> Le 31 mai 2020 à 06:09, Peter <pe...@pajamian.dhs.org> a écrit :
>
> On 29/05/20 11:27 pm, mj wrote:
>> Thanks to all who participated in the interesting discussion.
>> It seems my initial thought might have been best after all, and
>> discontinuing port 143 might be the safest way proceed.
>
> Yes and no. Some of the attack vectors mentioned are not reasonable and it
> really depends on the client. Thunderbird, for example, used to have
> settings for plain text, TLS and "TLS if available", but the latter setting
> has not been available for some time which forces the user to choose either
> plain text or TLS at setup time now. This means that the user would now have
> to change the setting in their client for a downgrade attack to work. I
> can't speak for all MUAs but if they similarly have removed their "TLS if
> available" option or if the users explicitly don't pick that option (you can
> ask them not to in your setup instructions) then that type of downgrade
> attack cannot occur.
>
> The other possible downgrade attack which was not mentioned but is equally
> mitigated by the client is where the MITM intercepts the connection, connects
> to your server and issues a STARTTLS itself but presents the resulting
> connection as plain text to the client. This means that enforcing STARTTLS
> on the server side will not prevent a plain text connection through a MITM
> from the client. But do keep in mind that if the client is configured
> properly to only connect via TLS then it will refuse the connection if it is
> not presented with a STARTTLS option that works.
>
> So yes the safest way to go is to just use port 993, but as long as the
> client is not set to a "TLS if available" option then port 143 is also safe.
I don’t think you can call an option safe if it relies on the users to properly
configure their client. We all know that users are usually bad at following
instructions ;-)
