nanog mailing list archives

Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]

From: Viruthagiri Thirumavalavan <giri () dombox org>
Date: Mon, 14 Jan 2019 21:32:55 +0530

Hello Robert,

Yes that was pointed out to me in the IETF. That's why I mentioned this
part in this thread.

"But guys in the IETF mailing list actually showed me a way to get that
info. You just get the IP address from 3 way handshake and do reverse
lookup / Connect to port 26 to fill the rest of the info. So a new port
doesn't offer much security. And I totally I agree with them on that from
my understanding of it."

On Mon, Jan 14, 2019 at 9:28 PM Robert Blayzor <rblayzor.bulk () inoc net>
wrote:

On 1/11/19 11:15 PM, Viruthagiri Thirumavalavan wrote:

e.g. 220 mail.ashleymadison.com <http://mail.ashleymadison.com>
AshleyMadison ESMTP Service Ready

Those text will always be transferred in plain text. So I thought
Implicit TLS would prevent leaking that info.



I'm not really sure how that really matters when anyone on the open
internet could connect to that service port and get the information anyway.

If I'm in the middle and I really want to know who you're talking to,
what prevents me to just connect to that host and get the same information?

--
inoc.net!rblayzor
XMPP: rblayzor.AT.inoc.net
PGP:  https://inoc.net/~rblayzor/


-- 
Best Regards,

Viruthagiri Thirumavalavan
Dombox, Inc.

Current thread:

Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request], (continued)
- - - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Brandon Martin (Jan 11)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 11)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Suresh Ramasubramanian (Jan 11)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 11)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] valdis . kletnieks (Jan 11)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] valdis . kletnieks (Jan 11)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 11)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Töma Gavrichenkov (Jan 12)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Robert Blayzor (Jan 14)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 14)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Constantine A. Murenin (Jan 11)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Suresh Ramasubramanian (Jan 11)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Constantine A. Murenin (Jan 11)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Tom Beecher (Jan 14)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Constantine A. Murenin (Jan 11)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Seth Mattinen (Jan 12)
  - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] James Downs (Jan 12)
    - Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] John Levine (Jan 12)

(Thread continues...)