Uploaded image for project: 'Bitbucket Server'
  1. Bitbucket Server
  2. BSERV-10564

Enabling encrypted mail notifications

    XMLWordPrintable

Details

    • Suggestion
    • Status: Gathering Interest (View Workflow)
    • Resolution: Unresolved
    • None
    • None
    • 0
    • We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      We need to have encrypted at rest emails using S/MIME or PGP certificates as those emails contain sensitive content. Currently, only the transport layer is secured with TLS, which is not enough for customers working in highly regulated industries.

      Original request:

      Problem Definition

      The mail being sent out by Bitbucket Server are not encrypted. While accessing the tools can be easily secured through SSL the security pain point are the notification emails. Enabling TLS for the mail server is useless in most scenarios as this only secures the transport layer.

      Suggested Solution

      The strategy applies to a scenario where emails to some domains could be delivered without any concern (e.g. secure internal domain) and some emails to external suppliers needs to be dropped or filtered. In this case, I recommend my customers set up a postfix after-queue filter to do the trick - which works pretty well.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              bannamalai Baskar Annamalai (Inactive)
              Votes:
              4 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated: