STARTTLS becoming a security issue

STARTTLS becoming a security issue

Postby EKjellquist » Wed Aug 18, 2021 9:34 pm

A lot of new CVEs out for most implementations of STARTTLS, which is slowly becoming more of a risk. Utilizing AMS' built-in features along with IPBan or similar tool help tremendously, but eventually moving away from implicit connections and serving strictly explicit connections is coming down the pike...

https://cyware.com/news/starttls-flaws-affecting-major-email-clients-and-servers-b68936f7
EKjellquist
 
Posts: 67
Joined: Tue Sep 09, 2014 10:40 pm

Re: STARTTLS becoming a security issue

Postby Code Crafters » Wed Aug 25, 2021 9:00 am

You can disable either implicit SSL (separate port with SSL from the start of the connection) or explicit SSL (normal SMTP port(s) with SSL negotiated after connecting) but unticking those options within SMTP. Are you saying you need something else more than this though?
Code Crafters
 
Posts: 890
Joined: Mon Sep 10, 2007 2:35 pm

Re: STARTTLS becoming a security issue

Postby EKjellquist » Wed Sep 01, 2021 8:53 pm

At the moment, no it's not a need, just another consideration for AMS upgrading; looking forward to hearing about AMS 5 betas this year, hopefully...
EKjellquist
 
Posts: 67
Joined: Tue Sep 09, 2014 10:40 pm

Re: STARTTLS becoming a security issue

Postby Code Crafters » Wed Sep 01, 2021 11:09 pm

But since you already can disable STARTTLS by turning off "Use Explicit SSL", are you suggesting some other feature that would be needed? If so, can you explain what the feature would do in more detail please?

As for AMS5, we're looking at doing an AMS5 release pretty soon. The initial release will include a lot of WebMail upgrades and bug fixes including adding a lot more language translations for WebMail which is the breaking change that forces a version 5. After the initial release, we hope to add DKIM and TLS 1.3 after but both are pretty big updates so no release dates confirmed for those yet.
Code Crafters
 
Posts: 890
Joined: Mon Sep 10, 2007 2:35 pm


Return to General

Who is online

Users browsing this forum: No registered users and 5 guests

cron