Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-10-03 | Merge branch 'feature/3953' into develop | Micah Anderson | |
2013-10-03 | It turns out postfix's variable for 1024bit DH parameters can actually take ↵ | Micah Anderson | |
a file of arbitrary length (#4012) Neither Postfix nor OpenSSL actually care about the size of the prime in "smtpd_tls_dh1024_param_file". You can make it 2048 bits Change-Id: Id60deec93547e7df6dfc414209afaf9d53c710b5 | |||
2013-10-02 | setup smtpd_tls_eecdh_grade to 'ultra' and configure the ↵ | Micah Anderson | |
smtpd_tls_dh1024_param file, after generating it (#3953) Change-Id: I8e88a4862cda052c2f0ca0149f1d0753c7c83cb5 | |||
2013-09-26 | Add client-side TLS configuration (#3868) | Micah Anderson | |
Change-Id: I0b82930f6f6a453e57f1d57fd8b5df78d464e206 | |||
2013-09-24 | fix client_ca cert+key for mx service (Feature #3921) | varac | |
2013-09-18 | use x509 for postfix ca and fix names for cert+key (Feature #3833) | varac | |
2013-09-03 | use check_helo_access hash:/helo_checks also for $submission_helo_restrictions | varac | |
2013-09-03 | Sending mail fails when relaying using non-fully-qualified hostname (Feature ↵ | varac | |
#3667) | |||
2013-09-03 | Merge branch 'feature/helo_access' into develop | Micah Anderson | |
Conflicts: puppet/modules/site_postfix/manifests/mx/smtpd_checks.pp Change-Id: I51555935f9d9409e45809d6df021b10e926ea520 | |||
2013-09-03 | add /etc/postfix/checks directory and setup a check_helo_access that allows ↵ | Micah Anderson | |
admins to have some control over problem clients connecting that present helo patterns that they wish to block (#3694) Change-Id: I159c29b6fe17e3d75b607d1a6fa82856b976c9b4 | |||
2013-09-03 | Without smtpd_helo_required, the helo restrictions are easily bypassed by ↵ | Micah Anderson | |
not sending a HELO (#3693) Change-Id: I6a7338136a53e16962a070826493139fa3307df7 | |||
2013-08-31 | postfix enable submission port using starttls, so the client can transition ↵ | Micah Anderson | |
to the more restrictive TLS wrapper mode Change-Id: I2a1728788378d9a1b79155ddb9bb4b0464b16baa | |||
2013-08-31 | change the master.cf_tail to pull in -o ↵ | Micah Anderson | |
smtpd_recipient_restrictions=$smtps_recipient_restrictions from main.cf, allowing us to setup specific restrictions for the smtps port move permit_tls_all_clientcerts from the smtpd_data_restrictions and smtpd_recipient_restrictions to only be in smtps_recipient_restrictions make a note about the permit_tls_all_clientcerts being something that we don't want in the future remove check_sender_access check which was doing an unnecessary lookup Change-Id: If9101512e42f7cd82c0e06543cef696d6063f8dc | |||
2013-08-29 | fix smtpd mail restrictions (Feature #3166) | varac | |
2013-08-28 | SMTP checks (Feature #2304) | varac | |
2013-08-28 | integrate manual postfix config changes in puppet (Feature #3538) | varac | |
2013-07-31 | use smtpd_tls_security_level = may in postfix config (Bug #3348) | varac | |
2013-07-26 | Merge branch 'varac/feature/mx' into feature/leap_mx | Micah Anderson | |
Conflicts: provider_base/services/mx.json puppet/manifests/site.pp puppet/modules/site_mx/manifests/init.pp puppet/modules/site_postfix/manifests/mx.pp Change-Id: Ib2952f6cb972c40a998f20d7bbdb23bb35bef419 | |||
2013-07-25 | beginning of smtp_auth config with client certs | varac | |
2013-07-25 | smtpd_checks: smtpd_delay_reject | varac | |
2013-07-25 | smtpd_checks: smtpd_data_restrictions | varac | |
2013-07-10 | added tls support, including smtp auth via client cert | varac | |
2013-07-09 | beginning of smtp_auth config with client certs | varac | |
2013-07-09 | smtpd_checks: smtpd_delay_reject | varac | |
2013-07-09 | smtpd_checks: smtpd_data_restrictions | varac | |