On 07/28/2017 06:58 AM, Michael Orlitzky wrote:
If someone connects to me and I don't like his CA, he can fall back to plain text and I have to allow it (because of the bajillions of people who don't do TLS over SMTP at all).
I disagree. You do have the choice to not accept messages over an unsecured channel. The SMTP protocol easily accommodates this.
The question is do you want to / will your business allow you to not accept unencrypted messages.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
