Subject: UltimateMail (SMTP/IMAP) Cipher Suite Support Date: 2018-06-12 21:46:27 From: chris.neiger@teamdynamix.com Source: ultimatemail-smtp-imap-cipher-suite-support ---------------------------------------------------------------------- We are performing a security audit of your UltimateMail product and have found that we are unable to use it given the current list of supported cipher suites. According to your documentation (http://doc.componentpro.com/ComponentPro-Mail/ComponentPro-Net-TlsCipherSuite), you define a list of cipher suites that you consider to be secure. Our security analysts are mandating that any library that is used to communicate with email servers support the following cipher suites: 1. TLS\_ECDHE\_RSA\_WITH\_AES\_128\_GCM\_SHA256 2. TLS\_ECDHE\_RSA\_WITH\_AES\_256\_GCM\_SHA384 3. TLS\_ECDHE\_RSA\_WITH\_AES\_128\_CBC\_SHA256 4. TLS\_ECDHE\_RSA\_WITH\_AES\_256\_CBC\_SHA384 Do you have plans to update your list of secure cipher suites and if so, can you provide insight into the timing of that update? ---------------------------------------------------------------------- Note: This question has been asked on the Q&A forum of Thang Dang's fraudulent ComponentPro brand If you purchased anything from ComponentPro, you have been scammed. Contact the payment processor who sold you the license and ask for your money back. Back to ComponentPro Q&A Forum Index