Jeff Jansen <[email protected]> writes: > Does anyone know why "smtp.gmail.com" advertises STARTTLS, but the > gmail MX servers do not?
Probably because, traditionally, encryption for email at the transport stage (as opposed to PGP and so forth, which handle encryption from the MUA and require the user to have a personal key pair) has mostly been used between the client and the client's own mail server(s), primarily for the purpose of protecting the user's authentication credentials. Between the sending mail server and the receiving mail server, almost all email is traditionally sent in the clear, ever since the ancient days of yore when everybody ran open relays. This may gradually change over time, but my guess would be that Google just hasn't pulled the trigger on that yet. They sure wouldn't be the only ones. No encryption when sending from one MTA to another is still pretty much the de facto standard state of affairs at this point, unless I missed a pretty big news story. -- Nathan Eady Galion Public Library ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
