[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Fixing the problem of sending email from Tor: Proof of Work based system
malte@xxxxxxx wrote:
> This could be mitigated by configuring
> the mailserver to require TLS, couldn't it?
Hi Malte,
It's certainly the case that you can enforce TLS. But which one? SMTPS
(TLS Wrapper) depends on the client enforcing and maintaining TLS on
port 465 using client-talks-first. It ensures (if properly implemented
and enforced) TLS gets used before any communication with the server.
It's also legacy and poorly supported, a footnote in the SMTP
migration to TLS. ESMTPS (STARTTLS) has the server enforce TLS on port
587 after an initial unencrypted EHLO command and is
server-talks-first. The client then has to validate the certificate
provided from some cert-store before completing initiating data
transfer. Both require TLS but SMTPS is non-standard.
--leeroy
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk