邮件列表#106408信息CGatePro@mail.stalker.com
从: Nicolas Hatier <nicolas.hatier@niversoft.com>
主题: Re: SMTP and TLS 1.2
日期: Fri, 12 May 2017 18:40:59 -0400
到: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>

This is for the oldest accepted protocol when accepting a connection from the outside.

When CGP initiates an SMTP connection to a smart host, it uses TLS 1.0 by default as Ralf Zenklusen explained.

Using the --SMTPOutgoingTLSVersion 3 startup option worked perfectly.

Nicolas Hatier, ing. <nicolas.hatier@niversoft.com>
Niversoft idées logicielles - http://www.niversoft.com



On 2017-05-12 03:38, Brian Turnbow wrote:
Hi,

Communigate has tls 1.2 from 6.1 ,  so if the server is up to date you 
should be ok.
You can set the “oldest accepted” to tls 1.2  in the general  → other  to 
force tls 1.2.
Be aware that this may break connections to other mail server that are not 
configured to support 1.2...
As it is a global setting.

Brian


From: CommuniGate Pro Discussions [mailto:CGatePro@mail.stalker.com] On 
Behalf Of Nicolas Hatier
Sent: giovedì 11 maggio 2017 18:59
To: CommuniGate Pro Discussions
Subject: SMTP and TLS 1.2


Hello.

Can CGP send using TLS 1.2 when forwarding mail to a smarthost? (SMTP / 
Sending , Forward to...)

My client's ISP tells me TLS 1.2 is enabled on their server and they are 
going to retire 1.0 within a few months.
Send Encrypted (at the bottom of the same page) is configured properly.

However, in the logs, the TLS version used always seems to be 1.0:

12:32:03.191 2 TLS-000006 created(TLSv1.0,ECDHE_AES256_SHA) -> [x.x.x.x]:587 
for SMTP-000007
12:32:03.277 4 SMTP-000007(*) TLS-000006 secure(ECDHE_AES256_SHA) connection 
opened

I don't know enough about TLS to be sure whether or not the issue is on CGP 
side or on the ISP side.

Thanks.

签署(FEED) 签署(DIGEST) 签署(INDEX) 不签署 联系 Listmaster