-
-
Notifications
You must be signed in to change notification settings - Fork 460
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update procedure of selfhosting #1909
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please target this branch new-self-host-version
instead? It contains the latest version of the doc and will be merged back to master soon.
@@ -329,8 +330,8 @@ smtpd_recipient_restrictions = | |||
reject_unknown_recipient_domain, | |||
permit_mynetworks, | |||
reject_unauth_destination, | |||
reject_rbl_client zen.spamhaus.org, | |||
reject_rbl_client bl.spamcop.net, | |||
reject_rbl_client zen.spamhaus.org=127.0.0.[2..11], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do you have any doc on spamhaus pointing to this change?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I do not. Sorry, will revert.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree with @hoyohayo : if using an open resolver almost every email would get blocked (https://www.spamhaus.org/news/article/788/spamhaus-dnsbl-return-codes-technical-update) and the standard return codes are available here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I confirm an error when using open resolvers, here is the error:
554 5.7.1 Service unavailable; Client host [xxx] blocked using zen.spamhaus.org; Error: open resolver; https://www.spamhaus.org/returnc/pub/172.71.133.37;
I'm using google DNS for my docker as recommended workaround here
https://www.spamhaus.com/resource-center/successfully-accessing-spamhauss-free-block-lists-using-a-public-dns/
but I don't really like using google DNS...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Metabaron1 I would recommend something like this alongside a PTR and you're good to go ;)
@@ -74,9 +74,10 @@ Setting up DKIM is highly recommended to reduce the chance your emails ending up | |||
First you need to generate a private and public key for DKIM: | |||
|
|||
```bash | |||
openssl genrsa -out dkim.key 1024 | |||
openssl genrsa -traditional -out dkim.key 1024 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@nguyenkims since dkimpy v1.1.0, PKCS#8 is supported. What about you increase the minimum version instead?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you know if it's compatible with the old key that people generated? I want to make sure that when people upgrade SL, they don't have any issue.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's a try/except trying the old key standard first so still compatible :D.
No description provided.