Hi guys,
i'm trying to update my hmailserver to something stronger and i wish to use TLS encription.
What do i need to obtain? i think a certificate, but i don't know very well how it's made and to who i should ask to.
In the SSL/TSL page in the console, i noticed a "SSL/TSL ciphers". It seems a code, something related with AES128.
How should i proceed?
How to upgrade to TLS protocol
Re: How to upgrade to TLS protocol
Let me also ask SPECIFICALLY what your goal in all of this is.
Many people have expectations that will not be met by doing this
Many people have expectations that will not be met by doing this
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation
https://www.hmailserver.com/documentation
Re: How to upgrade to TLS protocol
Simply have something safer during exchanges
Re: How to upgrade to TLS protocol
Mail exchange between MTAs may or may not be encrypted and could start out encrypted and pass through a server in a non encrypted manner. In any case, the message necessarily must be decrypted each time it changes hands. Encryption between MTAs only protects from snooping during transport.
The very best reason to use encryption is so your mail clients - who pass credentials every time they log in to check their mail - are protected from snooping when they log in. Enforcing encryption that way will not only keep your users safe, but you as administrator as well. You don't want compromised passwords being used to send spam from your server.
Re: How to upgrade to TLS protocol
thank you, very useful. I just got my account "punched" by someone who started to send SPAM (i never understood why spam is so profitable): going out of blacklisting servers was a very hard job
Re: How to upgrade to TLS protocol
I can absolutely guarantee to you that high level security with a certificate doesn't stop spammers from abusing your hmailserver if you have a weak password.
They just connect securely first then send their garbage.
Other than sniffing logon transmissions (which would be secured with a certificate), spammers also get passwords by using dictionary attacks, key loggers, or passwords used on compromised web sites.
I block AUTH on port 25 (standard SMTP) , but spammers still try to guess passwords via IMAP and POP3 protocols.
You need to do more than simply install a certificate to protect yourself (although that is a good start if you have mail clients that connect from the internet)
They just connect securely first then send their garbage.
Other than sniffing logon transmissions (which would be secured with a certificate), spammers also get passwords by using dictionary attacks, key loggers, or passwords used on compromised web sites.
I block AUTH on port 25 (standard SMTP) , but spammers still try to guess passwords via IMAP and POP3 protocols.
You need to do more than simply install a certificate to protect yourself (although that is a good start if you have mail clients that connect from the internet)
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation
https://www.hmailserver.com/documentation