On 05/09/2019 11:32, [email protected] wrote:
could be interesting to implement a tls builtin filter, so you could:
filter check-tls phase mail-from match !tls junk
and flag non tls options as spam, without discarding them completely
You know, I was hoping you'd say that! :D
I would so very much like to run with TLS only, but alas I have people
here that need all these plain text private mails from their banks etc. :P
I've already started to send out mails to point it out to them (bank,
government institutions, etc). Even our old QMail (RIP) had TLSv1 in it.
There's just no excuse.
And the most absurd fact. Postfix needs a setting to turn on
opportunistic TLS on outgoing mail. They default to none.
Oh I'm angry today. In a positive way! :)
Reio
September 5, 2019 8:38 AM, "Reio Remma" <[email protected]> wrote:
On 02/09/2019 18:37, Reio Remma wrote:
On 02/09/2019 18:36, Reio Remma wrote:
Now I ended up switcing to tls-require on port 25. I wonder how much >> spam
that will take down!
:)
Well, that's depressing.
On the spam front - requiring TLS apparently cuts off about 99% of spam
(SpamAssassin is
practically out of work), but we do get the occasional legit non-TLS connection
and I'm having to
switch back to optional TLS. :/
So TLS is 20 years old but they're (banks etc) still sending somewhat private
info in plain text.
'twas fun while it lasted. :)
I'm going to start schooling them one by one.
Reio
