Collaborate Disseminate
STARTTLS, which is used to secure the email handled by many organizations, isn’t perfect, but it can be useful Continue reading Why isn’t US military email protected by standard encryption tech?
Not sure if this is due to security; hence the reason i am asking here.
I have 2 SMTP server and a couple of unix servers
We call my mailserver MTA1 and the POSTFIX server MTA2
I am a novice in mail and i realize these following different flows when some of the different unix servers are sending mail to the public
They can either
unix server (mailx) –> (localhost-sendmail) —> MTA2(postfix) –>
MTA1 (actual mailserver) –> external MTA
unix server (mailx) –> MTA2(postfix) –> MTA1 (actual mailserver) –> external MTA
unix server (mailx) –> MTA2(postfix) –> external recipient MTA
unix server (mailx) –> MTA1 –> external recipient MTA
unix server (mailx) —> (localhost-sendmail) –> external recipient MTA directly ?
q1) Is all the above paths valid ? If so, what should be the correct way ?
q1) Notice 1), not sure why there is a sendmail listening on localhost when the MUA can go directly to MTA2 or MTA1 (like path2)
q2) Notice 2) not sure why the need for MTA2 to relay to MTA1 when they can go the 3) path
q3) Notice 3) not sure why the need to go to MTA2 when they can go to MTA1 also
q4) Notice 5) i have a strong feeling i can send to the sendmail on localhost and have it send to the external MTA directly.
So which is the right path ?
Continue reading simple question about smtp server ( msa to mta ) security design?
Sen. Ron Wyden, D-Ore., wants to know why the Defense Information Systems Agency has failed to implement a basic encryption technology that would otherwise protect employees’ emails from being intercepted by hackers and foreign intelligence agencies, according to a recent letter written sent to DISA Director Lt. Gen. Alan Lynn. Wyden is requesting information concerning why DISA has lagged behind the vast majority of U.S. intelligence agencies, including the CIA and NSA, in adopting a widely used encryption technology known as STARTTLS to protect unclassified email systems. STARTTLS adds a layer of web encryption over the email protocol SMTP. DISA is responsible for providing email services to the Coast Guard, Army, Navy and Marines. An agency spokesperson confirmed that DISA received Wyden’s letter. While the technology is far from a cure-all against hackers that seek to spy on a target, the technology can help ensure the confidentiality of emails that […]
The post Sen. Wyden calls out Pentagon for not adopting email encryption technology appeared first on Cyberscoop.
Continue reading Sen. Wyden calls out Pentagon for not adopting email encryption technology
Sen. Ron Wyden, D-Ore., wants to know why the Defense Information Systems Agency has failed to implement a basic encryption technology that would otherwise protect employees’ emails from being intercepted by hackers and foreign intelligence agencies, according to a recent letter written sent to DISA Director Lt. Gen. Alan Lynn. Wyden is requesting information concerning why DISA has lagged behind the vast majority of U.S. intelligence agencies, including the CIA and NSA, in adopting a widely used encryption technology known as STARTTLS to protect unclassified email systems. STARTTLS adds a layer of web encryption over the email protocol SMTP. DISA is responsible for providing email services to the Coast Guard, Army, Navy and Marines. An agency spokesperson confirmed that DISA received Wyden’s letter. While the technology is far from a cure-all against hackers that seek to spy on a target, the technology can help ensure the confidentiality of emails that […]
The post Sen. Wyden calls out Pentagon for not adopting email encryption technology appeared first on Cyberscoop.
Continue reading Sen. Wyden calls out Pentagon for not adopting email encryption technology
As a sysadmin, I need to send spoofed emails to ensure that the spoofing protection (DMARC, etc) is working.
I think Emkei’s Fake Mailer can be used to send emails spoofed at the SMTP / 5321.MailFrom level but how does one send emails spo… Continue reading How to spoof a MIME-level email address
I was hoping someone could help. I recently emailed the staff of my local U.S. Representative, but then got back a very fishy looking failed delivery response. It looks like this is an auto-reply set up in an Exchange client or server that’s meant to deceive people that their message bounced. But I don’t have the expertise to say this is the case. Is this real or no? The message is below and names and IPs have been redacted.
Can anyone comment on this?
