https://bz.apache.org/ooo/show_bug.cgi?id=128194
--- Comment #4 from Don't show my email <[email protected]> --- Of course you did not leak any personal informations yet, thats not the point. EU GDPR ยง32 states, that if easy and simple possible, the genernal transport of personal data has to be encrypted/protected. The fact, that you as receiver can't know in advance, what people will send to you via email, leads to the consequence, that you have to protect any incoming transmission. I am part of a european corp/organisation and we have to obey the GDPR, as it's a european law. So, any disabling of the TLS enforce policy, means a violation for us, because in that timeframe a mail with personal data could come in. I admin, it's theoratically, first, but if i have to leave the tls enforcer disabled, for every mail your bugzilla is sending, i.e. as reaction to a ticket, it's no longer theoratically, it becomes a real violation. Means in the end, a lawfull corp/org has to block unencrypted email traffic. The worst part is the fact, that you send it unencrypted at all. We have 2019! Not 1990. I had the same discussion with mozilla, and i won :) Be nice, enable tls for tls capable mailservers. Besides the eu friendly policy, it's a security enhancement, as sensitive informations are no longer send in plain text around the globe. -- You are receiving this mail because: You are the assignee for the issue.
