nanog mailing list archives
Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]
From: Eric Tykwinski <eric-list () truenet com>
Date: Sat, 12 Jan 2019 17:37:02 -0500
In my opinion, the problem isn’t that great. As others have stated, you can locally enforce only STARTTLS on the receive connector or send connector locally to ensure that only encrypted transmission occurs. If the MTA doesn’t send/accept STARTTLS send an error message. That the host name is given, doesn’t really matter as most MiTM will still see IP SRC and IP DST so that’s given that transmission occurred. DNSSEC already will ensure the same IP, and RPKI can help on BGP hijacks, given this is still an ongoing process. In my opinion, the major issue is data at rest which would rely on PGP, S/MIME, et al. Another option would be DMTP, like I emailed off list which encrypts even headers. My guess though is that if this gains traction, there will be a corresponding law like CALEA for LEO to intercept. Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-8300
On Jan 12, 2019, at 5:09 PM, Viruthagiri Thirumavalavan <giri () dombox org> wrote: I'm not sure why are being angry here. For the record, this conversation isn't about TLS on port 26. It's about STARTTLS downgrade protection on port 25. On Sun, Jan 13, 2019 at 3:33 AM Brian Kantor <Brian () ampr org <mailto:Brian () ampr org>> wrote: From this point forward, all mail containing the phrase "TLS on port 26" in the Subject line will be shunted into my junk mail box, unread, because I do not wish to see any more correspondence on this matter. 'procmail' is my friend. - Brian On Sun, Jan 13, 2019 at 03:20:26AM +0530, Viruthagiri Thirumavalavan wrote:Hello Mr. Levine, [...]-- Best Regards, Viruthagiri Thirumavalavan Dombox, Inc.
Current thread:
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request], (continued)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Tom Beecher (Jan 14)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Constantine A. Murenin (Jan 11)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Seth Mattinen (Jan 12)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] James Downs (Jan 12)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
- Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] John Levine (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Brian Kantor (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Eric Tykwinski (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] valdis . kletnieks (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Töma Gavrichenkov (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Suresh Ramasubramanian (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Cummings, Chris (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Jason Hellenthal via NANOG (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Viruthagiri Thirumavalavan (Jan 12)
- Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request] Jason Hellenthal via NANOG (Jan 12)