Christian Heutger

My feedback

  1. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  1 comment  ·  Feature Suggestions » Panel/Mail  ·  Flag idea as inappropriate…  ·  Admin →
    Christian Heutger commented  · 

    DMARC will fail similar to SPF on forwarding, which is e.g. supported and widely used in Plesk. You implemented SRS to prevent SPF to fail, ARC is the same for DMARC.

    Christian Heutger shared this idea  · 
  2. 10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Feature Suggestions » Mail  ·  Flag idea as inappropriate…  ·  Admin →
    Christian Heutger commented  · 

    1. or EC (https://tools.ietf.org/html/rfc8463) as 2048 bit also already going down to be insecure in the near future

    Christian Heutger supported this idea  · 
  3. 2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Feature Suggestions » Web / SSL  ·  Flag idea as inappropriate…  ·  Admin →
    Christian Heutger commented  · 

    Addendum: And do you also allow to set ciphers for other services like Plesk Panel here and different ciphers (because of worse support on client side) for mail server and to adjust DH param and EC DH param at cipher adjustment as otherwise it's still required to use sslmng in addition to what's provided in the plugin.

    Christian Heutger shared this idea  · 
  4. 17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →
    Christian Heutger supported this idea  · 
  5. 15 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Feature Suggestions » Web / HTTP functions  ·  Flag idea as inappropriate…  ·  Admin →
    Christian Heutger supported this idea  · 
  6. 34 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →
    Christian Heutger commented  · 

    Fully agree, for VPS as well as for Raspberry Pi there are many install scripts on how to install OpenVPN, Sophos UTM and others integrate OpenVPN as well, however none of such setups is such restricted and unusable as the Plesk VPN. Also need to adjust to use with MacOS Viscosity.

    Christian Heutger supported this idea  · 
  7. 94 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  Feature Suggestions » Mail  ·  Flag idea as inappropriate…  ·  Admin →
    Christian Heutger commented  · 

    I would welcome rspamd. SA needs very much tweaks (additional to post-greet and rbl tweaks on postfix) to get close: Pyzor, Razor(2), DCC, adjustable/addable different rulesets, special plugins, GeoIP filtering, bayes could be fed with spam by spam archives like http://artinvoice.hu/spams/, should be tweaked by KAM rules etc. Look at my post on Proxmox Mail Gateway which is an antispam gateway, but also need tweaks. Great would be to have all of this in Plesk. A global bayes database for all Plesk users may help.

    Christian Heutger supported this idea  · 
  8. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →
    Christian Heutger shared this idea  · 
  9. 43 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  1 comment  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →
    Christian Heutger supported this idea  · 
  10. 17 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  2 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →
    Christian Heutger commented  · 

    For the first step would be great to automatically apply:

    plesk sbin sslmng -vvv --strong-dh --dhparams-size=2048

    And add:

    plesk sbin sslmng --ciphers="ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA" --protocols="TLSv1.2" --services="proftpd sw-cp-server nginx apache autoinstaller dovecot" --custom -vvv

  11. 8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    open discussion  ·  5 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →
    Christian Heutger commented  · 

    There are many issues with selinux enabled, so that's no support.

    Christian Heutger supported this idea  · 
  12. 286 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    planned  ·  68 comments  ·  Feature Suggestions » Plesk (general)  ·  Flag idea as inappropriate…  ·  Admin →
    Christian Heutger supported this idea  · 
    Christian Heutger commented  · 

    Support the idea for multi-homed environment requiring a local IP for local access in addition with a VPN IP for VPN access. With an alias I could choose a local and a VPN name.

  13. 14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Feature Suggestions » Security  ·  Flag idea as inappropriate…  ·  Admin →
    Christian Heutger shared this idea  · 

Feedback and Knowledge Base