ProtonBlog(new window)

SSL and TLS Ciphers

Share this page

To further protect the Proton Community, Proton Mail utilizes only high-strength ciphers for SSL and TLS.

We are posting our ciphersuite configurations for Postfix and Apache here for reference, we recommend all system administrators adopt these settings for better security.

Postfix ( main.cf )

smtpd_tls_mandatory_protocols = SSLv3, TLSv1

smtpd_tls_mandatory_ciphers = high

Apache ( ssl.conf )

SSLProtocol -ALL +SSLv3 +TLSv1

SSLCipherSuite HIGH:!aNULL:!MD5

Finally, a quick note regarding TLS 1.2, we will transition to this protocol as soon as CentOS supports it.

Protect your privacy with Proton
Create a free account

Share this page

Andy Yen(new window)

Andy is the founder and CEO of Proton. He is a long-time advocate for privacy rights and has spoken at TED, Web Summit, and the United Nations about online privacy issues. Previously, Andy was a research scientist at CERN and has a PhD in particle physics from Harvard University.

Related articles

Even though the Snowden leaks came out 10 years ago, the United States never ended its unconstitutional surveillance program. It now has a chance to close the legal loopholes that allow warrantless spying on US citizens. But Congress needs to act bef
Over the past year, hackers have been using new and clever techniques to steal people’s online data. At Proton, we’ve been monitoring these evolving strategies and updating our defenses to stay ahead of the arms race.  Often, the attacks involve new
password fatigue
Most people in the digital age have dozens, if not hundreds, of passwords, and keeping track of them is tiring, to say the least. If you’re suffering from password fatigue, you’ll be happy to know there’s an easy fix. The short answer is that you sh
are password managers safe?
Password managers are a great way to generate secure passwords, keep them in encrypted storage together with your credit card details, and improve your online security across the board. But you might be worried about keeping so much sensitive data in
Most of us probably wouldn’t consent to sharing photos of our family and friends with random strangers on the internet. But that’s exactly what we do when we automatically sync our pictures to the non-private servers of Big Tech companies, which can
Google Drive is the world’s most popular cloud storage service by far, with over 3 billion people using Google Workspace (which includes Google Drive, Google Calendar, Gmail, and more). But this ubiquity has recently caused concern following several