275969Re: Configuring TLS with sender login maps
- Apr 2 2:43 PMAm 02.04.2011 23:17, schrieb Jeroen Geilman:
> I see Mr Reindl is butting his big mouth in againis your toilet broken or why is your neck so big?
> I "should" do nothing.YOU can do waht you want, but do not recommend others wrong things
> If the OP is running normal SMTP on port 25, then TLS is an added complexity, and one he is apparently notYOU would, but who are you to suggest others "disable encryption is ok"?
> sufficiently prepared for; so if he can avoid it, I would advise him to do so.
> Because the primary value of TLS on a mail client is to be able to send encrypted*lol*
> login information, and prevent sniffing on local LAN networks
you know about cram-md5 / digest-md5
this is for login-information
> The majority of the internet is not sending encrypted mail between MTAsbullshit, you are not the majority
Untrusted TLS connection established to mx2.t-systems.at
Untrusted TLS connection established to gmail-smtp-in.l.google.com
Untrusted TLS connection established to mx04.brts.barracuda.com
Untrusted TLS connection established to mailw.lix.aon.at
Untrusted TLS connection established to mx1.nokia.com
Untrusted TLS connection established to mx.sil.at
Untrusted TLS connection established to mx.inode.at
> I can only repeat that your preposterous "SHOULD" demands are silly.you were the who spoke about "the majority"?
> Guaranteed end-to-end encryption is not a job for the MTA.
> Use PGP or GPG to achieve message confidentiality.
the majority is not using GPG!
but the majority is using TLS for smtp(pop3/imap if they have
a smater sysadmin like you!
> ..but that's utter bullshit, since you yourself said that encryption is worthless unlessshut up if you have no idea about the topic
> ALL hops use it. Now you're saying "oh, it's okay if they don't, but try
> to minimize them" ?
> Make up your mind
NOBODY needs TLS for auth, this is done by auth-mechanisms
if you provide TLS tou your clients you suggest that messages are encrypted
and they are if you have configured your server right and the customer sends
a message to gmail, but if you are too stupid the answer with the quoted
information come back unecnrypted
- << Previous post in topic Next post in topic >>