Email client: Difference between revisions

From Rixort Wiki
Jump to navigation Jump to search
No edit summary
 
(3 intermediate revisions by the same user not shown)
Line 10: Line 10:
* Only support 'strong' cipher suites.
* Only support 'strong' cipher suites.
* Do not allow connections to servers with invalid certificates, e.g. expiry date in past.
* Do not allow connections to servers with invalid certificates, e.g. expiry date in past.
Security in Python (see [https://docs.python.org/3.6/library/ssl.html#ssl-security SSL security]):
import ssl
context = ssl.create_default_context()
context.options |= ssl.OP_NO_TLSv1
context.options |= ssl.OP_NO_TLSv1_1
== Notes ==
* Probably a good idea to create a completely separate email account for this.
* Spawn new thread to send mail asynchronously without affecting the rest of the GUI.
[[Category:Python]]

Latest revision as of 18:56, 2 September 2018

Language choice

Use Python for speed of development and cross-platform code.

Security

Security features include:

  • Only support TLS 1.2 and higher.
  • Only support 'strong' cipher suites.
  • Do not allow connections to servers with invalid certificates, e.g. expiry date in past.

Security in Python (see SSL security):

import ssl
context = ssl.create_default_context()
context.options |= ssl.OP_NO_TLSv1
context.options |= ssl.OP_NO_TLSv1_1

Notes

  • Probably a good idea to create a completely separate email account for this.
  • Spawn new thread to send mail asynchronously without affecting the rest of the GUI.