diff options
| author | Jan Schär <jan@jschaer.ch> | 2022-07-25 17:27:19 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-07-25 16:27:19 +0100 |
| commit | e8519e0ed289b67fa07c1bdbb6898852dc1a50b9 (patch) | |
| tree | c43eaafeef1b50506cbd23425071dbaaa27106dd /docs | |
| parent | Additional fixes for opentracing type hints. (#13362) (diff) | |
| download | synapse-e8519e0ed289b67fa07c1bdbb6898852dc1a50b9.tar.xz | |
Support Implicit TLS for sending emails (#13317)
Previously, TLS could only be used with STARTTLS. Add a new option `force_tls`, where TLS is used from the start. Implicit TLS is recommended over STARTLS, see https://datatracker.ietf.org/doc/html/rfc8314 Fixes #8046. Signed-off-by: Jan Schär <jan@jschaer.ch>
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/usage/configuration/config_documentation.md | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/docs/usage/configuration/config_documentation.md b/docs/usage/configuration/config_documentation.md index a10f6662eb..eefcc7829d 100644 --- a/docs/usage/configuration/config_documentation.md +++ b/docs/usage/configuration/config_documentation.md @@ -3187,9 +3187,17 @@ Server admins can configure custom templates for email content. See This setting has the following sub-options: * `smtp_host`: The hostname of the outgoing SMTP server to use. Defaults to 'localhost'. -* `smtp_port`: The port on the mail server for outgoing SMTP. Defaults to 25. +* `smtp_port`: The port on the mail server for outgoing SMTP. Defaults to 465 if `force_tls` is true, else 25. + + _Changed in Synapse 1.64.0:_ the default port is now aware of `force_tls`. * `smtp_user` and `smtp_pass`: Username/password for authentication to the SMTP server. By default, no authentication is attempted. +* `force_tls`: By default, Synapse connects over plain text and then optionally upgrades + to TLS via STARTTLS. If this option is set to true, TLS is used from the start (Implicit TLS), + and the option `require_transport_security` is ignored. + It is recommended to enable this if supported by your mail server. + + _New in Synapse 1.64.0._ * `require_transport_security`: Set to true to require TLS transport security for SMTP. By default, Synapse will connect over plain text, and will then switch to TLS via STARTTLS *if the SMTP server supports it*. If this option is set, @@ -3254,6 +3262,7 @@ email: smtp_port: 587 smtp_user: "exampleusername" smtp_pass: "examplepassword" + force_tls: true require_transport_security: true enable_tls: false notif_from: "Your Friendly %(app)s homeserver <noreply@example.com>" |