[Ach] SMTP client mode ciphers
christian mock
cm at coretec.at
Mon Nov 18 17:33:29 CET 2013
On Mon, Nov 18, 2013 at 05:02:00PM +0100, Wolfgang Breyha wrote:
> Hi!
>
> I think we should add a note, that it is a very very bad idea to limit the
> cipher suite for SMTP client mode with the currently recommended one since it
> contains only RSA ciphers?
What is your experience of the understanding that people (our readers)
have of the difference between opportunistic SMTP encryption,
mandatory encryption (when you force communication with a certain MX
to be encrypted), and encryption for submission/authenticated
connections?
I think some explanation/introduction to those would be in order, but
I don't think that fits into the SMTP/postfix/exim sections. But will
people read it in one of the other sections when all they're looking
for is cut&paste code for their infrastructure?
Hard question...
cm.
--
Christian Mock Wiedner Hauptstr. 15
Senior Security Engineer 1040 Wien
CoreTEC IT Security Solutions GmbH +43-1-5037273
FN 214709 z
.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
CoreTEC: Web Application Audit - Damit so etwas nicht passiert!
http://heise.de/-1260559
.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
More information about the Ach
mailing list