Anxiety, OpenBSD break, COVID-19 and resuming work

TL;DR: - I took a break to deal with personal stuff - I'm taking a long break from OpenBSD for personal reasons - I may or may not have experienced COVID-19, who knows - resumed work on OpenSMTPD and other projects This is a weird report This is a weird report. I’ll mix a bit of personal info to provide some context as to why I decided to leave the OpenBSD project, explain why this doesn’t mean I won’t be an active contributor, and give some small insight into my upcoming work. [Read More]

February 2020: OpenSMTPD bugfixes, a small break, other projects

TL;DR: - XXX What happened ? Qualys contacted by e-mail to tell me they found a vulnerability in OpenSMTPD and would send me the encrypted draft for advisory. Receiving this kind of e-mail when working on a daemon that can’t revoke completely privileges is not a thing you want to read, particularly when you know how efficient they are at spotting a small bug and leveraging into a full-fledged clusterfuck. [Read More]

OpenSMTPD advisory dissected

TL;DR: - Qualys released an advisory for a bad, bad vulnerability - an MTA is a very bad software to have a vulnerability in - hole was plugged but that's not enough, similar bugs should be mitigated in the future - article discusses what could have prevented escalation despite the bug What happened ? Qualys contacted by e-mail to tell me they found a vulnerability in OpenSMTPD and would send me the encrypted draft for advisory. [Read More]

January 2020: OpenSMTPD work - libasr and libtls

TL;DR: - brought back libasr to OpenSMTPD, it is no longer an external dependency - libtls-enabled OpenSMTPD is now a thing - documented filters and improved reporting Shout outs to my sponsors ! As usual, a huge thanks goes to the people sponsoring me on patreon or github, the work in this post was made possible by my sponsorship. If you like my work, you can join my sponsors or share my reports and articles to help me find more people willing to sponsor me ! [Read More]

SPF-aware greylisting et filter-greylist

TL;DR: - le greylisting est une bonne idée - ce n'est pas très pratique aujourd'hui - beaucoup de gens se passent du greylisting ou trouvent des contournements - le SPF-aware greylisting rend le greylisting utilisable à nouveau Merci à mes sponsors ! Un énorme merci aux gens qui me sponsorisent sur patreon ou github, le temps consacré à la rédaction et traduction de cet article a été rendu possible par mon sponsorat. [Read More]

December 2019: OpenSMTPD and filters work, articles and goodies

TL;DR: - wrote, reworked and translated multiple articles this month - got some goodies ready for my patrons - lots of work in OpenSMTPD's grammar, documentation and filters protocol Shout outs to my sponsors ! As usual, a huge thanks goes to the people sponsoring me on patreon or github, the work in this post was made possible by my sponsorship. If you like my work, you can join my sponsors or share my reports and articles to help me find more people willing to sponsor me ! [Read More]

Mettre en place un serveur de mail avec OpenSMTPD, Dovecot et Rspamd

TL;DR: - Pas de résumé, j'ai passé des heures à traduire, vous allez passer des minutes à lire ;) - OK… J'ai expliqué avec BIEN TROP DE DÉTAILS comment mettre en place un serveur de mail Merci à mes sponsors ! Un énorme merci aux gens qui me sponsorisent sur patreon ou github, le temps consacré à la rédaction et traduction de cet article a été rendu possible par mon sponsorat. [Read More]

Décentralisons SMTP pour le bien commun

TL;DR: - SMTP est la méthode dont les ordinateurs échangent des e-mails - il s'agit d'un protocole décentralisé, ce qui signifie que CHACUN peut héberger un nœud et être indépendant - il est en train d'être centralisé dans des sociétés qui ont un passif d'abus - il est en train d'être centralisé dans un pays qui a un passif d'abus Où est-ce que j’ai déjà lu ça ? En Août, j’ai publié un petit article intitulé “You should not run your mail server because mail is hard” (“Vous ne devriez pas héberger votre serveur de mail parce que c’est dur”) qui était, en gros, mon opinion sur les différentes raisons qui poussent les gens à décourager l’hébergement de mails. [Read More]

Decentralised SMTP is for the greater good

TL;DR: - SMTP is the way computers exchange e-mails - it is a decentralised protocol meaning that ANYONE can run a node and be independant - it is being centralised at companies that have a history of abuse - it is being centralised in a country that has a history of abuse Where did you read this already ? In August, I published a small article titled “You should not run your mail server because mail is hard” which was basically my opinion on why people keep saying it is hard to run a mail server. [Read More]

SPF-aware greylisting and filter-greylist

TL;DR: - greylisting is a sound idea - yet it is not really practical today - people tend to disable it or find work-arounds - SPF-aware greylisting makes greylisting usable again Shout outs to my sponsors ! As usual, a huge thanks goes to the people sponsoring me on patreon or github, the work in this post was made possible by my sponsorship. SMTP failures in a nutshell SMTP is a fail-safe protocol which attempts very hard to ensure that messages do not get lost once they are in transit. [Read More]