You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The library "imbox", which is used by the Mail-Collectors, does not validate the certificate of the IMAP Server. It is not possible to force the library to do so.
We also checked:
requests: The library does behave well on Ubuntu 14.04
sleekxmpp: It is possible to tell sleekxmpp to uses a certificate store, currently this is not done
To discuss:
Remove the dependency of Imbox and do "IMAP by hand" or persuade Imbox maintainer to add the option to configure SSL.
Initiate XMPPClient correctly with a CertificateStore
Create an IntelMQ-Wide usable configuration-variable for a CertificateStore.
The text was updated successfully, but these errors were encountered:
Also also would like to see this fixed upstream. Creating our own library is much more work than patching the existing code. Thanks for bringing this upstream.
The colleagues from Abusehelper realised some flaws concerning their SSL implementation:
https://github.com/abusesa/abusehelper/blob/master/docs/SECURITY-2016-01.md
@bernhard-herzog reviewed some parts of IntelMQ.
The library "imbox", which is used by the Mail-Collectors, does not validate the certificate of the IMAP Server. It is not possible to force the library to do so.
We also checked:
To discuss:
The text was updated successfully, but these errors were encountered: