On Tue, Jan 8, 2019 at 6:25 PM Viruthagiri Thirumavalavan
To be clear, this is the problem with Opportunistic TLS.
A guy who sends an email to AshleyMadison support team probably cheating
his wife. He can protect the real conversation by upgrading the connection
to a secure connection with the help of STARTTLS. But the handshake before
the upgrade goes like this in plain text.
220 mail.ashleymadison.com AshleyMadison ESMTP Service Ready
Ah, right, I misunderstood your use case. However, who is it who needs
privacy here? The end user is never going to connect to ashleymadison.com
ietf-smtp mailing list