> I'm curious... Why is localhost delivery encrypted by default in the first > place?
sendmail, when acting as a client, employs opportunistic encryption by default. Local mail submission done via command line uses the MSP configuration /etc/mail/submit.cf to send the mail. That submit.cf is built to relay the mail to an MTA host, localhost by default, but can be configured to use a central mail server as well if desired (e.g., for a centralized mail hub, centralized queue management, etc.). The standard submit.cf makes no assumptions about the location of the MTA host and therefore doesn't disable encryption. > The only reason I can think of is if there is some unencrypted TCP > relayed 'tunnel', that has been set up not using ssh or some other > encrypted transport. One other use case (likely not a concern) is to prevent other privileged users from easily snooping localhost traffic (`tcpdump -i lo0 -X -s 0 port 25`). _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"