ietf-smtp
[Top] [All Lists]

Re: RFC 3207 STARTTLS

2008-10-24 16:23:22



--On Friday, 24 October, 2008 17:22 +0100 Tony Finch
<dot(_at_)dotat(_dot_)at> wrote:

...
However I don't know how to address its weaknesses for
inter-domain relaying via MX records. At the same time
relaying is often much less vulnerable to active attack than
message submission, so there seems to me to be less need for
TLS in this situation. (I'd probably have a less sanguine
point of view if I had lots of mail going through a dodgy
shared hosting environment...)

Of course, this is another area in which a functional DNSSEC,
with signature verification by the SMTP clients, would make some
of us sleep a lot more soundly.  But that is not specifically a
TLS problem.

    john



<Prev in Thread] Current Thread [Next in Thread>