[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor Mail Gateway

On 8/19/13, 5:52 PM, Moritz Bartl wrote:

On 19.08.2013 05:31, ITechGeek wrote:

PGP mails, and I'm thinking about enforcing TLS.

If you enforce TLS, you won't be able to send/receive email for many
domains.


Yes.

I want to have a script that scans all incoming mail for the used cipher
and in the case of a weak, non-PFS cipher, or no TLS at all, emails both
the sender and postmaster@senderdomain to get their stuff fixed and to
get the sender to move to a proper provider. I want this not only for
this gateway, but for all mail servers I operate. The script should
support pure notification, but also "bouncing" the mail with this custom
reply for non-TLS (before-queue Milter).
To what point will this be? I'd say the majority of SMTP w/ TLS servers are using self-signed certificates. It's arguable whether TLS with a self signed certificate is any better than just plaintext. 

Peter.

--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk