On 2/7/15 8:51 AM, Hanno Böck wrote: > On Sat, 7 Feb 2015 08:40:07 -0500 > Jeff Potter <jpotter-cour...@codepuppy.com> wrote: > >> 465 has the benefit that the STARTTLS keyword can’t be MITM stripped. > That's kinda the thing: STARTTLS doesn't really make that much sense > any more in a world where we essentially want to deprecate > non-crypto-logins. > > Mail settings with "starttls if available" should be considered > dangerous. If they use starttls they need to fixate that and make sure > it can't be randomly removed.
I am on this list for courier-imap, but I use postfix for SMTP. Postfix has an option to only allow auth over under SSL (smtpd_tls_auth_only=yes # only allow auth under ssl). So, I believe this can be enforced on the (Postfix) server-side. Is there an equivalent for courier smtpd? -- -Justin justinval...@gmail.com
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users