from:"Varadi Gabor via Postfix\-users"

[pfx] Re: discard message

2024-06-20 Thread Varadi Gabor via Postfix-users


2024. 06. 20. 14:33 keltezéssel, Michael Grimm via Postfix-users írta:

Wietse Venema via Postfix-users  wrote:

Paul Schmehl via Postfix-users:



This is what I could match on: X-Spam-Status: Yes, score=2.1

If the score was higher than some number (e.g >4) than reject the mail.


One could try some variant of /^X-Spam-Status: Yes, score=[5-9]/


Please correct me if I am mistaken, but that won't catch scores >= 10?


/^X-Spam-Status: Yes, score=[1-9][0-9]/

--
  [Varadi Gabor]

___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: 25 years today

2023-12-14 Thread Varadi Gabor via Postfix-users


2023. 12. 14. 14:20 keltezéssel, Wietse Venema via Postfix-users írta:

As a few on this list may recall, it is 25 years ago today that the
"IBM secure mailer" had its public beta release. This was accompanied
by a nice article in the New York Times business section.


Thank you Wietse for your work and that of others.

--
  [Varadi Gabor]

___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: Warnings related to TLS and hostnames not resolving to IP

2023-06-29 Thread Varadi Gabor via Postfix-users


2023. 06. 29. 14:30 keltezéssel, Nikolaos Milas via Postfix-users írta:

Hello,

I would like to ask your help to find out how to best resolve the 
following warnings. We are having a lot of such warnings; here is a sample:


DNS entry and revese DNS enrty bad.

$ host chg.server1.ideacentral.com 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:

chg.server1.ideacentral.com has address 13.248.169.48
chg.server1.ideacentral.com has address 76.223.54.146

$ host 173.236.106.135 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:

135.106.236.173.in-addr.arpa domain name pointer 
chg.server1.ideacentral.com.


$

--
  [Varadi Gabor]

___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: Allow TLSv1 only for internal senders

2023-03-22 Thread Varadi Gabor via Postfix-users


2023. 03. 22. 16:18 keltezéssel, Benny Pedersen via Postfix-users írta:

Jaroslaw Rafa via Postfix-users skrev den 2023-03-22 11:43:
mx ~ # posttls-finger sdaoden.eu
posttls-finger: Connected to sdaoden.eu[217.144.132.164]:25
posttls-finger: < 220 sdaoden.eu ESMTP Postfix
posttls-finger: > EHLO mx.junc.eu
posttls-finger: < 250-sdaoden.eu
posttls-finger: < 250-PIPELINING
posttls-finger: < 250-SIZE 50
posttls-finger: < 250-ETRN
posttls-finger: < 250-STARTTLS
posttls-finger: < 250-ENHANCEDSTATUSCODES
posttls-finger: < 250-8BITMIME
posttls-finger: < 250-DSN
posttls-finger: < 250 CHUNKING
posttls-finger: > STARTTLS
posttls-finger: < 220 2.0.0 Ready to start TLS
posttls-finger: certificate verification failed for 
sdaoden.eu[217.144.132.164]:25: untrusted issuer /O=Digital Signature 
Trust Co./CN=DST Root CA X3
posttls-finger: sdaoden.eu[217.144.132.164]:25: subject_CN=sdaoden.eu, 
issuer_CN=R3, 
fingerprint=B2:7D:30:F1:88:DD:05:A6:4C:40:4D:D0:FE:CE:79:A7:F4:84:D1:61:E9:73:AA:E9:8D:00:73:4D:2B:BA:0A:F9, pkey_fingerprint=C7:D5:CB:5F:D5:80:B1:E9:B7:75:7B:20:53:12:67:DD:51:69:0D:CF:6F:82:08:18:D1:0B:71:94:45:A7:A4:D0
posttls-finger: Untrusted TLS connection established to 
sdaoden.eu[217.144.132.164]:25: TLSv1.3 with cipher 
TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 
server-signature RSA-PSS (4096 bits) server-digest SHA256

posttls-finger: > EHLO mx.junc.eu
posttls-finger: < 250-sdaoden.eu
posttls-finger: < 250-PIPELINING
posttls-finger: < 250-SIZE 50
posttls-finger: < 250-ETRN
posttls-finger: < 250-ENHANCEDSTATUSCODES
posttls-finger: < 250-8BITMIME
posttls-finger: < 250-DSN
posttls-finger: < 250 CHUNKING
posttls-finger: > QUIT
posttls-finger: < 221 2.0.0 Bye


echo "quit" | openssl s_client -starttls smtp -crlf -connect 
217.144.132.164:25


Can't use SSL_get_servername
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = sdaoden.eu
verify return:1
CONNECTED(0003)
---
Certificate chain
 0 s:CN = sdaoden.eu
   i:C = US, O = Let's Encrypt, CN = R3
   a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256
   v:NotBefore: Feb 24 22:17:39 2023 GMT; NotAfter: May 25 22:17:38 
2023 GMT

 1 s:C = US, O = Let's Encrypt, CN = R3
   i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: Sep  4 00:00:00 2020 GMT; NotAfter: Sep 15 16:00:00 
2025 GMT

