20ec6c2080
Updated security.md to reflect the support of ubuntu 22.04 ( #2219 )
2023-01-15 10:05:36 -05:00
c67ff241c4
Updates to security.md
2021-10-23 08:57:05 -04:00
7b4cd443bf
How to report security issues
2021-10-22 18:49:16 -04:00
0ba841c7b6
fail2ban now supports ipv6 ( #2015 )
...
Since fail2ban 0.10.0, ipv6 support has been added. The current Ubuntu 18.04 repository has fail2ban 0.10.2, which does have ipv6 protection.
2021-08-22 14:13:58 -04:00
d510c8ae2a
Enable and recommend port 465 for mail submission instead of port 587 ( fixes #1849 )
...
Port 465 with "implicit" (i.e. always-on) TLS is a more secure approach than port 587 with explicit (i.e. optional and only on with STARTTLS). Although we reject credentials on port 587 without STARTTLS, by that point credentials have already been sent.
2021-05-15 16:42:14 -04:00
10bedad3a3
MTA-STS tweaks, add status check using postfix-mta-sts-resolver, change to enforce
2020-05-29 15:36:52 -04:00
afc9f9686a
Publish MTA-STS policy for incoming mail ( #1731 )
...
Co-authored-by: Daniel Mabbett <triumph_2500@hotmail.com>
2020-05-29 15:30:07 -04:00
23be1031b8
Remove security.md's information about port 25 which is out of date
2020-01-22 03:25:30 -05:00
b86bf07d57
Fix spelling of 'guarantee' ( #1703 )
2020-01-22 02:58:40 -05:00
f53b18ebb9
Upgrade TLS settings
2019-12-01 17:49:36 -05:00
bc4bdca752
update reference to Ubuntu 14.04 to 18.04 in README.md and security.md and drop mentions of our custom packages that we no longer maintain
2018-10-03 13:00:15 -04:00
e924459140
revert f25801e/#1233 - use Mozilla intermediate ciphers for IMAP/POP not modern ciphers
...
fixes #1300
2017-12-24 14:41:41 -05:00
48e0f39179
Rename ownCloud to Nextcloud in safe places
...
e.g. code comments and user-facing prompts/outputs which can be safely changed without risking to break anything
2017-04-02 11:19:21 +02:00
81b5af6b64
document fail2ban filters in security.md
2016-08-08 07:55:46 -04:00
6b73bb5d80
outbound SMTP connections should use the same TLS settings as inbound: drop SSLv2, SSLv3, anonymous ciphers, RC4
2016-06-12 09:11:54 -04:00
3055f9a79c
drop SSLv3, RC4 ciphers from SMTP port 25
...
Per http://googleappsupdates.blogspot.ro/2016/05/disabling-support-for-sslv3-and-rc4-for.html , Google is about to do the same.
fixes #611
2016-06-12 09:11:50 -04:00
4b4f670adf
s/SSL/TLS/ in user-visible text throughout the project
2016-01-04 18:43:16 -05:00
5b415c6895
tweak security.md for new alias permitted_senders controls
2015-08-17 08:18:32 -04:00
d08a3095a9
tweak security.md
2015-07-09 13:30:25 -04:00
6441de63ba
typo in security.md
2015-06-26 11:38:40 -04:00
a2c50ae967
note the new SMTP mail from restriction in the changelog and security guide
2015-06-24 18:12:41 -04:00
9e0dcd8718
security.md: add a section on DNSSEC specifically
2015-06-15 10:24:16 -04:00
e9e6d94e3b
the control panel auth hmac message should also include the user's password so that resetting a password in the database forces that user to log in to the control panel again; also use a sha256 hmac
2015-06-06 12:38:19 +00:00
6499eba0cb
Echange -> Exchange
2015-05-29 07:36:53 -07:00
3f329bc1a8
fix typos
2015-05-29 01:38:42 -04:00
7158f9a8d9
security.md: add links to appropriate source files in various places to make it easier to inspect the code to verify the statements; unfortunately line numbers will drift but it would be nice if we could link right to line numbers
2015-05-28 21:39:50 -04:00
bb75bd7167
more security details
2015-05-28 21:39:50 -04:00
8ba5f2ffa7
add security.md and clean up README
2015-05-22 16:53:13 -04:00
jcm-shove-it
Joshua Tauberer
NewbieOrange
A. Schippers
E.M. Makat
Jan Schulz-Hofen
Sam
Eric Mill