summaryrefslogtreecommitdiffstats
path: root/roles/MX
Commit message (Expand)AuthorAgeFiles
* wibbleGuilhem Moulin2020-05-181
* MX: Port to Debian 10.Guilhem Moulin2020-05-162
* MX: Install OpenDMARC to add Authentication-Results headers.Guilhem Moulin2020-05-166
* MX: chroot postscreen(8), smtpd(8) and cleanup(8) daemons.Guilhem Moulin2018-12-097
* MX: don't override 5XY reject codes to 554.Guilhem Moulin2018-12-091
* postfix: remove explicit default 'mail_owner = postfix'.Guilhem Moulin2018-12-061
* Upgrade MX baseline to Debian Stretch.Guilhem Moulin2018-12-031
* Upgrade syntax to Ansible 2.7 (apt module).Guilhem Moulin2018-12-031
* Postfix: replace cdb & btree tables with lmdb ones.Guilhem Moulin2018-12-032
* Harden anti spam on the MX:es.Guilhem Moulin2018-06-094
* Postscreen: improve DNSBL sites and scores.Guilhem Moulin2018-04-041
* postscreen: lower zen.spamhaus.org DNSBL score from 3 to 2 on the MX:es.Guilhem Moulin2017-06-051
* Use blackhole subdomain for sender addresses of verify probes.Guilhem Moulin2017-05-161
* Change group of executables in /usr/local/{bin,sbin} from root to staff.Guilhem Moulin2017-05-141
* Allow SMTP client from whitelisted IPs to bypass postscreen checks.Guilhem Moulin2017-01-141
* Postscreen: Give temporary whitelist status to primary MX addresses only.Guilhem Moulin2016-09-201
* postfix: commit the master.cf symlinks.Guilhem Moulin2016-07-121
* Route all internal SMTP traffic through IPsec.Guilhem Moulin2016-07-102
* Postfix MX/MSA instances: put certs in the the instance's $config_directory.Guilhem Moulin2016-07-102
* Postfix MX/MSA instances: don't ask the remote SMTP client for a client certi...Guilhem Moulin2016-07-101
* Postfix: don't share the master.cf between the instances.Guilhem Moulin2016-07-102
* postfix: Don't explicitly set inet_interfaces=all as it's the default.Guilhem Moulin2016-07-101
* Change the pubkey extension from .pem to .pub.Guilhem Moulin2016-07-101
* certs/public: fetch each cert's pubkey (SPKI), not the cert itself.Guilhem Moulin2016-06-151
* postfix: Update to recommended TLS settings.Guilhem Moulin2016-05-181
* postfix: unset 'smtpd_tls_session_cache_database'.Guilhem Moulin2016-05-181
* Move /etc/ssl/private/dhparams.pem to /etc/ssl/dhparams.pem and make it public.Guilhem Moulin2016-05-181
* postfix: disable weak ciphers for the 'encrypt' TLS security level.Guilhem Moulin2016-05-181
* Add an ansible module 'fetch_cmd' to fetch the output of a remote command loc...Guilhem Moulin2016-05-181
* Let's EncryptGuilhem Moulin2016-03-021
* Upgrade playbooks to Ansible 2.0.Guilhem Moulin2016-02-121
* Use the Let's Encrypt CA for our public certs.Guilhem Moulin2015-12-202
* Automatically fetch X.509 certificates, and add them to git.Guilhem Moulin2015-12-031
* Fix address verification probes on the MSA.Guilhem Moulin2015-09-161
* Don't bounce unverified recipients upon 4xx errors.Guilhem Moulin2015-06-111
* Configure munin nodes & master.Guilhem Moulin2015-06-102
* Add a reserved domain 'discard.fripost.org' to discard messages.Guilhem Moulin2015-06-072
* Upgrade the MX configuration from Wheezy to Jessie.Guilhem Moulin2015-06-079
* logjam mitigation.Guilhem Moulin2015-06-071
* Configure the list manager (Sympa).Guilhem Moulin2015-06-071
* typoGuilhem Moulin2015-06-071
* typoGuilhem Moulin2015-06-071
* Split templates / files in lookup tables.Guilhem Moulin2015-06-078
* Replace Postgrey with postscreen.Guilhem Moulin2015-06-079
* Verify the validity of users before that of aliases.Guilhem Moulin2015-06-071
* Remove reject_unknown_sender_domain from the MX.Guilhem Moulin2015-06-071
* wibbleGuilhem Moulin2015-06-071
* Use the raw 'fripostListManager' as routing internal subdomain.Guilhem Moulin2015-06-071
* Fix $smtpd_sender_restrictions.Guilhem Moulin2015-06-071
* Explain why we use static transport maps and custom subdomains.Guilhem Moulin2015-06-072
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 05:47:40 +0000