[Top] [All Lists]

Re: [ietf-smtp] Dombox - A Zero Spam Mail System

2019-10-07 08:37:40
Hi Jeremy,

Thanks for the suggestion.

TCP ENO (RFC 8547) abstract says,

Despite growing adoption of TLS, a significant fraction of TCP traffic on
the Internet remains unencrypted. The persistence of unencrypted traffic
can be attributed to at least two factors. First, some legacy protocols
lack a signaling mechanism (such as a STARTTLS command) by which to convey
support for encryption, thus making incremental deployment impossible.
Second, legacy applications themselves cannot always be upgraded and
therefore require a way to implement encryption transparently entirely
within the transport layer. The TCP Encryption Negotiation Option (TCP-ENO)
addresses both of these problems through a new TCP option kind providing
out-of-band, fully backward-compatible negotiation of encryption.

 TCPCrypt home page <> says,

While weaker by default, Tcpcrypt is more realistic for universal

So it seems like TCP ENO and TCPCrypt are well suited for protocols where
STARTTLS is not possible.


On Mon, Oct 7, 2019 at 3:18 AM Jeremy Harris <jgh(_at_)wizmail(_dot_)org> wrote:

On 06/10/2019 09:04, Viruthagiri Thirumavalavan wrote:
SMTP has port 465 for Implicit TLS. Port 465 was discontinued in the late
90’s in favour of STARTTLS extension. Two decades later that port got
reassigned to "Message Submission" in 2018.

So the “submission” part supports Implicit TLS. But “Transfer” mode is
still missing the “Implicit TLS”. We can't use the same port 465 for
"Transfer" mode since all ISPs wanna block only direct-to-mx connections
prevent outgoing spam and not the message submission connections. So
will be a conflict if we use port 465 for both "submission" and
That's why I proposed a new port 26.

An alternative might be to use TCP ENO (RFC 8547) and tcpcrypt
(RFC 8548), sitting on port 25 ?

ietf-smtp mailing list

Best Regards,

Viruthagiri Thirumavalavan
Dombox, Inc.
ietf-smtp mailing list
<Prev in Thread] Current Thread [Next in Thread>