On 1/5/19 7:05 PM, Alice Wonder wrote: > Well since SMTP is point to point, if you depend upon encryption you > need S/MIME or PGP and always will.
Yes, and remember that S/MIME and PGP only encrypt the message body. There's still quite a bit of information in the message header and SMTP transaction that aren't covered. > > Also I seem to recall talk of an e-mail header clients can add that > tell a MTA not to forward it without encryption. That's REQUIRETLS, which does this with an SMTP option rather than a header field (there is also a header field for the opposite request, to ignore MTA-STS and DANE). https://datatracker.ietf.org/doc/draft-ietf-uta-smtp-require-tls/ -Jim _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
