On 4 Aug 2022 15:29:52 -0400, John Levine via mailop
wrote:
>If my logs are at all typical, there are no large entities still using
>TLS 1.0. I see a lot of spambots, some compromised VPS at the usual
>suspects like OVH, one well-known IETFer who knows that he needs to
>update his mail server, an
On 8/4/22 3:35 PM, Slavko via mailop wrote:
Yes, but you miss important part: "..., because i cannot believe, that i will
receive what you send me."
I'm not finding what you're quoting.
Please elaborate or re-quote.
--
Grant. . . .
unix || die
smime.p7s
Description: S/MIME Cryptographic
You could also allow the TLS connection and then fail some percentage of
mail attempts after that with a 5xx message to tell your admin to upgrade
their encryption strength.
Failing the TLS negotiation typically has really terrible debuggability as
the other thread about SHA1 on Gmail speaks to.
Dňa 4. augusta 2022 19:47:32 UTC používateľ Grant Taylor via mailop
napísal:
>This seems to me like you are saying "if you can't meet our encryption
>standards, then you don't get to use any encryption at all".
Yes, but you miss important part: "..., because i cannot believe, that i will
recei
On 8/4/22 1:10 PM, L. Mark Stone via mailop wrote:
Like others who have commented, we believe weak encryption is worse than
no encryption, so we have disabled TLSv1 and TLSv1.1 everywhere in our
email systems, allowing only TLSv1.2 and TLSv1.3.
I do not understand why people think / believe th
It appears that Brotman, Alex via mailop said:
>-=-=-=-=-=-
>-=-=-=-=-=-
>One of the things I find interesting here is that the question is whether to
>disable the protocol version.
>We’re not limited to just enable/disable for those versions to get the
>attention of the sender (assuming
>they’
. Mark Stone, Founder
North America's Leading Zimbra VAR/BSP/Training Partner
For Companies With Mission-Critical Email Needs
From: "Brotman, Alex via mailop"
To: "Sidsel Jensen" , ""
Sent: Thursday, August 4, 2022 1:14:17 PM
Subject: Re: [mailop] [EXTERNAL
One of the things I find interesting here is that the question is whether to
disable the protocol version. We’re not limited to just enable/disable for
those versions to get the attention of the sender (assuming they’d even notice
if they were going clear-text). A receiver could also impact th