Security Notice (from mail.com): Deactivation of TLS 1.0, TLS 1.1 and unencrypted access
I received this notice from my email provider, and the maintainer of my email client (Trinity Desktop) tells me that the version of TLS that it uses depends on the version of SSL that is installed in my OS. I checked with zypper, and what is currently installed is | libopenssl1_1-1.1.1l-150400.7.7.1.x86_64 | openssl-1_1-1.1.1l-150400.7.7.1.x86_64 What he said might not be completely accurate; I see that I see also that | libgnutls30 which contains | libgnutls.so.30.31.0 is also installed, which makes me wonder why my mail client is still using TLS 1? Do I need to install | libopenssl3-3.0.1-150400.4.7.1.x86_64 | openssl-3-3.0.1-150400.4.7.1.x86_64 to make the client use TLS 3? Leslie ---------- Forwarded Message ---------- Subject: Security Notice: Deactivation of TLS 1.0, TLS 1.1 and unencrypted access Date: 2022-09-12, 10:44:38 From: "mail.com service" <service@corp.mail.com> To: Leslie Turriff <jlturriff@mail.com> Deactivation of TLS 1.0, TLS 1.1 and unencrypted access ------------------------------------------------------------------- Dear Mr. Turriff, We are contacting you because one or more of your devices or programs uses the TLS 1.0 and/or TLS 1.1 encryption protocols to connect to our mail.com email servers, or is using an unencrypted connection. This involves either access via SMTP (sending emails) or retrieval via POP3/IMAP (receiving emails). Unfortunately, the TLS 1.0 and TLS 1.1 encryption protocols are outdated and no longer meet current security standards. To protect your email communications, soon we will no longer allow access to our mail.com servers with these outdated protocols. Unencrypted access will also no longer be possible. What does this mean for you? After the protocols have been deactivated, the transfer of emails between your affected device or program and our mail.com servers will no longer work; i.e. no emails will be transmitted to or from your mail.com email account using TLS 1.0 and TLS 1.1. Furthermore, unencrypted SMTP/IMAP/POP3 connections will no longer function. In other words, as of Oct 5, 2022, it will only be possible to connect if TLS 1.2 or TLS 1.3 encryption is in place. The following devices or programs may be affected: - Third-party email programs such as Outlook, Thunderbird or pre-installed apps in which you have set up your mail.com email account. - Email accounts of other providers which you have linked to your mail.com email account. - Webcams, printers and/or routers that send emails from your mail.com email account. If the above apply to you, please take a moment to check your POP3 and/or IMAP server settings and make sure that you have enabled an encrypted connection. Need help enabling encryption? Please see our Help pages: For more information on POP3, please visit: https://support.mail.com/pop-imap/pop3/index.html For more information on IMAP, please visit: https://support.mail.com/pop-imap/imap/index.html Please rest assured that you can continue to access your emails at all times by logging in to your account at https://www.mail.com or using the mail.com Mail App, which are protected by the highest security standards. ------------------------------------------------------------------ We recommend that you only use newer devices and programs that support the latest TLS 1.2 or 1.3 encryption protocols and transfer your emails securely. In addition, please remember that it is important to install security updates regularly. ------------------------------------------------------------------ Thank you for your understanding! Best regards, Your mail.com Customer Management Team ------------------------------------------------------- -- Operating System: Linux Distribution: openSUSE Leap 15.4 x86_64 Desktop Environment: Trinity Qt: 3.5.0 TDE: R14.0.12 tde-config: 1.0
I also received the same notice from my email provider. I spoke to their support and verified the validity of the notice. I chose to wait and seel (We use kmail and thunderbird here). Well, the date passed two weeks ago and e-mail is still working fine, so the libraries on our systems are fine. Since you were able to send this e-mail I think you also have nothing to worry about. On Tuesday, September 13, 2022 8:04:30 PM EDT J Leslie Turriff wrote:
I received this notice from my email provider, and the maintainer of my email client (Trinity Desktop) tells me that the version of TLS that it uses depends on the version of SSL that is installed in my OS. I checked with zypper, and what is currently installed is
| libopenssl1_1-1.1.1l-150400.7.7.1.x86_64 | openssl-1_1-1.1.1l-150400.7.7.1.x86_64
What he said might not be completely accurate; I see that I see also that
| libgnutls30
which contains
| libgnutls.so.30.31.0
is also installed, which makes me wonder why my mail client is still using TLS 1? Do I need to install
| libopenssl3-3.0.1-150400.4.7.1.x86_64 | openssl-3-3.0.1-150400.4.7.1.x86_64
to make the client use TLS 3?
Leslie ---------- Forwarded Message ----------
Subject: Security Notice: Deactivation of TLS 1.0, TLS 1.1 and unencrypted access Date: 2022-09-12, 10:44:38 From: "mail.com service" <service@corp.mail.com> To: Leslie Turriff <jlturriff@mail.com>
Deactivation of TLS 1.0, TLS 1.1 and unencrypted access -------------------------------------------------------------------
Dear Mr. Turriff,
We are contacting you because one or more of your devices or programs uses the TLS 1.0 and/or TLS 1.1 encryption protocols to connect to our mail.com email servers, or is using an unencrypted connection. This involves either access via SMTP (sending emails) or retrieval via POP3/IMAP (receiving emails).
Unfortunately, the TLS 1.0 and TLS 1.1 encryption protocols are outdated and no longer meet current security standards. To protect your email communications, soon we will no longer allow access to our mail.com servers with these outdated protocols. Unencrypted access will also no longer be possible.
What does this mean for you?
After the protocols have been deactivated, the transfer of emails between your affected device or program and our mail.com servers will no longer work; i.e. no emails will be transmitted to or from your mail.com email account using TLS 1.0 and TLS 1.1. Furthermore, unencrypted SMTP/IMAP/POP3 connections will no longer function. In other words, as of Oct 5, 2022, it will only be possible to connect if TLS 1.2 or TLS 1.3 encryption is in place.
The following devices or programs may be affected:
- Third-party email programs such as Outlook, Thunderbird or pre-installed apps in which you have set up your mail.com email account. - Email accounts of other providers which you have linked to your mail.com email account. - Webcams, printers and/or routers that send emails from your mail.com email account.
If the above apply to you, please take a moment to check your POP3 and/or IMAP server settings and make sure that you have enabled an encrypted connection.
Need help enabling encryption? Please see our Help pages:
For more information on POP3, please visit: https://support.mail.com/pop-imap/pop3/index.html
For more information on IMAP, please visit: https://support.mail.com/pop-imap/imap/index.html
Please rest assured that you can continue to access your emails at all times by logging in to your account at https://www.mail.com or using the mail.com Mail App, which are protected by the highest security standards.
------------------------------------------------------------------ We recommend that you only use newer devices and programs that support the latest TLS 1.2 or 1.3 encryption protocols and transfer your emails securely. In addition, please remember that it is important to install security updates regularly. ------------------------------------------------------------------
Thank you for your understanding!
Best regards, Your mail.com Customer Management Team ------------------------------------------------------- -- Operating System: Linux Distribution: openSUSE Leap 15.4 x86_64 Desktop Environment: Trinity Qt: 3.5.0 TDE: R14.0.12 tde-config: 1.0
-- Life would be so much better if everyone just read the manual.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday, 2022-09-13 at 19:04 -0500, J Leslie Turriff wrote:
I received this notice from my email provider, and the maintainer of my email client (Trinity Desktop) tells me that the version of TLS that it uses depends on the version of SSL that is installed in my OS. I checked with zypper, and what is currently installed is | libopenssl1_1-1.1.1l-150400.7.7.1.x86_64 | openssl-1_1-1.1.1l-150400.7.7.1.x86_64 What he said might not be completely accurate; I see that I see also that | libgnutls30 which contains | libgnutls.so.30.31.0 is also installed, which makes me wonder why my mail client is still using TLS 1? Do I need to install | libopenssl3-3.0.1-150400.4.7.1.x86_64 | openssl-3-3.0.1-150400.4.7.1.x86_64 to make the client use TLS 3?
The library versions are not directly related to the TLS protocol used. You can see the actual version used in the log produced by your email program when talking to the server. If it makes a log. - -- Cheers, Carlos E. R. (from openSUSE 15.3 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iHoEARECADoWIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCYyEvMxwccm9iaW4ubGlz dGFzQHRlbGVmb25pY2EubmV0AAoJELUzGBxtjUfVH58An2GqlpQfzTb0P8tUE6hg nk4js8moAJ90Mg4sz/kCnj672OWpqQ7TD+047A== =VR6I -----END PGP SIGNATURE-----
participants (3)
-
Carlos E. R. -
J Leslie Turriff -
Mark Neidorff