Drop Maxemail support for TLS v1.0
» Published on
-
Resolved
Changes are complete. Requests using TLS v1.0 will be rejected.
Please be aware that support for TLS v1.1 will be removed in March 2020.
» Updated -
In Progress
Engineers are removing configurations for TLS v1.0.
» Updated -
Update
To provide more time for customers who are having difficulty with third-party suppliers, we are moving the target back 6 months from the original date, to 1 October 2019.
We will also announce the removal of TLS v1.1 in March 2020 is a separate notice.
» Updated -
Scheduled
Some customers have been unable to switch away from TLS 1.0 in time for the previously announced 1st April, so we are pushing back to 1 May 2019.
» Updated -
Scheduled
Maxemail will remove support for encryption using the TLS 1.0 protocol on 2019-04-01.
Maxemail already supports TLS 1.1 and TLS 1.2, using the highest version available to both sides of the connection. Removing support for TLS 1.0 will only affect clients who do not already support at least TLS 1.1 (available since 2006) or TLS 1.2 (available since 2008).
Support for TLS 1.0 is being removed from:
- the connection from user's browsers to the Maxemail interface;
- the connection from client servers to the Maxemail API and Transactional SMTP service;
- the connection from Maxemail to client servers for SFTP, FTPS and webhooks over HTTPS.
No impact is expected for users visiting the Maxemail interface, as all modern browsers that Maxemail supports already include TLS 1.2. This change is only likely to impact client applications and servers that have not had security patches applied, so are not using either of the two newer versions of TLS.
Support for TLS 1.1 will be removed at a future date, in line with its planned deprecation in 2020, so it is recommended that all clients are using at least TLS 1.2.
Please contact our Support team if you have any queries regarding this change.
» Updated