Mailing List CGatePro@mail.stalker.com Message #106939
From: Fred.Zwarts F.Zwarts@KVI.nl <CGatePro@mail.stalker.com>
Subject: Re: TLS version, fix one break another
Date: Tue, 21 Aug 2018 07:03:40 -0700
To: <CGatePro>
X-Mailer: Microsoft Windows Live Mail 16.4.3528.331
On Mon, 25 Jun 2018 17:24:57 +0300, Dmitry Akindinov (Technical Support
support@stalker.com <CGatePro@mail.stalker.com>) wrote:
r.zenklusen@barinformatik.ch wrote:
Well, yes that's probably our main problem at the moment mainly because we see this more and more.
Some servers support only weak cyphers, others need strong cyphers. Some need TLS3 others support  only 2.... etc.
It's impossible to satisfy all these requirements.

We get more and more complains that emails don't get through.
We then need to identify the reason for the "broken connection and set the domain manually to "send plain" at Settings->Mail->SMTP->Sending->Send Encrypted.

CGate should really (try to) fall back to plain automatically, if it fails to make a secure connection.
Obviously it would be good to have a setting per domain or the possibility to override for connections that you need to keep safe.

Really hope this will appear in one of the next releases.

In 6.2.6 (due early July) there will be an option with TLS version to
suggest on outgoing connections and for connections with optional
security (that is, not for the hosts in the Send securely list) the
offered TLS version will be reduced after each connection failure.

We now installed 6.2.6, but I could not find this new option.
Where should I look?
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster