On Sat, Feb 7, 2015 at 3:54 PM, Jeff Potter <[email protected]>
wrote:
>
> I’d support such a project, but based on my experience with my users, the
> ones for whom it would help wouldn’t care about it or understand the need.
> I’ve started recommending to my clients to use port 465 by default.
>
> Using port 465 instead of 587 “fixes” the STRIPSSL attack. I would believe
> Apple and Google would want to “un-deprecate” 465 (although I haven’t read
> anything to confirm that).
>
>
It doesn't really do that, because MUAs will likely try ports 587 and 25 if
465 doesn't work.
As a user, you need to specify that no fallback is acceptable.
For instance, in Apple's Mail, the default in Mavericks is "Use default
ports (25, 465, 587)" and "Use Secure Sockets Layer (SSL)". You can select
"Use custom port", but how many users will do that?
--
Jan
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