 2 s:C = US, O = Internet Security Research Group, CN = ISRG Root X1
   i:O = Digital Signature Trust Co., CN = DST Root CA X3
   a:PKEY: rsaEncryption, 4096 (bit); sigalg: RSA-SHA256
   v:NotBefore: Jan 20 19:14:03 2021 GMT; NotAfter: Sep 30 18:14:03 
2024 GMT

---
Server certificate
-BEGIN CERTIFICATE-
MIIGXDCCBUSgAwIBAgISBELKxfg+aDh1nD1LJR/QA5ikMA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMzAyMjQyMjE3MzlaFw0yMzA1MjUyMjE3MzhaMBUxEzARBgNVBAMT
CnNkYW9kZW4uZXUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDIQVYy
ljUMJZl+EjsvCnyHSyVl73KKBMtfChqm8SWyZQ3WjrqDPxGKAy5PGAFvmUGBfNio
4/H9dBuXpfEgS6+rMDtkDhTbW1ZuGjCmYVGtAXdyGkFOSeaLv9wOx76xDi+C7ws+
41riIN1wjz07biKsEyuSmLq6le+75VE87/j889KlGVaIbc66KgCrmLJfdLA55qhS
yJQZQkoRUgsmdpp64yn0BsO+V+FRVuzA1UFmiQVpciiQGA/Opz7hJEYMQS/6ll9a
9mGwe17h9zfX82F9PDjbNvQRyKg8WEWGr7zAxqGsUXqp0p0XK+n2qluX/CAAVs6g
4AH2FSpoEbEZz9PPMVqWTDFCEH+rUthjiR1LL63XIfqccS9Es1ORQfAOU6+qQPC7
cn2KdkUDVcKsm5lo3jM5cccg4mFwUarBlEl+pbYZDJ3VUrRn7Ct+0w4t2CAhAKz2
qISASjOi2z69BdxPIr2pAliyE+dVHtZLrqbaKoy5FRVYQJOugyB0VH44BmA9KqkL
1rAOi93DkE5k1OIzB6NWqAxJvK2gK+77SIIMylK/1Bxg+iEmYf1ssgn8ZgGygI05
nfny6tsBPaN233tnCn/LpNrDRvhR7zghVj4f93iXiDDIm2OjY/p6wNKSxlIUoJr4
hYFaSbtrg2vsGAIv6C9D+lKjqQWObBGAGTzIcQIDAQABo4IChzCCAoMwDgYDVR0P
AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMB
Af8EAjAAMB0GA1UdDgQWBBRxtjTLEVgmpPOZqJ/8IkNNMfej2zAfBgNVHSMEGDAW
gBQULrMXt1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUH
MAGGFWh0dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3Iz
LmkubGVuY3Iub3JnLzBXBgNVHREEUDBOgg5mdHAuc2Rhb2Rlbi5ldYIOZ2l0LnNk
YW9kZW4uZXWCEGxpc3RzLnNkYW9kZW4uZXWCCnNkYW9kZW4uZXWCDnd3dy5zZGFv
ZGVuLmV1MEwGA1UdIARFMEMwCAYGZ4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYI
KwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2VuY3J5cHQub3JnMIIBBAYKKwYBBAHW
eQIEAgSB9QSB8gDwAHUAtz77JN+cTbp18jnFulj0bF38Qs96nzXEnh0JgSXttJkA
AAGGhbfKmAAABAMARjBEAiBjJJTs+HUKA6h3dM3XSTp4AO0mDxSq2JL63JI+SSmZ
BQIgHvs9IfusUCQVHw4Pt18VOnR6uS2OZtc/WLNoNXqnpTMAdwB6MoxU2LcttiDq
OOBSHumEFnAyE4VNO9IrwTpXo1LrUgAAAYaFt8qsAAAEAwBIMEYCIQDcbAZlKkHY
NJdZEqgIPwLOoQdByw0ur9mYW4grwcHN+wIhAK79SMMPaHZpVCdm8N3hxXjJ3TSX
FvofUhbwRCWNx6NvMA0GCSqGSIb3DQEBCwUAA4IBAQBYZFNq9TTCZU8S7oEKwFRp
+HLxvy1JnQ0PGmIUyAvmzDrDN/ZSCT3nCAAspqfEcDkq/FLJe/qjDFcxHQ1wanbg
HH62oyx9xzEeZGI7MTWQ8oZYYmb3aOVZWDbI7pyr4VJ9ik3DuCSL32/aIoQGYxY1
5P2A87XP7IatuWPpw9v/nDjG2fB6RSJaGCYPGC2EElIxtbpgIF/EPgULNUPReSqy
uIx62aGwQson5cbcgJ9hBjfjgnqwjpJuFlemruw3JAcN46e3S6WkctkSyHiFuPpZ

[pfx] Re: discard message

[pfx] Re: 25 years today

[pfx] Re: Warnings related to TLS and hostnames not resolving to IP

[pfx] Re: Allow TLSv1 only for internal senders

4 matches

Site Navigation

Mail list logo

Footer information