Quoting Fabio Pietrosanti (naif) - lists (2015-10-31 20:02:21) > so, the in-transit email encryption problem isn't yet solved. > > The uses of opportunistic encryption with SMTP STARTTLS help, but also > this is out of the end-user control.
I think mail providers should stop accepting starttls opportunisticly, but should start requiring it. mailbox.org does it via the @secure.mailbox.org aliases, I do it in general (f*ck you Dreamhost, I don't want your shabby unencrypted mail), others might follow. For Postfix it's really just setting smtpd_tls_security_level = encrypt and smtp_tls_security_level = encrypt (instead of "may") in /etc/postfix/main.cf Sincerely, Malte -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
