On Tue, 6 Nov 2007, Dean Brooks wrote: | I think most MTA operators, including myself, use TLS only for the | encryption of SMTP auth password information. The fact that the message | payload is also encrypted for submission agents is just a bonus.
Makes sense. But then it can be argued the bad guy only needs EITHER the password OR the data. If he can sniff the content itself on the wire, then why bother trying to protect the password ? | There really isn't any advantage to encrypting MX submissions. Most | messages have spent much of their life unencrypted the entire way OK. | I can't imagine trying to resolve the myriad of encryption issues that | would arise with thousands of TLS connections per hour from all over the | world. Right. This was just the sort of response I'm looking for. I'm also interested to know to what extent this is a problem in practice. How do sites who *do* do TLS over the Internet (with no certificate checks) get on ? Are there many obscure problems encountered ? Thanks -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
