[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Fixing the problem of sending email from Tor: Proof of Work based system

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Fixing the problem of sending email from Tor: Proof of Work based system
From: "l.m" <ter.one.leeboi@xxxxxxxx>
Date: Mon, 02 Mar 2015 20:15:04 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 02 Mar 2015 20:15:18 -0500
In-reply-to: <20150302234130.cd626a2d76f25c16d69f5019@xxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <54F47E8E.6040908@xxxxxxxxxxxxxxx> <20150302192828.CAFC1E0465@xxxxxxxxxxxxxxxxx> <20150302234130.cd626a2d76f25c16d69f5019@xxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

malte@xxxxxxx wrote:
> This could be mitigated by configuring 
> the mailserver to require TLS, couldn't it?

Hi Malte,

It's certainly the case that you can enforce TLS. But which one? SMTPS
(TLS Wrapper) depends on the client enforcing and maintaining TLS on
port 465 using client-talks-first. It ensures (if properly implemented
and enforced) TLS gets used before any communication with the server.
It's also legacy and poorly supported, a footnote in the SMTP
migration to TLS. ESMTPS (STARTTLS) has the server enforce TLS on port
587 after an initial unencrypted EHLO command and is
server-talks-first. The client then has to validate the certificate
provided from some cert-store before completing initiating data
transfer. Both require TLS but SMTPS is non-standard.
--leeroy
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Fixing the problem of sending email from Tor: Proof of Work based system
  - From: Fabio Pietrosanti (naif) - lists
- Re: [tor-talk] Fixing the problem of sending email from Tor: Proof of Work based system
  - From: l.m
- Re: [tor-talk] Fixing the problem of sending email from Tor: Proof of Work based system
  - From: malte@xxxxxxx

Prev by Author: Re: [tor-talk] Fixing the problem of sending email from Tor: Proof of Work based system
Next by Author: Re: [tor-talk] personal note
Previous by thread: Re: [tor-talk] Fixing the problem of sending email from Tor: Proof of Work based system
Next by thread: Re: [tor-talk] Fixing the problem of sending email from Tor: Proof of Work based system
Index(es):
- Author
- Thread