On Thu, May 15, 2008 at 8:09 AM, Aidas Kasparas <[EMAIL PROTECTED]> wrote: > > > Jerry Amundson wrote: >> On 5/15/08, Aidas Kasparas <[EMAIL PROTECTED]> wrote: >>> Sam Varshavchik wrote: >>>> Aidas Kasparas writes: >>>> >>>>> I do not have arguments why courier should not fallback in 454 cases >>>>> [remember "be liberal at what you accept" internet principle?]. >>>> Because any 4xx SMTP error code means exactly that: "try again later", >>>> not "try something else entirely, which is less secure". >> [snip] >>> Therefore, I would agree that fallback to plain ESMT from 354 is >>> "slightly less private" but no "less secure". But, we MUST NOT relay on >>> that privacy which STARTTLS offers, therefore I see no problem doing >>> fallback (with exception when STARTTLS is explicitly requested). >> >> Wrong. A breach of "privacy" is a breach of "security". Period. > > For "real privacy" and "real security" only. In my previous mail I
Yeah, you won't need TLS at all for the "imaginary security", if thats your aim. Owen. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
