projects / GitHub / WoltLab / woltlab.github.io.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6c94c8b)
Document the removal of the `may` value for STARTTLS
authorTim Düsterhus <duesterhus@woltlab.com>
Wed, 14 Jul 2021 10:37:56 +0000 (12:37 +0200)
committerTim Düsterhus <duesterhus@woltlab.com>
Wed, 14 Jul 2021 10:37:56 +0000 (12:37 +0200)
Resolves #207

docs/migration/wsc54/deprecations_removals.md patch | blob | blame | history
docs/migration/wsc54/php.md patch | blob | blame | history

diff --git a/docs/migration/wsc54/deprecations_removals.md b/docs/migration/wsc54/deprecations_removals.md
index 877da830b1c4f8ee00ac6f9625f10f72cded3706..1f725aa61ace8e2dd821c5089ffbaf0c30975b49 100644 (file)
--- a/docs/migration/wsc54/deprecations_removals.md
+++ b/docs/migration/wsc54/deprecations_removals.md
@@ -88,6 +88,7 @@ With version 5.5, we have deprecated certain components and removed several othe
 
 - `MODULE_SYSTEM_RECAPTCHA` ([WoltLab/WCF#4305](https://github.com/WoltLab/WCF/pull/4305))
 - `PROFILE_MAIL_USE_CAPTCHA` ([WoltLab/WCF#4399](https://github.com/WoltLab/WCF/pull/4399))
+- The `may` value for `MAIL_SMTP_STARTTLS` ([WoltLab/WCF#4398](https://github.com/WoltLab/WCF/pull/4398))
 
 #### Files
 
diff --git a/docs/migration/wsc54/php.md b/docs/migration/wsc54/php.md
index c01e3861f12420deb468a8d8a7c2680d8d0bc769..cb5ff1af3d5ce65ba7149c0fbfd82c778f598c96 100644 (file)
--- a/docs/migration/wsc54/php.md
+++ b/docs/migration/wsc54/php.md
@@ -160,6 +160,8 @@ While these runtime caches are only available since version 5.5, the viewable li
 
 ## Emails
 
+### Mailbox
+
 The `Mailbox` and `UserMailbox` classes no longer store the passed `Language` and `User` objects, but the respective ID instead.
 This change reduces the size of the serialized email when stored in the background queue.
 
@@ -169,6 +171,15 @@ Use the `getLanguage()` or `getUser()` getters if using composition is not possi
 
 See [WoltLab/WCF#4389](https://github.com/WoltLab/WCF/pull/4389) for details.
 
+### SMTP
+
+The `SmtpEmailTransport` no longer supports a value of `may` for the `$starttls` property.
+
+Using the `may` value is unsafe as it allows for undetected MITM attacks.
+The use of `encrypt` is recommended, unless it is certain that the SMTP server does not support TLS.
+
+See [WoltLab/WCF#4398](https://github.com/WoltLab/WCF/pull/4398) for details.
+
 ## Miscellaneous Additions
 
 - [`ValueIntervalFormFieldDependency`](../../php/api/form_builder/dependencies.md#valueintervalformfielddependency)