On Mon, 11 May 2015 13:43:23 -0700, Johannes Löthberg
<[email protected]> wrote:
There is one server which has a feature to automatically save domains to
a whitelist to always force TLS on, though I don't remember which one.
It seems like it could be nice to implement if it wouldn't be too hard.
That would be great. Currently I'm doing this manually by examining the
logs and manually adding domains with servers where the TLS cert can be
successfully verified.
Yeah, that seems like a good thing to offer even if it isn't used much,
especially combined with the above suggestion. (I for one support SMTPS,
for one due to having personally experienced STARTTLS stripping MITM.)
How were you able to detect the STARTTLS stripping MITM? I want to know
how much of this is going on with my own email.
--
You received this mail because you are subscribed to [email protected]
To unsubscribe, send a mail to: [email protected]
