[Freedombox-discuss] DNS std for Freedomboxes? [was Re: Establishing Communicationbetween Freedomboxes]
- Subject: [Freedombox-discuss] DNS std for Freedomboxes? [was Re: Establishing Communicationbetween Freedomboxes]
- From: sandyinchina@gmail.com (Sandy Harris)
- Date: Wed, 3 Aug 2011 11:37:58 +0800
- Message-id: <[🔎] CACXcFm=+R_GmPw2JTYDwOzKCfNHVPi-5Amzo9yTezGrPPNoUQQ@mail.gmail.com>
- In-reply-to: <CAAOvATgOY-Jo2a=K0jNTsAWe09nmNfa-JU_-MrjMRR8X46AH7g@mail.gmail.com>
- References: <CAAOvATizM-cCs09DrTux_bXO4jV3Toci7k6+tQx4Jx1xPVBBTw@mail.gmail.com> <20110719182144.GA3550@localhost> <CAAOvATgOY-Jo2a=K0jNTsAWe09nmNfa-JU_-MrjMRR8X46AH7g@mail.gmail.com>
On Wed, Jul 20, 2011 at 2:53 AM, Tony Godshall <togo at of.net> wrote:
> Any downside to letting your adversary know what domains you are
> emailing to? ?Well, the mice probably don't want the octopus know that
> they are emailing via @octopusnotsogreat.org? ?But then again SMTP
> itself is not encrypted either...
There is an opportunistic SSL-based encryption option for SMTP.
http://tools.ietf.org/html/rfc3207
Any two servers with that set up will automatically encrypt all mail
transfers. If the Box runs a mail server, I'd say enabling that is a
no-brainer.
The only question is whether, when the other server does not support
it, the Box should proceed with unencrypted transfer, or bounce the
mail back to the user with some "cannot send securely" message,
or try some alternate routing method.
There's also "Using TLS with IMAP, POP3 and ACAP"
http://tools.ietf.org/html/rfc2595
That covers the client-to-server transfer of mail. If the Box runs a
mail server, that's another obvious requirement.
Reply to: