Scott Robertson wrote: > The problem here is that if your message gets sent to a BYU address, > or from BYU it is scannable. Your connection to gmail and back is > secure, but your mail routes through SMTP. Does gmail use TLS with > SMTP if available? Is it even available with most BYU addresses?
GMail's smtp server is port 587, TLS. Alberto recently pointed out on a another list that all mail servers should allow their users to use port 587 and TLS to submit mail, and port 25 should be restricted to server-to-server traffic only. So far as I know Google follows this and doesn't allow you to use port 25 to submit mail to their smtp servers > > The CS department does provide SMTP with TLS (or did when I was > there), but you've got to be sure your end starts the TLS session when > connecting. Of course that only secures traffic from you to the CS > department. Then of course the CS department needs to use TLS when it > sends messages to you. > > Now just scale the need to have two way TLS on SMTP across all the > addresses you send, and then you'll have un-sniffable mail. > > And don't forget IMAPS and POPS for your mail client. Or HTTPS for all > web traffic as with gmail. Gmail only supports IMAPS and POPS. The unencrypted versions are not even supported. The web interface is now SSL by default as well. Just saying... Of course their IMAP implementation is quite broken in many ways, but that's a topic for another day. -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info (unsubscribe here): http://uug.byu.edu/mailman/listinfo/uug-list
