jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

mail: expose 465 for mail submission

Browse Source 
Port 465 is implicit TLS. rfc8314 is now pushing this as a standard
and some mail clients like outlook have already taken this to heart.

Note that this port is sometimes confused with SMTPS. Unlike SMTPS,
this is being used for "submissions" (by a client) as opposed to
server transfer protocol.

This is more secure than port 587+STARTTLS. We reject credentials
on insecure connections but it's too late.

See also:

https://www.fastmail.help/hc/en-us/articles/360058753834
https://www.agwa.name/blog/post/starttls_considered_harmful
https://linuxguideandhints.com/misc/port465.html
This commit is contained in:
Girish Ramakrishnan
2021-09-20 14:17:15 -07:00
parent 2a667cb985
commit d1e8fded65
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/mail.js
View File

@@ -692,7 +692,7 @@ async function configureMail(mailFqdn, mailDomain, serviceConfig) {
const allowInbound = await createMailConfig(mailFqdn, mailDomain);
const ports = allowInbound ? '-p 587:2587 -p 993:9993 -p 4190:4190 -p 25:2587' : '';
const ports = allowInbound ? '-p 587:2587 -p 993:9993 -p 4190:4190 -p 25:2587 -p 465:2465' : '';
const cmd = `docker run --restart=always -d --name="mail" \
--net cloudron \