[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [OT] IANA ports (was: Filezilla a security risk)

On Sun, 08 Jul 2012 20:09:41 +0200, Slavko wrote:

> Dňa Sun, 8 Jul 2012 16:10:27 +0000 (UTC) Camaleón <noelamac@gmail.com>
> napísal:

>> SMTPS (and SMTP over SSL/TLS) is standarized as always has been, what
>> happens is that it was updated to use starttls extension and the older
>> RFC was deprecated (but still used in some hosts).
> As i wrote early, i know difference and major for me is, that SMTP +
> STARTTLS starts as unencrypted, but SMTP over SSL is encrypted from
> start. Then STARTTLS s not exactly the same as SMTP over SSL. But
> credentials and message transfers are encrypted in both circumstances.

The thing is that there are no other replacements... yet. 

So what we have now for sending e-mails is the plain, unencrypted port 
(tcp/25) and smtps (or whatever you prefer to call it, "smtp over tls"?), 
that is, tcp/587 that can take the role of the deprecated tcp/465 
(encryption using a dedicated port).

> And if i proper understand (quick look into) RFC 6409, then mentioned
> port 587 is not exactly for SMTP over SSL. It is intended to sending
> mails from MUAs and only allows usage of the "IPSEC and other encrypted
> and authenticated tunneling techniques" (section 3.3) and in real, one
> can select which will be used. Then it is the site/server depended
> solution. I am right?

It's section 7 (Extensions) what makes the difference and, in any case, 
you always depend on the server exposed capabilities for this.



Reply to: