From: "Massimo S." <ecs-isp@2rosenthals.com>
Received: from [192.168.100.201] (HELO mail.2rosenthals.com)
  by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10)
  with ESMTPS id 7892023 for ecs-isp@2rosenthals.com; Thu, 14 Sep 2023 03:34:22 -0400
Received: from secmgr-va.2rosenthals.com ([50.73.8.217]:60295 helo=mail2.2rosenthals.com)
	by mail.2rosenthals.com with esmtps  (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <ml@ecomstation.it>)
	id 1qggrb-0007ta-0B
	for ecs-isp@2rosenthals.com;
	Thu, 14 Sep 2023 03:34:11 -0400
Received: from mail2.quasarbbs.net ([80.86.52.115]:10068)
	by mail2.2rosenthals.com with esmtp (Exim 4.96)
	(envelope-from <ml@ecomstation.it>)
	id 1qggrT-0002tR-0E
	for ecs-isp@2rosenthals.com;
	Thu, 14 Sep 2023 03:34:04 -0400
X-SASI-Hits: BODYTEXTP_SIZE_3000_LESS 0.000000, BODY_SIZE_1300_1399 0.000000,
	BODY_SIZE_2000_LESS 0.000000, BODY_SIZE_5000_LESS 0.000000,
	BODY_SIZE_7000_LESS 0.000000, CTE_7BIT 0.000000, HTML_00_01 0.050000,
	HTML_00_10 0.050000, IN_REP_TO 0.000000, LEGITIMATE_SIGNS 0.000000,
	MSGID_SAMEAS_FROM_HEX_844412 0.100000, MSG_THREAD 0.000000,
	NO_CTA_URI_FOUND 0.000000, NO_URI_HTTPS 0.000000, REFERENCES 0.000000,
	REPLYTO_SAMEAS_FROM 0.000000, SENDER_NO_AUTH 0.000000, SUSP_DH_NEG 0.000000,
	TO_IN_SUBJECT 0.500000, __ANY_URI 0.000000, __BODY_NO_MAILTO 0.000000,
	__BOUNCE_CHALLENGE_SUBJ 0.000000, __BOUNCE_NDR_SUBJ_EXEMPT 0.000000,
	__CT 0.000000, __CTE 0.000000, __CT_TEXT_PLAIN 0.000000,
	__DC_PHRASE 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000,
	__DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000, __FRAUD_URGENCY 0.000000,
	__FROM_DOMAIN_NOT_IN_BODY 0.000000, __FROM_NAME_NOT_IN_ADDR 0.000000,
	__FROM_NAME_NOT_IN_BODY 0.000000, __FUR_HEADER 0.000000, __HAS_FROM 0.000000,
	__HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_REPLYTO 0.000000,
	__HEADER_ORDER_FROM 0.000000, __IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000,
	__MIME_BOUND_CHARSET 0.000000, __MIME_TEXT_ONLY 0.000000,
	__MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000, __MIME_VERSION 0.000000,
	__MOZILLA_USER_AGENT 0.000000, __MSGID_HEX_844412 0.000000,
	__NO_HTML_TAG_RAW 0.000000, __REFERENCES 0.000000,
	__REPLYTO_SAMEAS_FROM_ACC 0.000000, __REPLYTO_SAMEAS_FROM_ADDY 0.000000,
	__REPLYTO_SAMEAS_FROM_DOMAIN 0.000000, __SANE_MSGID 0.000000,
	__SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_HEUR 0.000000,
	__SCAN_D_NEG_HEUR2 0.000000, __SUBJ_ALPHA_END 0.000000,
	__SUBJ_ALPHA_NEGATE 0.000000, __SUBJ_REPLY 0.000000,
	__TO_IN_SUBJECT 0.000000, __TO_MALFORMED_2 0.000000, __TO_NAME 0.000000,
	__TO_NAME_DIFF_FROM_ACC 0.000000, __TO_REAL_NAMES 0.000000,
	__URI_MAILTO 0.000000, __URI_NO_WWW 0.000000, __URI_NS 0.000000,
	__USER_AGENT 0.000000
X-SASI-Probability: 10%
X-SASI-RCODE: 200
X-SASI-Version: Antispam-Engine: 5.1.1, AntispamData: 2023.9.14.71516
X-SASI-Hits: BODYTEXTP_SIZE_3000_LESS 0.000000, BODY_SIZE_1300_1399 0.000000,
	BODY_SIZE_2000_LESS 0.000000, BODY_SIZE_5000_LESS 0.000000,
	BODY_SIZE_7000_LESS 0.000000, CTE_7BIT 0.000000, HTML_00_01 0.050000,
	HTML_00_10 0.050000, IN_REP_TO 0.000000, LEGITIMATE_SIGNS 0.000000,
	MSGID_SAMEAS_FROM_HEX_844412 0.100000, MSG_THREAD 0.000000,
	NO_CTA_URI_FOUND 0.000000, NO_URI_HTTPS 0.000000, REFERENCES 0.000000,
	REPLYTO_SAMEAS_FROM 0.000000, SUSP_DH_NEG 0.000000, TO_IN_SUBJECT 0.500000,
	__ANY_URI 0.000000, __AUTH_RES_PASS 0.000000, __BODY_NO_MAILTO 0.000000,
	__BOUNCE_CHALLENGE_SUBJ 0.000000, __BOUNCE_NDR_SUBJ_EXEMPT 0.000000,
	__CT 0.000000, __CTE 0.000000, __CT_TEXT_PLAIN 0.000000,
	__DC_PHRASE 0.000000, __DQ_NEG_DOMAIN 0.000000, __DQ_NEG_HEUR 0.000000,
	__DQ_NEG_IP 0.000000, __FORWARDED_MSG 0.000000, __FRAUD_URGENCY 0.000000,
	__FROM_DOMAIN_NOT_IN_BODY 0.000000, __FROM_NAME_NOT_IN_ADDR 0.000000,
	__FROM_NAME_NOT_IN_BODY 0.000000, __FUR_HEADER 0.000000, __HAS_FROM 0.000000,
	__HAS_MSGID 0.000000, __HAS_REFERENCES 0.000000, __HAS_REPLYTO 0.000000,
	__HEADER_ORDER_FROM 0.000000, __IN_REP_TO 0.000000, __MAIL_CHAIN 0.000000,
	__MIME_BOUND_CHARSET 0.000000, __MIME_TEXT_ONLY 0.000000,
	__MIME_TEXT_P 0.000000, __MIME_TEXT_P1 0.000000, __MIME_VERSION 0.000000,
	__MOZILLA_USER_AGENT 0.000000, __MSGID_HEX_844412 0.000000,
	__NO_HTML_TAG_RAW 0.000000, __REFERENCES 0.000000,
	__REPLYTO_SAMEAS_FROM_ACC 0.000000, __REPLYTO_SAMEAS_FROM_ADDY 0.000000,
	__REPLYTO_SAMEAS_FROM_DOMAIN 0.000000, __SANE_MSGID 0.000000,
	__SCAN_D_NEG 0.000000, __SCAN_D_NEG2 0.000000, __SCAN_D_NEG_HEUR 0.000000,
	__SCAN_D_NEG_HEUR2 0.000000, __SUBJ_ALPHA_END 0.000000,
	__SUBJ_ALPHA_NEGATE 0.000000, __SUBJ_REPLY 0.000000,
	__TO_IN_SUBJECT 0.000000, __TO_MALFORMED_2 0.000000, __TO_NAME 0.000000,
	__TO_NAME_DIFF_FROM_ACC 0.000000, __TO_REAL_NAMES 0.000000,
	__URI_MAILTO 0.000000, __URI_NO_WWW 0.000000, __URI_NS 0.000000,
	__USER_AGENT 0.000000
X-SASI-Probability: 10%
X-SASI-RCODE: 200
X-SASI-Version: Antispam-Engine: 5.1.1, AntispamData: 2023.9.14.65716
Received: from [192.168.10.199] (dtp [192.168.10.199]) by srv2 (Weasel v2.849)
  for <ecs-isp@2rosenthals.com>; Thu, 14 Sep 2023 09:34:00 
Reply-To: ml@ecomstation.it
Subject: Re: [eCS-ISP] stunnel 5.58 help
To: eCS ISP Mailing List <ecs-isp@2rosenthals.com>
References: <list-7891916@2rosenthals.com>
Organization: eComStation dot it
Message-ID: <3ef135c6-cc1e-c689-b4bc-ad7cb17f164f@ecomstation.it>
Date: Thu, 14 Sep 2023 09:33:58 +0200
User-Agent: Mozilla/5.0 (OS/2; U; Warp 4.5; it-IT; rv:1.7.13) Gecko/20060424
 Thunderbird/1.0.8 Mnenhy/0.7.4.0
MIME-Version: 1.0
In-Reply-To: <list-7891916@2rosenthals.com>
Content-Type: text/plain; charset=iso-8859-15; format=flowed
Content-Language: it-IT
Content-Transfer-Encoding: 7bit



