On Fri, Aug 11, 2006 at 06:21:36PM +0200, Joachim Schipper wrote:
> On Fri, Aug 11, 2006 at 03:07:01PM +0200, knitti wrote:
> > On 8/10/06, Will H. Backman <[EMAIL PROTECTED]> wrote:
> > >Darrin Chandler wrote:
> > if you just wan't to have MUAs talk to your exchange, and don't want to use
> > STARTTLS, rdr the Exchange server to port 587 or 465 with pf. If you *want*
> > to have a server on port 25, the correct way would be to use STARTTLS,
> > which is supported by exchange, should work with spamd and all sane
> > MUAs or MTAs.
>
> Note, though, that using STARTTLS and spamd will leak information
> (recipient addresses will be sent unencrypted to spamd). This may or may
> not be acceptable [1].
>
> Joachim
>
> [1] I wouldn't have a problem with it, if it's supposed to be secure
> they should use GnuPG anyway.
As Sigfred pointed out to me privately, of course, GnuPG also leaks this
information. Still, STARTTLS shouldn't be used for privacy.
I'll shut up now and stop derailing this thread.
Joachim
