[tor-talk] Fixing the problem of sending email from Tor: Proof of Work based system

l.m ter.one.leeboi at hush.com
Tue Mar 3 01:15:04 UTC 2015


malte at wk3.org wrote:
> This could be mitigated by configuring 
> the mailserver to require TLS, couldn't it?

Hi Malte,

It's certainly the case that you can enforce TLS. But which one? SMTPS
(TLS Wrapper) depends on the client enforcing and maintaining TLS on
port 465 using client-talks-first. It ensures (if properly implemented
and enforced) TLS gets used before any communication with the server.
It's also legacy and poorly supported, a footnote in the SMTP
migration to TLS. ESMTPS (STARTTLS) has the server enforce TLS on port
587 after an initial unencrypted EHLO command and is
server-talks-first. The client then has to validate the certificate
provided from some cert-store before completing initiating data
transfer. Both require TLS but SMTPS is non-standard.
--leeroy


More information about the tor-talk mailing list