|Printable Version of Topic
Click here to view this topic in its original format
|XMail Forum > XMail Server > Xmail Tls 1.2|
|Posted by: doublej Feb 21 2018, 03:23 PM|
| Hello everybody.
Here is a fan of Xmail since 2003.
I'm running Xmail 1.27 on Windows with latest openssl (1.1.0g 2 Nov 2017).
I've setup SSL configuration (server.key, server.cert, server.tab, ...) and I'm able to connect through STARTTLS / SSL from several clients (Thunderbird, Android Mail, K9-Mail...).
Everything works fine but now TLS 1.0 is obsolete (and insecure). So I'm interested to setup a TLS 1.2.
With the following command we are able to see our SSL capabilities:
openssl s_client -connect mail.myxmailserver.com:25 -starttls smtp
My Xmail server ciphers connection with TLS1.0 as seen here:
On the other way, Gmail servers answer to same command with a nice TLS1.2, see now:
openssl s_client -connect smtp.gmail.com:25 -starttls smtp
This is a MUST to send crypted email to masive servers as Gmail or Outlook. Now, even with a perfect setup we are sending emails though plain text because remote servers drops TLS1.0. This scenario implies loss of reputation and go to spam folder.
I guess how could we force Xmail to negotiate TLS 1.2.
I don't know if this kind of feature relies on openssl or is managed by Xmail executable.
Will be this issue enough to see a new release...? I will love a Xmail 1.28....
Thanks for your time.