Search results

Certbot is recommended by Let's Encrypt and most people should start with it. If certbot does not meet your needs you are free to try a 3rd party client, but keep in mind that Let’s Encrypt does not control or review third party clients and cannot make any guarantees about their safety or...

Let's Encrypt is a free, automated and open certificate authority. The CA issues standard domain validation certificates. The certificates can be used for web servers, email servers, FTP servers and many more. Email encryption and code signing requires a different type of certificate that Let's...

In the daily spam list the "Blacklist"-URL gives the user the option to blacklist an email-address of an email already identified as spam. For sure another email from the same sender can be identified as ham the next time. The user should then login and set it on the blacklist. The...

That makes the "Blacklist"-URL in the daily spam report obsolete.

How to check your outside IPv4/IPv6 of your DNS Server (Who am I): # dig o-o.myaddr.l.google.com -t txt +short # dig -t a whoami.v4.powerdns.org +short # dig -t aaaa whoami.v6.powerdns.org +short # dig -t txt whoami.v4.powerdns.org +short # dig -t txt whoami.v6.powerdns.org +short # dig -t...

"Dnsmasq is a DNS query forwarder: it it not capable of recursively answering arbitrary queries starting from the root servers but forwards such queries to a fully recursive upstream DNS server which is typically provided by an ISP." (http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html)...

You can customize the spamassassin settings in the file /etc/mail/spamassassin/custom.cf If you trust the DBL more then just raise the score, e.g.: # https://spamassassin.apache.org/full/3.1.x/doc/Mail_SpamAssassin_Conf.html # multi.uribl.com # Contains an URL listed in the URIBL blacklist...

In the PMG Admin Manual the following DNS recommendation is proposed: DNS recommendations Many tests to detect SPAM mails use DNS queries, so it is important to have a fast and reliable DNS server. We also query some public available DNS Blacklists. Most of them apply rate limits for clients...

The debian (stretch) package comes with a cron job and a systemd timer. The cron job won't execute the renew command when you are running systemd (if /run/systemd/system is detected). It's done via certbot.timer Edit certbot.service (/lib/systemd/system/certbot.service), i.e. preferred...

- The bayesian filter and auto white list features have auto learning algorithms. (Admin Manual -> Spam Detection Feaetures) - You can examine X-Spam headers in several emails to see how spamassassin is evaluating them, make small adjustments to the score on one of the rules and examine the...

Use fail2ban, firewalling, proper sshd_config (root only from certain ips) settings and better authentication methods to increase security. If you just change a port the brute-force attacks will continue on the other port.

The Cluster Tunnel Daemon creates a ssh tunnel to the postgres database in other cluster nodes. btw changing SSH Port does not increase security.