[AusNOG] Issues receiving from TPG Mail servers.

Mark Newton newton at atdot.dotat.org
Mon Jul 23 15:36:45 EST 2018

> On Jul 23, 2018, at 3:27 PM, Rob Thomas <xrobau at gmail.com> wrote:
>> But shouldn't your public mail server be out of scope for PCI?
> Here. ladies and gentleman, is a nerd that has never encountered the
> insanity and conflicting information that is PCI.  Be quiet, we don't
> want to scare it.
> In all seriousness, yes, they will fail you if you have anything
> listening on a machine that accepts TLS1.0 connections.

Then you push back, and they don’t.

That’s how it works.

If you have an incompetent auditor and you’re a passive customer, you’re going to have a bad time.

If you know what you’re doing, know where the boundaries of the CDE are, and know what the PCI-DSS spec actually says, and push back on the auditor’s nonsense when they step out of bounds, then you’ll have a better time.

You’re the auditor’s customer. You have a right to expect that they aren’t shit.

  - mark

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20180723/a013dac2/attachment.html>

More information about the AusNOG mailing list