On Tue 10/Aug/2021 18:51:50 +0200 Ralph Seichter Via Mailop wrote:
* Alessandro Vesely via mailop:
SASL methods allow secure authentication over unencrypted channels.
The organisation in question permits PLAIN/LOGIN authentication over
unencrypted channels, without prior STARTTLS. Bad choice.
Agreed. However, that choice is paired by mail clients which permit
the corresponding configuration. If we consider that as some kind of
emergency or debugging tool, perhaps it is acceptable to permit it.
As long as no users actually configure such leaky choice on their
clients, that is.
Best
Ale
--
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
