Re: Insecure Mail Sending Warning

help-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Insecure Mail Sending Warning

From:	Robert Pluim
Subject:	Re: Insecure Mail Sending Warning
Date:	Fri, 23 Oct 2020 18:09:35 +0200

>>>>> On Fri, 23 Oct 2020 01:35:35 +0100, Robert Thorpe 
>>>>> <rt@robertthorpeconsulting.com> said:

    Robert> When I send mail I get a warning about security.
    >> The TLS connection to <mailserver> is insecure for the following reason:
    >> 
    >> * TLS1.0 protocol is deprecated by standard bodies.

    Robert> Where <mailserver> is the URL of my mailserver.

    Robert> Can I fix this or is the problem on my mail provider's side?

The problem is on the mail provider's side, I think.

Iʼm kind of surprised that a real mail provider still enables
TLS1.0. You can test what it supports using

gnutls-cli -p 587 <mailserver>

    Robert> I'm using port 587, which I thought was correct.

587 is the mail submission port. It normally starts out in cleartext,
and is then upgraded to TLS with a STARTTLS command. Iʼd recommend
465, which is TLS-only (although you'd have to set
smtpmail-stream-type to 'tls)

You'd still get the warning, but at least the entire connection would
be encrypted (not that that means much when using TLS1.0)

Robert
--

[Prev in Thread]

Current Thread

[Next in Thread]

Insecure Mail Sending Warning, Robert Thorpe, 2020/10/22
- Re: Insecure Mail Sending Warning, Robert Pluim <=
  - Re: Insecure Mail Sending Warning, Robert Thorpe, 2020/10/23
    - Re: Insecure Mail Sending Warning, Robert Pluim, 2020/10/24

Prev by Date: Re: Set-window-vscroll sometimes doesn't work
Next by Date: Re: Set-window-vscroll sometimes doesn't work
Previous by thread: Insecure Mail Sending Warning
Next by thread: Re: Insecure Mail Sending Warning
Index(es):
- Date
- Thread