Archive for the ‘E-Mail’ Category

The Ten Commandments of E-Mail Security

by Jason Stewart
It’s 2016, and e-mail still poses a lot of security problems.

ISP Quietly Kills E-Mail Security

by Jason Stewart
To encrypt the transmission of e-mail from our e-mail clients (Outlook, Thunderbird, Windows Mail, iMail, iPhone Mail, Android Mail, etc.) to our e-mail servers, many of us (whether we know it or not) are using STARTTLS. STARTTLS is a way for clear text communication protocols to “upgrade” to a secured connection.  If client and server […]

SSL/TLS Security Theater

by Jason Stewart
Thanks to the recent NSA/Snowden allegations, all of the major websites have been sending every cat picture, post, and tweet over “secure” HTTP (HTTP/S).  This particular usage of HTTP/S is dangerous theater. HTTP/S only secures a connection between two endpoints.  An endpoint would be a device (like your phone or desktop) or a server (like […]

SSL/TLS for Postfix, Apache, and Dovecot

by Jason Stewart
Step 1: Create the Certificate Signing Request (CSR) openssl req -nodes -newkey rsa:2048 -keyout mysite.com.key -out mysite.com.csr It will ask the following questions. Answer all of them except for the last two (challenge password and optional company name). If you do set a challenge password, each program which uses the certificate will also need to […]

Sort Exchange Mailboxes by Size

by Jason Stewart
Need to know who the piggy is on your Exchange server? Try this command in Exchange PowerShell: Get-MailboxStatistics | sort-object TotalItemSize | FT DisplayName, ItemCount, TotalItemSize, LastLogonTime