[liberationtech] The missing awareness: SMTP Security Indicator in Email|WebMail clients
malte at wk3.org
malte at wk3.org
Sun Nov 1 08:39:29 PST 2015
Quoting Fabio Pietrosanti (naif) - lists (2015-10-31 20:02:21)
> so, the in-transit email encryption problem isn't yet solved.
>
> The uses of opportunistic encryption with SMTP STARTTLS help, but also
> this is out of the end-user control.
I think mail providers should stop accepting starttls opportunisticly,
but should start requiring it.
mailbox.org does it via the @secure.mailbox.org aliases, I do it in
general (f*ck you Dreamhost, I don't want your shabby unencrypted mail),
others might follow.
For Postfix it's really just setting
smtpd_tls_security_level = encrypt
and
smtp_tls_security_level = encrypt
(instead of "may")
in /etc/postfix/main.cf
Sincerely,
Malte
More information about the liberationtech
mailing list