Re: [OT] IANA ports (was: Filezilla a security risk)

To: debian-user@lists.debian.org
Subject: Re: [OT] IANA ports (was: Filezilla a security risk)
From: Camaleón <noelamac@gmail.com>
Date: Mon, 9 Jul 2012 13:34:30 +0000 (UTC)
Message-id: <[🔎] jteml6$sc9$7@dough.gmane.org>
References: <CA+AKB6E1FfRCNbV6PimAvdvUfoBKuo7rgLsbaCR_7tgtuZdw5A@mail.gmail.com> <jskgm9$68h$11@dough.gmane.org> <[🔎] 20120701190852.6ac28c32.celejar@gmail.com> <[🔎] 201207072127.38523.lisi.reisz@gmail.com> <[🔎] 20120708000433.372b2be0.celejar@gmail.com> <[🔎] 20120708085515.183aa860@bonifac.skk> <[🔎] jtbsnm$s8h$7@dough.gmane.org> <[🔎] 20120708163620.1b9bed31@bonifac.skk> <[🔎] jtc7dj$s8h$9@dough.gmane.org> <[🔎] 20120708172235.747b107b@bonifac.skk> <[🔎] jtc97t$s8h$11@dough.gmane.org> <[🔎] 20120708175621.50f4a351@bonifac.skk> <[🔎] jtcbdj$s8h$14@dough.gmane.org> <[🔎] 20120708200941.135aa269@bonifac.skk>

On Sun, 08 Jul 2012 20:09:41 +0200, Slavko wrote:

> Dňa Sun, 8 Jul 2012 16:10:27 +0000 (UTC) Camaleón <noelamac@gmail.com>
> napísal:

(...)
 
>> SMTPS (and SMTP over SSL/TLS) is standarized as always has been, what
>> happens is that it was updated to use starttls extension and the older
>> RFC was deprecated (but still used in some hosts).
> 
> As i wrote early, i know difference and major for me is, that SMTP +
> STARTTLS starts as unencrypted, but SMTP over SSL is encrypted from
> start. Then STARTTLS s not exactly the same as SMTP over SSL. But
> credentials and message transfers are encrypted in both circumstances.

The thing is that there are no other replacements... yet. 

So what we have now for sending e-mails is the plain, unencrypted port 
(tcp/25) and smtps (or whatever you prefer to call it, "smtp over tls"?), 
that is, tcp/587 that can take the role of the deprecated tcp/465 
(encryption using a dedicated port).

> And if i proper understand (quick look into) RFC 6409, then mentioned
> port 587 is not exactly for SMTP over SSL. It is intended to sending
> mails from MUAs and only allows usage of the "IPSEC and other encrypted
> and authenticated tunneling techniques" (section 3.3) and in real, one
> can select which will be used. Then it is the site/server depended
> solution. I am right?

It's section 7 (Extensions) what makes the difference and, in any case, 
you always depend on the server exposed capabilities for this.

Greetings,

-- 
Camaleón

Reply to:

References:
- Re: Filezilla a security risk
  - From: Celejar <celejar@gmail.com>
- Re: Filezilla a security risk
  - From: Lisi <lisi.reisz@gmail.com>
- Re: Filezilla a security risk
  - From: Celejar <celejar@gmail.com>
- Re: Filezilla a security risk
  - From: Slavko <linux@slavino.sk>
- Re: Filezilla a security risk
  - From: Camaleón <noelamac@gmail.com>
- Re: Filezilla a security risk
  - From: Slavko <linux@slavino.sk>
- [OT] IANA ports (was: Filezilla a security risk)
  - From: Camaleón <noelamac@gmail.com>
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Slavko <linux@slavino.sk>
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Camaleón <noelamac@gmail.com>
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Slavko <linux@slavino.sk>
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Camaleón <noelamac@gmail.com>
- Re: [OT] IANA ports (was: Filezilla a security risk)
  - From: Slavko <linux@slavino.sk>

Prev by Date: Re: Current SSD setup recommendations for laptop with Debian
Next by Date: Re: Git and Quilt
Previous by thread: Re: [OT] IANA ports (was: Filezilla a security risk)
Next by thread: Re: Filezilla a security risk
Index(es):
- Date
- Thread