<<< No Message Collected >>>
On Mon, Mar 13, 2023 at 08:56:04AM +0800, p...@ymail.ne.jp wrote:
>
>
> Jeremy Ardley wrote:
> > * TLS connection with certificate that can't be verified
>
> postfix can work with this way. MTA to MTA doesn't require a valid
> certificate (Said by postfix's author on the list). But HTTPs does
On Mon, Mar 13, 2023 at 03:35:20AM +0100, Vincent Lefevre wrote:
> On 2023-03-12 22:30:50 -0400, Jeffrey Walton wrote:
> > Security on a channel (like HTTPS) usually makes it tougher to inspect
> > traffic. Or at least it makes it tougher in HTTPS. In fact, spam
> > filters are mostly useless for m
On 2023-03-12 22:30:50 -0400, Jeffrey Walton wrote:
> Security on a channel (like HTTPS) usually makes it tougher to inspect
> traffic. Or at least it makes it tougher in HTTPS. In fact, spam
> filters are mostly useless for messages encrypted with a tool like GPG
> or GnuPG.
Are there spammers wh
On Sun, Mar 12, 2023 at 9:05 PM Jeremy Ardley wrote:
>
> On 13/3/23 06:39, Vincent Lefevre wrote:
> > O
> >> Each of those options has been chosen by the mail list administrator.
> >>
> >> As a general principal it's a good thing to know the system sending you
> >> mail
> >> is genuine. Given th
On 2023-03-13 09:05:28 +0800, Jeremy Ardley wrote:
> I'm not assuming DNS attacks rather I was wondering if a valid certificate
> could give better 'customer service' i.e. quicker delivery of mail.
Spammers can present valid certificates (or spam through existing
mail services with a valid certifi
On 13/3/23 06:39, Vincent Lefevre wrote:
O
Each of those options has been chosen by the mail list administrator.
As a general principal it's a good thing to know the system sending you mail
is genuine. Given the variety, there is no point in rejecting the email if
there is no certificate, bu
Jeremy Ardley wrote:
* TLS connection with certificate that can't be verified
postfix can work with this way. MTA to MTA doesn't require a valid
certificate (Said by postfix's author on the list). But HTTPs does require.
Yong
On 2023-03-13 06:06:11 +0800, Jeremy Ardley wrote:
> On 13/3/23 05:52, Vincent Lefevre wrote:
> > Yes, but here, that's optional. So I'm wondering whether you really
> > miss anything. Note also that a client certificate may be sent only
> > if it is requested by the server, and if client certifica
On Mon, Mar 13, 2023 at 06:06:11AM +0800, Jeremy Ardley wrote:
> That document refers to troublesome netscape clients (I didn't know Netscape
> did email?).
Back in the day, Netscape (the company) had two main software products:
Netscape Communicator (a full suite of web browser, email client, and
On 13/3/23 05:52, Vincent Lefevre wrote:
Yes, but here, that's optional. So I'm wondering whether you really
miss anything. Note also that a client certificate may be sent only
if it is requested by the server, and if client certificates are
requested, then there are issues with some clients:
On 2023-03-12 07:21:55 +0100, to...@tuxteam.de wrote:
> On Sat, Mar 11, 2023 at 11:43:35PM +0100, Vincent Lefevre wrote:
> > But what's the point of a certificate in this particular case
> > (the server bendel.debian.org does not need to authenticate
> > the client)?
>
> It is just part of the TLS
Le 3/12/23 à 14:50, Greg Wooledge a écrit :
On Sun, Mar 12, 2023 at 12:13:54PM +0100, Yassine Chaouche wrote:
function net.ip.reputation(){
revip=$(net.ip.reverse "$1")
results=$(dig +short $revip.zen.spamhaus.org)
[[ -z $results ]] && (echo "clean"; return 0)
You're caling retu
On Sun, Mar 12, 2023 at 12:13:54PM +0100, Yassine Chaouche wrote:
> function net.ip.reputation(){
> revip=$(net.ip.reverse "$1")
> results=$(dig +short $revip.zen.spamhaus.org)
> [[ -z $results ]] && (echo "clean"; return 0)
You're caling return inside a subshell. This doesn't actuall
Le 3/10/23 à 12:44, to...@tuxteam.de a écrit :
On Fri, Mar 10, 2023 at 12:01:57PM +0100, Nicolas George wrote:
p...@ymail.ne.jp (12023-03-10):
Can I setup a mail server (postfix, dovecot, dkim, rspamd etc) on this box to
receive/send email normally?
