Services

  • Status Closed
  • Percent Complete
    100%
  • Task Type Security Issue
  • Category HyperMail/Mail Service → Mail Service Issue
  • Assigned To No-one
  • Operating System All
  • Severity High
  • Priority Very Low
  • Reported Version 1.0
  • Due in Version Undecided
  • Due Date Undecided
  • Votes
  • Private
Attached to Project: Services
Opened by Adonay Felipe Nogueira - 18/07/2020
Last edited by Márcio Silva - 27/04/2021

FS#1519 - Please "support" TLS 1.2 instead of requiring it for emails

The requirement for TLS 1.2 in email effectively isolated us from internet, and yelling for change isn’t working even in communications with other free/libre system distributions and mailing lists related to free/libre software (both for software and for discussions related to the movement itself). :)

Many mailing lists at gnu.org, fsf.org, fsfla.org, libreplanet.org, and also in other free/libre system distributions aren’t accessible (e.g.: Trisquel).

Closed by  Márcio Silva
27.04.2021 23:06
Reason for closing:  Won't fix
Adonay Felipe Nogueira commented on 18.07.2020 22:29

N18:35:40 - pehjota: […] ot everything needs to be encrypted, and for things that do need it, encrypting traffic between MTAs is often not sufficient (mail may still be stored unencrypted on an untrustworthy provider's IMAP server).

I get wanting to encrypt all the things to hide sensitive traffic among normal traffic (making targeting more difficult), but refusing to talk at all with anyone not implementing the strictest of standards doesn't really help with that in practice. It actually means less encrypted traffic.

Supporting TLS 1.2 is great, but requiring it is somewhat self-defeating, and OpenPGP is in some ways better.

Adonay Felipe Nogueira commented on 18.07.2020 22:45

Last message was quoted from irc://chat.freenode.net/#trisquel-dev.

Admin
Márcio Silva commented on 27.04.2021 23:06

Hyperbola email services (including mailing list) use OpenSMTPD.
The OpenSMTPD contains only "SMTPD" protocol and only allow to configure with TLSv1.2 (and TLSv1.3 in future opensmtpd package); or without "security" (and without "password").
I cannot setup optional TLS, due any user access the emails without security mechanism, except TLS.
And I forced TLS on received email to reduce SPAM.
I will not change SMTPD server and set this bug as won't fix.

Thanks for reporting this problem.

Date User Effort (H:M)

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing