Heho, Just as a side note/PSA in case people missed this; While the Internet is moving towards a 'well, that OpenSSL bug was not toooo bad; It would need either a malicious server with a _signed_ cert (or cert checks being disabled), OR a malicious client and the use of cert-auth' perspective...
MTAs usually do a lot of outbound TLS acting as clients to remote servers, but opportunistically (disabled cert validation). This might also be triggered by a remote entity directing an MTA to a specific server (think: Using bounces, DMARC/TLS RPT). ;-) So mail might be one of the few cases where the OpenSSL bug is relevant (even though not many run their MTAs on Ubuntu 22.04 or similar, I guess; Docker world might be different, no clue what mailcow is doing). With best regards, Tobias _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
