Hi,
Dňa 14. júla 2023 18:36:53 UTC používateľ Grant Taylor via mailop
napísal:
>With this in mind, my opinion is that hard and fast is often better / less
>problematic in the long term.
I guess, that by "hard and fast" you mean reject early, thus in
case of SPF as response to "MAIL FROM",
It appears that Michael Peddemors via mailop said:
>On 2023-07-14 09:20, Slavko via mailop wrote:
>
>You all realize that the poor guy looking for a guide on how to set up
>and email server long since left, you scared him to death with the
>complexity..
Um, that was me who asked the question
It appears that Thomas Walter via mailop said:
>Hey Michael,
>
>On 13.07.23 00:53, Michael Peddemors via mailop wrote:
>> And yes, email forwarding will break.. but email forwarding remotely
>> should be killed off anyways.. everyone can log into two accounts.
>
>Everyone has always been able to
It appears that Jaroslaw Rafa via mailop said:
>Most of regular consumer email users don't have any reason for this. As Bill
>Cole, whom I was replying to, wrote - nobody would try to impersonate you or
>me in a phishing campaign for financial gain, because there won't be any.
Since we all seem
On 7/14/2023 11:21 AM, Grant Taylor via mailop wrote:
Suggest you might consider changing the topic, if you want to argue
the various nuances and complexities of SPF/DKIM/DMARC etc..?
And break existing threading and avoid any ignore thread filters that
people have put in place?
That seems
On 14 July 2023 18:24:45 Dave Crocker via mailop wrote:
We need to 'encourage' people to run their own mail servers, not scare
them away..
We also need to encourage people to do all the servicing for their car,
to build their own house, and to grow their own food.
Or we might take a
On 7/14/23 11:20 AM, Slavko via mailop wrote:
Hi,
Hi Slavko,
Possible? Yes. Expected? Hard to tell... See latter.
From which point of view?
My experience is that hard and fast usually surfaces errors much closer
to the time they are introduced.
Conversely soft and slow usually causes
On 7/14/2023 11:20 AM, Paul Smith wrote:
On 14 July 2023 18:24:45 Dave Crocker via mailop
wrote:
We need to 'encourage' people to run their own mail servers, not scare
them away..
We also need to encourage people to do all the servicing for their car,
to build their own house, and to
On 7/14/23 11:31 AM, Michael Peddemors via mailop wrote:
You all realize that the poor guy looking for a guide on how to set up
and email server long since left, you scared him to death with the
complexity..
Why does an active ongoing conversation between multiple parties need to
stop
We need to 'encourage' people to run their own mail servers, not scare
them away..
We also need to encourage people to do all the servicing for their car,
to build their own house, and to grow their own food.
Or we might take a somewhat more modern view of life and deal
pragmatically
On 2023-07-14 09:20, Slavko via mailop wrote:
You all realize that the poor guy looking for a guide on how to set up
and email server long since left, you scared him to death with the
complexity..
We need to 'encourage' people to run their own mail servers, not scare
them away..
Suggest
Hi,
Dňa 13. júla 2023 23:42:15 UTC používateľ Grant Taylor via mailop
napísal:
>I absolutely think that it's quite possible to apply SPF independently
>nowadays.
Possible? Yes. Expected? Hard to tell... See latter.
>Is it better to fail soft and slow or hard and fast?
From which point of
On 7/13/23 10:56 AM, Slavko via mailop wrote:
Ahoj,
Hi,
OK, our opinions are near the same, but still opinions only, without
something in RFC.
:-)
IMO one cannot apply SPF independently nowadays.
I absolutely think that it's quite possible to apply SPF independently
nowadays.
