identify 143 vs 993 clients

[Peter]

On 29/05/20 11:27 pm, mj wrote:
> Thanks to all who participated in the interesting discussion.
> 
> It seems my initial thought might have been best after all, and 
> discontinuing port 143 might be the safest way proceed.

Yes and no.  Some of the attack vectors mentioned are not reasonable and 
it really depends on the client.  Thunderbird, for example, used to have 
settings for plain text, TLS and "TLS if available", but the latter 
setting has not been available for some time which forces the user to 
choose either plain text or TLS at setup time now.  This means that the 
user would now have to change the setting in their client for a 
downgrade attack to work.  I can't speak for all MUAs but if they 
similarly have removed their "TLS if available" option or if the users 
explicitly don't pick that option (you can ask them not to in your setup 
instructions) then that type of downgrade attack cannot occur.

The other possible downgrade attack which was not mentioned but is 
equally mitigated by the client is where the MITM intercepts the 
connection, connects to your server and issues a STARTTLS itself but 
presents the resulting connection as plain text to the client.  This 
means that enforcing STARTTLS on the server side will not prevent a 
plain text connection through a MITM from the client.  But do keep in 
mind that if the client is configured properly to only connect via TLS 
then it will refuse the connection if it is not presented with a 
STARTTLS option that works.

So yes the safest way to go is to just use port 993, but as long as the 
client is not set to a "TLS if available" option then port 143 is also safe.

Also note that the same concerns apply for your submission server 
(likely postfix) using the submission port (587) and enforcing STARTTLS 
vs the submissions port (465) which is a direct TLS connection.


Peter