Page 1 of 1

Ooma notification emails sent without TLS

Posted: Wed Apr 07, 2021 5:47 am
by koehn
I noticed that Ooma's email notifications are sent without use of TLS (I would expect to see `with ESMTPS` on the `Received` headers). This is insecure, and on most mail servers can easily be fixed with a configuration setting. Would whomever manages Ooma's SMTP servers be willing to change this setting?

Code: Select all

Return-Path: <notify-[redacted]>
Delivered-To: [redacted]
Received: from ( [])
	by (Postfix) with ESMTP id 4A1C66003F
	for <[redacted]>; Tue,  6 Apr 2021 22:03:57 +0000 (UTC)
	dkim=pass (1024-bit key; unprotected) header.b="qR5Y/PHX";
Received: from (vmwebs3-eqix-sv5.ooma.internal [])
	by (Postfix) with ESMTP id E83E93003FA0
	for <[redacted]>; Tue,  6 Apr 2021 22:03:55 +0000 (GMT)