On Thu, Jul 29, 2021 at 10:37:46AM +0200, Matus UHLAR - fantomas <uh...@fantomas.sk> wrote:
> On 29.07.21 10:26, raf wrote: > > > On my little personal mail server, 75% of incoming > > connections to port 25 are plaintext. Only 25% use > > STARTTLS (by definition). Disabling STARTTLS would > > be a disaster, and stop all incoming mail. > > you apparently mean: > > "Requiring STARTTLS would be a disaster, and stop 75% of incoming mail" No, but I can see why you think I meant that. I didn't express myself well there. Sorry about that. But the sentence before the above quote was "Disabling plaintext/STARTTLS SMTP would be courageous". The conversation was about whether or not STARTTLS was being phased out (presumably in favour of TLS-only connections). The suggestion was partly based on the fact that the original RFC for STARTTLS had been obsoleted. I was pointing out that that RFC was only obsoleted because there was a new RFC that replaced it. STARTTLS (as used with ports 25 and 587) isn't going away. It can't be replaced by TLS-only (as used with port 465) connections for various reasons, not least of which is that port 25 won't going away, and it will never change to be TLS-only. Although, as Viktor pointed out, it might eventually change to be plaintext followed by mandatory STARTTLS. Apologies for my lack of clarity. Having said that, requiring STARTTLS right now might well cause a loss of much incoming mail. It would in my case. But presumably, Rhenus have analysed their incoming email connections, and are satisfied that it won't harm their business. :-) cheers, raf
