Re: identify 143 vs 993 clients

Sat, 30 May 2020 23:58:56 -0700 

On 31/05/20 6:50 pm, Jean-Daniel wrote:

Yes and no.  Some of the attack vectors mentioned are not reasonable and it really depends on the 
client.  Thunderbird, for example, used to have settings for plain text, TLS and "TLS if 
available", but the latter setting has not been available for some time which forces the user 
to choose either plain text or TLS at setup time now.  This means that the user would now have to 
change the setting in their client for a downgrade attack to work.  I can't speak for all MUAs but 
if they similarly have removed their "TLS if available" option or if the users explicitly 
don't pick that option (you can ask them not to in your setup instructions) then that type of 
downgrade attack cannot occur.

The other possible downgrade attack which was not mentioned but is equally 
mitigated by the client is where the MITM intercepts the connection, connects 
to your server and issues a STARTTLS itself but presents the resulting 
connection as plain text to the client.  This means that enforcing STARTTLS on 
the server side will not prevent a plain text connection through a MITM from 
the client.  But do keep in mind that if the client is configured properly to 
only connect via TLS then it will refuse the connection if it is not presented 
with a STARTTLS option that works.

So yes the safest way to go is to just use port 993, but as long as the client is not set 
to a "TLS if available" option then port 143 is also safe.


I don’t think you can call an option safe if it relies on the users to properly 
configure their client. We all know that users are usually bad at following 
instructions ;-)
Fair enough, but this attack vector can only happen if it's on a client that supports a downgrade option (I should hope that most don't nowadays, but someone did mention MacOX Mail earlier) *and* the user selects that option when configuring as opposed to the stricter "TLS only" (or equivalent) option. At that point it still requires a MITM attack to downgrade the connection, and that MITM must not only be able to read the packets but also intercept them and present different data to the user. I can see this type of attack happening in wifi environments and coming from ISPs that want to snoop on people's email, though.
As I said (and I stand by it) the safest approach is to just limit to port 993, but port 143 is also safe if properly configured on both the server and client side. 


Peter

Reply via email to