Mail Server Setup

Lonnie Olson lists at kittypee.com
Wed Jun 4 09:11:46 MDT 2014


On Tue, Jun 3, 2014 at 8:49 PM, Andy Bradford
<amb-sendok-1404442185.cmljeidbjlbnmeklbpkn at bradfords.org> wrote:
> While  that might  sound secure,  shouldn't one  ask just  what this  is
> protecting  against and  what are  the risks?  Are their  any SMTP  MTAs
> (client side)  that require you  to verify  the fingerprint of  the SMTP
> server to which it  relays email? Do they refuse to  deliver email if it
> changes and  notify you that the  fingerprint is not what  was expected?
> How many  SMTP servers use  untrusted certificate chains  vs self-signed
> certificates?
>
> Given the current  poor state of SMTP+SSL security,  what prevents those
> in  the  middle  from  successfully executing  MITM  against  your  SMTP
> server/client software?  (I am  not talking about  MUAs). Is  it perhaps
> ``good will'' or ``good faith?''
>
> I will concede  that if the attacker  is passive then SSL  will at least
> protect against passive sniffing, but if  they have the ability to get a
> passive session,  then they are one  step removed from having  an active
> session.
>
> The  best way  to  ensure end-to-end  security in  email  is still  PGP.
> Anything else is just security theatre.

Not quite.  End-to-end encryption via PGP or S/MIME is still the best,
but that doesn't mean any other protections are worthless.  SMTP+SSL
does defend against many attack vectors.  It is certainly not useless.
 Passive sniffing is way more common than you think.  Example, the
AT&T closet sniffer the NSA uses (1).  Also, there is the theoretic
future when all SMTP providers will have verifiable certificates and
we can force strict SSL.  It will never happen using your attitude.

If you want statistics on the usage of STARTTLS you can read the blog
from Facebook (2).  It is quite large and growing.

Refusing security because it isn't perfect is silly.  Security has
many layers and attack vectors.  Why not work against as many as you
can simultaneously.

1. http://en.wikipedia.org/wiki/Room_641A
2. https://www.facebook.com/notes/protect-the-graph/the-current-state-of-smtp-starttls-deployment/1453015901605223


More information about the PLUG mailing list