On Tue, Nov 24, 2015 at 2:23 PM, Ted Lemon <[email protected]> wrote: > Tuesday, Nov 24, 2015 4:25 PM Eliot Lear wrote: > > What benefit would this add to the average user? > > It's the germ of an interesting idea. The theory would be that a sniffer > at the backbone would have to listen to all traffic, not just traffic on > port 25.
I don't think that's quite right. A port-specific sniffer would have to know what SMTP port was correct for a specific domain. Depending on the TTL of the record, that might turn into a table lookup for setting the sniffers rather than listening to all traffic. That said, I rather suspect that listening to all traffic is pretty much in the program of most signals intelligence agencies anyway, because the ephemeral ports can be be used by VoIP and other media traffic. DPI on that would tell you which ones were SMTP and which others pretty rapidly. However, it's not as good as SMTP+TLS, and has the same adoption problem, > plus SMTP+TLS has a _big_ head start, so it's probably better to > concentrate our efforts on making that work even better. > > Yes, focusing on getting encryption underneath it seems like a better use of energy; at most, port shifting is minor security through obscurity, and that doesn't tend to give you a lot of bang for your buck. Just my two cents, Ted > > -- > Sent from Whiteout Mail - https://whiteout.io > > My PGP key: https://keys.whiteout.io/[email protected] > _______________________________________________ > perpass mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/perpass > >
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
