mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2024-11-22 02:17:26 +00:00
tweak security.md
This commit is contained in:
parent
34b7638342
commit
d08a3095a9
@ -17,8 +17,11 @@ The primary goal of Mail-in-a-Box is to make deploying a good mail server easy,
|
|||||||
|
|
||||||
On the other hand, we do assume that adversaries are performing passive surveillance and, possibly, active man-in-the-middle attacks. And so:
|
On the other hand, we do assume that adversaries are performing passive surveillance and, possibly, active man-in-the-middle attacks. And so:
|
||||||
|
|
||||||
* User credentials are always sent through SSH/TLS, never in the clear.
|
* User credentials are always sent through SSH/TLS, never in the clear, with modern TLS settings.
|
||||||
* Outbound mail is sent with the highest level of TLS possible (more on that below).
|
* Outbound mail is sent with the highest level of TLS possible.
|
||||||
|
* The box advertises its support for [DANE TLSA](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities), when DNSSEC is enabled at the domain name registrar, so that inbound mail is more likely to be transmitted securely.
|
||||||
|
|
||||||
|
Additional details follow.
|
||||||
|
|
||||||
User Credentials
|
User Credentials
|
||||||
----------------
|
----------------
|
||||||
|
Loading…
Reference in New Issue
Block a user