Probably not: ISP declare IP blocks attrib
Le 3/10/23 à 22:04, Jeremy Ardley a écrit :
On 10/3/23 23:52, Henning Follmann wrote:
Well "could" is the best way to describe the chances of this working.
I think the best way too find out:
Check if the ISP will allow you to set the reverse DNS record matching
your chose A record.
If they
Le 3/10/23 à 12:44, to...@tuxteam.de a écrit :
On Fri, Mar 10, 2023 at 12:01:57PM +0100, Nicolas George wrote:
p...@ymail.ne.jp (12023-03-10):
Can I setup a mail server (postfix, dovecot, dkim, rspamd etc) on this box to
receive/send email normally?
Probably not: ISP declare IP blocks attrib
On Sat, Mar 11, 2023 at 11:43:35PM +0100, Vincent Lefevre wrote:
> On 2023-03-11 05:13:36 +0800, Jeremy Ardley wrote:
> > I just checked the headers of this mail as received from the list. I was a
> > bit surprised (pleasantly) to see debian is using IPv6 mail services.
> >
> > The headers show my
On 2023-03-11 05:39:20 +0800, Jeremy Ardley wrote:
> Sort of off topic. I've given up entirely on rbl. Every commented out option
> has had some type of intermittent failure resulting in lost or delayed valid
> incoming mail.
>
> I now put up with a tiny fraction of spam that's managed well enough
On 2023-03-11 05:13:36 +0800, Jeremy Ardley wrote:
> I just checked the headers of this mail as received from the list. I was a
> bit surprised (pleasantly) to see debian is using IPv6 mail services.
>
> The headers show my dual stack edge router/mailer used an IPv6 connection to
> Bendel rather t
Le 10 mars 2023 Jeremy Ardley a écrit :
> |postconf mail_version mail_version = 3.5.17 |
> But with a 'long matured' main.cf
Proof of quality for postfix on debian :)
> smtpd_helo_restrictions =
>permit_mynetworks
>permit_sasl_authenticated
>reject_invalid_helo_hostname
>reject_n
On Sat, Mar 11, 2023 at 05:04:48AM +0800, Jeremy Ardley wrote:
>
> On 10/3/23 23:52, Henning Follmann wrote:
> >
> > Well "could" is the best way to describe the chances of this working.
> >
> > I think the best way too find out:
> > Check if the ISP will allow you to set the reverse DNS record
They are really entire. Thanks for the info.
Yong
https://flurdy.com/docs/postfix/
This has probably the most info in one spot.
Enjoy.
__
Lucas
https://w5hnews.com/category/linux
On Fri, Mar 10, 2023, 4:39 AM wrote:
> Hello,
>
>
> I have a home server with static IP from the ISP. The server has debian 11
> installed.
>
> Can I setup a mail
On 3/10/23 15:57, Brian wrote:
On Fri 10 Mar 2023 at 10:52:20 -0500, Henning Follmann wrote:
On Fri, Mar 10, 2023 at 12:44:25PM +0100, to...@tuxteam.de wrote:
On Fri, Mar 10, 2023 at 12:01:57PM +0100, Nicolas George wrote:
p...@ymail.ne.jp (12023-03-10):
Can I setup a mail server (postfix, d
On 11/3/23 06:09, Michel Verdier wrote:
Le 10 mars 2023 Jeremy Ardley a écrit :
smtpd_recipient_restrictions =
permit_sasl_authenticated
permit_mynetworks
reject_unauth_destination
reject_invalid_hostname
reject_non_fqdn_hostname
reject_non_fqdn_sender
reject_non_f
Le 10 mars 2023 Jeremy Ardley a écrit :
> smtpd_recipient_restrictions =
> permit_sasl_authenticated
> permit_mynetworks
> reject_unauth_destination
> reject_invalid_hostname
> reject_non_fqdn_hostname
> reject_non_fqdn_sender
> reject_non_fqdn_recipient
> reject_unknown_se
On 11/3/23 05:27, Michel Verdier wrote:
Le 10 mars 2023 Jeremy Ardley a écrit :
You may run into problems if your IP address is in a range that is blacklisted
due to some addresses being used to spam. I'm not sure if IPv6 ranges have got
into that category as yet.
spamhaus has a ipv6 drop list
Le 10 mars 2023 Jeremy Ardley a écrit :
> You may run into problems if your IP address is in a range that is blacklisted
> due to some addresses being used to spam. I'm not sure if IPv6 ranges have got
> into that category as yet.
spamhaus has a ipv6 drop list. Smaller than ipv4 but some yet
http
On 11/3/23 05:04, Jeremy Ardley wrote:
All you need to do is generate an SPF record authorising your fixed
IP(s) to send mail for your domain(s).
