This directive appeared in version 1.19.4.

If enabled, SSL handshakes in the server block will be rejected.

For example, in the following configuration, SSL handshakes with server names other than are rejected:

server {
    listen               443 ssl default_server;
    ssl_reject_handshake on;

server {
    listen              443 ssl;

Use the SecurityTrails API to fetch any domain, DNS, and IP-related data. Our easy-to-use API can help you enriching your datasets or adding value to your service:

Manage infrastructure sprawl and find forgotten digital assets
Search everything from one convenient place
Make the right call with comprehensive datasets
Get an accurate read on associated domains
Find key facts fast with curated and up-to-date data

- 阅读剩余部分 -

The Debian project is pleased to announce the second update of its stable distribution Debian 12 (codename bookworm). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available.

Please note that the point release does not constitute a new version of Debian 12 but only updates some of the packages included. There is no need to throw away old bookworm media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror.

Rspamd is an advanced spam filtering system and email processing framework that allows evaluation of messages by a number of rules including regular expressions, statistical analysis and custom services such as URL black lists. Each message is analysed by Rspamd and given a verdict that might be used by MTA for further processing (e.g. to reject a message, or add a special header indicating spam) along with other information, such as possible DKIM signature or modifications suggested for a message.

Rspamd can act as a Milter allowing direct interaction with popular MTA systems, such as Postfix or Sendmail.

Rspamd is designed to process hundreds of messages per second simultaneously, and provides a number of useful features including a comprehensive Lua API that allows access to messages processing in various aspects as well as asynchronous network API to access external resources, such as DNS, HTTP or even generic TCP/UDP services.