Re: Filezilla a security risk

[Erwan David <erwan@rail.eu.org>]

On 08/07/12 17:14, Camaleón wrote:
> On Sun, 08 Jul 2012 16:41:43 +0200, Markus Schönhaber wrote:
>
>> 08.07.2012 13:59, Camaleón:
>>
>>> While imaps (tcp/993), pop3s (tcp/995) and smtps (tcp/587) make use of
>> smtps was defined as 465/tcp. 587/tcp is message submission which does
>> not provide encryption on the transport layer.
> They are used for the same purpose (secure smtp) but the former is now 
> depretacted. What I did not know is that the new standard can be used 
> with or without security (starttls) in the same port.
>
> Greetings,
>
The ISP Free in France uses smtp-submission, without SSL but with only
CRAM-MD5 and DIGEST-MD5 authentication methods, or smtps with PLAIN/LOGIN

It is another solution (they explained that their architecture was not
well adapted to starttls, since the smtp sessions and the SSL crypto are
not done by the same servers).