You don't need need to have control over the forward and reverse DNS
of the IPs, but it is pretty much required that your ISP has forward
and r
On 10/3/23 23:52, Henning Follmann wrote:
Well "could" is the best way to describe the chances of this working.
I think the best way too find out:
Check if the ISP will allow you to set the reverse DNS record matching
your chose A record.
If they do, GREAT! If they don't, you most likely will
On Fri 10 Mar 2023 at 10:52:20 -0500, Henning Follmann wrote:
> On Fri, Mar 10, 2023 at 12:44:25PM +0100, to...@tuxteam.de wrote:
> > On Fri, Mar 10, 2023 at 12:01:57PM +0100, Nicolas George wrote:
> > > p...@ymail.ne.jp (12023-03-10):
> > > > Can I setup a mail server (postfix, dovecot, dkim, rsp
On Fri, Mar 10, 2023 at 12:44:25PM +0100, to...@tuxteam.de wrote:
> On Fri, Mar 10, 2023 at 12:01:57PM +0100, Nicolas George wrote:
> > p...@ymail.ne.jp (12023-03-10):
> > > Can I setup a mail server (postfix, dovecot, dkim, rspamd etc) on this
> > > box to receive/send email normally?
> >
> > Pr
On Fri, 2023-03-10 at 21:29 +0900, p...@ymail.ne.jp wrote:
> As you suggested I may use other relays as outgoing gateway. But the
> home box will receive and store messages. I can operate the email
> accounts for me and my family on this server.
This is what I do. But another thing to bear in mind
On 2023-03-10 20:03:53 +0800, cor...@free.fr wrote:
> On 10/03/2023 19:57, Nicolas George wrote:
> > Vincent Lefevre (12023-03-10):
> > > Mail may still be sent via the ISP's smarthost.
> >
> > Unless the ISP's relay refuses to take mail not from the ISP's domain,
> > like I have seen a few times.
As you suggested I may use other relays as outgoing gateway. But the home box
will receive and store messages. I can operate the email accounts for me and my
family on this server.
Thanks
Yong
On 10/03/2023 19:57, Nicolas George wrote:
Vincent Lefevre (12023-03-10):
Mail may still be sent via the ISP's smarthost.
Unless the ISP's relay refuses to take mail not from the ISP's domain,
like I have seen a few times.
Or use an outgoing mail relay, such as mail gun, mail channel, they e
to...@tuxteam.de (12023-03-10):
> It makes sense to check for that. But having a static routable IP
> is a strong hint that it could work.
Alas no.
> Have you more details for that "declaration" you hint at? How is
> an IP "declared" as "domestic"?
I think it goes through the whois declarations
Vincent Lefevre (12023-03-10):
> Mail may still be sent via the ISP's smarthost.
Unless the ISP's relay refuses to take mail not from the ISP's domain,
like I have seen a few times.
--
Nicolas George
On 2023-03-10 12:01:57 +0100, Nicolas George wrote:
> p...@ymail.ne.jp (12023-03-10):
> > Can I setup a mail server (postfix, dovecot, dkim, rspamd etc) on
> > this box to receive/send email normally?
>
> Probably not: ISP declare IP blocks attributed to clients as “domestic”
> and a lot of import
On Fri, Mar 10, 2023 at 12:01:57PM +0100, Nicolas George wrote:
> p...@ymail.ne.jp (12023-03-10):
> > Can I setup a mail server (postfix, dovecot, dkim, rspamd etc) on this box
> > to receive/send email normally?
>
> Probably not: ISP declare IP blocks attributed to clients as “domestic”
> and a
p...@ymail.ne.jp (12023-03-10):
> Can I setup a mail server (postfix, dovecot, dkim, rspamd etc) on this box to
> receive/send email normally?
Probably not: ISP declare IP blocks attributed to clients as “domestic”
and a lot of important e-mail operators block them.
Anyway, if you have to ask, t
On 10/3/23 18:29, p...@ymail.ne.jp wrote:
Hello,
I have a home server with static IP from the ISP. The server has
debian 11 installed.
Can I setup a mail server (postfix, dovecot, dkim, rspamd etc) on this
box to receive/send email normally?
Or do you guys have this similar operation?
43 matches
Mail list logo