infrastructure/mox
1
0
Fork 0
mirror of https://github.com/mjl-/mox.git synced 2025-07-12 17:04:39 +03:00
Code Issues Packages Projects Releases Wiki Activity

when suggesting CAA records for a domain, suggest variants that bind to the account id and with validation methods used by mox

Browse Source 
should prevent potential mitm attacks. especially when done close to the
machine itself (where a http/tls challenge is intercepted to get a valid
certificate), as seen on the internet last month.
This commit is contained in:
Mechiel Lukkien
2023-12-21 15:16:30 +01:00
parent ca97293cb2
commit db3fef4981
11 changed files with 123 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
testdata/integration/moxmail2.sh vendored
View File

@ -23,7 +23,8 @@ TLS:
EOF
# A fresh file was set up by moxacmepebble.
sed -n '/^;/,/CAA /p' output.txt >>/integration/example-integration.zone
sed -n '/^;/,/will be suggested/p' output.txt >>/integration/example-integration.zone
unbound-control -s 172.28.1.30 reload # reload unbound with zone file changes
mox -checkconsistency serve &