empress icon indicating copy to clipboard operation
empress copied to clipboard

C2S = TLSv1.2

Open taoeffect opened this issue 9 years ago • 1 comments

@MacLemon points out that C2S should be TLSv1.2. Our issues with TLSv1.2 were S2S (server-to-server). Figure out what parts can be safely made TLSv1.2 while preserving current defaults for everything else.

--- Want to back this issue? **[Post a bounty on it!](https://www.bountysource.com/issues/5800028-c2s-tlsv1-2?utm_campaign=plugin&utm_content=tracker%2F8064840&utm_medium=issues&utm_source=github)** We accept bounties via [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F8064840&utm_medium=issues&utm_source=github).

taoeffect avatar Nov 06 '14 04:11 taoeffect

I still don't understand this issue. We don't support STARTTLS for client SMTP submission or IMAP. Since we only use the TLS wrapper modes for both, it's impossible for C2S to be unencrypted.

S2S is a bit more complicated.

Unfortunately, the reality is that the servers we have to work with are worse than the clients.

We copied the "may" option from bettercrypto's config, and the postfix documentation actually states (about "encrypt"):

This security level is not an appropriate default for systems delivering mail to the Internet.

Also, the RFC for STARTTLS:

A publicly-referenced SMTP server MUST NOT require use of the STARTTLS extension in order to deliver mail locally. This rule prevents the STARTTLS extension from damaging the interoperability of the Internet's SMTP infrastructure. A publicly-referenced SMTP server is an SMTP server which runs on port 25 of an Internet host listed in the MX record (or A record if an MX record is not present) for the domain name on the right hand side of an Internet mail address.

@MacLemon, care to explain in more than 140 characters?

bgw avatar Nov 06 '14 04:11 bgw