You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have set up a self-hosted Healthchecks instance and noticed that when pinging the server via smtp, it is only possible to send unencrypted emails because TLS is not supported.
This allows an attacker to perform a replay attack, making it look like a service is still running when it is not.
This is why I would love to see TLS support for this feature.
The text was updated successfully, but these errors were encountered:
I suggest not exposing smtpd directly and use postfix or similar as a frontend. Aside from TLS, you can use their features to secure the smtp service like HELO restrctions and DKIM checking. I have my smtpd service listening on localhost:2525 and setup a postfix transport file with healthchecks.domain.tld smtp:[127.0.0.1]:2525.
I have set up a self-hosted Healthchecks instance and noticed that when pinging the server via smtp, it is only possible to send unencrypted emails because TLS is not supported.
This allows an attacker to perform a replay attack, making it look like a service is still running when it is not.
This is why I would love to see TLS support for this feature.
The text was updated successfully, but these errors were encountered: