[Top] [All Lists]

Re: [ietf-smtp] How to encrypt SMTP?

2019-10-27 14:58:37
Hello Keith,

On Sat, 2019-10-26 at 18:28 -0400, Keith Moore wrote:
Yes but IMO we should be moving toward a world in which TLS is mandatory for 
SMTP relay.    Clear guidance to implementors and operators on what TLS 
versions, cert algorithms, and ciphersuites a client and server should 
support, might help us get there.

(perhaps as a stepping stone, cleartext mail relay could be pessimized by 
having servers randomly return 4xx in response to MAIL sent without TLS, 
obsolete TLS, or weak ciphersuites, with the probability of such responses 
increasing over time.)

There is no big difference in the penalty between randomly returning 4xx on 
MAIL and randomly returning 4xx on RCPT and
the latter is effectively mail segmentation.

If random 4xx on MAIL as penalty for not offering reasonable TLS will help make 
things better, will random mail
segmentation as penalty for senders not supporting PRDR, convince anybody to 
implement PRDR?


ietf-smtp mailing list

<Prev in Thread] Current Thread [Next in Thread>