[AusNOG] Issues receiving from TPG Mail servers.
Mark Newton
newton at atdot.dotat.org
Mon Jul 23 15:36:45 EST 2018
> On Jul 23, 2018, at 3:27 PM, Rob Thomas <xrobau at gmail.com> wrote:
>
>> But shouldn't your public mail server be out of scope for PCI?
>
> Here. ladies and gentleman, is a nerd that has never encountered the
> insanity and conflicting information that is PCI. Be quiet, we don't
> want to scare it.
>
> In all seriousness, yes, they will fail you if you have anything
> listening on a machine that accepts TLS1.0 connections.
Then you push back, and they don’t.
That’s how it works.
If you have an incompetent auditor and you’re a passive customer, you’re going to have a bad time.
If you know what you’re doing, know where the boundaries of the CDE are, and know what the PCI-DSS spec actually says, and push back on the auditor’s nonsense when they step out of bounds, then you’ll have a better time.
You’re the auditor’s customer. You have a right to expect that they aren’t shit.
- mark
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20180723/a013dac2/attachment.html>
More information about the AusNOG
mailing list