Re: default MTA

To: debian-devel@lists.debian.org
Subject: Re: default MTA
From: Daniel Pocock <daniel@pocock.com.au>
Date: Tue, 11 Jun 2013 23:50:01 +0200
Message-id: <[🔎] 51B79B89.50506@pocock.com.au>
In-reply-to: <[🔎] 20130611205635.GA1472@yuggoth.org>
References: <20130528010222.GA14069@bongo.bofh.it> <[🔎] 51B76616.5060205@pocock.com.au> <[🔎] 20130611180924.GF21862@gmail.com> <[🔎] 20130611205635.GA1472@yuggoth.org>

On 11/06/13 22:56, Jeremy Stanley wrote:
> On 2013-06-12 02:09:24 +0800 (+0800), Chow Loong Jin wrote:
>> On Tue, Jun 11, 2013 at 08:01:58PM +0200, Daniel Pocock wrote:
>>>
>>> What about replacing SMTP?
>>
>> With what?
> 
> With ESMTP, of course!

Something that doesn't have these limitations:

http://tools.ietf.org/html/rfc2487#section-7

This is also relevant (not just for Postfix):

http://www.postfix.org/TLS_README.html#client_tls_encrypt

"Despite the potential for eliminating passive eavesdropping attacks,
mandatory TLS encryption is not viable as a default security level for
mail delivery to the public Internet. Most MX hosts do not support TLS
at all, and some of those that do have broken implementations. On a host
that delivers mail to the Internet, you should not configure mandatory
TLS encryption as the default security level. "

Reply to:

Follow-Ups:
- Re: default MTA
  - From: Jeremy Stanley <fungi@yuggoth.org>
- Re: default MTA
  - From: Adam Borowski <kilobyte@angband.pl>

References:
- Re: default MTA
  - From: Daniel Pocock <daniel@pocock.com.au>
- Re: default MTA
  - From: Chow Loong Jin <hyperair@debian.org>
- Re: default MTA
  - From: Jeremy Stanley <fungi@yuggoth.org>

Prev by Date: Re: x32 “half” arrived… now what?
Next by Date: Re: default MTA
Previous by thread: Re: default MTA
Next by thread: Re: default MTA
Index(es):
- Date
- Thread