LISTSERV mailing list manager LISTSERV 15.5

Help for LINUX-L Archives


LINUX-L Archives

LINUX-L Archives


View:

Next Message | Previous Message
Next in Topic | Previous in Topic
Next by Same Author | Previous by Same Author
Chronologically | Most Recent First
Proportional Font | Monospaced Font

Options:

Join or Leave LINUX-L
Reply | Post New Message
Search Archives


Subject: Re: Mail Server Inquiry
From: Robert Munyer <[log in to unmask]>
Reply-To:Platform Independent Linux List! <[log in to unmask]>
Date:Thu, 1 Mar 2018 19:07:05 -0500
Content-Type:text/plain
Parts/Attachments:
Parts/Attachments

text/plain (24 lines)


I've been running my own mail server (debian/postfix/dovecot) for
~5 years, far less than some people here, but enough to have a few
comments for you.

I have dovecot (and most other daemons) listening only on the loopback
interface, so I have no suggestions about securing external access.

I was able to get most of my incoming and outgoing mail encrypted,
with almost no effort, without even installing a real certificate.
See https://lists.ufl.edu/cgi-bin/wa?A2=ind13&L=LINUX-L&P=R6579 .
My encryption is vulnerable to an active MITM, but, at the time,
that was true even with a real certificate.  That may have changed
by now; there was something called DANE on the horizon that was
expected to be able to fix that problem.

If you try to protect your mail from MITM (and, especially, if you
succeed!) please post here telling us how you did it.

I've been happy with postfix except for one annoying vulnerability,
which had already been known for many years when I noticed it, and
which no one seemed to want to fix, so I fixed it myself, and shared
the patch in the Debian BTS: https://urldefense.proofpoint.com/v2/url?u=https-3A__bugs.debian.org_741888&d=DwIBAg&c=pZJPUDQ3SB9JplYbifm4nt2lEVG5pWx2KikqINpWlZM&r=iUSCqQal-H20QF9or__3g2H9ORMheuOrwYuG_vCdc2g&m=1OPkyZ6fMeQ1f_HB5AQD87PpMoPtt2Ky0qDLQ_vvkG8&s=gyOBNgx4_oahpXkH8sw-eKQWsfqnPNLRWQ54gzheU_8&e= .

-- Robert Munyer

Back to: Top of Message | Previous Page | Main LINUX-L Page

Permalink



LISTS.UFL.EDU

CataList Email List Search Powered by the LISTSERV Email List Manager