Cipherli.st – strong ciphers for Apache, Nginx and Lighttpd

Cipherli.st – provides ready to use cipher configurations for a variety of applications, such as Apache, Nginx, Lighttpd, HAProxy, Exim, Postfix, Dovecot, OpenSSH, and others.  This is a huge time-saver for those of us not well versed in cryptography and security.

Don’t forget to use Qyalis SSL Labs SSL Server Test tool for the complete analysis of where you went wrong.

Redmine email notifications with Exim

When configuring Redmine project management to send email notifications, using Exim MTA, you might end up with test emails bouncing due to no recipients specified.  It’s a bit tricky to debug, but, fortunately, quite easy to fix.  The problem comes from different implementations of “-t” option handling for /usr/sbin/sendmail.  Redmine uses this option to specify on the command line to specify message recipients   However, Exim by default uses a different behavior, where it gets recipients from the message headers, and removes from that list recipients which are provided using the “-t” command line option.

The solution to the problem is a very simple – just add the following line to your /etc/exim/exim.conf file, as per this FAQ:

extract_addresses_remove_arguments = false