privacyguides/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2025-07-28 06:11:03 +00:00
Code Issues Activity

Remove posteo, update criteria (#369)

Browse Source 
Signed-off-by: Daniel Gray <dng@disroot.org>
This commit is contained in:
Tommy
2021-11-23 19:07:10 +00:00
committed by Daniel Gray
parent 7d366c8fa1
commit ba33e69091
3 changed files with 2 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
legacy_pages/providers/email.html
View File

@@ -91,7 +91,8 @@ description: "Find a secure email provider that will keep your privacy in mind.
<li>No <a href="https://en.wikipedia.org/wiki/Opportunistic_TLS">TLS</a> errors/vulnerabilities when being profiled by tools such as <a href="https://www.hardenize.com">Hardenize</a>, <a href="https://testssl.sh">testssl.sh</a> or <a href="https://www.ssllabs.com/ssltest">Qualys SSL Labs</a>, this includes certificate related errors, poor or weak ciphers suites, weak DH parameters such as those that led to <a href="https://en.wikipedia.org/wiki/Logjam_(computer_security)">Logjam</a>.</li>
<li>A valid <a href="https://tools.ietf.org/html/rfc8461">MTA-STS</a> and <a href="https://tools.ietf.org/html/rfc8460">TLS-RPT</a> policy.</li>
<li>Valid <a href="https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities">DANE</a> records.</li>
<li>Valid <a href="https://en.wikipedia.org/wiki/Sender_Policy_Framework">SPF</a>, <a href="https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail">DKIM</a> and <a href="https://en.wikipedia.org/wiki/DMARC">DMARC</a>, with the policy <code>p</code> value set to either <code>none</code>, <code>quarantine</code> or <code>reject</code>.</li>
<li>Valid <a href="https://en.wikipedia.org/wiki/Sender_Policy_Framework">SPF</a> and <a href="https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail">DKIM</a> records.</li>
<li>Have a proper <a href="https://en.wikipedia.org/wiki/DMARC">DMARC</a> record and policy or utilize <a href="https://en.wikipedia.org/wiki/Authenticated_Received_Chain">ARC</a> for authentication. If DMARC authentication is being used, the policy must be set to <code>reject</code> or <code>quarantine</code>.</li>
<li>A server suite preference of TLS 1.2 or later and a plan for <a href="https://datatracker.ietf.org/doc/draft-ietf-tls-oldversions-deprecate/">Deprecating TLSv1.0 and TLSv1.1</a>.</li>
<li><a href="https://en.wikipedia.org/wiki/SMTPS">SMTPS</a> submission, assuming SMTP is used.</li>
<li>Website security standards such as:</li>