securitytxt.org
Mailcow
securitytxt.org | Mailcow | |
---|---|---|
42 | 181 | |
61 | 7,994 | |
- | 2.5% | |
3.8 | 9.4 | |
17 days ago | 4 days ago | |
HTML | JavaScript | |
MIT License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
securitytxt.org
-
How to respond to unsolicited vulnerability report from users of public sites?
You might consider setting up security.txt notifications, per RFC 9116, to funnel people into the right notification paths. Otherwise, they might try spamming random emails they find or can guess at. I've had external researchers contact our CTO and CEO directly, creating a new problem for me.
-
How to make a bounty bug request
Check if they have a security.txt, if they do not, check their /security. If both come up empty, use any contact form that they have available.
- A qui dénoncer une brèche?
-
Anywhere I can advertise a bounty for my site?
In addition to the Bug bounty programs already posted in the comments, I'd suggest you create a security.txt with a dedicated security contact.
-
need advice please
Does the website have a responsible disclosure page or a security.txt?
-
Whats the policy on posting open government or international government directories?
there's technically https://securitytxt.org as well; but sadly it's not in super duper wide deployment (some big places have it, though!)
-
Implementation of RFC 9116 (security.txt) as well as possibility for encrypted contact
Especially in the area you guys are operating in, I think it would be great if you could implement RFC 9116 (https://securitytxt.org/). If someone finds a vulnerability on your website, the client or even the SPN, this would make communication or a responsible disclosure process much easier. Furthermore, it would be great if the possibility for secure communication with your staff (e.g. using GPG) would be possible.
- I found a security issue on a website, came on a different sub to ask how to monetise this, gave the owners one week to give me a job, then when they didn't, made a tiktok about it to say how knowledgeable in IT I am. Why are they threatening me?
-
Infosys leaked FullAdminAccess AWS keys on PyPI for over a year
When do companies finally start adopting the `security.txt` proposal (see https://securitytxt.org).
Would have made a big difference!
- security.txt
Mailcow
- Docker Compose: version` is obsolete warning
-
Ask HN: Self Hosting an Email Server?
I've been running mailcow [1] on a Hetzner cloud server for a few years and am pretty happy with it.
[1] https://mailcow.email
-
Free Zoho Mail alternatives for using custom email domain?
I have been searching for a self-hosted suite similar to Google Worksuite. I found the following: 1. Mailcow - https://mailcow.email/
-
Roundcube and docker-mailserver (Docker Mailserver) on the same VPS
Yes, I switched to mailcow (https://mailcow.email) and installed Roundcube via the excellent tutorial (https://docs.mailcow.email/third_party/roundcube/third_party-roundcube).
- Mailcow: Dockerized
-
Zimbra 0-day used to steal email data from government organizations
I've heard good things about mailcow
https://mailcow.email/
-
Domains and Email hosting
You can self host email if you really want to, but it's really more trouble than it's worth. If you do self host, you have to worry about the consequences of missed emails if your server or Internet ever goes down, and you'll have to use someone else's SMTP server if you don't want your emails to go directly to spam. The cheapest good SMTP server is Amazon SES, which I believe is $0.10 per 10k emails. I've been looking into mailcow for self hosting an email server and it seems the best way to go.
-
Ok, I've migrated email to selfhosted
However, https://mailcow.email/ is the ONLY exclusion I make for that. As it's an all in one docker managed solution. Where the only things you have to worry about is the reputation of your mailing IP.
-
Any self hosted disposable email address generators?
But its probably easier to use a dockerized container with all the mail stuff integrated and pre-setup like: https://mailcow.email/
-
Solutions for selfhosted internal-only email?
If you're looking for a full solution that I haven't tried (due to resources) try: MailCow. Good luck.
What are some alternatives?
security.txt
Mail-in-a-Box - Mail-in-a-Box helps individuals take back control of their email by defining a one-click, easy-to-deploy SMTP+everything else server: a mail server in a box.
countwords - Playing with counting word frequencies (and performance) in various languages.
Mailu - Insular email distribution - mail server as Docker images
hipaa-compliance-developers-guide - A developers guide to HIPAA compliance and application development.
iRedMail
wyhash - The FASTEST QUALITY hash function, random number generators (PRNG) and hash map.
modoboa - Mail hosting made simple
irssi - The client of the future
docker-mailserver - A fullstack but simple mail server (SMTP, IMAP, LDAP, Antispam, Antivirus, etc.) using Docker. [Moved to: https://github.com/docker-mailserver/docker-mailserver]
password-manager-resources - A place for creators and users of password managers to collaborate on resources to make password management better.
docker-mailserver - Production-ready fullstack but simple mail server (SMTP, IMAP, LDAP, Antispam, Antivirus, etc.) running inside a container.