On 1/11/16 8:34 AM, John Levine wrote:
Only sort of. In this case, the downgrade path is obvious, you
ignore the TLS flag and send the message along.
That's the opposite of the goal here. SMTP makes tries to delivery
messages, even if that results in a downgrade in security. The goal here
is to fail the transmission of REQUIRETLS tagged messages that can't be
sent in accordance with the originator's security requirements.
Of course, but there's no reason for recipient MTAs to pay any
attention to the tag if they don't want to. There is no penalty to
them for doing so. With EAI there's at least the penalty of messages
Misbehavior by MTAs is outside the scope of the threat model for SMTP
TLS. I have already described how such behavior could be detected; the
erosion of trust resulting from that is likely to be harmful to the mail
provider's business model.
ietf-smtp mailing list