TL;DR: Worked on the OpenSMTPD 6.7 release; Did a lot of work on the new table API; Wrote several PoCs; WARNING: Examples of code and configuration that appear in this article are here to help illustrate and explain development stages of my work. They are subject to changes and must not be considered as user documentation. By the time you’re reading this, they will likely no longer work or reflect reality. [Read More]

TL;DR: Worked on my webmail; Did a bit of OpenSMTPD work; Shout outs to my patrons ! As usual, a huge thanks goes to the people sponsoring me on patreon or github, the work in this post was made possible by my sponsorship. Webmail vs mutt I started using console clients to read my mail back when I was a student in early 2000s, and I’ve been using mutt for as long as I can recall now. [Read More]

TL;DR: - I took a break to deal with personal stuff - I'm taking a long break from OpenBSD for personal reasons - I may or may not have experienced COVID-19, who knows - resumed work on OpenSMTPD and other projects This is a weird report This is a weird report. I’ll mix a bit of personal info to provide some context as to why I decided to leave the OpenBSD project, explain why this doesn’t mean I won’t be an active contributor, and give some small insight into my upcoming work. [Read More]

TL;DR: - Qualys released an advisory for a bad, bad vulnerability - an MTA is a very bad software to have a vulnerability in - hole was plugged but that's not enough, similar bugs should be mitigated in the future - article discusses what could have prevented escalation despite the bug What happened ? Qualys contacted by e-mail to tell me they found a vulnerability in OpenSMTPD and would send me the encrypted draft for advisory. [Read More]

TL;DR: - brought back libasr to OpenSMTPD, it is no longer an external dependency - libtls-enabled OpenSMTPD is now a thing - documented filters and improved reporting Shout outs to my sponsors ! As usual, a huge thanks goes to the people sponsoring me on patreon or github, the work in this post was made possible by my sponsorship. If you like my work, you can join my sponsors or share my reports and articles to help me find more people willing to sponsor me ! [Read More]

TL;DR: - le greylisting est une bonne idée - ce n'est pas très pratique aujourd'hui - beaucoup de gens se passent du greylisting ou trouvent des contournements - le SPF-aware greylisting rend le greylisting utilisable à nouveau Merci à mes sponsors ! Un énorme merci aux gens qui me sponsorisent sur patreon ou github, le temps consacré à la rédaction et traduction de cet article a été rendu possible par mon sponsorat. [Read More]

TL;DR: - wrote, reworked and translated multiple articles this month - got some goodies ready for my patrons - lots of work in OpenSMTPD's grammar, documentation and filters protocol WARNING: Examples of code and configuration that appear in this article are here to help illustrate and explain development stages of my work. They are subject to changes and must not be considered as user documentation. By the time you’re reading this, they will likely no longer work or reflect reality. [Read More]

TL;DR: - Pas de résumé, j'ai passé des heures à traduire, vous allez passer des minutes à lire ;) - OK… J'ai expliqué avec BIEN TROP DE DÉTAILS comment mettre en place un serveur de mail Merci à mes sponsors ! Un énorme merci aux gens qui me sponsorisent sur patreon ou github, le temps consacré à la rédaction et traduction de cet article a été rendu possible par mon sponsorat. [Read More]

TL;DR: - SMTP est la méthode dont les ordinateurs échangent des e-mails - il s'agit d'un protocole décentralisé, ce qui signifie que CHACUN peut héberger un nœud et être indépendant - il est en train d'être centralisé dans des sociétés qui ont un passif d'abus - il est en train d'être centralisé dans un pays qui a un passif d'abus Où est-ce que j’ai déjà lu ça ? En Août, j’ai publié un petit article intitulé “You should not run your mail server because mail is hard” (“Vous ne devriez pas héberger votre serveur de mail parce que c’est dur”) qui était, en gros, mon opinion sur les différentes raisons qui poussent les gens à décourager l’hébergement de mails. [Read More]

TL;DR: - SMTP is the way computers exchange e-mails - it is a decentralised protocol meaning that ANYONE can run a node and be independant - it is being centralised at companies that have a history of abuse - it is being centralised in a country that has a history of abuse Where did you read this already ? In August, I published a small article titled “You should not run your mail server because mail is hard” which was basically my opinion on why people keep saying it is hard to run a mail server. [Read More]