Dňa 14. 3. o 10:21 Andrew C Aitchison via mailop napísal(a):
Given that TLS encryption in SMTP is hop-by-hop rather than end-to-end, I am not convinced that this is a significant reduction in security.
Of course, SMTP is hop-by-hop by design, but how important is that hop-by-hop nowadays? Open relays are gone, source routing is gone, forwarding is not as simple as it was in past (it must be done properly)...
I mean, that one will delivery message to recipient's MX host directly, not over random (unknown) hops, in worse case it will delivery it to backup MX (but that haven't be random hop). Thus we can assume target MX as final target in public net.
Of course, in some (most?) cases the target MX host will not be final delivery target and will forward message to some MDA, eventually over multiple MTAs, but i will consider that as internal thing (secured by some way).
IMO in most cases it is reasonable to forget about hop-by-hop nature in SMTP as argument nowadays. Or i miss something?
-- Slavko https://www.slavino.sk/ _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
