top | item 38904492 (no title) GSGBen | 2 years ago hmailserver is the replacement you want for this. discuss order hn newest SteveNuts|2 years ago This is the way I ended up going and it worked great. mycall|2 years ago It is no longer under development. wruza|2 years ago That happens when you finish your roadmap and call it done. It’s frustrating that the modern sense of it became automatically negative.This is an actual claim if someone is interested: https://www.hmailserver.com/stateOn SHA-1: https://en.wikipedia.org/wiki/SHA-1As of 2020, chosen-prefix attacks against SHA-1 are practical.[6][8] As such, it is recommended to remove SHA-1 from products as soon as possible and instead use SHA-2 or SHA-3. Replacing SHA-1 is urgent where it is used for digital signatures.Digging further: https://www.hmailserver.com/forum/viewtopic.php?t=40568Tl;dr: it uses sha256 by default and only has sha1 for backwards compatibility, which is considered insecure today. Critical updates are still there. load replies (1)
mycall|2 years ago It is no longer under development. wruza|2 years ago That happens when you finish your roadmap and call it done. It’s frustrating that the modern sense of it became automatically negative.This is an actual claim if someone is interested: https://www.hmailserver.com/stateOn SHA-1: https://en.wikipedia.org/wiki/SHA-1As of 2020, chosen-prefix attacks against SHA-1 are practical.[6][8] As such, it is recommended to remove SHA-1 from products as soon as possible and instead use SHA-2 or SHA-3. Replacing SHA-1 is urgent where it is used for digital signatures.Digging further: https://www.hmailserver.com/forum/viewtopic.php?t=40568Tl;dr: it uses sha256 by default and only has sha1 for backwards compatibility, which is considered insecure today. Critical updates are still there. load replies (1)
wruza|2 years ago That happens when you finish your roadmap and call it done. It’s frustrating that the modern sense of it became automatically negative.This is an actual claim if someone is interested: https://www.hmailserver.com/stateOn SHA-1: https://en.wikipedia.org/wiki/SHA-1As of 2020, chosen-prefix attacks against SHA-1 are practical.[6][8] As such, it is recommended to remove SHA-1 from products as soon as possible and instead use SHA-2 or SHA-3. Replacing SHA-1 is urgent where it is used for digital signatures.Digging further: https://www.hmailserver.com/forum/viewtopic.php?t=40568Tl;dr: it uses sha256 by default and only has sha1 for backwards compatibility, which is considered insecure today. Critical updates are still there. load replies (1)
SteveNuts|2 years ago
mycall|2 years ago
wruza|2 years ago
This is an actual claim if someone is interested: https://www.hmailserver.com/state
On SHA-1: https://en.wikipedia.org/wiki/SHA-1
As of 2020, chosen-prefix attacks against SHA-1 are practical.[6][8] As such, it is recommended to remove SHA-1 from products as soon as possible and instead use SHA-2 or SHA-3. Replacing SHA-1 is urgent where it is used for digital signatures.
Digging further: https://www.hmailserver.com/forum/viewtopic.php?t=40568
Tl;dr: it uses sha256 by default and only has sha1 for backwards compatibility, which is considered insecure today. Critical updates are still there.