Maintained by: NLnet Labs

[Unbound-users] Question about qtype=any

Kevin Chadwick
Tue Jul 19 22:21:30 CEST 2011


On Tue, 19 Jul 2011 00:55:30 +0200 (CEST)
<> wrote:

> An old unpatched qmail might be secure - but it would also be incapable
> of delivering some email.

Or should it really be that these systems are incapable of receiving
some email. RFCs are good things but sometimes go too far or are
enforced too strongly, like Exim blocking MX IPs or ssl enforcement (I
forget the name H?) that blocks people with a failed bios battery
(wrong time)from connecting to your website via ssl without! offering
even an authenticated override. Like that's gonna take off, especially
when you can use the header to force ssl.

If the qmail system is that old they probably don't care or talk
to these new fangled systems. I really hope there aren't any sendmail
ones still out there spamming everyone, or worse.

Atleast the admins of those qmail systems would most likely take the
slight trouble of supporting starttls if they set them up now. Your
criticising these thoughtful and caring peoples servers even if they
may have retired now and noone knows how or wants to replace that
system with some exchange crap. Years ago an advisory was put out that
mail servers should enable ssl. I understand free yahoo services saving
bandwidth/cpu. But the number of these great "brand new" servers
ignoring my ehlo starttls is astounding.