Outdated TLS

Request and discuss new features you would like to have.
Post Reply
Justin
Posts: 105
Joined: 18 Sep 2014 13:00
Location: The Netherlands
Contact:

Outdated TLS

Post by Justin » 14 Feb 2020 08:03

Since TLS 1.0 and TLS 1.1 will be phased out on March 2020, i would like to suggest removing/disabling it in EFA.

An additional request would be to integrate the Mozilla SSL Config list, which contains all the secure cihpers so you don't have to edit/remove them manually. (https://ssl-config.mozilla.org/)
I have manually disabled the TLS 1.0 and 1.1 of smtp/smtpd for now but adding it as an option would be great.

It does show a few other warnings:
https://en.internet.nl/mail/uitvaartver ... nl/321661/
- Client-initiated renegotiation
- Key Exchange parameters
- Cipher Order

Also see: https://github.com/E-F-A/v4/issues/113

gregecslo
Posts: 40
Joined: 09 Sep 2018 17:55

Re: Outdated TLS

Post by gregecslo » 15 Feb 2020 19:39

"I have manually disabled the TLS 1.0 and 1.1 of smtp/smtpd for now but adding it as an option would be great."

Don`t do that.
There are many servers out there running on 1 and 1.1.

You will essentially loose mail from them.

Better to filter than loose important email.

Post Reply