On Wed, Apr 09, 2014 at 11:01:05PM +, Viktor Dukhovni wrote:
I'd like to 'hear' Wietse's and Victor's opinion on how could
this nasty bug affect a TLS service like submission?
In pretty much the same way that it applies to web services.
Note that the leak can also take place from a
Zitat von Viktor Dukhovni postfix-us...@dukhovni.org:
On Wed, Apr 09, 2014 at 05:54:33PM -0400, Victoriano Giralt wrote:
I'd like to 'hear' Wietse's and Victor's opinion on how could
this nasty bug affect a TLS service like submission?
In pretty much the same way that it applies to web
On 10 Apr 2014, at 08:14, lst_ho...@kwsoft.de wrote:
I still wonder why OpenSSL does not use the memory wipe before free, is it a
performance killer or a feature?
I imagine the OpenSSL developers didn't think this was necessary when they
first started on the code 10-15 years ago and that
Hi Folks,
I'm sure at least some of you have been bitten by the debacle associated
with Yahoo turning on strict DMARC enforcement (particularly any of you
who, like me, manage a list server).
Which leads to a question: Any suggestions for how to validate a DKIM
signature, and apply an
Am 10.04.2014 12:03, schrieb Miles Fidelman:
Hi Folks,
I'm sure at least some of you have been bitten by the debacle associated
with Yahoo turning on strict DMARC enforcement (particularly any of you
who, like me, manage a list server).
yes with listserver mailman, had to upgrade to version
Am 10.04.2014 12:47, schrieb Robert Schetterer:
Am 10.04.2014 12:03, schrieb Miles Fidelman:
Hi Folks,
I'm sure at least some of you have been bitten by the debacle associated
with Yahoo turning on strict DMARC enforcement (particularly any of you
who, like me, manage a list server).
yes
The Heartbleed bug allows a remote attacker to read chunks of memory
from a vulnerable TLS CLIENT PROCESS (e.g., smtp(8)) or TLS SERVER
PROCESS (e.g., smtpd(8)). OpenSSL versions prior to 1.0.1 don't
have the hearbeat feature and have never been affected by this bug.
You can use forward secrecy
Hello,
We run a free accounts mail server (like gmail) and we struggle with the
outgoing spam problem.
Spammers abuse our service by creating accounts and then sending out spam.
It is very easy and free to create an account and we want it to stay that
way so blocking or removing spammers
On Thu, Apr 10, 2014 at 12:14 AM, James Cloos cl...@jhcloos.com wrote:
AD == Arthur Dent arthurdent.lon...@gmail.com writes:
AD I don't want postfix to do anything other than deliver to procmail.
Postfix works fine here for that.
I use, in main.cf:
mailbox_command = /usr/bin/procmail
On 10/04/2014 14:58, Marcin Szymonik wrote:
Hello,
We run a free accounts mail server (like gmail) and we struggle with
the outgoing spam problem.
Spammers abuse our service by creating accounts and then sending out
spam.
It is very easy and free to create an account and we want it to stay
As accounts are free and you can easily create tens of them, per account
limits don't solve the problem.
Most free mail service providers allow their users to send through SMTP and
we would prefer to do that as well.
Content based filtering may be the way to go indeed - thank you for pointing
it.
On Thu, Apr 10, 2014 at 06:03:51AM -0400, Miles Fidelman wrote:
I'm sure at least some of you have been bitten by the debacle associated
with Yahoo turning on strict DMARC enforcement (particularly any of you who,
like me, manage a list server).
One option is to do what the Postfix-users list
On Apr 9, 2014, at 9:17 PM, Viktor Dukhovni postfix-us...@dukhovni.org wrote:
On Thu, Apr 10, 2014 at 02:38:32AM +, Rob Tanner wrote:
The policyd daemon is a perfect tool for setting quotas (i.e., number
of message per hour, day, etc). The problem is that we depend
heavily of
On 10 Apr 2014, at 07:58 , Marcin Szymonik szymoni...@gmail.com wrote:
Hello,
We run a free accounts mail server (like gmail) and we struggle with the
outgoing spam problem.
Spammers abuse our service by creating accounts and then sending out spam.
It is very easy and free to create an
On 10 Apr 2014, at 09:08 , Viktor Dukhovni postfix-us...@dukhovni.org wrote:
On Thu, Apr 10, 2014 at 06:03:51AM -0400, Miles Fidelman wrote:
I'm sure at least some of you have been bitten by the debacle associated
with Yahoo turning on strict DMARC enforcement (particularly any of you who,
Am 11.04.2014 00:53, schrieb LuKreme:
On 10 Apr 2014, at 09:08 , Viktor Dukhovni postfix-us...@dukhovni.org wrote:
On Thu, Apr 10, 2014 at 06:03:51AM -0400, Miles Fidelman wrote:
I'm sure at least some of you have been bitten by the debacle associated
with Yahoo turning on strict DMARC
On Fri, Apr 11, 2014 at 12:57:54AM +0200, li...@rhsoft.net wrote:
That said, I thought DKIM ignored everything after the signature
delimiter, so if the lists attach the footer *properly* it shouldn?t
be an issue
No, the DKIM spec makes no allowance for signature delimiters. If
the body is
Believe me, this is everything but spam-related. It's mostly .org and
.edu/.gov kind of mailings (non-profit), but quite a lot of them at
one time. I've seen postfix moments like this quite a lot recently:
Incoming: 6991
Active: 2
Deferred: 7897
Bounced: 2319
Hold: 0
Corrupt: 0
I had to
A few things you can do:
1. Many spammers can switch their IP address but you should blacklist any ip
that signs up for an account and spam, it will slow them down at least
2. The 100 cap per day is a good idea but I'd lower it to 5 messages a day,
increasing by a couple messages cap per week.
On 10 Apr 2014, at 17:01 , Viktor Dukhovni postfix-us...@dukhovni.org wrote:
On Fri, Apr 11, 2014 at 12:57:54AM +0200, li...@rhsoft.net wrote:
That said, I thought DKIM ignored everything after the signature
delimiter, so if the lists attach the footer *properly* it shouldn?t
be an issue
On April 10, 2014 7:24:54 PM EDT, LuKreme krem...@kreme.com wrote:
On 10 Apr 2014, at 17:01 , Viktor Dukhovni postfix-us...@dukhovni.org
wrote:
On Fri, Apr 11, 2014 at 12:57:54AM +0200, li...@rhsoft.net wrote:
That said, I thought DKIM ignored everything after the signature
delimiter, so if
Wietse Venema wrote:
OpenSSL versions prior to 1.0.1 don't
have the hearbeat feature and have never been affected by this bug.
ii openssl
0.9.8o-4squeeze14 Secure Socket
Layer (SSL) binary and related
Limit the number of destinations (recipients) allowed in an e-mail.
Limit the number of e-mails per minute or half minute or whatever
frequency you observe as their pattern.
Put in a SPAM filter on outgoing mail and drop SPAM.
Block repeated violations from from 1 IP.
Just lock them out for a
23 matches
Mail list logo