On 2019-11-26 7:56 a.m., Wesley Peng wrote:
> If using plain port 25, the messages are not secure enough for traffic.
> From what I know there is a technology calling Traffic hijacking.
What makes one port number more or less secure than another? Security
is based on what goes over the port, not
> Is there any guide for it?
For sending mail to public mailing lists, Gmane is good. Gmane keep your
privacy all the time.
Also MX is good to use Cloud VM such as AWS, Google Cloud Platform if
you install Postfix.
Sincerely,
--
^고맙습니다 _地平天成_ 감사합니다_^))//
On 26 Nov 2019, at 7:56, Wesley Peng wrote:
Hi
on 2019/11/26 20:53, Jaroslaw Rafa wrote:
Sending mail out of a MTA is always on port 25. STARTTLS is used if
possible.
If using plain port 25, the messages are not secure enough for
traffic.
A rationally configured mail server in 2019
on 2019/11/26 19:27, Matus UHLAR - fantomas wrote:
...and there's no "starttls" on 465, that's what I meant "implicit".
while port 465 was assigned for SMTPS in January 2018, it's been used this
way on many sites/services for years (even decades)
On 26.11.19 20:50, Wesley Peng wrote:
How the
Hi
on 2019/11/26 20:53, Jaroslaw Rafa wrote:
Sending mail out of a MTA is always on port 25. STARTTLS is used if
possible.
If using plain port 25, the messages are not secure enough for traffic.
From what I know there is a technology calling Traffic hijacking.
Regards.
Dnia 26.11.2019 o godz. 20:50:51 Wesley Peng pisze:
>
> How the traffic between big one's MTAs get through?
> For example, gmail send messages to web.de via port 465 by SSL, or
> just plain port 25?
Sending mail out of a MTA is always on port 25. STARTTLS is used if
possible.
Ports 468/587 are
Hi
on 2019/11/26 19:27, Matus UHLAR - fantomas wrote:
...and there's no "starttls" on 465, that's what I meant "implicit".
while port 465 was assigned for SMTPS in January 2018, it's been used this
way on many sites/services for years (even decades)
How the traffic between big one's MTAs get
on 2019/11/26 17:02, Matus UHLAR - fantomas wrote:
I would set up port 465 also. Note that TLS on 465 is implicit,
while on 587 is
explicit, so it's easier to allow unencrypted connections by a mistake on
587.
On Tue, 26 Nov 2019, Wesley Peng wrote:
587 is also used for StartTLS, am I
On Tue, 26 Nov 2019, Wesley Peng wrote:
on 2019/11/26 17:02, Matus UHLAR - fantomas wrote:
I would set up port 465 also. Note that TLS on 465 is implicit, while on
587 is
explicit, so it's easier to allow unencrypted connections by a mistake on
587.
587 is also used for StartTLS, am I
Dnia 26.11.2019 o godz. 10:23:09 Conz pisze:
>
> This makes it look like all mail is sent from the email server
> itself and hides your client. I can't remember where I got the above
> from but I found it somewhere, possibly even from this list.
Isn't it simpler to just use a server-based email
My 1 cent for privacy wise (assuming you're hosting on a VPS and not at
home)
Remove headers and your home IP with postfix:
master.cf:
under submission:
-o cleanup_service_name=auth-cleanup
auth-cleanup unix n - n - 0 cleanup
-o
on 2019/11/26 17:02, Matus UHLAR - fantomas wrote:
I would set up port 465 also. Note that TLS on 465 is implicit, while on
587 is
explicit, so it's easier to allow unencrypted connections by a mistake on
587.
587 is also used for StartTLS, am I right?
regards.
a privacy oriented mailserver
On 25 Nov 2019, at 22:53, lists wrote:
> Security is privacy.
More precisely: Security includes privacy. Privacy is an essential *PART
OF* security.
The remit requested by the OP is really too broad to answer on a public
mailing list intended for discuss
On 25.11.19 18:22, lists wrote:
At a minimum, I would set it up to use port 587.
I would set up port 465 also. Note that TLS on 465 is implicit, while on 587 is
explicit, so it's easier to allow unencrypted connections by a mistake on
587.
Then block via firewall all the email ports other
Hello, Wesley.
The safest way is to have your own hardware, albeit there are some
other options.
Perhaps we can have a quick talk in the evening.
My phone number: on Signal: +447511244961
Kind regards,
André
On Tue, 2019-11-26 at 14:36 +0800, Wesley Peng wrote:
> That look interesting. Do you
That look interesting. Do you provide a hosting plan Andre?
regards
on 2019/11/26 14:31, André Rodier wrote:
Hello, Bill.
I had the same concern a few years ago.
I have been self-hosting for more than a decade, and more recently, I
built this:
https://github.com/progmaticltd/homebox
This
Hello, Bill.
I had the same concern a few years ago.
I have been self-hosting for more than a decade, and more recently, I
built this:
https://github.com/progmaticltd/homebox
This is oriented towards security and privacy, and include defence
mechanisms against remote and physical intrusion.
On 25 Nov 2019, at 22:53, lists wrote:
Security is privacy.
More precisely: Security includes privacy. Privacy is an essential *PART
OF* security.
The remit requested by the OP is really too broad to answer on a public
mailing list intended for discussion of a specific MTA (even though
Security is privacy.
Original Message
From: postmas...@wsly.de
Sent: November 25, 2019 6:25 PM
To: li...@lazygranch.com; postfix-users@postfix.org
Subject: Re: how to setup a privacy oriented mailserver
Hi
on 2019/11/26 10:22, lists wrote:
> At a minimum, I would set it up to
Hi
on 2019/11/26 10:22, lists wrote:
At a minimum, I would set it up to use port 587. Then block via firewall all
the email ports other than port 25 all countries from which you will not be
using the server.
Keep the attack surface small. For example don't provide for web based email.
...@wsly.de
Sent: November 25, 2019 5:48 PM
To: postfix-users@postfix.org
Subject: how to setup a privacy oriented mailserver
Hi community,
I finally got a domain from registrar, if I want to run a privacy
oriented mail server, what steps should I take?
For example, setup SSL over all, SPF, DKIM
Hi community,
I finally got a domain from registrar, if I want to run a privacy
oriented mail server, what steps should I take?
For example, setup SSL over all, SPF, DKIM, DMARC, DNSSec, DoH,
encrypted storage, app special pasword, secondary authentication?
Is there any guide for it?
22 matches
Mail list logo