Highest Voted 'starttls' Questions - IT Security Stack Exchange

1

vote

1 answer

SMTP Service STARTTLS Plaintext Command Injection

We are getting this vulnerability on SUSE Linux Enterprise Server 11. This vulnerability is getting triggered on port 587 for postfix. I have checked several links but I am unable to get any relevant solution for it. Has anybody faced an issue with…

injection smtp starttls

asked Sep 26 '18 at 13:58

Esskay

11
1

1

vote

0 answers

How to Force STARTTLS on Outlook and other clients

I am currently writing an essay about securing E-Mails. Now I'm at the point where I want to know if it´s possible to force STARTTLS in connections via SMTP or POP3/IMAP from the clients' side. I know I can configure the client so it uses STARTTLS…

email outlook starttls

asked May 24 '18 at 15:36

Cyberduck

628
4
17

0

votes

1 answer

Is LDAPS or StartTLS more secure?

This question has been asked and answered here, here, and also basically here. I'm asking again because the answers and information is conflicting. LDAPS: According to Wikipedia (and its RFC sources) LDAPS was LDAPv2, never standardized, and is…

ldap starttls

asked Dec 06 '21 at 15:10

jeffrey.d.m

111
5

0

votes

1 answer

LDAP StartTLS encryption - which TLS versions are supported?

I am looking to set a third party application to authenticate with our domain. The application supports LDAPv3 and we have opted to use the start StartTLS extension to encrypt the credentials from the source host application towards the domain…

encryption tls ldap starttls

asked Jul 08 '20 at 08:47

arbi

1
1

0

votes

1 answer

How SSL works in SMTP?

Whenever I see a red lock icon in gmail, I thought the sender doesn't have SSL configured. But one person told me only server (gmail in our case) SSL is enough? Does that mean the sender don't need to configure any SSL at all and can communicate…

tls email starttls

asked Sep 15 '17 at 15:41

Giri

145
4

0

votes

1 answer

Trusting a fraudulent/not trusted CAs for STARTTLS/SMTP

When using STARTTLS for SMTP, should one trust CAs that are not trusted by major browser like for example WoSign or StartCom? As STARTTLS falls back to plaintext it seems an encrypted transmission via a not trusted certificate would still be better…

certificate-authority starttls

asked Mar 06 '17 at 10:48

architekt

986
1
7
18

0

votes

1 answer

Sending Mail Using TLS

I run a simple web service, and I need to securely send emails to users via PHP. There are no mailboxes/accounts involved. It is a simple send-only function. Without involving PGP, I have come up with the following options - Use local SMTP server…

tls email openssl starttls

asked Aug 24 '16 at 17:01

MrRobot909

3
2

Questions tagged [starttls]

SMTP Service STARTTLS Plaintext Command Injection

How to Force STARTTLS on Outlook and other clients

Is LDAPS or StartTLS more secure?

LDAP StartTLS encryption - which TLS versions are supported?

How SSL works in SMTP?

Trusting a fraudulent/not trusted CAs for STARTTLS/SMTP

Sending Mail Using TLS