I am not talking about submission which I guess is what the smtps option is for and I know GPG is the best method and I also know that spamd causes plain text transmissions.
With STARTTLS I believe there is a clear text race where an attacker can create a response stating STARTTLS is unsupported resulting in cleartext transmission which I believe would not be the case for smtps. So is there any point in using secure? I guess both can't be run on port 25 and I guess no-one would use SMTPS if it was running on port 25 but thought I would ask if anyone knew of an RFC of SMTPS on another port or replacing STARTTLS or any other tips about this. Thanks, Kc -- _______________________________________________________________________ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) In Other Words - Don't design like polkit or systemd _______________________________________________________________________ -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org