaches and eventual bloody tears of impotent > rage and just go with Google or some other provider. Running a mail > server properly is one of the more difficult tasks and quite often not > worth the time and trouble, especially if one is asking about it on a

I am sick of this gmail spam. Does anyone know a solution where I can do something like this: 1. received email from adcpni444 at gmail.com 2. system recognizes this email address has been 'whitelisted', continue with 7. 3. system recognizes as this email never been seen before 4. auto reply with something like (maybe with a wait time of x hours): Your message did not receive the

I created a client library to send emails for a webapp. When the client library makes a connection to the SMTP server, and then do NOT add Message-Id header, Message-ID (with a capital D) header is added, and the SMTP server adds a incorrect DKIM-Signature record 'h' part, invalidating the generated DKIM signature value. This causes outlook, yahoo, gmail and other email recipients

> Let's say we have dovecot + sieve plugin container. > Dovecot configured to use remote SMTP submission host to send messages: > submission_host = postfix.example.com:587 I reviewed my config to see how i did it. I think you are right and SASL isn't used here. I have dovecot and postfix on the same machine and in dovecot i set submission_host = localhost:25 Then in my

Good evening from Singapore, I am torn between deploying Microsoft Exchange 2016 and Linux-based SMTP servers like sendmail, postfix, qmail and exim. Relative ease of installation and configuration is an important consideration factor. Microsoft Exchange 2016, Domain Controller, and Active Directory are relatively easy to install and configure. Linux-based SMTP servers are extremely difficult

Thanks for the reply, postfix + dovecot sasl configured and working properly. My question is about "adding dovecot authentication when sending emails via submission_host". Let's say we have dovecot + sieve plugin container. Dovecot configured to use remote SMTP submission host to send messages: submission_host = postfix.example.com:587 User foo at example.com has the following

Hi folks. I've just experienced strange behaviour with our samba ad configured with bind9 dlz and our ftp server (separate machine on the same network). In the past few days I've noticed significant drop of the download speed from the ftp server. As nothing obvious came to my mind I just rebooted our samba AD server. Afterwards the speed increased about 9 times, back to what we are used