Re: [OT] IANA ports (was: Filezilla a security risk)

To: debian-user@lists.debian.org
Subject: Re: [OT] IANA ports (was: Filezilla a security risk)
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Sun, 8 Jul 2012 13:36:32 -0300
Message-id: <[🔎] 20120708163632.GC15477@khazad-dum.debian.net>
In-reply-to: <[🔎] jtcbdj$s8h$14@dough.gmane.org>
References: <[🔎] 201207072127.38523.lisi.reisz@gmail.com> <[🔎] 20120708000433.372b2be0.celejar@gmail.com> <[🔎] 20120708085515.183aa860@bonifac.skk> <[🔎] jtbsnm$s8h$7@dough.gmane.org> <[🔎] 20120708163620.1b9bed31@bonifac.skk> <[🔎] jtc7dj$s8h$9@dough.gmane.org> <[🔎] 20120708172235.747b107b@bonifac.skk> <[🔎] jtc97t$s8h$11@dough.gmane.org> <[🔎] 20120708175621.50f4a351@bonifac.skk> <[🔎] jtcbdj$s8h$14@dough.gmane.org>

On Sun, 08 Jul 2012, Camaleón wrote:
> SMTPS (and SMTP over SSL/TLS) is standarized as always has been, what 

Actually, at least on port 465, it is deprecated with prejudice as it has
been assigned to something else.

> happens is that it was updated to use starttls extension and the older 
> RFC was deprecated (but still used in some hosts).

It is widely used because of some übercrappy MUAs[1] that screw up when told
to do STARTTLS over port 587, AND because something-over-SSL is friendly to
dumb[2] hardware TLS endpoint gateways, while STARTTLS is not (requires an
application-level proxy running on the TLS gateway).

[1] this mostly includes old versions of certain extremely widely used MS
    Windows MUAs.

[2] as in cheaper and much faster, "dumb" isn't a bad thing in this context

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

Follow-Ups:
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Camaleón <noelamac@gmail.com>

References:
- Re: Filezilla a security risk
  - From: Lisi <lisi.reisz@gmail.com>
- Re: Filezilla a security risk
  - From: Celejar <celejar@gmail.com>
- Re: Filezilla a security risk
  - From: Slavko <linux@slavino.sk>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Slavko <linux@slavino.sk>
- [OT] IANA ports (was: Filezilla a security risk)
  - From: Camaleón <noelamac@gmail.com>
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Slavko <linux@slavino.sk>
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Camaleón <noelamac@gmail.com>
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Slavko <linux@slavino.sk>
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Camaleón <noelamac@gmail.com>

Prev by Date: Re: Filezilla a security risk
Next by Date: Re: [OT] Alcatel OT-800A + Wheezy
Previous by thread: Re: [OT] IANA ports (was: Filezilla a security risk)
Next by thread: Re: [OT] IANA ports (was: Filezilla a security risk)
Index(es):
- Date
- Thread