LISTSERV mailing list manager LISTSERV 16.0

Help for LINUX-L Archives


LINUX-L Archives

LINUX-L Archives


LINUX-L@LISTS.UFL.EDU


View:

Message:

[

First

|

Previous

|

Next

|

Last

]

By Topic:

[

First

|

Previous

|

Next

|

Last

]

By Author:

[

First

|

Previous

|

Next

|

Last

]

Font:

Proportional Font

LISTSERV Archives

LISTSERV Archives

LINUX-L Home

LINUX-L Home

LINUX-L  2018

LINUX-L 2018

Subject:

Re: Mail Server Inquiry

From:

Robert Munyer <[log in to unmask]>

Reply-To:

Platform Independent Linux List! <[log in to unmask]>

Date:

Thu, 1 Mar 2018 19:07:05 -0500

Content-Type:

text/plain

Parts/Attachments:

Parts/Attachments

text/plain (24 lines)

I've been running my own mail server (debian/postfix/dovecot) for
~5 years, far less than some people here, but enough to have a few
comments for you.

I have dovecot (and most other daemons) listening only on the loopback
interface, so I have no suggestions about securing external access.

I was able to get most of my incoming and outgoing mail encrypted,
with almost no effort, without even installing a real certificate.
See https://lists.ufl.edu/cgi-bin/wa?A2=ind13&L=LINUX-L&P=R6579 .
My encryption is vulnerable to an active MITM, but, at the time,
that was true even with a real certificate.  That may have changed
by now; there was something called DANE on the horizon that was
expected to be able to fix that problem.

If you try to protect your mail from MITM (and, especially, if you
succeed!) please post here telling us how you did it.

I've been happy with postfix except for one annoying vulnerability,
which had already been known for many years when I noticed it, and
which no one seemed to want to fix, so I fixed it myself, and shared
the patch in the Debian BTS: https://urldefense.proofpoint.com/v2/url?u=https-3A__bugs.debian.org_741888&d=DwIBAg&c=pZJPUDQ3SB9JplYbifm4nt2lEVG5pWx2KikqINpWlZM&r=iUSCqQal-H20QF9or__3g2H9ORMheuOrwYuG_vCdc2g&m=1OPkyZ6fMeQ1f_HB5AQD87PpMoPtt2Ky0qDLQ_vvkG8&s=gyOBNgx4_oahpXkH8sw-eKQWsfqnPNLRWQ54gzheU_8&e= .

-- Robert Munyer

Top of Message | Previous Page | Permalink

Advanced Options


Options

Log In

Log In

Get Password

Get Password


Search Archives

Search Archives


Subscribe or Unsubscribe

Subscribe or Unsubscribe


Archives

2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998
1997

ATOM RSS1 RSS2



LISTS.UFL.EDU

CataList Email List Search Powered by the LISTSERV Email List Manager