diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2019-03-19 02:27:42 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2019-03-19 02:27:42 +0100 |
| commit | b16aa5bd33e5ca4bdc8a0734e8db1f42611aa75b (patch) | |
| tree | 8fe4feb798b66236e529ca32242cdc7602f883f8 /certs/gencerts.sh | |
| parent | c19f6525465065496c485a5084a86707e4923580 (diff) | |
MSA: Open 465/TCP for Email Submission over TLS.
See RFC 8314 sec. 3.3 "Cleartext Considered Obsolete".
Diffstat (limited to 'certs/gencerts.sh')
| -rwxr-xr-x | certs/gencerts.sh | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/certs/gencerts.sh b/certs/gencerts.sh index f56e8f7..b796339 100755 --- a/certs/gencerts.sh +++ b/certs/gencerts.sh @@ -61,44 +61,44 @@ sshfpr() { host="${msg%%,*}"; host="${host%% *}"; host="${host#*@}"; host="${host#\`}"; host="${host%\`}" [ "$typ" = mdwn ] && printf '\n%s\n\n' "$msg" || { printf '\n%s\n\n' "$msg" | tr -d '`'; } [ "${host#*:}" != 22 ] || host="${host%%:*}" indent=":${indent#?}" [ "$typ" = mdwn ] && str= || str=' ' for h in MD5 SHA256; do ssh-keygen -E "$h" -f "$DIR/../ssh_known_hosts" -lF "${host#*@}" done | sed -nr 's/^[^ #]+\s+//p' | sed -r 's/^(\S+)\s+([^:]+):/\1 \2 /' | while read a h fpr; do str2="$str$(printf '%-6s' "$h" | tr '[a-z]' '[A-Z]')" printf '%s %s (%s)\n' "$indent$str2" "$fpr" "$a" indent=" ${indent#?}" done } allfpr() { local typ="$1" [ "$typ" = mdwn ] && indent=' ' || indent=' ' header 'IMAP server' - x509fpr '`imap.fripost.org:993` (IMAP over SSL), `sieve.fripost.org:4190` (ManageSieve, `STARTTLS`)' + x509fpr '`imap.fripost.org:993` (IMAP over TLS), `sieve.fripost.org:4190` (ManageSieve, `STARTTLS`)' header 'SMTP servers' - x509fpr '`smtp.fripost.org:587` (Mail Submission Agent, `STARTTLS`)' + x509fpr '`smtp.fripost.org:465` (Email Submission over TLS), `smtp.fripost.org:587` (Email Submission, `STARTTLS`)' x509fpr '`mx1.fripost.org:25` (1st Mail eXchange, `STARTTLS`)' x509fpr '`mx2.fripost.org:25` (2nd Mail eXchange, `STARTTLS`)' header 'Web servers' x509fpr '`fripost.org:443`, `www.fripost.org:443` (website), `wiki.fripost.org:443` (wiki)' x509fpr '`mail.fripost.org:443`, `webmail.fripost.org:443` (webmail)' x509fpr '`lists.fripost.org:443` (list manager)' x509fpr '`git.fripost.org:443` (git server and its web interface)' x509fpr '`cloud.fripost.org:443` (lagring för delning)' header 'SSH server' sshfpr '`gitolite@git.fripost.org:22`' } [ $# -eq 1 ] || usage asc="$1" asc2=$(mktemp --tmpdir) src=$(mktemp --tmpdir) |