> > Given that TLS encryption in SMTP is hop-by-hop rather than end-to-end, > I am not convinced that this is a significant reduction in security. >
Wouldn't it be because you assume that at some point, the security will be either non-existent or low (TLS 1.0/1.1 or fallback to unsecured transaction), which is the entire point of forcing to upgrade the security? Or, if I take the idea the other way around, assuming that "TLS encryption in SMTP is hop-by-hop" and implying that some hop won't be as secure, isn't then having TLS encryption a false sense of security ? (If my message appears aggressive or disrespectful, I'm sorry, that isn't my intention). Le jeu. 14 mars 2024 à 10:24, Andrew C Aitchison via mailop < [email protected]> a écrit : > On Thu, 14 Mar 2024, Marco Moock via mailop wrote: > > > Am 14.03.2024 schrieb Cyril - ImprovMX via mailop <[email protected]>: > > > >> But in my opinion, moving the needle upward by not accepting > >> deprecated versions would force those users to be compliant and > >> improve the general security. > > > > Most of them will simply fall back to no encryption. That is the > > default setting and only a small amount of servers makes using STARTTLS > > mandatory for outgoing mail - too many situations when it fails. > > Given that TLS encryption in SMTP is hop-by-hop rather than end-to-end, > I am not convinced that this is a significant reduction in security. > > For IMAP and POP, encryption is end-to-end, but there you know, and > presumably have control over, your users. > > -- > Andrew C. Aitchison Kendal, UK > [email protected] > _______________________________________________ > mailop mailing list > [email protected] > https://list.mailop.org/listinfo/mailop >
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
