Re: [exim] Should MX offer TLS ?

Top Page
This message is part of the following thread:
M--\the complete thread tree sorted by date
M-\MExim Mailing List at <-
M\MDaniel Tiefnig at ->
Delete this message
Reply to this message
Author: Chris Edwards
Date:  
To: Exim Mailing List
Subject: Re: [exim] Should MX offer TLS ?
On Tue, 6 Nov 2007, Dean Brooks wrote:

| I think most MTA operators, including myself, use TLS only for the
| encryption of SMTP auth password information. The fact that the message
| payload is also encrypted for submission agents is just a bonus.

Makes sense. But then it can be argued the bad guy only needs EITHER the
password OR the data. If he can sniff the content itself on the wire,
then why bother trying to protect the password ?


| There really isn't any advantage to encrypting MX submissions. Most
| messages have spent much of their life unencrypted the entire way

OK.


| I can't imagine trying to resolve the myriad of encryption issues that
| would arise with thousands of TLS connections per hour from all over the
| world.

Right. This was just the sort of response I'm looking for. I'm also
interested to know to what extent this is a problem in practice. How do
sites who *do* do TLS over the Internet (with no certificate checks) get
on ? Are there many obscure problems encountered ?

Thanks

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Should MX offer TLS ?Re: [exim] Should MX offer TLS ?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)