Am 20.06.2019 um 12:28 schrieb FUSTE Emmanuel via dovecot:
Le 20/06/2019 à 11:59, @lbutlr via dovecot a écrit :
On 20 Jun 2019, at 02:53, FUSTE Emmanuel via dovecot <dovecot@dovecot.org>
wrote:
There is plenty of context where TLS is not possible/desirable.
I’d say that is terrible advice. There are no reasonable contexts where is it
is acceptable to send mail credentials without encryption. My users have had to
use STARTTLS for submission for many many years. Insecure connections from
users are not an option.
Please, don't make me say what I did not say.
I use the word "context". I did not talk about "sending mail
credentials" no more I talk about Internet.
And even with that, don't restrict the world as your use case .The world
is not Internet only too.
And SASL and by extend the CRAM-MD5 mech is not used only in email
scenario/protocols.
Even in email scenario, I have to deal with equipments (scanner/copiers)
not able to do TLS or not able to deal with a private CA and insisting
to verify the SMTP server Cert to send email, or with broken or outdated
SSL implementation etc ... They support CRAM-MD5. It is still better
than clear text.
I have more than 4000 of such class of equipments behind my servers each
having their problems, bugs, limitations.... Yes in 2019 ... I even
don't talk you about the thousands of proprietary, outdated, customs,
buggy (and combine all as you want) applications that I have to deal
with....
Emmanuel.
Hopefully we all remember the big hacks where masses of unencrypted or
at least unsufficiently secured credentials were stolen. That's what I
worry about and why CRAM-MD5 is no wise choice at all.
Alexander
