Email client: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
(One intermediate revision by the same user not shown) | |||
Line 10: | Line 10: | ||
* Only support 'strong' cipher suites. | * Only support 'strong' cipher suites. | ||
* Do not allow connections to servers with invalid certificates, e.g. expiry date in past. | * Do not allow connections to servers with invalid certificates, e.g. expiry date in past. | ||
Security in Python (see [https://docs.python.org/3.6/library/ssl.html#ssl-security SSL security]): | |||
import ssl | |||
context = ssl.create_default_context() | |||
context.options |= ssl.OP_NO_TLSv1 | |||
context.options |= ssl.OP_NO_TLSv1_1 | |||
== Notes == | == Notes == | ||
* Probably a good idea to create a completely separate email account for this. | |||
* Spawn new thread to send mail asynchronously without affecting the rest of the GUI. | * Spawn new thread to send mail asynchronously without affecting the rest of the GUI. | ||
[[Category:Python]] | [[Category:Python]] |
Latest revision as of 18:56, 2 September 2018
Language choice
Use Python for speed of development and cross-platform code.
Security
Security features include:
- Only support TLS 1.2 and higher.
- Only support 'strong' cipher suites.
- Do not allow connections to servers with invalid certificates, e.g. expiry date in past.
Security in Python (see SSL security):
import ssl context = ssl.create_default_context() context.options |= ssl.OP_NO_TLSv1 context.options |= ssl.OP_NO_TLSv1_1
Notes
- Probably a good idea to create a completely separate email account for this.
- Spawn new thread to send mail asynchronously without affecting the rest of the GUI.