[pfx] Re: SMTP Require TLS Option?

2023-10-19 Thread Jaroslaw Rafa via Postfix-users
Dnia 19.10.2023 o godz. 09:56:49 Joachim Lindenberg via Postfix-users pisze: > > I disagree. Of course your points are valid, to some extent: > - without additional authenticated encryption like SMTP-DANE, your > end-to-end encrypted messages are only protected w.r.t. confidentiality > (except

[pfx] Re: SMTP Require TLS Option?

2023-10-19 Thread Joachim Lindenberg via Postfix-users
>> Thunderbird "advertises" end-to-end-encryption only and confuses users >> that actually use/benefit from SMTP-DANE where it tells "unencrypted". >IMHO correctly. Email that isn't end-to-end encrypted *is* actually >unencrypted in transit. TLS encrypts transmission only, but the message is

[pfx] Re: SMTP Require TLS Option?

2023-10-18 Thread Jaroslaw Rafa via Postfix-users
Dnia 18.10.2023 o godz. 19:31:52 Joachim Lindenberg via Postfix-users pisze: > Thunderbird "advertises" end-to-end-encryption only and confuses users > that actually use/benefit from SMTP-DANE where it tells "unencrypted". IMHO correctly. Email that isn't end-to-end encrypted *is* actually

[pfx] Re: SMTP Require TLS Option?

2023-10-18 Thread Wietse Venema via Postfix-users
Joachim Lindenberg via Postfix-users: > Thanks Wietse, > > I agree that end-to-end use cases are difficult. I have nothing to add here. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to

[pfx] Re: SMTP Require TLS Option?

2023-10-18 Thread Joachim Lindenberg via Postfix-users
e Venema via Postfix-users Gesendet: Freitag, 13. Oktober 2023 20:10 An: Postfix users Betreff: [pfx] Re: SMTP Require TLS Option? Joachim Lindenberg via Postfix-users: > Hello, > > are there any ideas or plans to implement SMTP Require TLS Option (RFC 8689) > in postfix?

[pfx] Re: SMTP Require TLS Option?

2023-10-13 Thread John Levine via Postfix-users
It appears that Viktor Dukhovni via Postfix-users said: >Postfix supports DANE, but there's no MTA-STS support. And I've not >seen much by way of receiving MTAs advertising REQUIRETLS as a >capability I did a proof of concept implementation that advertises REQUIRETLS and then ignores it. As

[pfx] Re: SMTP Require TLS Option?

2023-10-13 Thread Wietse Venema via Postfix-users
Joachim Lindenberg via Postfix-users: > Hello, > > are there any ideas or plans to implement SMTP Require TLS Option (RFC 8689) > in postfix? It is not on the calendar. Below is a preliminary analysis of the implementation effort. Rumor has it that there was a preliminary implementation for

[pfx] Re: SMTP Require TLS Option?

2023-10-13 Thread Viktor Dukhovni via Postfix-users
On Fri, Oct 13, 2023 at 11:53:06AM +0200, Joachim Lindenberg via Postfix-users wrote: > Are there any ideas or plans to implement SMTP Require TLS Option (RFC > 8689) in postfix? No current plans. The most viable and useful part of the RFC is the part that allows a message to *opt out* of