You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
at least 'require' accurately describes that we expect the server to offer a capability and require it to be there.
force_tls: true enables Implicit TLS.
force is such a weird word to describe Implicit TLS.
I'd much rather see us adopt a single config option, tls_mode, with the following options:
explicit or starttls — chosen by default if the port is 587 or 25.
implicit— chosen by default if the port is 465.
off — never chosen by default.
for other port numbers: require the admin to choose
In the best and most reasonable case, the admin would never need to touch this option(!) because basically everyone uses these standard ports!!!
A little bit of effort would be required to support the old options transitionally, but the documentation for this option could be much clearer — such as providing a table for admins that really need to configure e-mail on a random port (rather than having options with no obvious difference discernible from the name, even to e-mail experts). And most people would fall right into the 'well-known port? Automatic configuration' happy path!
The text was updated successfully, but these errors were encountered:
matrixbot
changed the title
Dummy issue
The configuration options for e-mail sending TLS are awful — improve them by making them clearer and in most cases default to the right option
Dec 21, 2023
This issue has been migrated from #15126.
I've run into a lot of confused admins recently, because the way we configure TLS for our e-mail sending is awful.
require_transport_security: true
enables Explicit TLS (STARTTLS).force_tls: true
enables Implicit TLS.force
is such a weird word to describe Implicit TLS.I'd much rather see us adopt a single config option,
tls_mode
, with the following options:explicit
orstarttls
— chosen by default if the port is 587 or 25.implicit
— chosen by default if the port is 465.off
— never chosen by default.In the best and most reasonable case, the admin would never need to touch this option(!) because basically everyone uses these standard ports!!!
A little bit of effort would be required to support the old options transitionally, but the documentation for this option could be much clearer — such as providing a table for admins that really need to configure e-mail on a random port (rather than having options with no obvious difference discernible from the name, even to e-mail experts). And most people would fall right into the 'well-known port? Automatic configuration' happy path!
The text was updated successfully, but these errors were encountered: