Reply to this topicStart new topicStart Poll

> Xmail Tls 1.2, Upgrade to this protocol possible?
doublej
Posted: Feb 21 2018, 03:23 PM
Quote Post


Newbie
*

Group: Members
Posts: 1
Member No.: 2427
Joined: 7-February 07



Hello everybody.

Here is a fan of Xmail since 2003. wink.gif

I'm running Xmail 1.27 on Windows with latest openssl (1.1.0g 2 Nov 2017).
I've setup SSL configuration (server.key, server.cert, server.tab, ...) and I'm able to connect through STARTTLS / SSL from several clients (Thunderbird, Android Mail, K9-Mail...).

Everything works fine but now TLS 1.0 is obsolete (and insecure). So I'm interested to setup a TLS 1.2.

With the following command we are able to see our SSL capabilities:
openssl s_client -connect mail.myxmailserver.com:25 -starttls smtp

My Xmail server ciphers connection with TLS1.0 as seen here:

QUOTE

New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : AES256-SHA



On the other way, Gmail servers answer to same command with a nice TLS1.2, see now:
openssl s_client -connect smtp.gmail.com:25 -starttls smtp

QUOTE

New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256



This is a MUST to send crypted email to masive servers as Gmail or Outlook. Now, even with a perfect setup we are sending emails though plain text because remote servers drops TLS1.0. This scenario implies loss of reputation and go to spam folder.

I guess how could we force Xmail to negotiate TLS 1.2.
I don't know if this kind of feature relies on openssl or is managed by Xmail executable.

Will be this issue enough to see a new release...? I will love a Xmail 1.28.... wink.gif

Thanks for your time.
Doublej.
PMEmail Poster
Top
0 User(s) are reading this topic (0 Guests and 0 Anonymous Users)
0 Members:
« Next Oldest | XMail Server | Next Newest »

Reply to this topicStart new topicStart Poll