TLS for outgoing connections (GDPR related)

Discussion in 'Mail Gateway: Installation and configuration' started by taurix, Aug 9, 2018.

  1. taurix

    taurix New Member
    Proxmox VE Subscriber

    Joined:
    Apr 9, 2018
    Messages:
    6
    Likes Received:
    0
    Some companies I communicate with are requiring that your outgoing SMTP initiates TLS with their mailservers because they say it is required by the GDPR.

    Proxmox mail is not currently doing that, is it possible to make it do so? I'm not looking to set up TLS for incoming, that is explained in the manual.
     
  2. dcsapak

    dcsapak Proxmox Staff Member
    Staff Member

    Joined:
    Feb 1, 2016
    Messages:
    2,600
    Likes Received:
    235
    quote from the admin guide:
    this is currently not configurable
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. dietmar

    dietmar Proxmox Staff Member
    Staff Member

    Joined:
    Apr 28, 2005
    Messages:
    16,210
    Likes Received:
    269
    We do TLS if remote client offer TLS (opportunistic TLS).
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    DerDanilo likes this.
  4. heutger

    heutger Active Member

    Joined:
    Apr 25, 2018
    Messages:
    250
    Likes Received:
    66
    GDPR requires encryption, if possible, also content encryption should be used. However "real world" would prefer to offer encryption as well as clear text, also BSI recommends to offer weak ciphers down to NULL (I recently tested a setup with only serious ciphers with result, that big companies can't mail me any more). So PMG default to offer STARTTLS in both directions is fine. If you want (on your own risk) to change this behavior, check on how to copy the templates and adjust them by yourself and have a look at smtp_tls_security_level options of postfix. You can enforce encryption only, but as said, it's on your own risk.
     
    DerDanilo likes this.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice