Mandi! Chris Knadle
In chel di` si favelave...
> The issue with requiring compression is that other MTAs could be
> configured to disallow it due to the security issues (which is the
> general recommendation at least for web servers), in which case the
> MTA transfer over TLS will likely fail and fall back to using an
> unencrypted transfer.
Ok. I supposed that. There's something like 'tls_preferred_ciphers'? Seems
no to me...
> And where it does work, I think there's a fair
> chance that compression lowers the security of the TLS session.
I've (tried to) enable compression on two exim servers, but seems to me that
nothing changed between that server, or between that server and the other
ones... probably because COMP-ALL contain COMP-NULL, so still a 'no
compression' is possible.
> It's also notable that compression has been removed in the TLS 1.3
> draft:
Ah. Someone can explain me because other protocols, eg IMAP, have a
compression extension, while SMTP no?
--
Voi avevate voci potenti, lingue allenate a battere il tamburo
voi avevate voci potenti, adatte per il vaffanculo (F. De Andre`)