Request: TLS v1.2 Support

yeats

New Member
Hello,

We recently turned off support on our mail server for TLS v1.0 and v1.1. This, however, broke our ability to send emails with MaxBulk. Typically we were using sending settings like:

domain.com:465 with encryption set to TLS v1 EXP.

But the above settings caused the connection to hang producing the following in the MaxBulk logs.

[01] 6/20 14:40:55 ~ Opening connection for delivery...
[01] 6/20 14:40:55 ~ Connecting to domain.com Port:465
[01] 6/20 14:40:55 ~ Connected

Turning off all encryption solved the problem. Then after once we reenabled TLS v1.1 support on the mail server, the connections worked as expected. This makes us believe the issue is that MaxBulk v8.6.6 does support TLS v1.2.

Please consider this a feature request for TLS v1.2 support.

Thanks!
 

yeats

New Member
I'm no longer confident the problem as stated above is correct. I'll post an update when I have more info.
 

yeats

New Member
Okay, I've identified the issue: MaxBulk only supports TLS v1.0 and the requisite older, antiquated RSA/DSS/SHA ciphers. MaxBulk does not support TLS v1.1 or v1.2.

Since TLS v1 and v1.1 are no longer considered 'safe' please consider this a request to support TLS v1.2+ and some or all of the following ciphers as required by v1.2:

ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256

NOTE: I've tested with MaxBulk 8.6.2 and 8.6.6.
 
Top