Alessandro Vesely writes:
While I 100% agree, I note that "starttls if available" is the only choice for a server that relays the message. Even if there's no password exchange in that case, encrypted SMTP enhances privacy. My understanding was that, if massivelyadopted, it would have switched off 1984-like spying.
That's true only if properly-signed SSL certificates are used. Since too many small to medium sized organizations (rightfully) don't feel like paying for a valid certificate for their mail server, too many mail servers end up using self-signed certs to the point that CA checking is not done, by default.
And even if everything is done by the book, the whole scheme can be subverted by compromising any CA, or getting a CA to cooperate with Big Brother, which is certainly within the realm of Big Brother.
pgpSMdfqjX64Y.pgp
Description: PGP signature
------------------------------------------------------------------------------ Dive into the World of Parallel Programming. The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