Sure,
> On 13.07.2023 at 11:12 Hans-Martin Mosner via mailop wrote:
>
>
> Has anyone on this list tried forwarding (e.g. for ex-employees) via
> attachment? The original message would be kept intact, while the outer
> message clearly originates with the forwarding agent who may even add a human
>
Ahoj,
Dňa Wed, 12 Jul 2023 10:04:10 -0500 Grant Taylor via mailop
napísal:
> In my opinion, if a domain's DMARC has a p=none, then you don't
> filter on DMARC. But you still independently apply your site's
> local SPF filtering policy preferably following the sending domain's
> stated SPF
On 2023-07-12 at 18:53:31 UTC-0400 (Wed, 12 Jul 2023 15:53:31 -0700)
Michael Peddemors via mailop
is rumored to have said:
On 2023-07-12 12:53, Jaroslaw Rafa via mailop wrote:
Most of regular consumer email users don't have any reason for this.
As Bill
Cole, whom I was replying to, wrote -
On 7/13/23 4:00 AM, Hans-Martin Mosner via mailop wrote:
Has anyone on this list tried forwarding (e.g. for ex-employees) via
attachment?
I have done exactly this on a onesie-twosie / manual basis.
I have .forward files on systems that I administer and can run into
problems when I send an
attachment anymore.
Florian
Von: mailop Im Auftrag von Hans-Martin Mosner via
mailop
Gesendet: Donnerstag, 13. Juli 2023 11:00
An: mailop@mailop.org
Betreff: Re: [mailop] Guide for setting up a mail server ?
Has anyone on this list tried forwarding (e.g. for ex-employees) via
attachment? Th
Has anyone on this list tried forwarding (e.g. for ex-employees) via
attachment? The original message would be kept intact, while the outer
message clearly originates with the forwarding agent who may even add a
human readable reminder to the addressee to let the sender know about the
changed
Hey Michael,
On 13.07.23 00:53, Michael Peddemors via mailop wrote:
And yes, email forwarding will break.. but email forwarding remotely
should be killed off anyways.. everyone can log into two accounts.
Everyone has always been able to log into two accounts. There are other
reasons why this
On Wed, 12 Jul 2023, Michael Peddemors via mailop wrote:
And yes, email forwarding will break.. but email forwarding remotely should
be killed off anyways.. everyone can log into two accounts.
Universities would like to allow the world to contact staff who have
recently left. We forward
On Sun, Jul 9, 2023 at 18:52 John Levine via mailop
wrote:
> A friend of mine wants to set up a mail server on a VPS and asked me what
> he needs to do beyond the obvious setting up postfix and dovecot. Is there
> a good summary somewhere?
So, at the risk of totally missing the point, I’ll
On 2023-07-12 12:53, Jaroslaw Rafa via mailop wrote:
Most of regular consumer email users don't have any reason for this. As Bill
Cole, whom I was replying to, wrote - nobody would try to impersonate you or
me in a phishing campaign for financial gain, because there won't be any.
hehehe.. they
Dnia 12.07.2023 o godz. 13:58:21 Grant Taylor via mailop pisze:
>
> IMHO, some -- but not all -- that choose not to publish any
> information to make the recipient's lives any easier are somewhat
> choosing to say "I don't care, I'm not going to lift a finger, and
> you must do all the work, even
On 7/12/23 9:28 AM, Jaroslaw Rafa via mailop wrote:
Despite I said that SPF/DKIM/DMARC adds little to security, I would
disagree with what you write here.
The problem is for recipients, not for senders.
I'd argue that almost all SMTP shortcomings are on the receiving end,
not the sending
On 7/12/23 4:11 AM, Slavko via mailop wrote:
BTW, my English is not best, don't take me word by word, please...
I don't think I've had any more trouble understanding you / your use of
English as an additional language than I have had with others who use
English as their primary language.
Dnia 12.07.2023 o godz. 08:53:16 Bill Cole via mailop pisze:
> For the overwhelming majority of sending systems, the only internal
> security benefit to implementing SPF/DKIM/DMARC is to make
> impersonation of local users by outsiders for the purpose of fraud
> (so-called "BEC") much harder.
>
>
On 12/07/2023 15:53, Bill Cole via mailop wrote:
For most sending domains, targeted forgery to the world at large is a
non-problem. No one is out there impersonating you or me in email to
random strangers for financial gain.
