[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Insecure Mail Sending Warning
|
From: |
Robert Pluim |
|
Subject: |
Re: Insecure Mail Sending Warning |
|
Date: |
Sat, 24 Oct 2020 11:56:15 +0200 |
>>>>> On Sat, 24 Oct 2020 02:48:09 +0100, Robert Thorpe
>>>>> <rt@robertthorpeconsulting.com> said:
Robert> Where <mailserver> is the URL of my mailserver.
>>
Robert> Can I fix this or is the problem on my mail provider's side?
>>
>> The problem is on the mail provider's side, I think.
Robert> Thank you. I'll contact my provider and ask them about it.
>> Iʼm kind of surprised that a real mail provider still enables
>> TLS1.0. You can test what it supports using
>>
>> gnutls-cli -p 587 <mailserver>
Robert> That command doesn't seem to give useful output. It says:
>> Processed 148 CA certificate(s).
>> Resolving '<mailserver>:587'...
>> Connecting to '81.17.254.9:587'...
>> |<1>| Received record packet of unknown type 50
>> *** Fatal error: An unexpected TLS packet was received.
Sorry, thinko on my part. Try
gnutls-cli -starttls-proto=smtp -p 587 <mailserver>
This will connect using TCP and then try to upgrade to TLS with a
STARTTLS command.
I just tried it to your mailserver and it matches the warning from
Emacs:
- Status: The certificate is trusted.
- Description: (TLS1.0-X.509)-(RSA)-(AES-256-CBC)-(SHA1)
Robert
--