Author: Dennis Davis Date: To: exim users Subject: Re: [exim] some OpenSSL topics
On Wed, 16 Oct 2013, Jan Ingvoldstad wrote:
> From: Jan Ingvoldstad <frettled@???>
> To: exim users <exim-users@???>
> Date: Wed, 16 Oct 2013 07:41:12
> Subject: Re: [exim] some OpenSSL topics
>
> On Wed, Oct 16, 2013 at 7:48 AM, Dr Andrew C Aitchison <
> A.C.Aitchison@???> wrote:
>
> > Breaking opportunistic TLS is not good, but the message was
> > available in plain at any intermediate hub so any sensitive
> > message should have been encrypted anyway.
>
> TLS protects metadata, which is just as (if not more) interesting
> than the data itself.
TLS protects metadata **in transit between MTAs**.
Metadata will still be stored in plaintext on disc. And all bets
are off if messages pass through an intermediate MTA which doesn't
use TLS for the forward journey.
Note metadata is still likely to be stored unencrypted on the final
message store.
None of the above applies to message bodies that are encrypted.
--
Dennis Davis <dennisdavis@???>