published by whitemice on Thu, 12/10/2020 - 14:58
I have a postfix SMTP relay buried deep in a network behind proxy servers, all the infrastructure [sadly] is IPv4 only. This works, yet one ends up with many log messages like:
connect to smtp.office365.com[2603:1036:304:2857::2]:587: Network is unreachable
The server attempts if IPv6 result from the DNS lookup first. So let's make postfix use IPv4 only.
postconf -e inet_protocols=ipv4
That's it! No more "unreachable" log messages.
published by whitemice on Wed, 03/25/2015 - 10:00
Creating an in house signing [aka CA] certificate is a common practice; this allows you to generate free cerficates for internal use. For Windows hosts distributing this CA certificate to all the clients and relevant servers can be accomplished using Active Directory GPOs. Certificate management on LINUX hosts on the other hand has always been a swamp of tedium where the certificates often need to be configured into each client or service. Recent distributions have eased this process considerably by including a quasi-standardized set of scripts and certificate store locations.