Il 14/09/2023 03:21, Steven Levine ha scritto:
> In <list-7891460@2rosenthals.com>, on 09/13/23
>     at 08:46 PM, "Massimo S." <ecs-isp@2rosenthals.com> said:
> 
> Hi,
> 
>> i don't want to buy a certificate SSL
> 
> There's always Let's Encrypt.  The only downside is the expire relatively
> quickly so you need to refresh the script more often than a purchased
> script.

i use LE on apache, but a cert. that expire each 3 months don't put thunderbird or other mail clients 
(outlook, smartphones etc.) out of work?
i mean the user don't receive new mails and have to do something to accept the new cert.?

>> should i use IJ fw to port fwd the 587 to something like 33333 :) do i
>> will allways reach 587 port from the inside LAN here?
> 
> I'm not sure I understand how you envision your setup or the full scope of
> your problem.  The user's are going to submit via 587.  Are you saying you
> want to port forward to 33333 internaally have have Weasel list to 33333.
> That can work, but what's the downside of passing port 587 through to the
> server running the weasel instance?
> 
> Steven

no, i don't want to expose port 587 to the world
i want to use another "strange" port like 33333, 44444, 55555 etc.

in about 20 years that i manage servers over the internet i've learned that moving ports
reduce the possibilities of hackers' attacks

massimo