Bugtraq mailing list archives
Re: Web Tool Announcement: ismymailsecure.com
From: Holger Rabbach <hrabbach () crossroad-networks com>
Date: Wed, 25 Aug 2010 13:48:49 +0200
Hi Kari, On 25/08/2010 11:30, Kari Hurtta wrote:
And because mail server name and email address does not need to be any connection also checking of signature of certificate agaist CA does not help much. It does not protect attack agaist MX records on DNS.
true - so in an ideal world, we would need DNSSec everywhere and strict certificate checking to significantly reduce the possibility of MiTM attacks. In a not so ideal world, every little bit helps, so if we can get mail servers to routinely use encryption between each other, that's a nice first step and using valid certificates that can actually be verified is a second one. Both will help significantly already. Holger
Current thread:
- Web Tool Announcement: ismymailsecure.com Holger Rabbach (Aug 18)
- Re: Web Tool Announcement: ismymailsecure.com Chuck Swiger (Aug 23)
- Re: Web Tool Announcement: ismymailsecure.com Kari Hurtta (Aug 25)
- Re: Web Tool Announcement: ismymailsecure.com Holger Rabbach (Aug 25)
- Re: Web Tool Announcement: ismymailsecure.com Kari Hurtta (Aug 25)
- Re: Web Tool Announcement: ismymailsecure.com Holger Rabbach (Aug 25)
- Re: Web Tool Announcement: ismymailsecure.com Tim (Aug 25)
- Re: Web Tool Announcement: ismymailsecure.com Brian Behlendorf (Aug 26)
- Re: Web Tool Announcement: ismymailsecure.com Holger Rabbach (Aug 25)
- Re: Web Tool Announcement: ismymailsecure.com Tim (Aug 25)