Re: [ietf-smtp] guidance on how to secure against sniffing and paid back

ietf-smtp

Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors

2013-09-14 10:56:25

On 14 Sep 2013, at 16:40, keld(_at_)keldix(_dot_)com wrote:

There are not that many MTA implementations out there so if we can persuade
implementers to provide STARTTLS per default, I see this as a path
with good chances to succeed. We could even advise implementers to generate 
an auto-signed 
certificate. This guidance could be done in an RFC.


How do you propose that receivers verify self-signed certificates?

Note that many MTAs (Exchange, notably) will fail delivery if STARTTLS is 
offered, but verification does not succeed.  This is stupid because Exchange 
will happily deliver to hosts if STARTTLS is not advertised, so it's an 
inconsistent policy.  (The solution for postmasters is then to either maintain 
a table of known stupid hosts, or [as in my case] just turn off server TLS.)

Cheers,
Sabahattin

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, (continued) Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, keld Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, Russ Allbery Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, Rolf E. Sonneveld Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, Martijn Grooten Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, Timo Sirainen Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, Paul Smith Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, keld Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, John Levine Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, Sabahattin Gucukoglu Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, keld Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, Sabahattin Gucukoglu <= Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, keld Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, Mark Andrews Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, James Cloos Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, Arnt Gulbrandsen Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, Paul Smith Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, Martijn Grooten

Previous by Date:	Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, keld
Next by Date:	Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, keld
Previous by Thread:	Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, keld
Next by Thread:	Re: [ietf-smtp] guidance on how to secure against sniffing and paid backdoors, keld
Indexes:	[Date] [Thread] [Top] [All Lists]