We are going to increase the security of our Filter from SpamExperts

To increase the security of our SpamExperts platform, we will be performing maintenance on Monday, December 12. The estimated impact of this maintenance is low.

The maintenance involves disabling old TLS SSL version 1.0 and 1.1 and old insecure Ciphers (Algorithm selections) and only impacts the inbound MX servers mx1 and mx2.antispam-login.net and our outbound SMTP service with address outgoing.antispam-login.net.

There is no negative impact for customers with a regular web or email hosting package, WordPress website, VPS server or websites created with our Website Builder. This maintenance only potentially affects customers with one or more of the following subscription types:

  • Incoming e-mail filter and outgoing SMTP relay from SpamExperts
  • Incoming email filter and outgoing SMTP relay from SpamExperts for 10 domains
  • Incoming email filter and outgoing SMTP relay from SpamExperts for 25 domains

If you are not using any of the above services, there is not expected to be any negative impact as a result of this maintenance. However, this maintenance will improve the security of the incoming and outgoing e-mail data of all our customers and the warning about TLS version and Ciphers (Algorithm selections) on the internet.nl E-mail test will disappear for all domain names.

The impact for customers using our“outbound SMTP relay from SpamExperts

If you use any of the subscriptions listed above, any managed application or device will use our outgoing SMTP relay from SpamExperts to send email via SMTP address outgoing.antispam-login.net. In that case, it is important to know exactly what is going to be disabled and what, if anything, can be done to get ahead of problems or resolve them afterwards.

What is eliminated

Specifically,TLS versions 1.0 and 1.1 are disabled as well as the following Ciphers:

  • ECDHE-ECDSA-DES-CBC3-SHA [1 .0]
  • ECDHE-RSA-DES-CBC3-SHA [1 .0]
  • DHE-RSA-DES-CBC3-SHA [1 .0]
  • AES256-GCM-SHA384 [1 .2]
  • AES128-GCM-SHA256 [1 .2]
  • AES256-SHA256 [1 .2]
  • AES256-SHA [1 .0]
  • AES128-SHA256 [1 .2]
  • AES128-SHA [1 .0]
  • DES-CBC3-SHA [1 .0]

Why is this turned off

These TLS versions and Ciphers are disabled to ensure that we provide an environment with the highest security for email communication now and in the future. TLS 1.0 and 1.1 are old (1999 and 2006, respectively) and now obsolete. New TLS versions have been available for some time now, and many parties such as Microsoft (Office365), for example, no longer support the older TLS versions.

Does this change affect me?

This change affects old applications or devices that do not support TLS 1.2 or newer. Applications or devices that are up to date will not be affected by this change.

What can I do to prepare for this change?

We recommend that you check the application or devices using ouroutgoing SMTP relay from SpamExperts (outgoing.antispam-login.net) to see if TLS 1.2 or newer is supported and if in doubt, contact the supplier of the application or device.

Hungry for news?

Subscribe to the Hosting.NL newsletter and stay informed. Your data will be used to send news, technical updates, and support articles.

Newsletter