Tuning / Improving your security using external online tools would be another possible headline for this article. There are a few pages I regularly use to optimize my configuration. Here’s a small guide.Continue reading How I configure my sites in NGINX
Amavisd-new and DKIM
Currently I’m playing around with amavisd-new and amavis-milter. Trying to analyse a maybe-bug I temporarily disabled DKIM signing. Then I had the glory idea to send an E-Mail to the amavis maillinglist. It sort of caused some mail reporting storm back to me. In this article I’ll show you, how you can configure amavisd-new to do DKIM verification and DKIM signing. But first, here’s one of those reports:Continue reading Amavisd-new and DKIM
Setup MTA-STS and TLSRPT
What is MTA-STS (MTA Strict Transport Security) about?
MTA-STS basically enforces TLS for your mail communication, similar to HTTP Strict Transport Security (HSTS) for HTTP/HTTPS traffic. By telling the sender that TLS has to be used one can reduce / stop Man-in-the-Middle (MITM) attacks. A probably better explanation is found in the abstract of the RFC:Continue reading Setup MTA-STS and TLSRPT