Re: TLS warning

2017-05-25 Thread Rick Leir
Telus is so broken in several ways. I complain and the friendly support person acts as if nothing is wrong. As I understand it, you need to be sending to their SMTP server from 'within their network'. Either on their LTE or on their home/business internet service. So when you leave your wifi o

Re: TLS warning

2017-05-25 Thread D'Arcy Cain
On 2017-05-25 03:20 PM, li...@lazygranch.com wrote: Right from the Telus website : -- "Clear the Requires a secure connection (SSL) check box" ‎ "Authenticate using: Clear text‎" ‎http://business.telus.com/en/business/support/global/how-to/how-to-set-up-your-email-on-any-computer --- Se

Re: TLS warning

2017-05-25 Thread lists
the advice to their business customers.  ‎   Original Message   From: Phil Stracchino Sent: Thursday, May 25, 2017 9:31 AM To: postfix-users@postfix.org Subject: Re: TLS warning On 05/25/17 12:28, James B. Byrne wrote: > Yes, I cannot image why members of the so called 'five-eyes' > c

Re: TLS warning

2017-05-25 Thread Phil Stracchino
On 05/25/17 12:28, James B. Byrne wrote: > Yes, I cannot image why members of the so called 'five-eyes' > consortium would not actively promote signal security among their > populations. > > Must be an oversight. Or a lack thereof -- Phil Stracchino Babylon Communications ph...@caerl

Re: TLS warning

2017-05-25 Thread James B. Byrne
On Thu, May 25, 2017 05:23, li...@lazygranch.com wrote: > > > This paper is a good read on email security. It goes into the various > means that a man in the middle can reduce security, one of which is > enabled by selecting opportunistic encryption. (Of which in all > practicality you don't have

Re: TLS warning

2017-05-25 Thread Viktor Dukhovni
> On May 25, 2017, at 5:23 AM, li...@lazygranch.com wrote: > > "Neither Snow Nor Rain Nor MITM . . . > An Empirical Analysis of Email Delivery Security" > https://jhalderm.com/pub/papers/mail-imc15.pdf > Video by one of the authors. > https://www.youtube.com/watch?v=_aogXeTbERs It is a good acad

Re: TLS warning

2017-05-25 Thread Viktor Dukhovni
> On May 25, 2017, at 5:23 AM, li...@lazygranch.com wrote: > > Given the email issues in recent political campaigns, I'm seeing a > number of articles suggesting setting up DMARC for quarantine. DMARC is an abuse of the IETF process (informational RFC) to promote and deploy a deeply flawed speci

Re: TLS warning

2017-05-25 Thread li...@lazygranch.com
On Thu, 25 May 2017 03:02:39 -0400 Rick Leir wrote: > > > On 2017-05-25 02:31 AM, Philip Paeps wrote: > > On 2017-05-24 14:54:34 (+0200), Bastian Blank > > wrote: > >> On Wed, May 24, 2017 at 02:41:01AM -0700, li...@lazygranch.com > >> wrote: > >>> ‎You shouldn't be accepting sslv3 due to the

Re: TLS warning

2017-05-25 Thread Rick Leir
On 2017-05-25 02:31 AM, Philip Paeps wrote: On 2017-05-24 14:54:34 (+0200), Bastian Blank wrote: On Wed, May 24, 2017 at 02:41:01AM -0700, li...@lazygranch.com wrote: ‎You shouldn't be accepting sslv3 due to the poodle attack. https://en.m.wikipedia.org/wiki/POODLE Please explain how exact

Re: TLS warning

2017-05-24 Thread Philip Paeps
On 2017-05-24 14:54:34 (+0200), Bastian Blank wrote: On Wed, May 24, 2017 at 02:41:01AM -0700, li...@lazygranch.com wrote: ‎You shouldn't be accepting sslv3 due to the poodle attack. https://en.m.wikipedia.org/wiki/POODLE Please explain how exactly SMTP is exploitable using POODLE? There a

Re: TLS warning

2017-05-24 Thread Rick Leir
Viktor, LazyG This is not nonsense, as I learned something from it. Now I will go and check whether it is enabled. And thanks for mentioning foundations and family etc. That is also useful. Maybe we should be a bit more polite to other folks in the list, we are mostly 'in the same boat'. Cheers

Re: TLS warning

2017-05-24 Thread Viktor Dukhovni
> On May 24, 2017, at 5:30 AM, Rick Leir wrote: > > Should this TLS warning worry me? No. > May 23 11:35:43 myHostName postfix/smtpd[6619]: SSL_accept error from > sonic310-27.consmr.mail.ne1.yahoo.com[66.163.186.208]: 0 > May 23 11:35:43 myHostName postfix/smtpd[6619]: wa

Re: TLS warning

2017-05-24 Thread Viktor Dukhovni
> On May 24, 2017, at 5:41 AM, li...@lazygranch.com wrote: > > ‎You shouldn't be accepting sslv3 due to the poodle attack. > > https://en.m.wikipedia.org/wiki/POODLE > > A search should indicate what to change to reject sslv3. > > Of course there still could be other things that need fixing. ;

Re: TLS warning

2017-05-24 Thread lists
55 AM To: postfix-users@postfix.org Subject: Re: TLS warning Hi Lists On Wed, May 24, 2017 at 02:41:01AM -0700, li...@lazygranch.com wrote: > ‎You shouldn't be accepting sslv3 due to the poodle attack. > https://en.m.wikipedia.org/wiki/POODLE Please explain how exactly SMTP is exploita

Re: TLS warning

2017-05-24 Thread Bastian Blank
Hi Lists On Wed, May 24, 2017 at 02:41:01AM -0700, li...@lazygranch.com wrote: > ‎You shouldn't be accepting sslv3 due to the poodle attack. > https://en.m.wikipedia.org/wiki/POODLE Please explain how exactly SMTP is exploitable using POODLE? Bastian -- Worlds are conquered, galaxies destroyed

Re: TLS warning

2017-05-24 Thread lists
2:31 AM To: postfix-users@postfix.org Subject: TLS warning Hi All Should this TLS warning worry me? cheers -- Rick Warnings smtpd (total: 1) 1 TLS library problem: error:14094416:SSL routines:SSL3_READ_BYTE... mail.log: May 23 11:35:42 myHostName postfix/smtpd[6619]: connect

TLS warning

2017-05-24 Thread Rick Leir
Hi All Should this TLS warning worry me? cheers -- Rick Warnings smtpd (total: 1) 1 TLS library problem: error:14094416:SSL routines:SSL3_READ_BYTE... mail.log: May 23 11:35:42 myHostName postfix/smtpd[6619]: connect from sonic310-27.consmr.mail.ne1.yahoo.com