> I'm also not sure it matters if a TLS session is preceded by the ten > bytes `STARTTLS\r\n' on the wire or not.
I would say it does. In theory, it matters because the conversation is not conformant to the protocol otherwise; a receiver-SMTP would be entirely justified in dropping a connection which attempts to start a TLS session without STARTTLS, and, while I don't have specific knowledge of any (I don't use TLS), it would surprise me if there weren't implementations that did. (Playing fast and loose with standards conformance is in large part how email became the disaster it currently is; doing so more just makes it worse.) In practice, I would say it does because the probable failure modes when talking to a non-TLS-ready MTA are substantially better. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mo...@rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
