From: "Steven Levine" Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTPS id 7892470 for ecs-isp@2rosenthals.com; Thu, 14 Sep 2023 11:10:52 -0400 Received: from secmgr-va.2rosenthals.com ([50.73.8.217]:32849 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1qgnzN-0005t8-0C for ecs-isp@2rosenthals.com; Thu, 14 Sep 2023 11:10:41 -0400 Received: from mta-201a.earthlink-vadesecure.net ([51.81.229.180]:34641) by mail2.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from ) id 1qgnzF-0000ta-2o for ecs-isp@2rosenthals.com; Thu, 14 Sep 2023 11:10:34 -0400 DKIM-Signature: v=1; a=rsa-sha256; bh=eW0XMjYulkAqhG2FQexQNoUWOkvoUY1dJAop5L dZExk=; c=relaxed/relaxed; d=earthlink.net; h=from:reply-to:subject: date:to:cc:resent-date:resent-from:resent-to:resent-cc:in-reply-to: references:list-id:list-help:list-unsubscribe:list-subscribe:list-post: list-owner:list-archive; q=dns/txt; s=dk12062016; t=1694704232; x=1695309032; b=hyqxpsP4GlbSbHd+3rzs1IB6z7I64w63DwLZx/rXCHGYIPVPIRv9KLy maIDswunA9XmH1/j0rk1WM7sjAoFH/4wuVKV2ietFLF1paxV3o+MP+55UnrSWGraYVIFHl5 fgHiOHLnelX6HZVEM/gda38WFYWquXVIeDUntmdKGXTQI6LddOZaXtx1he7cxFhPxoaU9hs jUgMBmKK352RCNdsE6J6M0+dR3kZIT+gf9t0rZuhDqPJH+AYeM2k03shIohNzwnBjOhpIgC XTmaovwuTjOkYDbK93IQ+N+NKP8ro/9ipEzVAgr5B6uV4BGcQMfEyPJIFNwxHIVxekD+kY+ dtA== Received: from slamain ([108.193.253.100]) by vsel2nmtao01p.internal.vadesecure.com with ngmta id 87212e28-1784cc85396ca693; Thu, 14 Sep 2023 15:10:32 +0000 Message-ID: <65032048.20.mr2ice.fgrirsq@earthlink.net> Date: Thu, 14 Sep 2023 08:01:28 -0700 To: "eCS ISP Mailing List" In-Reply-To: Subject: Re: [eCS-ISP] stunnel 5.58 help X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v3.00.11.24/60 In , on 09/14/23 at 09:33 AM, "Massimo S." said: Hi Massimo, >i use LE on apache, but a cert. that expire each 3 months don't put >thunderbird or other mail clients (outlook, smartphones etc.) out of >work? >i mean the user don't receive new mails and have to do something to >accept the new cert.? I'm not 100% sure. It depends on the client. For examaple, Paul and netlabs use LE certs and when I access these sites with a browser, I'm never prompted to accept and updated cert. However, when I access via git, I get prompted. Both clients are making https connections. To be sure how your client's mail clients will react, you need to test. >in about 20 years that i manage servers over the internet i've learned >that moving ports reduce the possibilities of hackers' attacks It keeps the naive ones away. The smart ones know how to port scan and discover the ports that are running servers. Steven -- ---------------------------------------------------------------------- "Steven Levine" Warp/DIY/BlueLion etc. www.scoug.com www.arcanoae.com www.warpcave.com ----------------------------------------------------------------------