UltimateMail (SMTP/IMAP) Cipher Suite Support

We are performing a security audit of your UltimateMail product and have found that we are unable to use it given the current list of supported cipher suites. According to your documentation (http://doc.componentpro.com/ComponentPro-Mail/ComponentPro-Net-TlsCipherSuite), you define a list of cipher suites that you consider to be secure. Our security analysts are mandating that any library that is used to communicate with email servers support the following cipher suites: 1. TLS\_ECDHE\_RSA\_WITH\_AES\_128\_GCM\_SHA256 2. TLS\_ECDHE\_RSA\_WITH\_AES\_256\_GCM\_SHA384 3. TLS\_ECDHE\_RSA\_WITH\_AES\_128\_CBC\_SHA256 4. TLS\_ECDHE\_RSA\_WITH\_AES\_256\_CBC\_SHA384 Do you have plans to update your list of secure cipher suites and if so, can you provide insight into the timing of that update?
asked 6/12/2018 9:46:27 PM
add a comment

2 Answers

All our libraries using TLS/SSL or SSH will support elliptic curve algorithms, cetrificates and ciphers in v7.0. We are planning to release it in 1 month.
answered 6/14/2018 3:07:57 PM
  Please send us an email to support@componentpro.com to get the beta DLL for testing. sysadmin 6/27/2018 10:21:07 AM
  We have verified that the beta DLL supports that cipher suites that we were looking for! Do you have an estimated delivery date for the final v7.0 version? chris.neiger@teamdynamix.com 8/1/2018 7:04:50 PM
add a comment
Hi, Are you sure that the cipher suites with the elliptic curve algorithms will be ready in the middle of July? I'm asking because I got the same answer by email on May 11.
answered 6/26/2018 1:24:55 PM
add a comment

Your Answer

Not the answer you're looking for? Browse other questions tagged mail or ask your own question.