serv/mox
1
0
Fork 0
mirror of https://github.com/mjl-/mox.git synced 2024-12-26 08:23:48 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
mox/queue
History
Mechiel Lukkien 8ca198882e
security fix: use correct domain for mta-sts, that of the email address 
the original next-hop domain. not anything after resolving cname's, because
then it takes just a single injected dns cname record to lead us to an
unrelated server (that we would verify, but it's the wrong server).

also don't fallback to just strict tls when something is wrong. we must use the
policy to check if an mx host is allowed. the whole idea is that unsigned dns
records cannot be trusted.

i noticed this while implementing dane.
2023-10-14 22:30:43 +02:00
..
direct.go security fix: use correct domain for mta-sts, that of the email address 2023-10-14 22:30:43 +02:00
dsn.go make mox compile on windows, without "mox serve" but with working "mox localserve" 2023-10-14 10:54:07 +02:00
queue.go make mox compile on windows, without "mox serve" but with working "mox localserve" 2023-10-14 10:54:07 +02:00
queue_test.go make mox compile on windows, without "mox serve" but with working "mox localserve" 2023-10-14 10:54:07 +02:00
submit.go implement dnssec-awareness throughout code, and dane for incoming/outgoing mail delivery 2023-10-10 12:09:35 +02:00