Re: [qmailtoaster] TLS v1.2 on Centos 6, Thunderbird 78
hello friend, I have this same problem .. Em qui., 12 de nov. de 2020 às 5:46 AM, Janno Sannik escreveu: > Hi, > > > Seems to have hit a problem with new Thunderbird 78 disabling tls lower > than v1.2. So now they cannot connect. > > I run a older box on centos 6. OS supports TLS v1.2, but how to make it > available on courier imaps? > > Running a tool on the imap port reports tls v1.0 only. > > My qmail version: qmail-toaster-1.03-1.3.22 > > My courier-imap version: courier-imap-toaster-4.1.2-1.3.10 > > > Janno > > > - > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > >
Re: [qmailtoaster] TLS v1.2 on Centos 6, Thunderbird 78
someone managed to solve this problem .. Em qui., 12 de nov. de 2020 às 05:46, Janno Sannik escreveu: > Hi, > > > Seems to have hit a problem with new Thunderbird 78 disabling tls lower > than v1.2. So now they cannot connect. > > I run a older box on centos 6. OS supports TLS v1.2, but how to make it > available on courier imaps? > > Running a tool on the imap port reports tls v1.0 only. > > My qmail version: qmail-toaster-1.03-1.3.22 > > My courier-imap version: courier-imap-toaster-4.1.2-1.3.10 > > > Janno > > > - > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > >
Re: [qmailtoaster] Drown attack
HI, The following solution. Perform update openssl package yum update openssl (y) No arquivo tlsserverciphers /var/qmail/control/tlsserverciphers Include the following command in ALL:!ADH:!LOW:!SSLv2:!EXP:+HIGH:+MEDIUM [ PicaLO_p0:root ] qmailctl cdb Reloaded /etc/tcprules.d/tcp.smtp Reloaded /var/qmail/control/badmimetypes.cdb Reloaded /var/qmail/control/badloadertypes.cdb Reloaded /var/qmail/control/simversions.cdb Reloaded /var/qmail/control/simcontrol.cdb [ Space_p0:root ] qmailctl restart Restarting qmail: * Stopping qmail-smtpd. * Sending qmail-send SIGTERM and restarting. * Restarting qmail-smtpd. [ Space_p0:root ] 2016-03-03 20:29 GMT-03:00 Helmut Fritz : > I too am wondering the same thing. It is not easy to tell with the > somewhat > obscure functioning of openssl and tls with smtp, imap, and pop. At least > I > am not sure I get how it all works! > > -Original Message- > From: fsanti...@garbage-juice.com [mailto:fsanti...@garbage-juice.com] > Sent: Tuesday, March 01, 2016 11:34 AM > To: qmailtoaster-list@qmailtoaster.com > Subject: [qmailtoaster] Drown attack > > QMT stock build affected by Drown attack? > > see: https://drownattack.com/ > > - Fabe S. > > - > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > > > - > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > >
Re: [qmailtoaster] Drown attack
Just add the same line is below .. cat /var/qmail/control/tlsserverciphers DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:KRB5-DES-CBC3-MD5:KRB5-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:KRB5-RC4-MD5:KRB5-RC4-SHA:RC4-SHA:RC4-MD5:RC4-MD5:KRB5-DES-CBC-MD5:KRB5-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:EXP-KRB5-RC2-CBC-MD5:EXP-KRB5-DES-CBC-MD5:EXP-KRB5-RC2-CBC-SHA:EXP-KRB5-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD5:EXP-KRB5-RC4-MD5:EXP-KRB5-RC4-SHA:EXP-RC4-MD5:EXP-RC4-MD5 ALL:!ADH:!LOW:!SSLv2:!EXP:+HIGH:+MEDIUM 2016-03-04 11:27 GMT-03:00 Eric : > Thanks Emiliano, > > I have the following in tlsserverciphers, should I remove them and add > your line our just add your line? > > > DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:KRB5-DES-CBC3-MD5:KRB5-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:KRB5-RC4-MD5:KRB5-RC4-SHA:RC4-SHA:RC4-MD5:RC4-MD5:KRB5-DES-CBC-MD5:KRB5-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:EXP-KRB5-RC2-CBC-MD5:EXP-KRB5-DES-CBC-MD5:EXP-KRB5-RC2-CBC-SHA:EXP-KRB5-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD5:EXP-KRB5-RC4-MD5:EXP-KRB5-RC4-SHA:EXP-RC4-MD5:EXP-RC4-MD5 > > Eric > > > > > > On 3/4/2016 5:11 AM, Emiliano Lima wrote: > > HI, > > The following solution. > Perform update openssl package > > yum update openssl (y) > No arquivo tlsserverciphers > > /var/qmail/control/tlsserverciphers > Include the following command in > > ALL:!ADH:!LOW:!SSLv2:!EXP:+HIGH:+MEDIUM > > [ PicaLO_p0:root ] qmailctl cdb > Reloaded /etc/tcprules.d/tcp.smtp > Reloaded /var/qmail/control/badmimetypes.cdb > Reloaded /var/qmail/control/badloadertypes.cdb > Reloaded /var/qmail/control/simversions.cdb > Reloaded /var/qmail/control/simcontrol.cdb > [ Space_p0:root ] qmailctl restart > Restarting qmail: > * Stopping qmail-smtpd. > * Sending qmail-send SIGTERM and restarting. > * Restarting qmail-smtpd. > [ Space_p0:root ] > > > > 2016-03-03 20:29 GMT-03:00 Helmut Fritz : > >> I too am wondering the same thing. It is not easy to tell with the >> somewhat >> obscure functioning of openssl and tls with smtp, imap, and pop. At >> least I >> am not sure I get how it all works! >> >> -Original Message- >> From: fsanti...@garbage-juice.com [mailto:fsanti...@garbage-juice.com] >> Sent: Tuesday, March 01, 2016 11:34 AM >> To: qmailtoaster-list@qmailtoaster.com >> Subject: [qmailtoaster] Drown attack >> >> QMT stock build affected by Drown attack? >> >> see: https://drownattack.com/ >> >> - Fabe S. >> >> - >> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com >> For additional commands, e-mail: >> >> qmailtoaster-list-h...@qmailtoaster.com >> >> >> - >> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com >> For additional commands, e-mail: >> >> qmailtoaster-list-h...@qmailtoaster.com >> >> > >
[qmailtoaster] increase limit for sending
Hello friends, I want to make the limitless Numerius sending e-mail is possible ... concurrencyremote> is in default 100 concurrencyremote>> default is in 60 I would like to increase the number of sending e-mail.
[qmailtoaster] very timeout problem spamdyke, help my
Hello friends. I am using qmail toaster spamdyke and I am very timeout problem ... someone help me ... @40004ed3756a17ce2b6c TIMEOUT from:cam...@xxxcom.br to: x...@meudominio.com.br origin_ip: 201.76.49.91 origin_rdns: hm1479-21.locaweb.com.br auth: (unknown) reason: (unknown) Here my configuration spamdyke.conf log-level=2 log-target=0 idle-timeout-secs=60 local-domains-file=/var/qmail/control/rcpthosts graylist-dir=/var/qmail/graylist graylist-min-secs=180 graylist-max-secs=2678400 greeting-delay-secs=5 max-recipients=60 check-dnsrbl=bl.spamcop.net check-dnsrbl=zen.spamhaus.org check-dnsrbl=bogons.cymru.com reject-empty-rdns reject-unresolvable-rdns reject-missing-sender-mx #reject-ip-in-cc-rdns ip-whitelist-file=/var/qmail/control/spamdyke-whitelist.conf sender-blacklist-file=/var/qmail/control/blacklist_senders recipient-blacklist-file=/var/qmail/control/blacklist_recipients ip-in-rdns-keyword-file=/var/qmail/control/blacklist_keywords ip-blacklist-file=/var/qmail/control/blacklist_ip rdns-blacklist-dir=/var/qmail/control/blacklist_rdns.d rdns-whitelist-file=/var/qmail/control/whitelist_rdns ip-whitelist-file=/var/qmail/control/whitelist_ip tls-certificate-file=/var/qmail/control/servercert.pem # Here my configuration cat /var/qmail/supervise/smtp/run #!/bin/sh QMAILDUID=`id -u vpopmail` NOFILESGID=`id -g vpopmail` MAXSMTPD=`cat /var/qmail/control/concurrencyincoming` SMTPD="/var/qmail/bin/qmail-smtpd" QMAILQUEUE="/var/qmail/bin/simscan" NOP0CHECK=1 export QMAILQUEUE NOP0CHECK TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb" HOSTNAME=`hostname` VCHKPW="/home/vpopmail/bin/vchkpw" REQUIRE_AUTH=0 exec /usr/bin/softlimit -m 37 \ /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp /var/qmail/bin/spamdyke -f /var/qmail/control/spamdyke.conf \ $SMTPD $VCHKPW /bin/true 2>&1