Ahem, .. i however have to add one more sentence..
Steffen Nurpmeso wrote in
<20230324193739.s-qco%stef...@sdaoden.eu>:
...
||reading, programming, and nature impressions, four to five hours
||a day, all in all, for caring for the (other) animal friends
||alone, sorry.
Please .. that
Steffen Nurpmeso wrote in
<20230324185751.jdgjq%stef...@sdaoden.eu>:
|Bernardo Reino wrote in
| <10n74127-037p-o42n-6617-3po1sq231...@oozx.bet>:
||On Fri, 24 Mar 2023, Steffen Nurpmeso wrote:
||> Bernardo Reino wrote in
||> <79552717-5p3o-8q26-r963-124or6r66...@oozx.bet>:
||>|On Thu, 23 Mar
Steffen Nurpmeso wrote in
<20230324175540.o_vn-%stef...@sdaoden.eu>:
|Bernardo Reino wrote in
| <79552717-5p3o-8q26-r963-124or6r66...@oozx.bet>:
||On Thu, 23 Mar 2023, Steffen Nurpmeso via Postfix-users wrote:
| ...
||> (That is pretty off-topic for postfix; except maybe for fun
||> posting
Bernardo Reino wrote in
<79552717-5p3o-8q26-r963-124or6r66...@oozx.bet>:
|On Thu, 23 Mar 2023, Steffen Nurpmeso via Postfix-users wrote:
...
|> (That is pretty off-topic for postfix; except maybe for fun
|> posting my SMTP related firewall
...
|> add_rule -p tcp --src
On Thu, 23 Mar 2023, Steffen Nurpmeso via Postfix-users wrote:
[...]
(That is pretty off-topic for postfix; except maybe for fun
posting my SMTP related firewall
[...]
add_rule -p tcp --src ${addr}${mask} \
--dport ${p_smtp} -m limit --limit 60/m -j
Dnia 23.03.2023 o godz. 19:08:53 Steffen Nurpmeso pisze:
> You are unlocked again. (But as it periodically came back
> every few minutes yesterday evening, it likely will now, too.)
>
> This cannot be if you do normal SMTP or HTTP, not from the
> firewall side. These rules only lowers
Jaroslaw Rafa wrote in
<20230322230223.ga17...@rafa.eu.org>:
|Dnia 22.03.2023 o godz. 23:05:59 Steffen Nurpmeso via Postfix-users pisze:
|> I have very strict firewall rules, and you have become blocked for
|> last access + 84000 seconds.
|> Should work again.
|
|I again got blocked... As I
Dnia 22.03.2023 o godz. 23:05:59 Steffen Nurpmeso via Postfix-users pisze:
> I have very strict firewall rules, and you have become blocked for
> last access + 84000 seconds.
> Should work again.
I again got blocked... As I wrote you off-list, I'm running now tcpdump with
filter set to "host
Steffen Nurpmeso wrote in
<2023030559.mn7ux%stef...@sdaoden.eu>:
|Jaroslaw Rafa wrote in
| <20230322104345.ga10...@rafa.eu.org>:
||Dnia 20.03.2023 o godz. 21:46:59 Steffen Nurpmeso via Postfix-users pisze:
||> Luckily here a couple of shops remain, even for clothes and
||> electronics
Jaroslaw Rafa wrote in
<20230322104345.ga10...@rafa.eu.org>:
|Dnia 20.03.2023 o godz. 21:46:59 Steffen Nurpmeso via Postfix-users pisze:
|> Luckily here a couple of shops remain, even for clothes and
|> electronics (mostly household). It is much uglier a bit further
|[...]
|
|I replied to
Viktor Dukhovni via Postfix-users skrev den 2023-03-22 16:36:
On Wed, Mar 22, 2023 at 04:28:36PM +0100, Benny Pedersen via
Postfix-users wrote:
>> mx ~ # posttls-finger sdaoden.eu
>> posttls-finger: Connected to sdaoden.eu[217.144.132.164]:25
>> posttls-finger: < 220 sdaoden.eu ESMTP Postfix
>
On Wed, Mar 22, 2023 at 04:28:36PM +0100, Benny Pedersen via Postfix-users
wrote:
> >> mx ~ # posttls-finger sdaoden.eu
> >> posttls-finger: Connected to sdaoden.eu[217.144.132.164]:25
> >> posttls-finger: < 220 sdaoden.eu ESMTP Postfix
> >
> > I can't even get the connection. I can't even ping
2023. 03. 22. 16:18 keltezéssel, Benny Pedersen via Postfix-users írta:
Jaroslaw Rafa via Postfix-users skrev den 2023-03-22 11:43:
mx ~ # posttls-finger sdaoden.eu
posttls-finger: Connected to sdaoden.eu[217.144.132.164]:25
posttls-finger: < 220 sdaoden.eu ESMTP Postfix
posttls-finger: > EHLO
Jaroslaw Rafa via Postfix-users skrev den 2023-03-22 16:22:
Dnia 22.03.2023 o godz. 16:18:11 Benny Pedersen via Postfix-users
pisze:
>raj@rafa:~$ mailq
>-Queue ID- --Size-- Arrival Time -Sender/Recipient---
>5508C41121 8652 Mon Mar 20 23:35:40 r...@rafa.eu.org
>
Dnia 22.03.2023 o godz. 16:18:11 Benny Pedersen via Postfix-users pisze:
> >raj@rafa:~$ mailq
> >-Queue ID- --Size-- Arrival Time -Sender/Recipient---
> >5508C41121 8652 Mon Mar 20 23:35:40 r...@rafa.eu.org
> > (connect to sdaoden.eu[217.144.132.164]:25:
> >Connection
Jaroslaw Rafa via Postfix-users skrev den 2023-03-22 11:43:
Dnia 20.03.2023 o godz. 21:46:59 Steffen Nurpmeso via Postfix-users
pisze:
Luckily here a couple of shops remain, even for clothes and
electronics (mostly household). It is much uglier a bit further
[...]
