pop 110/995, imap 143/993 ?
Robert Wolf
r.wolf.conf at gmail.com
Tue Aug 22 11:03:49 EEST 2017
On Mon, 21 Aug 2017, Gary wrote:
> If I read this correctly, starttls will fail due to the MITM attack. That is
> the client knows security has been compromised. Using SSL/TLS, the MITM can
> use SSL stripping. Since most Postifx conf use "may" for security, the
> message would go though unencrypted. Correct???
Hi,
many people think, the email is encrypted (secured), because it is sent through
encrypted submission connection to client's smtp/submission server. I know some
case, where one users sends credit card numbers over encrypted channel to SMTP
server and he thinks the card numbers are protected!
WRONG!!! The email is stored plain-text on the first server and then it can be
sent to other few MX servers over plain-text connection. I.e. encrypted
connection does not protect emails, but the authentication credentials.
Users should know, that they have to encrypt the email itself, if they want
protect it.
Regards,
Robert Wolf.
More information about the dovecot
mailing list