TLS via SMTP is opportunistic which makes connections vulnerable to man-in-the-middle-attacks. In order to prevent mitm-attacks, DANE could be used. The sender-server will first check the domain-records if dnssec is in use(and valid) and if a TLSA-record is published(and valid). If a TLSA-record is valid and matches with the certificate of the recipient-server the connection could be encrypted and the encryption is verified.
If I enable postscreen on a Debian-Host I'll get this strange message in my mail.log:
Feb 13 08:38:37 tardis postfix/postscreen: close database /var/lib/postfix/postscreen_cache.db: No such file or directory (possible Berkeley DB bug)
It looks like the postscreen_cache.db-file is located in /var/lib/postfix instead of the postfix-jail /var/spool/postfix/var/lib/postfix. So we can fix it by moving the file into the jail:
If you have installed Kolab 3.2 on Debian Jessie and if you are using SSL, you might have problems with sieve-filters. If I click on Filters(in webmail), I'll recieve the following error: "Unable to connect to server". /var/log/mail.log shows me:
Sep 18 11:45:35 kolab sieve: STARTTLS failed: localhost [::1]
This archive contains all necessary config-files and scripts to setup a mail2sms-gateway using an old-school mobile phone. I used for this a raspberry pi.
DNS-Blacklist AHBL recently stopped their services. Since that I had many problems with our spamfilters. They are still using this blacklist and give all the mails a higher score because AHBL doesn't exist anymore.
The following entry in /etc/spamassassin/local.cf solvesthe problem(quick fix) :
score DNS_FROM_AHBL_RHSBL 0
Today I upgraded Thunderbird and then my SSL-connections to postfix did not work. In /var/log/mail.log i found the following:
SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1258:SSL alert number 48:
After a while i found this solutionsJust change the following thunderbird-setting:
security.use_mozillapkix_verification to false
This archive contains a syntax-file for vim which enables a colorful "mail.log file". The colors are the same as the postfix-scheme of multitail.