From 6a083a7234190d078ac51878bb8f39aa53ef1974 Mon Sep 17 00:00:00 2001 From: zeripath Date: Mon, 21 Jun 2021 19:34:37 +0100 Subject: [PATCH] Update documentation for Implicit TLS (#16220) As per RFC 8314, it is now recommended to prefer TLS over STARTTLS. Fix #16160 Signed-off-by: Andrew Thornton --- custom/conf/app.example.ini | 4 ++-- docs/content/doc/advanced/config-cheat-sheet.en-us.md | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini index 54320a58be..38759b8a4b 100644 --- a/custom/conf/app.example.ini +++ b/custom/conf/app.example.ini @@ -1387,8 +1387,8 @@ PATH = ;; Mail server ;; Gmail: smtp.gmail.com:587 ;; QQ: smtp.qq.com:465 -;; Using STARTTLS on port 587 is recommended per RFC 6409. -;; Note, if the port ends with "465", SMTPS will be used. +;; As per RFC 8314 using Implicit TLS/SMTPS on port 465 (if supported) is recommended, +;; otherwise STARTTLS on port 587 should be used. ;HOST = ;; ;; Disable HELO operation when hostnames are different. diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md index 4f84e2ac33..35deeac02e 100644 --- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md +++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md @@ -550,9 +550,9 @@ Define allowed algorithms and their minimum key length (use -1 to disable a type - `DISABLE_HELO`: **\**: Disable HELO operation. - `HELO_HOSTNAME`: **\**: Custom hostname for HELO operation. - `HOST`: **\**: SMTP mail host address and port (example: smtp.gitea.io:587). - - Using opportunistic TLS via STARTTLS on port 587 is recommended per RFC 6409. + - As per RFC 8314, if supported, Implicit TLS/SMTPS on port 465 is recommended, otherwise opportunistic TLS via STARTTLS on port 587 should be used. - `IS_TLS_ENABLED` : **false** : Forcibly use TLS to connect even if not on a default SMTPS port. - - Note, if the port ends with `465` SMTPS/SMTP over TLS will be used despite this setting. + - Note, if the port ends with `465` Implicit TLS/SMTPS/SMTP over TLS will be used despite this setting. - Otherwise if `IS_TLS_ENABLED=false` and the server supports `STARTTLS` this will be used. Thus if `STARTTLS` is preferred you should set `IS_TLS_ENABLED=false`. - `FROM`: **\**: Mail from address, RFC 5322. This can be just an email address, or the "Name" \ format.