>> But we have a number of servers that for various dumb reasons want >> to speak SMTP after a TLS negotation has taken place. > >There's nothing dumb about avoiding downgrade attacks. At least one >major cable ISP in western Canada deleted (and maybe still does) the >STARTTLS capability from the EHLO responses on port 587 connections >through their network. Switching to smtps fixes that right quick.
AFACT, it's pretty easy to avoid that problem (do we get that right? We do!). --Ken _______________________________________________ Nmh-workers mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/nmh-workers
