Well ... because TLS "may" as in it is not mandatory and the plain text fallback is still (even today) a valid (user choice ) reality ?
When we reach the stage of "no plain text communication is acceptable" that would be OK. As we are today it is not. It's unsecure ? Obviously. Is it still accepted as per RFC? Yeap, so deal with it. Follow the standards and stuff will fall into its correct bucket. It's not that hard ( well, unless it's M$ ... ) Regards, On Thu, May 22, 2025 at 4:28 PM Aaron C. de Bruyn <aa...@heyaaron.com> wrote: > On Thu, May 22, 2025 at 8:17 AM Paulo Pinto via mailop <mailop@mailop.org> > wrote: > >> What, they cannot tell if the connection is encrypted or not because >> they've ignored the handshake result ? >> > > Yeah, their software should be standards-compliant for special > use-cases...but seriously...if it is an issue of the server not supporting > TLS...why blame Microsoft? > In this day and age, certs are free...and who would want a company > transmitting their email and authentication information transmitted in > clear-text? > > -A > > -- -- Paulo Azevedo
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
