Can I Customize ECDH Curves For Haraka?
-
Hello,
I'm wondering if it's possible to tweak the settings in tls.ini for Haraka. A client of mine has a corporate firewall in front of their self-hosted Exchange server, and I cannot send mail to them.
I do not know which platform they use, but it's self-hosted. All I know is that Gmail accepts my mail, so does Protonmail. Outlook does not, but it's because it's a recently installed server from OVH, and as such the IP is blocked until further action (which I started). I used to use Plesk for years on another server, and mail ended up in spam on Gmail ; this time, it's even in my inbox, even though the domain is two days old and the IP has never really been used for email. I'm in no DNSBL, as well.
In the meantime, is it even possible to tweak the available curves? I know Haraka allows it, but searching the filesystem for the tls.ini file yields only stuff in Docker overlays, and I don't know which one to edit. I'm fairly certain that editing that file by hand will yield nothing, and get erased by the default one next time I do anything that needs the container to rebuild, unless I'm mistaken.
Thanks!
Best.
-
@WebbleVince You can edit tls.ini as explained in https://forum.cloudron.io/topic/2611/cannot-send-email-from-outlook-2007-with-5-2-4-connection-error-ssl-routines-tls/7 . As you figured, changes to that file get lost over server restarts.
For the next release, I have collected a bunch of configs that need to be configurable in the mail server (like blacklist, whitelist, mail message size). I will add tls config also to that list.
( cc @d19dotca one more to the list
)