Delivered-To: XXX@gmail.com
Received: by XXX with SMTP id 21csp688769qtu;
Thu, 16 Mar 2017 05:52:12 -0700 (PDT)
X-Received: by XXX with SMTP id z185mr7550566qka.281.1489668732321;
Thu, 16 Mar 2017 05:52:12 -0700 (PDT)
Return-Path: <>
Received: from s-hub4.house.gov (s-hub4.house.gov. [XXX])
by mx.google.com with ESMTPS id a49si3808247qta.XXX
for <XXX>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Thu, 16 Mar 2017 05:52:12 -0700 (PDT)
Received-SPF: pass (google.com: domain of postmaster@s-hub4.house.gov designates XXX as permitted sender) client-ip=XXX;
Authentication-Results: mx.google.com;
dkim=pass header.i=@mail.house.gov;
spf=pass (google.com: domain of postmaster@s-hub4.house.gov designates XXX as permitted sender) smtp.helo=s-hub4.house.gov;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=house.gov
Received: from HEOC-HT02.US.House.gov (heoc-ht02.us.house.gov [XXX])
by s-hub4.house.gov with ESMTP id v2GCqBns015996
(using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256 bits) verified FAIL)
for <XXX>; Thu, 16 Mar 2017 08:52:11 -0400
X-DKIM: OpenDKIM Filter v2.4.3 s-hub4.house.gov v2GCqBns015996
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mail.house.gov;
s=November2012-msg-mhg; t=1489668731;
bh=TmgnphVFgTCKIaXsHTOpfMwuIrvFX1GE2ZdHrvyH69E=;
h=From:To:Subject:Date:Message-ID:References:In-Reply-To:
Content-Type:MIME-Version;
b=lZFhl9Re75ZlwzkPlBmLuqiMoKyeWrXuOJ3grkNR8/GDPTg0c2afcY/JfrOzJKttd
hehMBaflMTtE+FqmvXX2h/t1IAZaK41t0nTVeNMqwa5iQ47NoxyI0wa9pikF1FCI0R
SAoFXlOijWSTB4aCRWS4ig50IKSEl5du22vZRrCg=
Received: from HEOC-HT02.US.House.gov ([::1]) by HEOC-HT02.US.House.gov
([::1]) with Microsoft SMTP Server id XXX; Thu, 16 Mar 2017
08:52:11 -0400
From: “XXX” <XXX@mail.house.gov>
To: XXX <XXX>
Subject: Automatic reply: Time to talk?
Thread-Topic: Time to talk?
Thread-Index: AQHSnlQhPY8xyUcU80mmEIbCQOp84Q==
Date: Thu, 16 Mar 2017 12:52:11 +0000
Message-ID: <e1494dbd073849049ac019fb2f88ccee@HEOC-HT02.US.House.gov>
References: <CAJNUnm93=be67AEat+z34P5VtLDLA3QOugpZt1+-gCLhmprNvA@mail.gmail.com>
In-Reply-To: <CAJNUnm93=be67AEat+z34P5VtLDLA3QOugpZt1+-gCLhmprNvA@mail.gmail.com>
X-MS-Has-Attach:
X-Auto-Response-Suppress: All
X-MS-Exchange-Inbox-Rules-Loop: XXX@mail.house.gov
X-MS-TNEF-Correlator:
Content-Type: multipart/alternative;
boundary="_000_e1494dbd073849049ac019fb2f88cceeHEOCHT02USHousegov_"
MIME-Version: 1.0
--_000_e1494dbd073849049ac019fb2f88cceeHEOCHT02USHousegov_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
A message that you sent could not be delivered to one or more of its recipi=
ents. The following address(es) failed:
[XXX@mail.house.gov<mailto:XXX@mail.house.gov>]
--_000_e1494dbd073849049ac019fb2f88cceeHEOCHT02USHousegov_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/htm=
l4/strict.dtd">
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta http-equiv=3D"Content-Style-Type" content=3D"text/css">
<title></title>
<meta name=3D"Generator" content=3D"Cocoa HTML Writer">
<meta name=3D"CocoaVersion" content=3D"1404.34">
<style type=3D"text/css">=0A=
p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; line-height: 18.0px; font: 15.0px Ca=
libri; -webkit-text-stroke: #000000}=0A=
p.p2 {margin: 0.0px 0.0px 0.0px 0.0px; line-height: 18.0px; font: 15.0px Ca=
libri; -webkit-text-stroke: #000000; min-height: 18.0px}=0A=
span.s1 {font-kerning: none}=0A=
</style>
</head>
<body>
<p class=3D"p1"><span class=3D"s1">A message that you sent could not be del=
ivered to one or more of its recipients. The following address(es) failed:<=
/span></p>
<p class=3D"p2"><span class=3D"s1"></span><br>
</p>
<p class=3D"p1"><span class=3D"s1">[<a href=3D"mailto:XXX@mail.hou=
se.gov">XXX@mail.house.gov</a>]</span></p>
</body>
</html>
--_000_e1494dbd073849049ac019fb2f88cceeHEOCHT02USHousegov_--
Continue reading Fake Failed Delivery from Congress? [on hold]
I have an instance of VPS running with logrotate that emails me logs every day. It is a send-only SMTP server with Postfix, set up using this guide. I just need to receive the logs from this server. Incoming email is on the d… Continue reading VPS outbound emails security
Me and my brother live in the same apartment and use the same internet connection. (A WiFi router with WPA2 password).
He uses Microsoft Outlook as his primary email tool and I noticed that his POP and SMTP port settings wer… Continue reading Using port port 25 on the same WiFi
I’ve tried to enumerate users on my system (where I’m running postfix) using telnet:
telnet myserver.com 25
250-myserver.com
250-PIPELINING
250-SIZE 10240000
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN… Continue reading How to prevent SMTP user enumeration in Postfix?
My school supplies an email address for its students. To connect to their email server, no authentication is needed for the outgoing mail server. So no user name, or password is needed and no SSL/TLS is used (and it’s port 25… Continue reading How does lack of SMTP authentication impact users?