That is simply not true. For the past two years we have been seeing
On 2023-07-12 at 05:46:47 UTC-0400 (Wed, 12 Jul 2023 11:46:47 +0200)
Jaroslaw Rafa via mailop
is rumored to have said:
Exactly, because from my experience SPF, DKIM and DMARC bring very
little
(if anything at all) to security. I
TRUTH.
For the overwhelming majority of sending systems, the
Dnia 11.07.2023 o godz. 18:47:03 Grant Taylor via mailop pisze:
> On 7/11/23 4:20 PM, Jaroslaw Rafa via mailop wrote:
> >For start, I suggest to implement SPF, DKIM and DMARC only for
> >outgoing mail, and in fact only to satisfy Google's requirement that
> >these should be in place. Don't bother
Dňa 11. júla 2023 18:23:45 UTC používateľ Grant Taylor via mailop
napísal:
BTW, my English is not best, don't take me word by word, please...
>I suspect that one of the things that makes email harder is that it
>encompasses many other interrelated and interdependent things. So if
>you're
On 2023-07-11 at 20:58:19 UTC-0400 (11 Jul 2023 20:58:19 -0400)
John Levine via mailop
is rumored to have said:
It appears that Grant Taylor via mailop
said:
On 7/11/23 2:48 PM, John Levine via mailop wrote:
If your From: domain has neither an A nor an MX, I don't think
you're going to get
It appears that Grant Taylor via mailop said:
>On 7/11/23 2:48 PM, John Levine via mailop wrote:
>> If your From: domain has neither an A nor an MX, I don't think
>> you're going to get much mail of any sort delivered.
>I believe it's possible for two entities to configure their email
>servers
On 7/11/23 4:20 PM, Jaroslaw Rafa via mailop wrote:
For start, I suggest to implement SPF, DKIM and DMARC only for
outgoing mail, and in fact only to satisfy Google's requirement that
these should be in place. Don't bother checking them on incoming
mail. (It's actually how I do it).
I am
On 7/11/23 4:31 PM, Jaroslaw Rafa via mailop wrote:
Hm... does this smell a bit X.400 or is it only my impression?
I believe the idea is protocol agnostic.
But I used to see it more in the '90s back when X.400 / OSI was much
more of a thing.
I am quite certain that I've seen this type of
On 12/07/2023 00:20, Jaroslaw Rafa via mailop wrote:
For start, I suggest to implement SPF, DKIM and DMARC only for outgoing
mail, and in fact only to satisfy Google's requirement that these should be
in place. Don't bother checking them on incoming mail. (It's actually how I
do it).
RBLs and
Dnia 11.07.2023 o godz. 16:14:17 Grant Taylor via mailop pisze:
> - IBM configures their email servers to send all @lotus.example
> email to lotusmail which resolves via /etc/hosts to 192.0.2.1
> - Lotus configures their email servers to send all @ibm.example
> email to ibmmail which resolves
Dnia 11.07.2023 o godz. 13:23:45 Grant Taylor via mailop pisze:
>
> I think SPF itself is relatively straightforward.
>
> 1) A domain owner publishes where they will send email from and
> what they would like recipients to do with email that does not match
> said publication.
> 2) A receiving
On 7/11/23 2:48 PM, John Levine via mailop wrote:
If your From: domain has neither an A nor an MX, I don't think
you're going to get much mail of any sort delivered.
I believe it's possible for two entities to configure their email
servers to exchange email with each other without the use of
Dnia 11.07.2023 o godz. 12:00:27 Grant Taylor via mailop pisze:
> The few times that I've tried to use A-record fallback -- testing
> for science / discussions like this one -- have resulted in failure.
For several years I didn't have a MX record for rafa.eu.org at all, only an
A record. Had
It appears that Grant Taylor via mailop said:
>On 7/11/23 4:26 AM, Jaroslaw Rafa via mailop wrote:
>> TECHNICALLY, any email (there is no technical difference if it is B2B
>> or not) requires only a machine that has an A record and a running
>> MTA.
