This commit is contained in:
github-actions[bot] 2023-01-22 12:10:09 +00:00
parent 0b215e8c2b
commit a0d46e5d1b
3 changed files with 42 additions and 42 deletions

View file

@ -1735,7 +1735,7 @@
<p><code>docker-mailserver</code> can serve as a relay too, but the difference between a DIY relay and a professional service is reputation, which is referenced by MTAs you're delivering to such as Outlook, Gmail or others(perhaps another <code>docker-mailserver</code> server!), when deciding if email should be marked as junked or potentially not delivered at all. As a service like SendGrid has a reputation to maintain, relay is restricted to registered users who must authenticate(even on port 25), they do not store email, merely forward it to another MTA which could be delivered on a different port like 25.</p> <p><code>docker-mailserver</code> can serve as a relay too, but the difference between a DIY relay and a professional service is reputation, which is referenced by MTAs you're delivering to such as Outlook, Gmail or others(perhaps another <code>docker-mailserver</code> server!), when deciding if email should be marked as junked or potentially not delivered at all. As a service like SendGrid has a reputation to maintain, relay is restricted to registered users who must authenticate(even on port 25), they do not store email, merely forward it to another MTA which could be delivered on a different port like 25.</p>
<h3 id="explicit-vs-implicit-tls"><a class="toclink" href="#explicit-vs-implicit-tls">Explicit vs Implicit TLS</a></h3> <h3 id="explicit-vs-implicit-tls"><a class="toclink" href="#explicit-vs-implicit-tls">Explicit vs Implicit TLS</a></h3>
<h4 id="explicit-tls-aka-opportunistic-tls-opt-in-encryption"><a class="toclink" href="#explicit-tls-aka-opportunistic-tls-opt-in-encryption">Explicit TLS (aka Opportunistic TLS) - Opt-in Encryption</a></h4> <h4 id="explicit-tls-aka-opportunistic-tls-opt-in-encryption"><a class="toclink" href="#explicit-tls-aka-opportunistic-tls-opt-in-encryption">Explicit TLS (aka Opportunistic TLS) - Opt-in Encryption</a></h4>
<p>Communication on these ports begin in <a href="https://www.denimgroup.com/resources/blog/2007/10/cleartext-vs-pl">cleartext</a>, indicating support for <code>STARTTLS</code>. If both client and server support <code>STARTTLS</code> the connection will be secured over TLS, otherwise no encryption will be used.</p> <p>Communication on these ports begin in <a href="https://www.denimgroup.com/resources/blog/2007/10/cleartext-vs-pl">cleartext</a>, indicating support for <code>STARTTLS</code>. If both client and server support <code>STARTTLS</code> the connection will be secured over TLS, otherwise the connection is unable to use encryption to secure it. By default, <code>docker-mailserver</code> is configured to reject connections that fail to establish a secure connection when authentication is required, rather than allow an insecure connection (<em>Port 25 will allow receiving unencrypted deliveries which doesn't require authentication</em>).</p>
<p>Support for <code>STARTTLS</code> is not always implemented correctly, which can lead to leaking credentials(client sending too early) prior to a TLS connection being established. Third-parties such as some ISPs have also been known to intercept the <code>STARTTLS</code> exchange, modifying network traffic to prevent establishing a secure connection.</p> <p>Support for <code>STARTTLS</code> is not always implemented correctly, which can lead to leaking credentials(client sending too early) prior to a TLS connection being established. Third-parties such as some ISPs have also been known to intercept the <code>STARTTLS</code> exchange, modifying network traffic to prevent establishing a secure connection.</p>
<p>Due to these security concerns, <a href="https://tools.ietf.org/html/rfc8314#section-4.1">RFC 8314 (Section 4.1)</a> encourages you to <strong>prefer Implicit TLS ports where possible</strong>. </p> <p>Due to these security concerns, <a href="https://tools.ietf.org/html/rfc8314#section-4.1">RFC 8314 (Section 4.1)</a> encourages you to <strong>prefer Implicit TLS ports where possible</strong>. </p>
<h4 id="implicit-tls-enforced-encryption"><a class="toclink" href="#implicit-tls-enforced-encryption">Implicit TLS - Enforced Encryption</a></h4> <h4 id="implicit-tls-enforced-encryption"><a class="toclink" href="#implicit-tls-enforced-encryption">Implicit TLS - Enforced Encryption</a></h4>

File diff suppressed because one or more lines are too long

View file

@ -2,202 +2,202 @@
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"> <urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/faq/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/faq/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/introduction/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/introduction/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/environment/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/environment/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/pop3/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/pop3/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/setup.sh/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/setup.sh/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/auth-ldap/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/auth-ldap/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/dovecot-master-accounts/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/dovecot-master-accounts/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/full-text-search/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/full-text-search/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/ipv6/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/ipv6/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/kubernetes/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/kubernetes/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-fetchmail/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-fetchmail/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-sieve/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-sieve/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/optional-config/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/optional-config/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/podman/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/podman/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-forwarding/aws-ses/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-forwarding/aws-ses/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-forwarding/relay-hosts/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/mail-forwarding/relay-hosts/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/maintenance/update-and-cleanup/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/maintenance/update-and-cleanup/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/override-defaults/dovecot/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/override-defaults/dovecot/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/override-defaults/postfix/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/override-defaults/postfix/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/override-defaults/user-patches/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/advanced/override-defaults/user-patches/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/best-practices/autodiscover/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/best-practices/autodiscover/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/best-practices/dkim/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/best-practices/dkim/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/best-practices/dmarc/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/best-practices/dmarc/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/best-practices/spf/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/best-practices/spf/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/security/fail2ban/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/security/fail2ban/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/security/mail_crypt/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/security/mail_crypt/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/security/ssl/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/security/ssl/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/security/understanding-the-ports/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/security/understanding-the-ports/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/troubleshooting/debugging/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/troubleshooting/debugging/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/user-management/accounts/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/user-management/accounts/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/user-management/aliases/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/config/user-management/aliases/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/contributing/general/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/contributing/general/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/contributing/issues-and-pull-requests/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/contributing/issues-and-pull-requests/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/basic-installation/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/basic-installation/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/blog-posts/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/blog-posts/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/docker-build/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/docker-build/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/mailserver-behind-proxy/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/tutorials/mailserver-behind-proxy/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/use-cases/forward-only-mailserver-with-ldap-authentication/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/use-cases/forward-only-mailserver-with-ldap-authentication/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
<url> <url>
<loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/use-cases/imap-folders/</loc> <loc>https://docker-mailserver.github.io/docker-mailserver/edge/examples/use-cases/imap-folders/</loc>
<lastmod>2023-01-15</lastmod> <lastmod>2023-01-22</lastmod>
<changefreq>daily</changefreq> <changefreq>daily</changefreq>
</url> </url>
</urlset> </urlset>