All,
The dayjob has a number of machines out in the wild that need to be able
to send mail (mostly from cron jobs) home to the mothership. Not all have
controllable reverse DNS. It's an issue with donated colo and transit.
Doing a bunch of tunnels would work but it's a really stupid answer.
Dnia 17.04.2021 o godz. 11:56:54 Dan Mahoney (Gushi) pisze:
>
> The dayjob has a number of machines out in the wild that need to be
> able to send mail (mostly from cron jobs) home to the mothership.
> Not all have controllable reverse DNS. It's an issue with donated
> colo and transit. Doing a b
Dan Mahoney (Gushi):
> All,
>
> The dayjob has a number of machines out in the wild that need to be able
> to send mail (mostly from cron jobs) home to the mothership. Not all have
> controllable reverse DNS. It's an issue with donated colo and transit.
> Doing a bunch of tunnels would work b
On 4/17/21 5:15 PM, Wietse Venema wrote:
> Dan Mahoney (Gushi):
>> All,
>>
>> The dayjob has a number of machines out in the wild that need to be able
>> to send mail (mostly from cron jobs) home to the mothership. Not all have
>> controllable reverse DNS. It's an issue with donated colo and tr
Demi Marie Obenour:
> >> It seems that There are knobs that let you list *individual certs* for
> >> allowing trusted relaying, but not *individual ca's*.
> >>
> >> Is there any way around this?
> >
> > Yes: handle that traffic with a dedicated smtpd instance that only
> > trusts your internal ro
Sent from my iPad
> On Apr 17, 2021, at 14:16, Wietse Venema wrote:
> Dan Mahoney (Gushi):
>> All,
>>
>> The dayjob has a number of machines out in the wild that need to be able
>> to send mail (mostly from cron jobs) home to the mothership. Not all have
>> controllable reverse DNS. It's
On 4/18/21 2:39 PM, Wietse Venema wrote:
> Demi Marie Obenour:
It seems that There are knobs that let you list *individual certs* for
allowing trusted relaying, but not *individual ca's*.
Is there any way around this?
>>>
>>> Yes: handle that traffic with a dedicated smtpd inst
On Sun, Apr 18, 2021 at 07:59:07PM -0400, Demi Marie Obenour wrote:
> >> Would it be possible to support trusting based on subject alt name?
> >> I would like a machine with a certificate for a.example.com to send
> >> mail from a.example.com domains.
This rather mixes end-to-end properties (the
On 4/18/21 8:04 PM, Viktor Dukhovni wrote:
> On Sun, Apr 18, 2021 at 07:59:07PM -0400, Demi Marie Obenour wrote:
>
Would it be possible to support trusting based on subject alt name?
I would like a machine with a certificate for a.example.com to send
mail from a.example.com domains.
On Sun, Apr 18, 2021 at 08:49:34PM -0400, Demi Marie Obenour wrote:
> >> Each system is issued a certificate for its own domain. Perhaps a
> >> better example would be email Subject Alternative Names.
> >
> > That's not an example (use-case), it is a certificate field. What
> > is the use-case.
> On Apr 18, 2021, at 10:30 PM, Viktor Dukhovni
> wrote:
>
> On Sun, Apr 18, 2021 at 08:49:34PM -0400, Demi Marie Obenour wrote:
>
Each system is issued a certificate for its own domain. Perhaps a
better example would be email Subject Alternative Names.
>>>
>>> That's not an exam
11 matches
Mail list logo
