Re: [exim] some OpenSSL topics

Top Page
Delete this message
Reply to this message
Author: Dr Andrew C Aitchison
Date:  
To: exim-users
Subject: Re: [exim] some OpenSSL topics
On Tue, 15 Oct 2013, Viktor Dukhovni wrote:

> Also keep in mind that SMTP use of TLS is almost universally
> *opportunistic*, TLS is used without authentication when possible,
> and plaintext is used otherwise or as a fallback when TLS handshakes
> fail (at least in Postfix).


Whilst opportunistic TLS dominates in SMTP, I believe that it is
not "almost universal", at least if you include 587/submisison and
465/smtps as well as 25/smtp.

Breaking opportunistic TLS is not good, but the message was
available in plain at any intermediate hub so any sensitive
message should have been encrypted anyway.

I believe that most mail administrators enable TLS to protect
authenticated submission from MTAs. Features like
server_advertise_condition go some way to ensure that
crypto failure stops authentication and hence the message cannot be
sent. Thus crypto failure creates an immediate and obvious break
in service, not a hidden loss of security.

I do believe that https/tls advice is not necessarily appropriate
for smtp, but I've found it very difficult to find out, or figure
out for myself, what is the correct answer in many cases.

-- 
Dr. Andrew C. Aitchison        Computer Officer, DPMMS, Cambridge
A.C.Aitchison@???    http://www.dpmms.cam.ac.uk/~werdna