>
>I'll wager a lunch that A records aren't
It appears that Andy Smith via mailop said:
>I imagine if you want to set up a technically correct RFC-compliant
>mail server that can't deliver a lot of the email that real people
>want sent then there is probably a mailing list and guide for that
>somewhere, but I imagine that the OP was
On 7/11/2023 2:54 AM, Slavko via mailop wrote:
Setup and get it working is not different than other services,
not more easy nor more hard, just different. It requires to learn
how to setup particular SW as in other services. What i see as
more hard with email is:
+ it is not one protocol (SMTP
On 7/11/23 8:29 AM, Bill Cole via mailop wrote:
It is worthwhile to protect the details of a SMTP session on the wire,
beyond simply protecting the contents of email.
Agreed.
+1
E2E tend to only address data and completely ignores metadata which
transport encryption helps.
Grant. . . .
On 7/11/23 4:54 AM, Slavko via mailop wrote:
If something have to be said, then it have to be said and then
doesn't matter who said it ;-)
Well said.
Nowaydays (especially joung) people tends to feel as experts, when
they setup something first time. Thus, when not used word by word, it
is
On 7/11/23 8:15 AM, Bill Cole via mailop wrote:
Surprisingly, A-record fallback works just fine for B2B email.
My experience differs. I've found A-record fallback to work inconsistently.
I think that A-record fallback is dependent on the sending MTA.
No one notices. Or at least no one
On 7/11/23 4:26 AM, Jaroslaw Rafa via mailop wrote:
TECHNICALLY, any email (there is no technical difference if it is B2B
or not) requires only a machine that has an A record and a running
MTA.
I'll wager a lunch that A records aren't even required. Maybe not any
name resolution at all.
On 2023-07-11 at 06:28:47 UTC-0400 (Tue, 11 Jul 2023 12:28:47 +0200)
Jaroslaw Rafa via mailop
is rumored to have said:
And if mail *is* E2E encrypted, transport level encryption is
basically
redundant...
Not really.
It is worthwhile to protect the details of a SMTP session on the wire,
On 2023-07-11 at 05:26:25 UTC-0400 (Tue, 11 Jul 2023 11:26:25 +0200)
Jaroslaw Rafa via mailop
is rumored to have said:
These are Google requirements, not SMTP protocol requirements. We
should not
confuse one with the other.
Right, and that may be why Laura specifically referred to B2B mail.
On 2023-07-11 at 04:05:42 UTC-0400 (Tue, 11 Jul 2023 09:05:42 +0100)
Laura Atkins via mailop
is rumored to have said:
B2B email requires a MX (like, if you don’t have an MX do you even
email?)
Surprisingly, A-record fallback works just fine for B2B email. No one
notices. Or at least no one
Hello,
On Tue, Jul 11, 2023 at 11:26:25AM +0200, Jaroslaw Rafa via mailop wrote:
> Dnia 11.07.2023 o godz. 09:05:42 Laura Atkins via mailop pisze:
> > B2B email requires a MX (like, if you don’t have an MX do you even email?)
>
> TECHNICALLY,
[…]
> These are Google requirements, not SMTP
Dňa 11. júla 2023 10:28:47 UTC používateľ Jaroslaw Rafa via mailop
napísal:
>Dnia 11.07.2023 o godz. 09:54:36 Slavko via mailop pisze:
>>
>> This makes TLS strict requirement for Submission, IMAP &
>> POP3, in best with trusted certs.
>
>Agree, but this is only to protect against password
Dnia 11.07.2023 o godz. 09:54:36 Slavko via mailop pisze:
>
> This makes TLS strict requirement for Submission, IMAP &
> POP3, in best with trusted certs.
