[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Insecure Mail Sending Warning
From: |
Robert Pluim |
Subject: |
Re: Insecure Mail Sending Warning |
Date: |
Fri, 23 Oct 2020 18:09:35 +0200 |
>>>>> On Fri, 23 Oct 2020 01:35:35 +0100, Robert Thorpe
>>>>> <rt@robertthorpeconsulting.com> said:
Robert> When I send mail I get a warning about security.
>> The TLS connection to <mailserver> is insecure for the following reason:
>>
>> * TLS1.0 protocol is deprecated by standard bodies.
Robert> Where <mailserver> is the URL of my mailserver.
Robert> Can I fix this or is the problem on my mail provider's side?
The problem is on the mail provider's side, I think.
Iʼm kind of surprised that a real mail provider still enables
TLS1.0. You can test what it supports using
gnutls-cli -p 587 <mailserver>
Robert> I'm using port 587, which I thought was correct.
587 is the mail submission port. It normally starts out in cleartext,
and is then upgraded to TLS with a STARTTLS command. Iʼd recommend
465, which is TLS-only (although you'd have to set
smtpmail-stream-type to 'tls)
You'd still get the warning, but at least the entire connection would
be encrypted (not that that means much when using TLS1.0)
Robert
--