On Fri, Aug 08, 2014 at 02:31:35PM +0200, Johannes L??thberg wrote: > On 08/08, Gilles Chehade wrote: > >>With STARTTLS I believe there is a clear text race where an attacker can > >>create a response stating STARTTLS is unsupported resulting in > >>cleartext transmission which I believe would not be the case for smtps. > >> > > > >I have absolutely no idea what you're talking about :-/ > > > > When you connect to a mailserver without SMTPS you start in cleartext, and > that connection can be man-in-the-middle'd, which leads to the attacker > being able to make it appear so that the mailserver doesn't support > STARTTLS. > > I've seen this in practice at my old school for one. >
Yes, I know that :-) But I don't understand why it is a problem. OpenSMTPD does opportunistic-TLS and an attacker doing a MITM will only be able to skip STARTTLS in a situation where..., well... we would have falled back to plaintext anyway if the server didn't offer STARTTLS. If you want to enforce TLS relaying, you can add the "tls" parameter to the relay rule which will disable opportunistic-TLS and mandate it. -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
