Hi,
I have install and test by the webmail, i can send and received …
If i want configure account on outlook apps with smtp server login and password, nothing work, i can’t received and send mail ???
Thx for your help
fred
Which version of Outlook, and which OS?
Hi,
I have test with outlook 2010, 2016, windows7, windows 10, test on software for send mail by the soft, test with TLS, SSL, 587,465 … it’s blocked …
Thx
fred
MiaB absolutely will not talk to old versions of Outlook. Most notably when running Win 7. MiaB does not support obsolete TLS methods such as 1.0 and 1.1, which those older versions use.
Hi,
Ok, i have test with recent outlook and it’s ok, so all system can’t work with MIAB, for exemple there are a mailing software or software for do invoice use smtp for send invoice, if i use MIAB account, i can’t send mail, if i put gmail account or basic smtp account it’s work, i can send .
MIAB work only with very recent soft ? all other can be use ? we can’t open more TLS methods ?
Thx
frederic
There are strong reasons why old TLS protocol are not supported, and why Microsoft disabled them in newer version of their OS and outlook clients.
Internet Engineering Task Force (IETF) has released a document where they explicitly state that TLS 1.0 and TLS 1.1 must NOT be used and they plan to deprecate both protocols by the end of 2019.
It is true that both protocols can be considered as “ancient history” in terms of internet and computer times. TLS 1.0 is already twenty years old as it was first deployed in January 1999. Not surprisingly, the Payment Card Industry (PCI) has deprecated TLS 1.0 since 30 June 2018. Now any e-commerce site or retailer which still uses TLS 1.0 to encrypt credit card transactions will fail PCI compliance. Therefore, PCI has provided guidance to use TLS 1.1, 1.2, or 1.3 in order to securely process credit card payments.
On the other hand, TLS 1.1 was released in April 2006. It only had minor improvements from TLS 1.0, and was developed to address weaknesses discovered in TLS 1.0, primarily in the areas of initialization vector selection and padding error processing.
Both protocols have various vulnerabilities and the specific details on attacks against them as well as their mitigations are provided in NIST SP800-52r2 among other documents.
If you have an invoicing system that is so far out of date that it does not support current modern standards, I would seriously NOT use that system. I have found that many such systems do not follow the standards and if you play with the port and security settings, they will function properly. Oftentimes the issue is the email user being used by the software to send with. You need to carefully review your mail.log to see why the system will not send.
Those methods have been depreciated for well over 2 years now, so ABSOLUTELY not!
Let me step in here.
Everyone is welcome to make whatever modifications they would like to their Mail-in-a-Box. It’s open source software. It’s your server. If you would like to make changes on your server to support your needs, go for it.
However, it would be obviously irresponsible for us to publish Mail-in-a-Box with known security vulnerabilities, so we can’t offer these obsolete protocols out of the box. And this community is not everyone’s personal system administration assistant. Whether folks here want to volunteer their time to help on any given question is up to them. Generally the folks helping on this forum don’t like to lead people in a direction that makes their server open to being compromised.
For modifications like this, a better place to ask the question would be a forum like Server Fault.
2 Likes
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.