OpenSMTPD advisory dissected

TL;DR: - Qualys released an advisory for a bad, bad vulnerability - an MTA is a very bad software to have a vulnerability in - hole was plugged but that's not enough, similar bugs should be mitigated in the future - article discusses what could have prevented escalation despite the bug What happened ? Qualys contacted by e-mail to tell me they found a vulnerability in OpenSMTPD and would send me the encrypted draft for advisory. [Read More]

January 2020: OpenSMTPD work - libasr and libtls

TL;DR: - brought back libasr to OpenSMTPD, it is no longer an external dependency - libtls-enabled OpenSMTPD is now a thing - documented filters and improved reporting Shout outs to my sponsors ! As usual, a huge thanks goes to the people sponsoring me on patreon or github, the work in this post was made possible by my sponsorship. If you like my work, you can join my sponsors or share my reports and articles to help me find more people willing to sponsor me ! [Read More]

SPF-aware greylisting et filter-greylist

TL;DR: - le greylisting est une bonne idée - ce n'est pas très pratique aujourd'hui - beaucoup de gens se passent du greylisting ou trouvent des contournements - le SPF-aware greylisting rend le greylisting utilisable à nouveau Merci à mes sponsors ! Un énorme merci aux gens qui me sponsorisent sur patreon ou github, le temps consacré à la rédaction et traduction de cet article a été rendu possible par mon sponsorat. [Read More]

December 2019: OpenSMTPD and filters work, articles and goodies

TL;DR: - wrote, reworked and translated multiple articles this month - got some goodies ready for my patrons - lots of work in OpenSMTPD's grammar, documentation and filters protocol Shout outs to my sponsors ! As usual, a huge thanks goes to the people sponsoring me on patreon or github, the work in this post was made possible by my sponsorship. If you like my work, you can join my sponsors or share my reports and articles to help me find more people willing to sponsor me ! [Read More]

Mettre en place un serveur de mail avec OpenSMTPD, Dovecot et Rspamd

TL;DR: - Pas de résumé, j'ai passé des heures à traduire, vous allez passer des minutes à lire ;) - OK… J'ai expliqué avec BIEN TROP DE DÉTAILS comment mettre en palce un serveur de mail Merci à mes sponsors ! Un énorme merci aux gens qui me sponsorisent sur patreon ou github, le temps consacré à la rédaction et traduction de cet article a été rendu possible par mon sponsorat. [Read More]

Décentralisons SMTP pour le bien commun

TL;DR: - SMTP est la méthode dont les ordinateurs échangent des e-mails - il s'agit d'un protocole décentralisé, ce qui signifie que CHACUN peut héberger un nœud et être indépendant - il est en train d'être centralisé dans des sociétés qui ont un passif d'abus - il est en train d'être centralisé dans un pays qui a un passif d'abus Où est-ce que j’ai déjà lu ça ? En Août, j’ai publié un petit article intitulé “You should not run your mail server because mail is hard” (“Vous ne devriez pas héberger votre serveur de mail parce que c’est dur”) qui était, en gros, mon opinion sur les différentes raisons qui poussent les gens à décourager l’hébergement de mails. [Read More]

Decentralised SMTP is for the greater good

TL;DR: - SMTP is the way computers exchange e-mails - it is a decentralised protocol meaning that ANYONE can run a node and be independant - it is being centralised at companies that have a history of abuse - it is being centralised in a country that has a history of abuse Where did you read this already ? In August, I published a small article titled “You should not run your mail server because mail is hard” which was basically my opinion on why people keep saying it is hard to run a mail server. [Read More]

SPF-aware greylisting and filter-greylist

TL;DR: - greylisting is a sound idea - yet it is not really practical today - people tend to disable it or find work-arounds - SPF-aware greylisting makes greylisting usable again Shout outs to my sponsors ! As usual, a huge thanks goes to the people sponsoring me on patreon or github, the work in this post was made possible by my sponsorship. SMTP failures in a nutshell SMTP is a fail-safe protocol which attempts very hard to ensure that messages do not get lost once they are in transit. [Read More]

November 2019 report: OpenSMTPD 6.6.1p1, filter-greylist and tons of portable cleanup

TL;DR: - our CI was improved - a new OpenSMTPD release, 6.6.1p1 took place to deal with portable issues - multiple portability issues were adressed - new table API in the works - filter-rspamd and filter-senderscore were improved - filter-greylist proof-of-concept published - wrote 2 chapters for my book Shout outs to my sponsors ! As usual, a huge thanks goes to the people sponsoring me on patreon or github, the work in this post was made possible by my sponsorship. [Read More]

October 2019 report: OpenSMTPD 6.6.0 release mostly

TL;DR: - yay, surprise emergency hand surgery... - OpenSMTPD 6.6.0 was tagged and released, including portable version - Merged contributions to fix filter-rspamd bug with DKIM - Work resumed on 6.7.0 feature - An OpenSMTPD book is in the works Shout outs to my patrons ! As usual, a huge thanks goes to the people sponsoring me on patreon or github, the work in this post was made possible by my sponsorship. [Read More]