I replied to you off-list
Dnia 20.03.2023 o godz. 21:46:59 Steffen Nurpmeso via Postfix-users pisze:
> Luckily here a couple of shops remain, even for clothes and
> electronics (mostly household). It is much uglier a bit further
[...]
I replied to you off-list (as it's mostly off-topic with regard to Postfix),
but the
Jaroslaw Rafa wrote in
<20230318234124.ga32...@rafa.eu.org>:
|Dnia 18.03.2023 o godz. 23:54:28 Steffen Nurpmeso via Postfix-users pisze:
|> Eh, no. I do not do either. (Granted i use PayPal one, two times
|> a month, but my bank account is not online-enabled.)
|> I _never_ shopped online.
Dnia 18.03.2023 o godz. 23:54:28 Steffen Nurpmeso via Postfix-users pisze:
> Eh, no. I do not do either. (Granted i use PayPal one, two times
> a month, but my bank account is not online-enabled.)
> I _never_ shopped online. This destroys local pharmacies, shops,
> small (hopefully) good jobs
Jaroslaw Rafa wrote in
<20230318203334.ga31...@rafa.eu.org>:
|Dnia 18.03.2023 o godz. 21:08:17 Steffen Nurpmeso via Postfix-users pisze:
|> I still have no problems with
|>
|> smtpd_tls_mandatory_protocols = >=TLSv1.2
|> smtpd_tls_protocols = $smtpd_tls_mandatory_protocols
|> # super
On 19/03/23 07:44, Matus UHLAR - fantomas via Postfix-users wrote:
I would generally allow the printer to use port 25.
Port 25 is not a submission port and should not be used as such. Keep
your submission separate from your MX traffic and you will avoid a whole
heap of issues down the road.
On 19/03/23 02:54, Gerd Hoerst via Postfix-users wrote:
I setup my postfix for the clients to use only protocols > TLSv1 with
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
A better way to do this is:
smtpd_tls_protocols = >=TLSv1.1
smtpd_tls_protocols =
On 19/03/23 09:08, Steffen Nurpmeso via Postfix-users wrote:
I still have no problems with
smtpd_tls_mandatory_protocols = >=TLSv1.2
This is fine, so long as you don't have a user that can't support at
least TLSv1.2 that needs to use submission.
smtpd_tls_protocols =
Dnia 18.03.2023 o godz. 21:08:17 Steffen Nurpmeso via Postfix-users pisze:
> I still have no problems with
>
> smtpd_tls_mandatory_protocols = >=TLSv1.2
> smtpd_tls_protocols = $smtpd_tls_mandatory_protocols
> # super modern, forward secrecy TLSv1.2 / TLSv1.3 selection..
>
Jaroslaw Rafa wrote in
<20230318191215.gb30...@rafa.eu.org>:
|Dnia 18.03.2023 o godz. 14:54:15 Gerd Hoerst via Postfix-users pisze:
|> I setup my postfix for the clients to use only protocols > TLSv1 with
|>
|> smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
|> smtpd_tls_protocols
Dnia 18.03.2023 o godz. 14:54:15 Gerd Hoerst via Postfix-users pisze:
> I setup my postfix for the clients to use only protocols > TLSv1 with
>
> smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
> smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1
While the former makes some sense
On Sat, Mar 18, 2023 at 07:32:18PM +0100, Gerd Hoerst via Postfix-users wrote:
> I read a tutorial to harden postfix and there they trew out TLSv1
The tutorial is mostly misguided. Though in practice, TLS 1.0 is
increasingly rare on the public Internet, so the damage from disabling
it is fairly
Gerd Hoerst via Postfix-users skrev den 2023-03-18 14:54:
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1
in main.cf
in main.cf put a # in this lines, so its default from postconf -d
but unfortunately i have a sender (its a
Gerd Hoerst via Postfix-users skrev den 2023-03-18 14:54:
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1
in main.cf
in main.cf put a # in this lines, so its default from postconf -d
but unfortunately i have a sender (its a
Hi !
I read a tutorial to harden postfix and there they trew out TLSv1
Ciao Gerd
Am 18.03.2023 um 16:07 schrieb Bill Cole via Postfix-users:
On 2023-03-18 at 09:54:15 UTC-0400 (Sat, 18 Mar 2023 14:54:15 +0100)
Gerd Hoerst via Postfix-users
is rumored to have said:
Hi !
I setup my postfix
If you must (not necessariy a god idea), your options are:
- Multiple Posifix instances on different IP addresses. Each instance
has its own main.cf and master.cf.
- Single Postfix instance with different smtpd configurations in
master.cf on different server IP addresses, using main.cf only for
On 2023-03-18 at 09:54:15 UTC-0400 (Sat, 18 Mar 2023 14:54:15 +0100)
Gerd Hoerst via Postfix-users
is rumored to have said:
Hi !
I setup my postfix for the clients to use only protocols > TLSv1
with
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
smtpd_tls_protocols =
32 matches
Mail list logo
