similar to: TLS for all CentOS websites but not for smtp?

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 19/08/15 15:56, Kai Bojens wrote: > Hello everybody, I just got the email about the enforcing of HTTPS > for the CentOS Websites which I really appreciate: > > ?The CentOS Project infra team has decided to implement TLS > wherever we can (?)? > > Does anybody know if and when mail.centos.org will be able to > deliver its

On Wed, August 19, 2015 12:24, Kai Bojens wrote: > On 19-08-15 08:30:27, Alice Wonder wrote: > >> e-mail by its very design is not secure, SMTP creates "Man In The >> Middle" at every server along the way. > > DANE exists and mail servers like postfix support this. My logfiles > show me that mail.centos.org delivers straight to me without any > servers along

On 19-08-15 08:30:27, Alice Wonder wrote: > e-mail by its very design is not secure, SMTP creates "Man In The > Middle" at every server along the way. DANE exists and mail servers like postfix support this. My logfiles show me that mail.centos.org delivers straight to me without any servers along the way. > I'm not saying they shouldn't implement TLS on the list

On 19/08/15 17:50, Alice Wonder wrote: > > > On 08/19/2015 09:24 AM, Kai Bojens wrote: >> On 19-08-15 08:30:27, Alice Wonder wrote: >> >>> e-mail by its very design is not secure, SMTP creates "Man In The >>> Middle" at every server along the way. >> >> DANE exists and mail servers like postfix support this. My logfiles >> show

On 08/19/2015 06:56 AM, Kai Bojens wrote: > Hello everybody, > I just got the email about the enforcing of HTTPS for the CentOS Websites > which I really appreciate: > > ?The CentOS Project infra team has decided to implement TLS wherever we > can (?)? > > Does anybody know if and when mail.centos.org will be able to deliver its > mails with STARTTLS? There seems to be

Hi Everyone! I've setup dovecot 2.3.2.1 on a Gentoo server. I want to configure the submission service in order to replace the corresponding part in Postfix (which is my SMTP server). I configured submission it with just a few options different of the default ones: submission_client_workarounds = whitespace-before-path submission_relay_host = 127.0.0.1 submission_relay_port = 10026

Open-Xchange Security Advisory 2021-06-21 Product: Dovecot Vendor: OX Software GmbH Internal reference: DOV-4583 (Bug ID) Vulnerability type: CWE-74: Failure to Sanitize Data into a Different Plane ('Injection') Vulnerable version: 2.3.0-2.3.14 Vulnerable component: submission Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 2.3.14.1 Vendor notification:

Open-Xchange Security Advisory 2021-06-21 Product: Dovecot Vendor: OX Software GmbH Internal reference: DOV-4583 (Bug ID) Vulnerability type: CWE-74: Failure to Sanitize Data into a Different Plane ('Injection') Vulnerable version: 2.3.0-2.3.14 Vulnerable component: submission Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 2.3.14.1 Vendor notification:

Hi Christian, first of all I appreciate your quick answer. You are correct, if I "openssl -starttls smtp -connect <host>:<port>" I notice the AUTH capability is published, so that explains why the clients that I configure with STARTTLS are able to find out the AUTH mechanisms and authenticate correctly. I also found out that the AUTH is shown before entering STARTTLS if

On 08/19/2015 09:24 AM, Kai Bojens wrote: > On 19-08-15 08:30:27, Alice Wonder wrote: > >> e-mail by its very design is not secure, SMTP creates "Man In The >> Middle" at every server along the way. > > DANE exists and mail servers like postfix support this. My logfiles > show me that mail.centos.org delivers straight to me without any > servers along the

On 04/12/2019 22:03, Lists wrote: > I have a goal of securing email. Updated the company mail server and DNS > (CentOS 7 + Postfix, otherwise pretty stock) with support for SPF, DKIM, and > DMARC. So far, all good, and everything "just works". > > Our mail server has supported SMTP / TLS for a long time, but recently I've > been considering requring TLS all the

On 2017-12-21 16:48, Stephan Bosch wrote: > Op 12/18/2017 om 9:44 PM schreef Michael Marley: > >> First of all, I apologize for my accidental empty message earlier. >> >> I just set up the SMTP submission proxy in Dovecot 2.3, but whenever I >> try to connect to it, it always returns "530 5.7.0 TLS required." for >> any sort of AUTH or MAIL

I have a goal of securing email. Updated the company mail server and DNS (CentOS 7 + Postfix, otherwise pretty stock) with support for SPF, DKIM, and DMARC. So far, all good, and everything "just works". Our mail server has supported SMTP / TLS for a long time, but recently I've been considering requring TLS all the time. Is there anybody here who's done this? Has it

CentOS: 7.1.1503 I have a problem with systemd which somehow manages to fill /tmp up with a lot of files. These files obviously are from the Apache server and don't pose a problem per se. The problem is that these files don't get removed daily: du -hs systemd-private-* 7,7G systemd-private-mpg7rm 0 systemd-private-olXnby 0 systemd-private-qvJJ5o 0 systemd-private-Rs2nBv It was my

Hello everybody, I just tried to run 'yum update' and got this error: Error: Package: ntp-4.2.6p5-19.el7.centos.x86_64 (@updates) Requires: ntpdate = 4.2.6p5-19.el7.centos Removing: ntpdate-4.2.6p5-19.el7.centos.x86_64 (@updates) ntpdate = 4.2.6p5-19.el7.centos Updated By: ntpdate-4.2.6p5-19.el7.centos.1.x86_64 (updates) ntpdate =

Hi, With latest 2.3 -git (and 2.3.0 release), I'm running into this error with Thunderbird: "An error occurred while sending mail. The mail server responded: 5.5.4 Unsupported mail BODY type. Please verify that your email address is correct in your account settings and try again." This is fatal and means Thunderbird cannot use the submission service - fortunately I can revert

On 05/16/2015 04:18 PM, Peter Lawler wrote: > People monitoring your connection know what you've updated, and what you > haven't, thus knowing what you may be vulnerable to, is a problem. If I'm monitoring your https connection: I know the list of mirrors. That's public information. I know when updates are released. That's also public. I know when you last

List, we're migrating to 2.2 from a 1.x version. There has been mention from time to time of a dovecot SMTP submission server. Last I saw was Timo suggesting this would be a 2.3 feature, but that there was already a 'basic' capability in 2.2 that, more or less, merely provided a secured/authorised SMTP submission. I haven't found anything about this in the wiki, but the

Hi - OK not really an Asterisk question but it is affecting one of my favorite features - emailing voice mail! I've posted on some Linux forums and sendmail.org but no response so I'm hoping someone will take pity on me ;-) My ISP requires SMTP authorization and I'm having a heck of a time getting it to work. I've included the following below: Asterisk 1.4.21 CentOS 5 Sendmail

Dear All, I have two machines, a Centos 3.4 machine and a Centos 4.1 machine. I have used the same sendmail.mc file on each, and 3.4 machine does plain SMTP auth with no problems, compiling the same mc file on the 4.1 machine gives this error: xxxxx [x.x.x.x] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA in the logs, it doesn't even try to authenticate, the cyrus sasl rpm