On Mon, Oct 12, 2020 at 3:34 AM Claus Assmann <ietf-smtp(_at_)esmtp(_dot_)org>
wrote:
(mostly) transparent outbound mail filtering so their reputation seems
If STARTTLS is used, they shouldn't be able to do it, unless they
mess with SMTP (or much worse: with TLS), right?
They intercept outbound port 25, and simply don't advertise STARTTLS.
Only STS will catch that.
Alternatively, STARTTLS existed way before easy availability of
low/free certificates, and it was not unusual for STARTTLS giving out
self-signed certs. Hardly noticed, especially since STARTTLS was
optional, and non-encrypted was always available as a fallback. The
senders has to tear down the connection and reconnect, but that was
doable, and was done.
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp