TLS is a protocol that encrypts traffic between a client program and the server. It also ensures that the software client is talking to the right server. Protocols are continuously being improved through the release of new versions mostly because vulnerabilities are being found in the old ones. Those vulnerabilities can result in TLS being ineffective or compromised.
TLS 1.0 and 1.1 are out-of-date protocols that do not support modern cryptographic algorithms. They contain security vulnerabilities that may be exploited by attackers. An official effort on deprecating TLSv1.1 and TLSv1.0 is also underway, following guidelines by NIST and industry consortia such as the Payment Card Industry Association (PCI).
Announcement
We are now announcing that protocols TLS 1.0 and TLS 1.1 will no longer be accepted to access non-web Mailfence services (SMTP, IMAP, POP and XMPP) starting June 2nd, 2020.
We have done similar operation in the past, by disabling SSLv3 on all end-points and by disabling TLSv1.0 and TLSv1.1 for web on 01/10/2019. Please find below the current timeline.
Service | Deprecation date |
Web | 01/10/2019 |
SMTP (AUTH, MX) | 02/06/2020 |
IMAP | 02/06/2020 |
POP | 02/06/2020 |
XMPP | –/–/— |
Using TLS 1.2 and above will ensure greater security when accessing Mailfence services.
Will this impact me?
If you are using a modern browser and modern client program, this change will not affect you. However, if you are using an older client program then you will need to change your configuration or upgrade your software if it can’t support TLS 1.2.
To guard against any disruption in service, we recommend everyone to update their older client program before June 2nd, 2020. Please consult your client program documentation for further details.
In case anything is not clear, or if you have questions, feel free to let us know. You can learn more about Mailfence on our press page.
Mailfence is a secure and private email-suite.
Follow us on twitter/reddit and keep yourself posted at all times.