Re: [OT] IANA ports (was: Filezilla a security risk)

To: debian-user@lists.debian.org
Subject: Re: [OT] IANA ports (was: Filezilla a security risk)
From: Camaleón <noelamac@gmail.com>
Date: Sun, 8 Jul 2012 16:43:53 +0000 (UTC)
Message-id: <[🔎] jtcdc9$s8h$16@dough.gmane.org>
References: <[🔎] 201207072127.38523.lisi.reisz@gmail.com> <[🔎] 20120708000433.372b2be0.celejar@gmail.com> <[🔎] 20120708085515.183aa860@bonifac.skk> <[🔎] jtbsnm$s8h$7@dough.gmane.org> <[🔎] 20120708163620.1b9bed31@bonifac.skk> <[🔎] jtc7dj$s8h$9@dough.gmane.org> <[🔎] 20120708172235.747b107b@bonifac.skk> <[🔎] jtc97t$s8h$11@dough.gmane.org> <[🔎] 20120708175621.50f4a351@bonifac.skk> <[🔎] jtcbdj$s8h$14@dough.gmane.org> <[🔎] 20120708163632.GC15477@khazad-dum.debian.net>

On Sun, 08 Jul 2012 13:36:32 -0300, Henrique de Moraes Holschuh wrote:

> On Sun, 08 Jul 2012, Camaleón wrote:
>> SMTPS (and SMTP over SSL/TLS) is standarized as always has been, what
> 
> Actually, at least on port 465, it is deprecated with prejudice as it
> has been assigned to something else.

Yes, but still needed under to cope with some corner circumstances (e.g., 
to support old MUAs).

>> happens is that it was updated to use starttls extension and the older
>> RFC was deprecated (but still used in some hosts).
> 
> It is widely used because of some übercrappy MUAs[1] that screw up when
> told to do STARTTLS over port 587, AND because something-over-SSL is
> friendly to dumb[2] hardware TLS endpoint gateways, while STARTTLS is
> not (requires an application-level proxy running on the TLS gateway).

Yup, exactly ;-(

Greetings,

-- 
Camaleón

Reply to:

References:
- Re: Filezilla a security risk
  - From: Lisi <lisi.reisz@gmail.com>
- Re: Filezilla a security risk
  - From: Celejar <celejar@gmail.com>
- Re: Filezilla a security risk
  - From: Slavko <linux@slavino.sk>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Slavko <linux@slavino.sk>
- [OT] IANA ports (was: Filezilla a security risk)
  - From: Camaleón <noelamac@gmail.com>
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Slavko <linux@slavino.sk>
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Camaleón <noelamac@gmail.com>
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Slavko <linux@slavino.sk>
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Camaleón <noelamac@gmail.com>
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

Prev by Date: Re: [OT] Alcatel OT-800A + Wheezy
Next by Date: Re: Filezilla a security risk
Previous by thread: Re: [OT] IANA ports (was: Filezilla a security risk)
Next by thread: Re: [OT] IANA ports (was: Filezilla a security risk)
Index(es):
- Date
- Thread