ietf-smtp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-smtp] Dombox - A Zero Spam Mail System

2019-10-07 08:37:40
from [Viruthagiri Thirumavalavan] [Permanent Link] 
Hi Jeremy,

Thanks for the suggestion.

TCP ENO (RFC 8547) abstract says,

Despite growing adoption of TLS, a significant fraction of TCP traffic on

the Internet remains unencrypted. The persistence of unencrypted traffic
can be attributed to at least two factors. First, some legacy protocols
lack a signaling mechanism (such as a STARTTLS command) by which to convey
support for encryption, thus making incremental deployment impossible.
Second, legacy applications themselves cannot always be upgraded and
therefore require a way to implement encryption transparently entirely
within the transport layer. The TCP Encryption Negotiation Option (TCP-ENO)
addresses both of these problems through a new TCP option kind providing
out-of-band, fully backward-compatible negotiation of encryption.



 TCPCrypt home page <http://www.tcpcrypt.org/> says,

While weaker by default, Tcpcrypt is more realistic for universal

deployment.



So it seems like TCP ENO and TCPCrypt are well suited for protocols where
STARTTLS is not possible.

Thanks

On Mon, Oct 7, 2019 at 3:18 AM Jeremy Harris <jgh(_at_)wizmail(_dot_)org> wrote:


On 06/10/2019 09:04, Viruthagiri Thirumavalavan wrote:

SMTP has port 465 for Implicit TLS. Port 465 was discontinued in the late
90’s in favour of STARTTLS extension. Two decades later that port got
reassigned to "Message Submission" in 2018.



So the “submission” part supports Implicit TLS. But “Transfer” mode is
still missing the “Implicit TLS”. We can't use the same port 465 for
"Transfer" mode since all ISPs wanna block only direct-to-mx connections

to

prevent outgoing spam and not the message submission connections. So

there

will be a conflict if we use port 465 for both "submission" and

"transfer".

That's why I proposed a new port 26.


An alternative might be to use TCP ENO (RFC 8547) and tcpcrypt
(RFC 8548), sitting on port 25 ?
--
Cheers,
  Jeremy

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp




-- 
Best Regards,

Viruthagiri Thirumavalavan
Dombox, Inc.

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-smtp] why are we reinventing mta-sts ?, Viruthagiri Thirumavalavan
Next by Date:  Re: [ietf-smtp] why are we reinventing mta-sts ?, John Levine
Previous by Thread:  Re: [ietf-smtp] Dombox - A Zero Spam Mail System, Jeremy Harris
Next by Thread:  Re: [ietf-smtp] spam reporting and prevention, Stan Kalisch
Indexes:  [Date] [Thread] [Top] [All Lists]