hainenber commented on code in PR #40647: URL: https://github.com/apache/superset/pull/40647#discussion_r3382755760
########## UPDATING.md: ########## @@ -34,6 +34,18 @@ The embedded dashboard page now validates the origin of incoming `postMessage` e Enforcement only applies when the Allowed Domains list is non-empty. If the list is empty (the default), any origin is accepted, so there is no behavior change for embeds that did not configure Allowed Domains. +### SMTP server certificate validation enabled by default + +`SMTP_SSL_SERVER_AUTH` now defaults to `True` (previously `False`). With this default, STARTTLS/SSL connections to the configured SMTP server validate the server's TLS certificate against the system trusted CA store. This makes outbound email (alerts and reports) verify the mail server's identity out of the box. Review Comment: ```suggestion `SMTP_SSL_SERVER_AUTH` now defaults to `True` (previously `False`). With this default, STARTTLS/SSL connections to the configured SMTP server validate the server's TLS certificate against the system's trusted CA store. This makes outbound email (alerts and reports) verify the mail server's identity out of the box. ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