Agree, but this is only to protect against password snooping, not against
content snooping, because:
> In SMTP (MTA-MTA) it is not as
On Mon 10/Jul/2023 11:25:04 +0200 Carsten Schiefner via mailop wrote:
Home - maddy
https://maddy.email/
Courier-MTA is another all-in-one package.
https://www.courier-mta.org/
They both have a long list of configuration tasks. I don't think one can work out a
guide from comparing them,
Dňa 10. júla 2023 16:44:55 UTC používateľ Grant Taylor via mailop
napísal:
>I'm sorry that both 1) I feel that the following needs to be said and 2) that
>I'm the one that's saying it.
If something have to be said, then it have to be said and then doesn't
matter who said it ;-)
>On 7/10/23
Dnia 11.07.2023 o godz. 09:05:42 Laura Atkins via mailop pisze:
>
> B2B email requires a MX (like, if you don’t have an MX do you even email?)
TECHNICALLY, any email (there is no technical difference if it is B2B or
not) requires only a machine that has an A record and a running MTA.
And I
> On 10 Jul 2023, at 17:44, Grant Taylor via mailop wrote:
>
> Dear ${FELLOW_EMAIL_ADMINIATRATOR},
>
> I don't know how to preface this email other than to say -- I believe the
> following needs to be said lest we loose even more control of our email
> community.
>
> I'm sorry that both 1)
Grant,
Well put.
I was just going to link to Gilles Chehade’s post
(https://poolp.org/posts/2019-12-15/decentralised-smtp-is-for-the-greater-good/)
I don’t find running my own personal email server that hard or time consuming.
The most time consuming element being “keep OpenBSD updated”. :-)
Dear ${FELLOW_EMAIL_ADMINIATRATOR},
I don't know how to preface this email other than to say -- I believe
the following needs to be said lest we loose even more control of our
email community.
I'm sorry that both 1) I feel that the following needs to be said and 2)
that I'm the one that's
I covered that here:
https://www.spamresource.com/2020/07/small-mailserver-best-current-practices.html
Anybody who would like to write up a guide, I'd be happy to publish it
on Spam Resource (or link to it if you publish it elsewhere). Feel
free to reach out.
Cheers,
Al Iverson
--
Al Iverson
In message <20230709223922.dd59afd9f...@ary.qy>, John Levine via mailop
writes
>A friend of mine wants to set up a mail server on a VPS and asked me what
>he needs to do beyond the obvious setting up postfix and dovecot. Is there
>a good summary somewhere?
not that I know of -- arguably there
Home - maddy
https://maddy.email/
--
Von meiner Hängematte aus gesendet.
-Original Message-
From: "Taavi Eomäe via mailop"
To: John Levine , mailop@mailop.org
Sent: Mo., 10 Juli 2023 10:12
Subject: Re: [mailop] Guide for setting up a mail server ?
Instead of struggling wi
Instead of struggling with Postfix, OpenDKIM, Dovecot and friends (and
losing out on quite a few features). I'd really recommend looking at
Maddy instead.
Immensely better "UX" than the currently mentioned approach.
smime.p7s
Description: S/MIME Cryptographic Signature
On 9 Jul 2023 22:07:38 -0400, John Levine via mailop
wrote:
>In fact it's for people but you never know what some people will do.
>Don't start by letting your chatty user send "here's my new address"
>to all 10,000 people in his address book.
Ah. Somebody doing that on my server would get an
It appears that Michael Rathbun via mailop said:
>On 9 Jul 2023 18:39:22 -0400, John Levine via mailop
>wrote:
>
>>= start slow and look at any bounces
>
>This implies to me that this will be a broadcast server rather than mailboxes
>for individuals and businesses. If so, there are some
On 9 Jul 2023 18:39:22 -0400, John Levine via mailop
wrote:
>= start slow and look at any bounces
This implies to me that this will be a broadcast server rather than mailboxes
for individuals and businesses. If so, there are some paragraphs that might
need to be added, especially about list
A friend of mine wants to set up a mail server on a VPS and asked me what
he needs to do beyond the obvious setting up postfix and dovecot. Is there
a good summary somewhere?
I'm thinking of things like:
- choose a provider that has decent mail behavior, e.g., not Digital Ocean
- make sure the
67 matches
Mail list logo
