How do I log tls-encrypted smtp traffic?
Johannes Ernst asked: I’d like to know what my local postfix says to the Amazon SES smtpd after the STARTTLS. In plain text, so I can understand it. Amazon SES
View ArticlePostfix TLS authentication not enabled
Frank Astin asked: Hi I’ve set up a mail server according to this guide : http://andrewpuschak.com/dokuwiki/doku.php?id=centos_6_email_server When I telnet mydomain.com 25 and use the AUTH command it...
View Articlecan't get tomcat to offer TLS_ECDHE_ECDSA_… ciphers
tonioc asked: my tomcat (7.0.52) Connector is configured with a cipher list like ciphers=”TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,...
View ArticleHow to disable SSLCompression on Apache httpd 2.2.15? (Defense against...
Stefan Lasiewski asked: I read about the CRIME attack against TLS Compression (CVE-2012-4929, CRIME is a successor to the BEAST attack against ssl & tls), and I want to protect
View ArticleCentos SMTP error command not implemented
Hamid asked: I have a vps with Centos 6.5 and postfix installed. When I want to connect to a smtp server like google or mail gun, I get the error
View ArticleIs it possible to set SSL/TLS version HTTP header with Apache which an...
burnersk asked: There is one service on a virtual machine with a dedicated IP that required to be accessible via SSLv3 (WinXP with IE6 clients). I moved that service several
View ArticleHow to set "server preference" for tls cipher suites?
jww asked: Mozilla has a tool to generate server configurations at Mozilla SSL Configuration Generator. For Amazon Elastic Load Balancing (ELB), the configuration does not appear to have a setting
View Articlesyslog-ng EC2 TLS
MarcF asked: I am attempting to add TLS support to my syslog-ng service running on an AWS EC2 instance (logs are being sent to loggly). The basic configuration without TLS
View ArticleOpenSSL No Client Certificate Presented (SMTP, Postfix)
JeremyCanfield asked: I used OpenSSL to create a private key and self-signed public certificate. I then created a Certificate Authority file that contains both the private key and public certificate...
View Articlehttps://domain.com ssl error and it won't redirect to www unless add exception
Chazy Chaz asked: I’ve created a let’s encrypt certificate, for my domain, using certbot. I’ve made sure to include www and some (needed) subdomains, so the certificate should be valid for non-www and...
View ArticleWhich DNS name is checked for TLS on a mailserver?
allo asked: Let’s say i have these records: A reverse.somedomain: 127.0.0.1 A mail.somedomain: 127.0.0.1 A mail.mailserverdomain: 127.0.0.1 MX somedomain: mail.somedomain PTR 127.0.0.1:...
View ArticleIn postfix, how to enforce tls + auth over 587 while leaving tls optional for 25
Paralife asked: I would like to host mail services for some domains. I have succesfully setup postfix to consult sql for those virtual domains. What I would like to do is: For connections on 25: Deny...
View ArticleHow to disable SSLCompression on Apache httpd 2.2.15? (Defense against...
Stefan Lasiewski asked: I read about the CRIME attack against TLS Compression (CVE-2012-4929, CRIME is a successor to the BEAST attack against ssl & tls), and I want to protect my webservers...
View ArticleIn postfix, how to enforce tls + auth over 587 while leaving tls optional for 25
Paralife asked: I would like to host mail services for some domains. I have succesfully setup postfix to consult sql for those virtual domains. What I would like to do is: For connections on 25: Deny...
View ArticlePostfix TLS authentication not enabled
Frank Astin asked: I’ve set up a mail server according to this guide. When I telnet mydomain.com 25 and use the AUTH command it returns: Error: authentication not enabled Trying to login via outlook...
View Articlecan't get tomcat to offer TLS_ECDHE_ECDSA_… ciphers
tonioc asked: my tomcat (7.0.52) Connector is configured with a cipher list like ciphers=”TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,...
View ArticleCentos SMTP error command not implemented
Hamid Mohayeji asked: I have a vps with Centos 6.5 and postfix installed. When I want to connect to a smtp server like google or mail gun, I get the error 502 command not implemented. Can anybody help...
View ArticleIs it possible to set SSL/TLS version HTTP header with Apache which an...
burnersk asked: There is one service on a virtual machine with a dedicated IP that required to be accessible via SSLv3 (WinXP with IE6 clients). I moved that service several several years ago to a...
View ArticleHow to set "server preference" for tls cipher suites?
jww asked: Mozilla has a tool to generate server configurations at Mozilla SSL Configuration Generator. For Amazon Elastic Load Balancing (ELB), the configuration does not appear to have a setting for...
View ArticleOpenSSL No Client Certificate Presented (SMTP, Postfix)
JeremyCanfield asked: I used OpenSSL to create a private key and self-signed public certificate. I then created a Certificate Authority file that contains both the private key and public certificate...
View Article