From 23be1031b8e867a5c3a92b27d75cf0f071f4d8f3 Mon Sep 17 00:00:00 2001
From: Joshua Tauberer <jt@occams.info>
Date: Wed, 22 Jan 2020 03:08:25 -0500
Subject: [PATCH] Remove security.md's information about port 25 which is out
 of date

---
 security.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/security.md b/security.md
index 3b51f235..8c9d43e5 100644
--- a/security.md
+++ b/security.md
@@ -41,7 +41,6 @@ The services all follow these rules:
 * TLS certificates are generated with 2048-bit RSA keys and SHA-256 fingerprints. The box provides a self-signed certificate by default. The [setup guide](https://mailinabox.email/guide.html) explains how to verify the certificate fingerprint on first login. Users are encouraged to replace the certificate with a proper CA-signed one. ([source](setup/ssl.sh))
 * Only TLSv1.2+ are offered (the older SSL protocols are not offered).
 * We track the [Mozilla Intermediate Ciphers Recommendation](https://wiki.mozilla.org/Security/Server_Side_TLS), balancing security with supporting a wide range of mail clients. Diffie-Hellman ciphers use a 2048-bit key for forward secrecy. For more details, see the [output of SSLyze for these ports](tests/tls_results.txt).
-* SMTP port 25 (inbound) follows similar rules. Outbound SMTP (i.e. the server is the client) uses more relaxed settings.
 
 Additionally: