Page MenuHomeDevCentral
Create Task
Maniphest T1103

SMTP mail.nasqueron.org requires STARTTLS while RFC 2487 and RFC 3207 forbid this behavior
Closed, ResolvedPublic
Actions

Description

Currently, the setting has been hardened as smtpd_tls_security_level = encrypt.

We should revert to smtpd_tls_security_level = may

RFC 3207, section 4: "A publicly-referenced SMTP server MUST NOT require use of the STARTTLS extension in order to deliver mail locally."

References:

The setting is located at /etc/postfix/main.cf

Related Objects
Search...

Event Timeline

dereckson created this task.Jan 14 2017, 07:53
dereckson added a project: security.
dereckson closed this task as Resolved.Jan 14 2017, 07:56
dereckson mentioned this in T1102: vma send "Could not send settings email" — 5.7.0 Must issue a STARTTLS command first.

/etc/postfix/main.cf setting has been switched back to smtpd_tls_security_level = may, mail server restarted.

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator