nanog mailing list archives
Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
From: Viruthagiri Thirumavalavan <giri () dombox org>
Date: Mon, 14 Jan 2019 21:32:55 +0530
Hello Robert, Yes that was pointed out to me in the IETF. That's why I mentioned this part in this thread. "But guys in the IETF mailing list actually showed me a way to get that info. You just get the IP address from 3 way handshake and do reverse lookup / Connect to port 26 to fill the rest of the info. So a new port doesn't offer much security. And I totally I agree with them on that from my understanding of it." On Mon, Jan 14, 2019 at 9:28 PM Robert Blayzor <rblayzor.bulk () inoc net> wrote:
On 1/11/19 11:15 PM, Viruthagiri Thirumavalavan wrote:e.g. 220 mail.ashleymadison.com <http://mail.ashleymadison.com> AshleyMadison ESMTP Service Ready Those text will always be transferred in plain text. So I thought Implicit TLS would prevent leaking that info.I'm not really sure how that really matters when anyone on the open internet could connect to that service port and get the information anyway. If I'm in the middle and I really want to know who you're talking to, what prevents me to just connect to that host and get the same information? -- inoc.net!rblayzor XMPP: rblayzor.AT.inoc.net PGP: https://inoc.net/~rblayzor/
-- Best Regards, Viruthagiri Thirumavalavan Dombox, Inc.
Current thread:
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request], (continued)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Brandon Martin (Jan 11)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 11)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Suresh Ramasubramanian (Jan 11)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 11)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] valdis . kletnieks (Jan 11)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] valdis . kletnieks (Jan 11)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 11)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Töma Gavrichenkov (Jan 12)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Robert Blayzor (Jan 14)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 14)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Constantine A. Murenin (Jan 11)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Suresh Ramasubramanian (Jan 11)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Constantine A. Murenin (Jan 11)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Tom Beecher (Jan 14)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Constantine A. Murenin (Jan 11)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] James Downs (Jan 12)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)