Re: [mailop] Icewarp and "New" Outlook

[Michael Peddemors via mailop]

On 2025-05-23 02:49, Peter Corlett via mailop wrote:
    [...] As a result, clients and servers SHOULD implement both STARTTLS on
    port 587 and Implicit TLS on port 465 for this transition period.
Which is pretty clear.

I think it is important that consideration is given to how the 'big 
players' affected these choices..

And remember, most implementations of MTA software still allow port 587 
connections without TLS, and port 25 for authentication and port 110/143 
connections, and many ISP's are still afraid to restrict them, worried 
about that 'one old lady on the mountain' that might call to complain.

For this, they risk the security of all their customers..

Most of us on here know 'Best Practices', but experience has shown 
change is a slow mountain to climb.

While there 'might' be some technical merit for port 465/SSL over 
587/TLS, and for the longest time it was only some windows clients, 
(plus of course the hacker bots, they too benefit from encryption)

However, simply put.. a couple of years ago we examined this, and a 90% 
reduction in compromised accounts for organizations that killed off all 
unencrypted authentication methods..

Personally, think the IETF should have further in deprecating older 
methods in RFC's, even if there is a use case for older insecure 
protocols, RFC's don't stop it from being used, but would encourage 
everyone to drop support for it, including MTA developers..

"But what about all the old scan to email et al systems that can't do 
that?" .... Hey, its time to tell them to obsolete those ;) We gave you 
20 years to do so..

--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Reg. TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada

_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop