Do you recognize a good idea when you see one? We want to hear from you!
Header Image

I suggest you ...

Use Perfect Forward Secrecy for SMTP Proxy

Use PFS for SMTP Proxy, now it still supports RC4 which is a very weak Cipher.

131 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    9 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • TillTill commented  ·   ·  Flag as inappropriate

        The neccessary cipher are already defined and deployed on the UTM, as it runs a pretty current version of OpenSSL. In fact, the mail gateway DOES PFS encryption for outgoing SMTP connections, it just doesn't for incoming ones. Please fix this!

      • PeterPeter commented  ·   ·  Flag as inappropriate

        its not only about a disabling/enabling ciphers, its about specifying them!

      • HoehneHoehne commented  ·   ·  Flag as inappropriate

        Dafür, wir sehen das auch nicht als feature request, sondern fast als bugfix an.

      • KruseKruse commented  ·   ·  Flag as inappropriate

        Ich denke diese Anforderung ist nicht nur in Bayern wichtig. Die anderen Bundesländer nehmen dieses Vorgehen auf. In meinen Augen nicht nur ein Feature Request sondern schon fast eine "gesetzliche Anforderung".

        Voten nicht vergessen!

      • TechnikTechnik commented  ·   ·  Flag as inappropriate

        two of our customers have been legally forced by the government to activate pfs for their mailsystem until mid of september. Would be very helpful if this could be prioritised.

      Feedback and Knowledge Base