Bugtraq mailing list archives

Re: Web Tool Announcement: ismymailsecure.com

From: Holger Rabbach <hrabbach () crossroad-networks com>
Date: Wed, 25 Aug 2010 13:48:49 +0200

Hi Kari,

On 25/08/2010 11:30, Kari Hurtta wrote:

And because mail server name and email address does not need to be any
connection also checking of signature of certificate agaist CA does not
help much. It does not protect attack agaist MX records on DNS.


true - so in an ideal world, we would need DNSSec everywhere and strict
certificate checking to significantly reduce the possibility of MiTM
attacks. In a not so ideal world, every little bit helps, so if we can
get mail servers to routinely use encryption between each other, that's
a nice first step and using valid certificates that can actually be
verified is a second one. Both will help significantly already.

Holger

Current thread:

Web Tool Announcement: ismymailsecure.com Holger Rabbach (Aug 18)
- Re: Web Tool Announcement: ismymailsecure.com Chuck Swiger (Aug 23)
- Re: Web Tool Announcement: ismymailsecure.com Kari Hurtta (Aug 25)
  - Re: Web Tool Announcement: ismymailsecure.com Holger Rabbach (Aug 25)
    - Re: Web Tool Announcement: ismymailsecure.com Kari Hurtta (Aug 25)
    - Re: Web Tool Announcement: ismymailsecure.com Holger Rabbach (Aug 25)
    - Re: Web Tool Announcement: ismymailsecure.com Tim (Aug 25)
    - Re: Web Tool Announcement: ismymailsecure.com Brian Behlendorf (Aug 26)
    - Re: Web Tool Announcement: ismymailsecure.com Tim (Aug 25)