[email protected] wrote: > This could be mitigated by configuring > the mailserver to require TLS, couldn't it?
Hi Malte, It's certainly the case that you can enforce TLS. But which one? SMTPS (TLS Wrapper) depends on the client enforcing and maintaining TLS on port 465 using client-talks-first. It ensures (if properly implemented and enforced) TLS gets used before any communication with the server. It's also legacy and poorly supported, a footnote in the SMTP migration to TLS. ESMTPS (STARTTLS) has the server enforce TLS on port 587 after an initial unencrypted EHLO command and is server-talks-first. The client then has to validate the certificate provided from some cert-store before completing initiating data transfer. Both require TLS but SMTPS is non-standard. --leeroy -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
