Re: [exim] SMTP/TLS compression?

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MMarco Gaiarin at <-
M\Marco Gaiarin at ->
Delete this message
Reply to this message
Author: Jan Ingvoldstad
Date:  
To: exim users
Subject: Re: [exim] SMTP/TLS compression?
On Fri, Mar 13, 2015 at 2:34 PM, Marco Gaiarin <marcogaio@???> wrote:

>
> Trying to optimize some traffic, i've looked about an SMTP extension that
> do
> ''on the fly'' compression of traffic, clearly eventually before encrypting
> it.
>
> eg, IMAP protocol specification have a COMPRESS extension.
>
>
> Seems there's no compression for SMTP, but seems also that there's a
> ''generic'' compression for TLS. It is enabled by default in exim?
> Eventually, how enable/configure it?
>
>
I won't directly answer the question, but I would advise you to consider
the consequences of enabling TLS compression.

Compression for TLS increases the risk of information leakage.

While the CRIME attack hasn't been successfully demonstrated with SMTP, it
is, as I understand it, theoretically possible to exploit.

To reiterate: no publicly known exploit exists.
--
Jan
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] configuring exim4 smtp to use SSLRe: [exim] SMTPS connection errors with Apple Mac Mail->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)