On Sun, 08 Feb 2015 16:39:17 -0500 Justin Vallon <justinval...@gmail.com> wrote:
> AUTH is only allowed under SSL. Mail can only be sent (relayed) after > AUTH. Therefore, if the MITM prevents the client from STARTTLS'ing, > the server will not allow mail to be sent. Unencrypted mail will not > be sent. The attacker can speak STARTTLS to the server and plain text to the client. And has a full MitM-attack. The TLS level authentication is only in one direction - the server authenticates itself to the client, but not the other way round (there are in theory TLS client certificates, but usually nobody uses them). -- Hanno Böck http://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: BBB51E42
pgptVJPY5ZU6F.pgp
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
