http://www.ritlabs.com New posts in TLS-related command-line parameters of forum at www.ritlabs.com [www.ritlabs.com] en http://backend.userland.com/rss2 Tue, 14 Apr 2020 11:18:05 +0300 TLS-related command-line parameters in forum The Bat! - Configuring the E-mail Client.
@Maxim Can I ask you to do comment here? - https://www.ritlabs.com/ru/auth-forums/forum3/topic14737/message49509/#message49509
14 April 2020 11:18:05, George Salnik.]]> http://www.ritlabs.com/en/forums/forum4/topic14745/message49523/ http://www.ritlabs.com/en/forums/forum4/topic14745/message49523/ Tue, 14 Apr 2020 11:18:05 +0300 The Bat! - Configuring the E-mail Client TLS-related command-line parameters in forum The Bat! - Configuring the E-mail Client.
Here is the full list of TLS-related command-line parameters. They are available since The Bat! 8.5.8, except /TLS_DISABLE_ECDSA that became available since 9.1.10.

• /DISABLE_TLS12
  
• /TLS_DISABLE_ECDHE
  
• /TLS_DISABLE_ECDSA
  
• /TLS_VERSION_RANGE:
  
• /TLS_DISABLE_PERFECT_FORWARD_SECRECY
  
• /TLS_FORCE_PERFECT_FORWARD_SECRECY
  
• /TLS_DISABLE_DHE
  

The "/TLS_VERSION_RANGE:0-3" command line parameter is needed to specify lowest and highest SSL/TLS version minor byte number that The Bat! should support. "0" means SSL 3.0, "1" means TLS 1.0, "2" means TLS 1.1 and "3" means "TLS 1.2". For example, to disable SSL 3.0, use "/TLS_VERSION_RANGE:1-3". Another example – to only allow TLS 1.2 – use "/TLS_VERSION_RANGE:3-3"

The /TLS_DISABLE_ECDSA parameter (available since version 9.1.10) just disables cipher suites with Ellipric Curve DSA server certificates, but not ephemeral elliptic curves keys. Thus, the perfect forward secrecy keeps working with this command-line parameter, but only RSA server certificates are used. The other command-line parameters.
14 April 2020 10:11:08, Maxim Masiutin.]]> http://www.ritlabs.com/en/forums/forum4/topic14745/message49522/ http://www.ritlabs.com/en/forums/forum4/topic14745/message49522/ Tue, 14 Apr 2020 10:11:08 +0300 The Bat! - Configuring the E-mail Client