Higher Ciper & Dane for Mail please

beli3ver · October 17, 2019, 1:36pm

Hi Guys,
first of all, thanks for the amazing Service.
I have tested you Mailserver against this: My Email Communications Security Assessment (MECSA)
https://mecsa.jrc.ec.europa.eu/en/finderRequest/42625b68ac2493b3ae7aefaadb0dbfaf

There you can see no DANE and DNSSEC, could you please add these stuff?
Also I tested the Cipher Suites: https://tls.imirhil.fr/smtp/mail.ecloud.global
Please get rid of the old RSA Ciphers, then you will get a better rank here.

Manoj · October 17, 2019, 2:56pm

Hi @beli3ver thanks for pointing this out. I have shared with the infra team and they will be working on this. Will update the status here.

beli3ver · October 17, 2019, 5:00pm

Thanks. Please also tell them you should support RFC 6409 (SMTP Submission over Port 587). It is better to use SSL than STARTSSL.

Manoj · October 18, 2019, 4:56am

Thanks . Please can you raise a bug on gitlab here as that will help us track this better. Also in case the team wants to get back to you they can do so.

beli3ver · October 18, 2019, 5:14am

I will create issues for that.