Forwarding email ports
michael.holstein at csuohio.edu
Mon Feb 5 22:02:18 UTC 2007
> Port 465 doesn't have this problem though as the entire conversation is
> encrypted. Assuming the client doesn't accept a bad certificate and
> leave themselves open to a MITM attack.
Who among us actually pays Verisign (et.al.) for a SSL cert for their
Besides .. in an anonymous world, how can one really verify the cert
anyway? .. it's not like you can call $recipient and verify the hash.
(oh .. and sorry about forgetting to mention the STARTTLS issue via
tcp/25 or /587).
More information about the tor-talk