Disabling SSLv3 to block Poodle

The new Poodle vulnerability lead me to disable SSLv3 on my Ubuntu server. I have TLS/SSL enabled on three services: apache2, exim4, and dovecot2. Each service required a different method to disable SSLv3. Ubuntu uses configuration files split into small pieces. The method should apply to other distributions, although the configuration files may be arranged […]

Implementing DKIM with Exim

This article was updated in February 2014 to reflect changes policy and reporting options. The earlier ADSP (Author Domain Signing Practices) information has been removed. DomainKeys Identified Mail (DKIM) provides a method to confirm the origin of an e-mail. DKIM also provides some protection against tampering. Unlike SPF, this validation applies to the contents of […]

Signing Return Path Addresses with Exim

I have been receiving a fair amount of Spam from an e-mail forwarder.  They are unwilling to correct their problems.  Much of the Spam they forward is the form of bounce notifications.  Attempting to reject other Spam resulted in more notifications.  To control this Spam I implemented signed return path addresses.  As a side benefit, […]