Re: force TLS1.1 or later

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> I'm using Squirrelmail 1.4.22-16 on an Oracle Linux 6 with PHP 5.3.3
>
> It's running on old hardware so probably it won't be upgraded anytime
> soon.
>
> Squirrelmail is working fine for many years, but I wanted to disable TLS1
> support in sendmail. As soon as I do it, I get "Can't open Stream" error
> message. Changed port 465 to 587 but I get the same error.
>
> This PHP version supports TLS1.1 and 1.2, so,  is there a way to "force"
> squirrelmail to use these later protocols?

SquirrelMail doesn't specifically ask for a TLS version, but it's possible
the way it works with your PHP version may cause the downgrade.  You'd
have to give more details about your configuration to know where to start.

That said, if this is a single-server solution, there is no reason for you
to be encrypting connections to the same host.  Setting that up (even if
you have to create a custom port/local listener in sendmail that is
non-encrypted) would likely be a more productive use of your time.  What's
more, you don't even need to be using SMTP to send outgoing mail at all:
just configure SquirrelMail to use the sendmail command instead.  If you
run the configuration tool, it will walk you through doing so (save a copy
of your main configuration file just in case).

Also, you know that running a system that far out of date is risky and
will contain known security vulnerabilities.  For SquirrelMail's part, you
can easily upgrade yourself by downloading a tarball of version 1.4.23-svn
from our downloads page and install it in a parallel directory where you
can test migrating your configuration and plugins over -- if it's lightly
modified/configured, that probably won't cause too much trouble.

-- 
Paul Lesniewski
SquirrelMail Team
Please support Open Source Software by donating to SquirrelMail!
http://squirrelmail.org/donate_paul_lesniewski.php




-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users



[Index of Archives]     [Video For Linux]     [Yosemite News]     [Yosemite Photos]     [gtk]     [KDE]     [Cyrus SASL]     [Gimp on Windows]     [Steve's Art]     [Webcams]

  Powered by Linux